From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Tue, 14 Jan 2025 16:52:46 +0100 Received: from metis.whiteo.stw.pengutronix.de ([2a0a:edc0:2:b01:1d::104]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tXjDi-0014d5-0A for lore@lore.pengutronix.de; Tue, 14 Jan 2025 16:52:46 +0100 Received: from localhost ([127.0.0.1] helo=metis.whiteo.stw.pengutronix.de) by metis.whiteo.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1tXjDh-0004yv-Ky; Tue, 14 Jan 2025 16:52:45 +0100 Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2]) by metis.whiteo.stw.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1tXjDd-0004ym-Di; Tue, 14 Jan 2025 16:52:41 +0100 Received: from ptz.office.stw.pengutronix.de ([2a0a:edc0:0:900:1d::77]) by drehscheibe.grey.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tXjDc-000SVe-2N; Tue, 14 Jan 2025 16:52:41 +0100 Received: from localhost ([127.0.0.1]) by ptz.office.stw.pengutronix.de with esmtp (Exim 4.96) (envelope-from ) id 1tXjDc-003gfR-0o; Tue, 14 Jan 2025 16:52:41 +0100 Message-ID: To: Brian Hutchinson Date: Tue, 14 Jan 2025 16:52:40 +0100 In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.46.4-2 MIME-Version: 1.0 Subject: Re: [RAUC] Is it possible to change the [system]compatible= string after it has already been set/flashed? X-BeenThere: rauc@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: RAUC Project - Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: =?utf-8?q?Jan_L=C3=BCbbe_via_RAUC?= Reply-To: Jan =?ISO-8859-1?Q?L=FCbbe?= Cc: rauc@pengutronix.de Sender: "RAUC" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: rauc-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.whiteo.stw.pengutronix.de); SAEximRunCond expanded to false On Tue, 2025-01-14 at 10:38 -0500, Brian Hutchinson via RAUC wrote: > On Mon, Dec 9, 2024 at 3:43=E2=80=AFAM Jan L=C3=BCbbe wrote: > >=20 > > Hi again, > >=20 > > On Thu, 2024-12-05 at 22:38 -0500, Brian Hutchinson via RAUC wrote: > > > This almost feels like the intermediate update that's necessary with > > > changing rauc versions ... > >=20 > > Enrico pointed me to this part. > >=20 > > Updating RAUC versions normally does *not* require an intermediate > > update. An intermediate update is only needed if you explicitly create > > bundles which use new features: > > https://rauc.readthedocs.io/en/latest/basic.html#forward-and-backward-c= ompatibility >=20 > Thanks! >=20 > I should probably start another thread, but now I'm running into a > chicken & egg problem. >=20 > I need to add downgrade protection due to newer hardware Just to clarify: You want to prevent installation of an old bundle on the n= ew hardware, as the old software would not work on the new hardware? > and I > discovered pre-install handler doesn't have access to bundle version > (RAUC_MF_VERSION), only a hook has that environment variable. Well, > if I create a hook that can compare bundle version to current version > to do some hardware checks ... that hook won't be in older bundles, so > wondering how pre-install handler (which lives in the current version > file system) can figure out the bundle version attempting to be > installed if it can't see RAUC_MF_VERSION to implement downgrade > protection if that makes any sense. Take a look at the "min-bundle-version" option in the system.conf: https://rauc.readthedocs.io/en/latest/reference.html#system-section=20 You'd set that in the factory image of your new hardware. That way, old bun= dles cannot be installed. Regards, Jan --=20 Pengutronix e.K. | | Steuerwalder Str. 21 | http://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |