RAUC v0.3 Released

Enrico Jörns | | RAUC
Download

Download v0.3 release of RAUC

The RAUC team is proud to announce that we've just released RAUC v0.3! Again, we have worked a lot on stability and support for more and more use cases. RAUC now supports pure UEFI-based booting on x86, multiple board variants in the same bundle, intermediate certificates and enhanced feedback from the boot selection layer.

Enhancements

  • Added support for intermediate certificates, improved bundle resigning and certificate information for hooks. This makes it easier to use a multi-level PKI with separate intermediate certificates for development and releases.
  • Added support for image variants, which allow creating a single bundle which supports multiple hardware variants by selecting the matching image from a set contained in the bundle.
  • Added support for redundant booting by using EFI boot entries directly.
  • Added boot information to rauc status
  • Added rauc extract command to extract bundles
  • Support detection of the booted slot by using the UUID= and PARTUUID= kernel options.
  • Improved the status and error output
  • Improved internal error cause propagation

Bug Fixes

  • Fixed boot slot detection for root=<symlink> boot parameters (such as root=/dev/disk/by-path/pci-0000:00:17.0-ata-1-part1)
  • Removed redundant image checksum verification during installation.

Testing

  • Improve robustness and test coverage
  • Use gcc-7 for testing

Documentation

  • Added documentation for intermediate certificates, re-signing bundles, image variants and UEFI support

Further Readings

rauc-hawkbit-updater v1.0 Released

Back in 2018, rauc-hawkbit-updater was started by Prevas A/S as a C/GLib port of our rauc-hawkbit Python prototype (also called RAUC hawkBit Client) that was mainly developed for showcases and to serve as a demonstration and evaluation platform for others.


Showcase: Fail-Safe (OTA) Field Updating

Enrico Jörns | | didyouknow, rauc

Being able to robustly and securely update embedded systems and IoT devices in the field is a key requirement of every product today. The update framework RAUC is the basis for a modern and future-proof solution. In this showcase we present the basic principles of a fail-safe update system and how Pengutronix can support you with implement this for your platform.


RAUC v1.5 Released

Jan Lübbe, Enrico Jörns | | RAUC

This release fixes a vulnerability in RAUC that can be exploited under certain circumstances to achieve a local privilege escalation. It provides both a mitigation for the vulnerability when using the existing bundle format as well as a new bundle format that uses dm-verity to continuously authenticate the update data while it is installed.