robang74 / rauc Goto Github PK

RAUC controls the update process on embedded Linux systems. It is both a target application that runs as an update client and a host/target tool that allows you to create, inspect and modify installation artifacts.

Source Code: https://github.com/rauc/rauc

Documentation: https://rauc.readthedocs.org/

Chat: IRC channel #rauc on libera.chat (bridged to the Matrix channel #rauc:matrix.org)

• Fail-Safe & Atomic:
  • An update may be interrupted at any point without breaking the running system.
  • Update compatibility check
  • Atomic bootloader updates (eMMC boot partitions, MBR, GPT)
• Cryptographic signing and verification of updates using OpenSSL (signatures based on x.509 certificates)
  • Keys and certificates on PKCS#11 tokens (HSMs) are supported
• Flexible and customizable redundancy/storage setup
  • Symmetric setup (Root-FS A & B)
  • Asymmetric setup (recovery & normal)
  • Application partition, data partitions, ...
  • Allows grouping of multiple slots (rootfs, appfs) as update targets
• Built-in network streaming mode
• Network delta-streaming mode (using casync)
  • chunk-based binary delta updates
  • significantly reduce download size
  • no extra storage required
• Bundle encryption for multiple recipients
• Bootloader support:
  • grub
  • barebox
  • u-boot
  • EFI
  • Custom implementation
• Storage support:
  • read-only filesystems: SquashFS, EROFS, dm-verity protected images, ...
  • read-write filesystems: ext4, VFAT, UBIFS, JFFS2
  • eMMC boot partitions (atomic update)
  • UBI volumes
  • raw NAND flash (using nandwrite)
  • raw NOR flash (using flashcp)
  • MBR partition table
  • GPT partition table
• Independent from update source
  • USB Stick
  • Software provisioning server (e.g. hawkBit)
• Controllable via D-Bus interface
• Supports data migration
• Network protocol support using libcurl (https, http, ftp, ssh, ...)
• Several layers of update customization
  • Update-specific extensions (hooks)
  • System-specific extensions (handlers)
  • fully custom update script

• Create update bundles
• Sign/resign bundles
• Inspect bundle files

• Run as a system service (D-Bus interface)
• Install bundles
• View system status information
• Change status of symmetric/asymmetric/custom slots

• Boot state storage
  • GRUB: environment file on SD/eMMC/SSD/disk
  • Barebox: State partition on EEPROM/FRAM/MRAM or NAND flash
  • U-Boot: environment variable
  • EFI: EFI variables
  • Custom: depends on implementation
• Boot target selection support in the bootloader
• Enough mass storage for two symmetric/asymmetric/custom slots
• For normal bundle mode:
  • Enough storage for the compressed bundle file (in memory, in a temporary partition or on an external storage device)
• For casync bundle mode:
  • No additional storage needed
  • Network interface
• Hardware watchdog (optional, but recommended)
• RTC (optional, but recommended)

Please see the documentation for details.

• build-essential
• automake
• libtool
• libdbus-1-dev
• libglib2.0-dev
• libcurl3-dev
• libssl-dev

sudo apt-get install build-essential automake libtool libdbus-1-dev libglib2.0-dev libcurl3-dev libssl-dev

If you intend to use json-support you also need

sudo apt-get install libjson-glib-dev

Required kernel options (either y or m):

• CONFIG_MD
• CONFIG_BLK_DEV_DM
• CONFIG_BLK_DEV_LOOP
• CONFIG_DM_VERITY
• CONFIG_SQUASHFS
• CONFIG_CRYPTO_SHA256
• CONFIG_BLK_DEV_NBD (for streaming support)
• CONFIG_DM_CRYPT (for encryption support)

For using tar archive in RAUC bundles with Busybox tar, you have to enable the following Busybox feature:

• CONFIG_FEATURE_TAR_AUTODETECT=y
• CONFIG_FEATURE_TAR_LONG_OPTIONS=y

Depending on the actual storage type and/or filesystem used, further target tools might be required. The documentation chapter Required Target Tools gives a more detailed list on these.

git clone https://github.com/rauc/rauc
cd rauc
autoupdate
./autogen.sh
./configure
make

On the host system RAUC can be used directly from the build dir, or optionally be installed. On the target instead, installing is highly recommended as it also unpacks service and D-Bus configuration files required to run RAUC properly:

make install

sudo apt-get install qemu-system-x86 time squashfs-tools
# Optional to run all tests:
# sudo apt-get install faketime casync grub-common openssl softhsm2 opensc opensc-pkcs11 libengine-pkcs11-openssl mtd-utils
./qemu-test

Create a directory with the content that should be installed:

mkdir content-dir/
cp $SOURCE/rootfs.ext4 content-dir/

Create a manifest describing which image to install where together with some meta info:

cat >> content-dir/manifest.raucm << EOF
[update]
compatible=FooCorp Super BarBazzer
version=2019.01-1
[image.rootfs]
filename=rootfs.ext4
EOF

Let RAUC create a bundle from this:

rauc --cert autobuilder.cert.pem --key autobuilder.key.pem bundle content-dir/ update-2019.01-1.raucb

Create a system configuration file in /etc/rauc/system.conf and start the service process in background:

rauc service &

To install the bundle on your target device, run:

rauc install update-2019.01-1.raucb

Fork the repository and send us a pull request.

Please read the Documentation's Contributing section for more details.