Commit f44f7608 authored by Frédéric Dalleau's avatar Frédéric Dalleau

system-updates-and-rollback: Describe update validation mechanisms

Signed-off-by: default avatarFrédéric Dalleau <frederic.dalleau@collabora.com>
parent 1c0129c7
......@@ -724,6 +724,19 @@ It can also be used to mark the boot as successful:
$ updatectl --mark-update-successful
```
#### Update validation
Before installing updates the updater check their validity and appropriateness
for the current system, using the metadata carried by the update itself as
produced by the build pipeline.
It ensures that the update is appropriate for the system by verifying that the
collection id in the update matches the one configured for the system. This
prevents installing an update meant for a different kind of device, or mixing
variants.
The updater also checks that the update version is newer than the one on the
system, to prevent downgrade attacks where a older update with known
vulnerabilities is used to gain privileged access to a target.
#### Testing
Testing ensures that the following system properties for each image
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment