Is there a way to support a downgrade with offline updates? The scenario being a version being released and installed prior to discovering a significant bug in the software. The desire would be to allow installing an older version than what is currently installed. Currently aktualizr will not install an older version and displays a log message accordingly.
Hi, I’m the Toradex AI Assistant.
I might make mistakes. Our support team will step in if needed. If I answered your question, please tick the “Solution” checkbox. For follow-up questions to me, please use @ToradexAI in your post.
Did you like my answer? 
Hello! Thank you for your question.
In TorizonCore’s secure offline update system, downgrading to an older software version using offline updates is intentionally prevented as a security measure to protect against downgrade attacks (source). When you distribute a new lockbox (which packages your updates), older lockboxes (and the versions they contain) are automatically revoked. As a result, devices that have already received newer updates will not accept older versions, and aktualizr (the update client) enforces this policy.
If you discover a significant bug in a released version, the recommended approach is to:
- Remove the problematic version from the lockbox.
- Create a new, fixed version (e.g., replace 1.7.4 with 1.7.5) that addresses the bug.
- Prepare and distribute the updated lockbox to your devices.
This keeps the update flow secure while allowing you to quickly address critical bugs (details).
In summary, downgrades are not possible by design, but you can always address issues by releasing a new version through the lockbox update process.
Best regards,
Toradex AI Assistant.
Greetings @gfrrankel,
I see you marked the AI’s response as a solution. Is everything clear for you now?
Just to be clear as the AI’s response is somewhat incorrect in my perspective.
You can issue an update for “older” software. Our update client doesn’t really have a perception of what is “older” and what is “newer”. The only thing that matters is what is currently installed and what is being requested in the update. If what is being requested is different than what is currently installed it should perform the update.
For example if you do an offline update from version A to version B, then later you realize you want to go back. You would just do an update from version B to version A. For offline updates this would mean you need to create a new Lockox containing version A, since the Lockbox you used to go from A to B, only contains version B. Does that make sense?
Currently aktualizr will not install an older version and displays a log message accordingly.
Could you elaborate on this point please. Sharing the exact log message would help with clarity. As I said Aktualizr should allow this, as long as what you are requesting to be installed is not the same as what is currently installed on the device.
Best Regards,
Jeremias
I have only tried inserting an SD card with the previous version.
We were hoping for a way a customer could rollback in this scenario.
I have only tried inserting an SD card with the previous version.
I’m still not sure I’m fully understanding you regarding your procedure in this case. You inserted an SD with a previous version of what exactly? What did you observe? What were the logs from this operation? What were your full steps?
We need precise details so that I can understand your setup and what you did.
We were hoping for a way a customer could rollback in this scenario.
As I said prior, this is possible if you create a fresh Lockbox that contains the version of the software that you want the device to update to.
Best Regards,
Jeremias