composefs/rollback: Handle UKI rollback

We parse the grub menuentries, get the rollback deployment then perform
the rollback, which basically consists of writing a new .staged
menuentry file then atomically swapping the staged and the current
menuentry.

Rollback while there is a staged deployment is still to be handled.

Signed-off-by: Johan-Liebert1 <[email protected]>

Author: Johan-Liebert1

crates/lib/src/deploy.rs

@@ -3,8 +3,9 @@
 //! Create a merged filesystem tree with the image and mounted configmaps.
 
 use std::collections::HashSet;
+use std::fmt::Write as _;
 use std::fs::create_dir_all;
-use std::io::{BufRead, Write};
+use std::io::{BufRead, Read, Write};
 use std::path::PathBuf;
 
 use anyhow::Ok;
@@ -25,10 +26,11 @@ use ostree_ext::tokio_util::spawn_blocking_cancellable_flatten;
 use rustix::fs::{fsync, renameat_with, AtFlags, RenameFlags};
 
 use crate::bls_config::{parse_bls_config, BLSConfig};
-use crate::install::{get_efi_uuid_source, get_user_config, BootType};
+use crate::install::{get_efi_uuid_source, BootType};
+use crate::parsers::grub_menuconfig::{parse_grub_menuentry_file, MenuEntry};
 use crate::progress_jsonl::{Event, ProgressWriter, SubTaskBytes, SubTaskStep};
 use crate::spec::ImageReference;
-use crate::spec::{BootEntry, BootOrder, HostSpec};
+use crate::spec::{BootOrder, HostSpec};
 use crate::status::{composefs_deployment_status, labels_of_config};
 use crate::store::Storage;
 use crate::utils::async_task_with_spinner;
@@ -742,38 +744,59 @@ pub(crate) async fn stage(
     Ok(())
 }
 
+/// Filename for `loader/entries`
+pub(crate) const USER_CFG: &str = "user.cfg";
+pub(crate) const USER_CFG_STAGED: &str = "user.cfg.staged";
+pub(crate) const USER_CFG_ROLLBACK: &str = USER_CFG_STAGED;
+
 #[context("Rolling back UKI")]
-pub(crate) fn rollback_composefs_uki(current: &BootEntry, rollback: &BootEntry) -> Result<()> {
-    let user_cfg_name = "grub2/user.cfg.staged";
-    let user_cfg_path = PathBuf::from("/sysroot/boot").join(user_cfg_name);
+pub(crate) fn rollback_composefs_uki() -> Result<()> {
+    let user_cfg_path = PathBuf::from("/sysroot/boot/grub2");
 
-    let efi_uuid_source = get_efi_uuid_source();
+    let mut str = String::new();
+    let mut menuentries =
+        get_sorted_uki_boot_entries(&mut str).context("Getting UKI boot entries")?;
 
-    // TODO: Need to check if user.cfg.staged exists
-    let mut usr_cfg = std::fs::OpenOptions::new()
-        .write(true)
-        .create(true)
-        .truncate(true)
-        .open(user_cfg_path)
-        .with_context(|| format!("Opening {user_cfg_name}"))?;
+    // TODO(Johan-Liebert): Currently assuming there are only two deployments
+    assert!(menuentries.len() == 2);
 
-    usr_cfg.write(efi_uuid_source.as_bytes())?;
+    let (first, second) = menuentries.split_at_mut(1);
+    std::mem::swap(&mut first[0], &mut second[0]);
 
-    let verity = if let Some(composefs) = &rollback.composefs {
-        composefs.verity.clone()
-    } else {
-        // Shouldn't really happen
-        anyhow::bail!("Verity not found for rollback deployment")
-    };
-    usr_cfg.write(get_user_config(todo!(), &verity).as_bytes())?;
+    let mut buffer = get_efi_uuid_source();
 
-    let verity = if let Some(composefs) = &current.composefs {
-        composefs.verity.clone()
-    } else {
-        // Shouldn't really happen
-        anyhow::bail!("Verity not found for booted deployment")
-    };
-    usr_cfg.write(get_user_config(todo!(), &verity).as_bytes())?;
+    for entry in menuentries {
+        write!(buffer, "{entry}")?;
+    }
+
+    let entries_dir =
+        cap_std::fs::Dir::open_ambient_dir(&user_cfg_path, cap_std::ambient_authority())
+            .with_context(|| format!("Opening {user_cfg_path:?}"))?;
+
+    entries_dir
+        .atomic_write(USER_CFG_ROLLBACK, buffer)
+        .with_context(|| format!("Writing to {USER_CFG_ROLLBACK}"))?;
+
+    tracing::debug!("Atomically exchanging for {USER_CFG_ROLLBACK} and {USER_CFG}");
+    renameat_with(
+        &entries_dir,
+        USER_CFG_ROLLBACK,
+        &entries_dir,
+        USER_CFG,
+        RenameFlags::EXCHANGE,
+    )
+    .context("renameat")?;
+
+    tracing::debug!("Removing {USER_CFG_ROLLBACK}");
+    rustix::fs::unlinkat(&entries_dir, USER_CFG_ROLLBACK, AtFlags::REMOVEDIR).context("unlinkat")?;
+
+    tracing::debug!("Syncing to disk");
+    fsync(
+        entries_dir
+            .reopen_as_ownedfd()
+            .with_context(|| format!("Reopening {user_cfg_path:?} as owned fd"))?,
+    )
+    .with_context(|| format!("fsync {user_cfg_path:?}"))?;
 
     Ok(())
 }
@@ -834,6 +857,7 @@ pub(crate) fn rollback_composefs_bls() -> Result<()> {
         cfg.version = idx as u32;
     }
 
+    // TODO(Johan-Liebert): Currently assuming there are only two deployments
     assert!(all_configs.len() == 2);
 
     // Write these
@@ -849,7 +873,7 @@ pub(crate) fn rollback_composefs_bls() -> Result<()> {
         let file_name = format!("bootc-composefs-{}.conf", cfg.version);
 
         rollback_entries_dir
-            .atomic_write(&file_name, cfg.to_string().as_bytes())
+            .atomic_write(&file_name, cfg.to_string())
             .with_context(|| format!("Writing to {file_name}"))?;
     }
 
@@ -920,7 +944,7 @@ pub(crate) async fn composefs_rollback() -> Result<()> {
 
     match rollback_composefs_entry.boot_type {
         BootType::Bls => rollback_composefs_bls(),
-        BootType::Uki => rollback_composefs_uki(&host.status.booted.unwrap(), &rollback_status),
+        BootType::Uki => rollback_composefs_uki(),
     }?;
 
     Ok(())

crates/lib/src/install.rs

@@ -76,8 +76,12 @@ use self::baseline::InstallBlockDeviceOpts;
 use crate::bls_config::{parse_bls_config, BLSConfig};
 use crate::boundimage::{BoundImage, ResolvedBoundImage};
 use crate::containerenv::ContainerExecutionInfo;
-use crate::deploy::{prepare_for_pull, pull_from_prepared, PreparedImportMeta, PreparedPullResult};
+use crate::deploy::{
+    get_sorted_uki_boot_entries, prepare_for_pull, pull_from_prepared, PreparedImportMeta,
+    PreparedPullResult, USER_CFG, USER_CFG_STAGED,
+};
 use crate::lsm;
+use crate::parsers::grub_menuconfig::MenuEntry;
 use crate::progress_jsonl::ProgressWriter;
 use crate::spec::ImageReference;
 use crate::store::Storage;
@@ -1730,22 +1734,6 @@ pub fn get_esp_partition(device: &str) -> Result<(String, Option<String>)> {
     Ok((esp.node, esp.uuid))
 }
 
-pub(crate) fn get_user_config(boot_label: &String, uki_id: &str) -> String {
-    // TODO: Full EFI path here
-    let s = format!(
-        r#"
-menuentry "{boot_label}: ({uki_id})" {{
-    insmod fat
-    insmod chain
-    search --no-floppy --set=root --fs-uuid "${{EFI_PART_UUID}}"
-    chainloader /EFI/Linux/{uki_id}.efi
-}}
-"#
-    );
-
-    return s;
-}
-
 /// Contains the EFP's filesystem UUID. Used by grub
 pub(crate) const EFI_UUID_FILE: &str = "efiuuid.cfg";
 
@@ -1894,9 +1882,9 @@ pub(crate) fn setup_composefs_uki_boot(
     let efi_uuid_source = get_efi_uuid_source();
 
     let user_cfg_name = if is_upgrade {
-        "user.cfg.staged"
+        USER_CFG_STAGED
     } else {
-        "user.cfg"
+        USER_CFG
     };
 
     let grub_dir =
@@ -1911,17 +1899,17 @@ pub(crate) fn setup_composefs_uki_boot(
 
         // Shouldn't really fail so no context here
         buffer.write_all(efi_uuid_source.as_bytes())?;
-        buffer.write_all(get_user_config(&boot_label, &id.to_hex()).as_bytes())?;
-
-        // root_path here will be /sysroot
-        for entry in std::fs::read_dir(root_path.join(STATE_DIR_RELATIVE))? {
-            let entry = entry?;
+        buffer.write_all(
+            MenuEntry::new(&boot_label, &id.to_hex())
+                .to_string()
+                .as_bytes(),
+        )?;
 
-            let depl_file_name = entry.file_name();
-            // SAFETY: Deployment file name shouldn't containg non UTF-8 chars
-            let depl_file_name = depl_file_name.to_string_lossy();
+        let mut str_buf = String::new();
+        let entries = get_sorted_uki_boot_entries(&mut str_buf)?;
 
-            buffer.write_all(get_user_config(&boot_label, &depl_file_name).as_bytes())?;
+        for entry in entries {
+            buffer.write_all(entry.to_string().as_bytes())?;
         }
 
         grub_dir
@@ -1949,7 +1937,11 @@ pub(crate) fn setup_composefs_uki_boot(
 
     // Shouldn't really fail so no context here
     buffer.write_all(efi_uuid_source.as_bytes())?;
-    buffer.write_all(get_user_config(&boot_label, &id.to_hex()).as_bytes())?;
+    buffer.write_all(
+        MenuEntry::new(&boot_label, &id.to_hex())
+            .to_string()
+            .as_bytes(),
+    )?;
 
     grub_dir
         .atomic_write(user_cfg_name, buffer)

crates/lib/src/lib.rs

@@ -28,6 +28,7 @@ mod store;
 mod task;
 mod utils;
 mod bls_config;
+pub(crate) mod parsers;
 
 #[cfg(feature = "docgen")]
 mod docgen;

crates/ostree-ext/src/container_utils.rs

@@ -78,7 +78,7 @@ pub fn ostree_booted() -> io::Result<bool> {
 }
 
 
-/// Returns true if the system appears to have been booted with composefs.
+/// Returns true if the system appears to have been booted with composefs without ostree.
 pub fn composefs_booted() -> io::Result<bool> {
     let cmdline = std::fs::read_to_string("/proc/cmdline")?;
     Ok(cmdline.contains("composefs="))