install/composefs: Introduce flag for bls/uki boot

Johan-Liebert1 · Johan-Liebert1 · commit 270f7a1f6ed7 · 2025-06-11T12:18:42.000+05:30
Signed-off-by: Pragyan Poudyal &lt;pragyanpoudyal41999@gmail.com&gt;
diff --git a/lib/src/install.rs b/lib/src/install.rs
@@ -45,7 +45,7 @@ use ostree_ext::composefs::{
     util::Sha256Digest,
 };
 use ostree_ext::composefs_boot::{
-    write_boot::write_boot_simple as composefs_write_boot_simple, BootOps,
+    bootloader::BootEntry, write_boot::write_boot_simple as composefs_write_boot_simple, BootOps,
 };
 use ostree_ext::composefs_oci::{
     image::create_filesystem as create_composefs_filesystem, pull as composefs_oci_pull,
@@ -240,7 +240,8 @@ pub(crate) enum BootType {
 }
 
 #[derive(Debug, Clone, clap::Parser, Serialize, Deserialize, PartialEq, Eq)]
-pub(crate) struct InstallComposefsOptions {
+pub(crate) struct InstallComposefsOpts {
+    #[clap(long, value_enum, default_value_t)]
     pub(crate) boot: BootType,
 }
 
@@ -269,10 +270,10 @@ pub(crate) struct InstallToDiskOpts {
     pub(crate) via_loopback: bool,
 
     #[clap(long)]
-    pub(crate) composefs_experimental: bool,
+    pub(crate) composefs_native: bool,
 
     #[clap(flatten)]
-    pub(crate) composefs_opts: InstallComposefsOptions,
+    pub(crate) composefs_opts: InstallComposefsOpts,
 }
 
 #[derive(ValueEnum, Debug, Copy, Clone, PartialEq, Eq, Serialize, Deserialize)]
@@ -413,6 +414,9 @@ pub(crate) struct State {
     /// The root filesystem of the running container
     pub(crate) container_root: Dir,
     pub(crate) tempdir: TempDir,
+
+    // If Some, then --composefs_native is passed
+    pub(crate) composefs_options: Option<InstallComposefsOpts>,
 }
 
 impl State {
@@ -558,7 +562,7 @@ impl FromStr for MountSpec {
 
 impl InstallToDiskOpts {
     pub(crate) fn validate(&self) {
-        if !self.composefs_experimental {
+        if !self.composefs_native {
             // Reject using --boot without --composefs
             if self.composefs_opts.boot != BootType::default() {
                 panic!("--boot must not be provided without --composefs");
@@ -1226,6 +1230,7 @@ async fn prepare_install(
     config_opts: InstallConfigOpts,
     source_opts: InstallSourceOpts,
     target_opts: InstallTargetOpts,
+    composefs_opts: Option<InstallComposefsOpts>,
 ) -> Result<Arc<State>> {
     tracing::trace!("Preparing install");
     let rootfs = cap_std::fs::Dir::open_ambient_dir("/", cap_std::ambient_authority())
@@ -1370,6 +1375,7 @@ async fn prepare_install(
         container_root: rootfs,
         tempdir,
         host_is_container,
+        composefs_options: composefs_opts,
     });
 
     Ok(state)
@@ -1494,37 +1500,14 @@ async fn initialize_composefs_repository(
     composefs_oci_pull(&Arc::new(repo), &format!("{transport}{name}",), None).await
 }
 
-#[context("Setting up composefs boot")]
-fn setup_composefs_boot(root_setup: &RootSetup, state: &State, image_id: &str) -> Result<()> {
-    let boot_uuid = root_setup
-        .get_boot_uuid()?
-        .or(root_setup.rootfs_uuid.as_deref())
-        .ok_or_else(|| anyhow!("No uuid for boot/root"))?;
-
-    if cfg!(target_arch = "s390x") {
-        // TODO: Integrate s390x support into install_via_bootupd
-        crate::bootloader::install_via_zipl(&root_setup.device_info, boot_uuid)?;
-    } else {
-        crate::bootloader::install_via_bootupd(
-            &root_setup.device_info,
-            &root_setup.physical_root_path,
-            &state.config_opts,
-        )?;
-    }
-
-    let repo = open_composefs_repo(&root_setup.physical_root)?;
-
-    let mut fs = create_composefs_filesystem(&repo, image_id, None)?;
-
-    let entries = fs.transform_for_boot(&repo)?;
-    let id = fs.commit_image(&repo, None)?;
-
-    println!("{entries:#?}");
-
-    let Some(entry) = entries.into_iter().next() else {
-        anyhow::bail!("No boot entries!");
-    };
-
+#[context("Setting up BLS boot")]
+fn setup_composefs_bls_boot(
+    root_setup: &RootSetup,
+    // TODO: Make this generic
+    repo: ComposefsRepository<Sha256HashValue>,
+    id: &Sha256HashValue,
+    entry: BootEntry<Sha256HashValue>,
+) -> Result<()> {
     let rootfs_uuid = match &root_setup.rootfs_uuid {
         Some(u) => u,
         None => anyhow::bail!("Expected rootfs to have a UUID by now"),
@@ -1536,6 +1519,32 @@ fn setup_composefs_boot(root_setup: &RootSetup, state: &State, image_id: &str) -
         "rw",
     ];
 
+    composefs_write_boot_simple(
+        &repo,
+        entry,
+        &id,
+        root_setup.physical_root_path.as_std_path(), // /run/mounts/bootc/boot
+        Some("boot"),
+        Some(&format!("{}", id.to_hex())),
+        &cmdline_refs,
+    )?;
+
+    Ok(())
+}
+
+#[context("Setting up UKI boot")]
+fn setup_composefs_uki_boot(
+    root_setup: &RootSetup,
+    // TODO: Make this generic
+    repo: ComposefsRepository<Sha256HashValue>,
+    id: &Sha256HashValue,
+    entry: BootEntry<Sha256HashValue>,
+) -> Result<()> {
+    let rootfs_uuid = match &root_setup.rootfs_uuid {
+        Some(u) => u,
+        None => anyhow::bail!("Expected rootfs to have a UUID by now"),
+    };
+
     let boot_dir = root_setup.physical_root_path.join("boot");
     create_dir_all(&boot_dir).context("Failed to create boot dir")?;
 
@@ -1544,28 +1553,71 @@ fn setup_composefs_boot(root_setup: &RootSetup, state: &State, image_id: &str) -
         entry,
         &id,
         boot_dir.as_std_path(),
+        None,
         Some(&format!("{}", id.to_hex())),
-        Some("/boot"),
-        &cmdline_refs,
+        &[],
     )?;
 
     // Add the user grug cfg
     // TODO: We don't need this for BLS. Have a flag for BLS vs UKI, or maybe we can figure it out
     // via the boot entries above
     let grub_user_config = format!(
         r#"
-menuentry "Some Fedora" {{
+menuentry "Fedora Bootc UKI" {{
     insmod fat
     insmod chain
     search --no-floppy --set=root --fs-uuid {rootfs_uuid}
-    chainloader /boot/EFI/Linux/uki.efi
+    chainloader /boot/EFI/Linux/{uki_id}.efi
 }}
-"#
+"#, uki_id=id.to_hex()
     );
 
     std::fs::write(boot_dir.join("grub2/user.cfg"), grub_user_config)
         .context("Failed to write grub2/user.cfg")?;
 
+    Ok(())
+}
+
+#[context("Setting up composefs boot")]
+fn setup_composefs_boot(root_setup: &RootSetup, state: &State, image_id: &str) -> Result<()> {
+    let boot_uuid = root_setup
+        .get_boot_uuid()?
+        .or(root_setup.rootfs_uuid.as_deref())
+        .ok_or_else(|| anyhow!("No uuid for boot/root"))?;
+
+    if cfg!(target_arch = "s390x") {
+        // TODO: Integrate s390x support into install_via_bootupd
+        crate::bootloader::install_via_zipl(&root_setup.device_info, boot_uuid)?;
+    } else {
+        crate::bootloader::install_via_bootupd(
+            &root_setup.device_info,
+            &root_setup.physical_root_path,
+            &state.config_opts,
+        )?;
+    }
+
+    let repo = open_composefs_repo(&root_setup.physical_root)?;
+
+    let mut fs = create_composefs_filesystem(&repo, image_id, None)?;
+
+    let entries = fs.transform_for_boot(&repo)?;
+    let id = fs.commit_image(&repo, None)?;
+
+    println!("{entries:#?}");
+
+    let Some(entry) = entries.into_iter().next() else {
+        anyhow::bail!("No boot entries!");
+    };
+
+    let Some(composefs_opts) = &state.composefs_options else {
+        anyhow::bail!("Could not find options for composefs")
+    };
+
+    match composefs_opts.boot {
+        BootType::Bls => setup_composefs_bls_boot(root_setup, repo, &id, entry)?,
+        BootType::Uki => setup_composefs_uki_boot(root_setup, repo, &id, entry)?,
+    };
+
     let state_path = root_setup
         .physical_root_path
         .join(format!("state/{}", id.to_hex()));
@@ -1581,7 +1633,6 @@ async fn install_to_filesystem_impl(
     state: &State,
     rootfs: &mut RootSetup,
     cleanup: Cleanup,
-    composefs: bool,
 ) -> Result<()> {
     if matches!(state.selinux_state, SELinuxFinalState::ForceTargetDisabled) {
         rootfs.kargs.push("selinux=0".to_string());
@@ -1610,7 +1661,7 @@ async fn install_to_filesystem_impl(
 
     let bound_images = BoundImages::from_state(state).await?;
 
-    if composefs {
+    if state.composefs_options.is_some() {
         // Load a fd for the mounted target physical root
         let (id, verity) = initialize_composefs_repository(state, rootfs).await?;
 
@@ -1694,7 +1745,17 @@ pub(crate) async fn install_to_disk(mut opts: InstallToDiskOpts) -> Result<()> {
     } else if !target_blockdev_meta.file_type().is_block_device() {
         anyhow::bail!("Not a block device: {}", block_opts.device);
     }
-    let state = prepare_install(opts.config_opts, opts.source_opts, opts.target_opts).await?;
+    let state = prepare_install(
+        opts.config_opts,
+        opts.source_opts,
+        opts.target_opts,
+        if opts.composefs_native {
+            Some(opts.composefs_opts)
+        } else {
+            None
+        },
+    )
+    .await?;
 
     // This is all blocking stuff
     let (mut rootfs, loopback) = {
@@ -1715,7 +1776,7 @@ pub(crate) async fn install_to_disk(mut opts: InstallToDiskOpts) -> Result<()> {
         (rootfs, loopback_dev)
     };
 
-    install_to_filesystem_impl(&state, &mut rootfs, Cleanup::Skip, opts.composefs_experimental).await?;
+    install_to_filesystem_impl(&state, &mut rootfs, Cleanup::Skip).await?;
 
     // Drop all data about the root except the bits we need to ensure any file descriptors etc. are closed.
     let (root_path, luksdev) = rootfs.into_storage();
@@ -1902,7 +1963,7 @@ pub(crate) async fn install_to_filesystem(
     // IMPORTANT: and hence anything that is done before MUST BE IDEMPOTENT.
     // IMPORTANT: In practice, we should only be gathering information before this point,
     // IMPORTANT: and not performing any mutations at all.
-    let state = prepare_install(opts.config_opts, opts.source_opts, opts.target_opts).await?;
+    let state = prepare_install(opts.config_opts, opts.source_opts, opts.target_opts, None).await?;
     // And the last bit of state here is the fsopts, which we also destructure now.
     let mut fsopts = opts.filesystem_opts;
 
@@ -2101,7 +2162,7 @@ pub(crate) async fn install_to_filesystem(
         skip_finalize,
     };
 
-    install_to_filesystem_impl(&state, &mut rootfs, cleanup, false).await?;
+    install_to_filesystem_impl(&state, &mut rootfs, cleanup).await?;
 
     // Drop all data about the root except the path to ensure any file descriptors etc. are closed.
     drop(rootfs);
