composefs/rollback: Handle UKI rollback

We parse the grub menuentries, get the rollback deployment then perform
the rollback, which basically consists of writing a new .staged
menuentry file then atomically swapping the staged and the current
menuentry.

Rollback while there is a staged deployment is still to be handled.

Signed-off-by: Johan-Liebert1 <[email protected]>

Author: Johan-Liebert1

crates/lib/src/deploy.rs

@@ -3,8 +3,9 @@
 //! Create a merged filesystem tree with the image and mounted configmaps.
 
 use std::collections::HashSet;
+use std::fmt::Write as _;
 use std::fs::create_dir_all;
-use std::io::{BufRead, Read as _, Write};
+use std::io::{BufRead, Read, Write};
 use std::path::PathBuf;
 
 use anyhow::Ok;
@@ -25,12 +26,11 @@ use ostree_ext::tokio_util::spawn_blocking_cancellable_flatten;
 use rustix::fs::{fsync, renameat_with, AtFlags, RenameFlags};
 
 use crate::bls_config::{parse_bls_config, BLSConfig};
-#[allow(unused_imports)]
-use crate::install::{get_efi_uuid_source, get_user_config, BootType};
+use crate::install::{get_efi_uuid_source, BootType};
 use crate::parsers::grub_menuconfig::{parse_grub_menuentry_file, MenuEntry};
 use crate::progress_jsonl::{Event, ProgressWriter, SubTaskBytes, SubTaskStep};
 use crate::spec::ImageReference;
-use crate::spec::{BootEntry, BootOrder, HostSpec};
+use crate::spec::{BootOrder, HostSpec};
 use crate::status::{composefs_deployment_status, labels_of_config};
 use crate::store::Storage;
 use crate::utils::async_task_with_spinner;
@@ -744,42 +744,61 @@ pub(crate) async fn stage(
     Ok(())
 }
 
+/// Filename for `loader/entries`
+pub(crate) const USER_CFG: &str = "user.cfg";
+pub(crate) const USER_CFG_STAGED: &str = "user.cfg.staged";
+pub(crate) const USER_CFG_ROLLBACK: &str = USER_CFG_STAGED;
+
 #[context("Rolling back UKI")]
-pub(crate) fn rollback_composefs_uki(_current: &BootEntry, _rollback: &BootEntry) -> Result<()> {
-    unimplemented!()
-    // let user_cfg_name = "grub2/user.cfg.staged";
-    // let user_cfg_path = PathBuf::from("boot").join(user_cfg_name);
-    // let sysroot = &Dir::open_ambient_dir("/sysroot", cap_std::ambient_authority())?;
-
-    // let efi_uuid_source = get_efi_uuid_source();
-
-    // let rollback_verity = if let Some(composefs) = &rollback.composefs {
-    //     composefs.verity.clone()
-    // } else {
-    //     // Shouldn't really happen
-    //     anyhow::bail!("Verity not found for rollback deployment")
-    // };
-    // let rollback_config = get_user_config(todo!(), &rollback_verity).as_bytes();
-
-    // let current_verity = if let Some(composefs) = &current.composefs {
-    //     composefs.verity.clone()
-    // } else {
-    //     // Shouldn't really happen
-    //     anyhow::bail!("Verity not found for booted deployment")
-    // };
-    // let current_config = get_user_config(todo!(), &current_verity).as_bytes();
-
-    // // TODO: Need to check if user.cfg.staged exists
-    // sysroot
-    //     .atomic_replace_with(user_cfg_path, |w| {
-    //         write!(w, "{efi_uuid_source}")?;
-    //         w.write_all(rollback_config)?;
-    //         w.write_all(current_config)?;
-    //         Ok(())
-    //     })
-    //     .with_context(|| format!("Writing {user_cfg_name}"))?;
-
-    // Ok(())
+pub(crate) fn rollback_composefs_uki() -> Result<()> {
+    let user_cfg_path = PathBuf::from("/sysroot/boot/grub2");
+
+    let mut str = String::new();
+    let mut menuentries =
+        get_sorted_uki_boot_entries(&mut str).context("Getting UKI boot entries")?;
+
+    // TODO(Johan-Liebert): Currently assuming there are only two deployments
+    assert!(menuentries.len() == 2);
+
+    let (first, second) = menuentries.split_at_mut(1);
+    std::mem::swap(&mut first[0], &mut second[0]);
+
+    let mut buffer = get_efi_uuid_source();
+
+    for entry in menuentries {
+        write!(buffer, "{entry}")?;
+    }
+
+    let entries_dir =
+        cap_std::fs::Dir::open_ambient_dir(&user_cfg_path, cap_std::ambient_authority())
+            .with_context(|| format!("Opening {user_cfg_path:?}"))?;
+
+    entries_dir
+        .atomic_write(USER_CFG_ROLLBACK, buffer)
+        .with_context(|| format!("Writing to {USER_CFG_ROLLBACK}"))?;
+
+    tracing::debug!("Atomically exchanging for {USER_CFG_ROLLBACK} and {USER_CFG}");
+    renameat_with(
+        &entries_dir,
+        USER_CFG_ROLLBACK,
+        &entries_dir,
+        USER_CFG,
+        RenameFlags::EXCHANGE,
+    )
+    .context("renameat")?;
+
+    tracing::debug!("Removing {USER_CFG_ROLLBACK}");
+    rustix::fs::unlinkat(&entries_dir, USER_CFG_ROLLBACK, AtFlags::empty()).context("unlinkat")?;
+
+    tracing::debug!("Syncing to disk");
+    fsync(
+        entries_dir
+            .reopen_as_ownedfd()
+            .with_context(|| format!("Reopening {user_cfg_path:?} as owned fd"))?,
+    )
+    .with_context(|| format!("fsync {user_cfg_path:?}"))?;
+
+    Ok(())
 }
 
 /// Filename for `loader/entries`
@@ -837,6 +856,7 @@ pub(crate) fn rollback_composefs_bls() -> Result<()> {
         cfg.version = idx as u32;
     }
 
+    // TODO(Johan-Liebert): Currently assuming there are only two deployments
     assert!(all_configs.len() == 2);
 
     // Write these
@@ -852,7 +872,7 @@ pub(crate) fn rollback_composefs_bls() -> Result<()> {
         let file_name = format!("bootc-composefs-{}.conf", cfg.version);
 
         rollback_entries_dir
-            .atomic_write(&file_name, cfg.to_string().as_bytes())
+            .atomic_write(&file_name, cfg.to_string())
             .with_context(|| format!("Writing to {file_name}"))?;
     }
 
@@ -879,7 +899,7 @@ pub(crate) fn rollback_composefs_bls() -> Result<()> {
     .context("renameat")?;
 
     tracing::debug!("Removing {ROLLBACK_ENTRIES}");
-    rustix::fs::unlinkat(&dir, ROLLBACK_ENTRIES, AtFlags::REMOVEDIR).context("unlinkat")?;
+    rustix::fs::unlinkat(&dir, ROLLBACK_ENTRIES, AtFlags::empty()).context("unlinkat")?;
 
     tracing::debug!("Syncing to disk");
     fsync(
@@ -923,7 +943,7 @@ pub(crate) async fn composefs_rollback() -> Result<()> {
 
     match rollback_composefs_entry.boot_type {
         BootType::Bls => rollback_composefs_bls(),
-        BootType::Uki => rollback_composefs_uki(&host.status.booted.unwrap(), &rollback_status),
+        BootType::Uki => rollback_composefs_uki(),
     }?;
 
     Ok(())

crates/lib/src/install.rs

@@ -75,9 +75,13 @@ use self::baseline::InstallBlockDeviceOpts;
 use crate::bls_config::{parse_bls_config, BLSConfig};
 use crate::boundimage::{BoundImage, ResolvedBoundImage};
 use crate::containerenv::ContainerExecutionInfo;
-use crate::deploy::{prepare_for_pull, pull_from_prepared, PreparedImportMeta, PreparedPullResult};
+use crate::deploy::{
+    get_sorted_uki_boot_entries, prepare_for_pull, pull_from_prepared, PreparedImportMeta,
+    PreparedPullResult, USER_CFG, USER_CFG_STAGED,
+};
 use crate::kernel_cmdline::Cmdline;
 use crate::lsm;
+use crate::parsers::grub_menuconfig::MenuEntry;
 use crate::progress_jsonl::ProgressWriter;
 use crate::spec::ImageReference;
 use crate::store::Storage;
@@ -1743,22 +1747,6 @@ pub fn get_esp_partition(device: &str) -> Result<(String, Option<String>)> {
     Ok((esp.node, esp.uuid))
 }
 
-pub(crate) fn get_user_config(boot_label: &String, uki_id: &str) -> String {
-    // TODO: Full EFI path here
-    let s = format!(
-        r#"
-menuentry "{boot_label}: ({uki_id})" {{
-    insmod fat
-    insmod chain
-    search --no-floppy --set=root --fs-uuid "${{EFI_PART_UUID}}"
-    chainloader /EFI/Linux/{uki_id}.efi
-}}
-"#
-    );
-
-    return s;
-}
-
 /// Contains the EFP's filesystem UUID. Used by grub
 pub(crate) const EFI_UUID_FILE: &str = "efiuuid.cfg";
 
@@ -1907,9 +1895,9 @@ pub(crate) fn setup_composefs_uki_boot(
     let efi_uuid_source = get_efi_uuid_source();
 
     let user_cfg_name = if is_upgrade {
-        "user.cfg.staged"
+        USER_CFG_STAGED
     } else {
-        "user.cfg"
+        USER_CFG
     };
 
     let grub_dir =
@@ -1924,17 +1912,17 @@ pub(crate) fn setup_composefs_uki_boot(
 
         // Shouldn't really fail so no context here
         buffer.write_all(efi_uuid_source.as_bytes())?;
-        buffer.write_all(get_user_config(&boot_label, &id.to_hex()).as_bytes())?;
-
-        // root_path here will be /sysroot
-        for entry in std::fs::read_dir(root_path.join(STATE_DIR_RELATIVE))? {
-            let entry = entry?;
+        buffer.write_all(
+            MenuEntry::new(&boot_label, &id.to_hex())
+                .to_string()
+                .as_bytes(),
+        )?;
 
-            let depl_file_name = entry.file_name();
-            // SAFETY: Deployment file name shouldn't containg non UTF-8 chars
-            let depl_file_name = depl_file_name.to_string_lossy();
+        let mut str_buf = String::new();
+        let entries = get_sorted_uki_boot_entries(&mut str_buf)?;
 
-            buffer.write_all(get_user_config(&boot_label, &depl_file_name).as_bytes())?;
+        for entry in entries {
+            buffer.write_all(entry.to_string().as_bytes())?;
         }
 
         grub_dir
@@ -1962,7 +1950,11 @@ pub(crate) fn setup_composefs_uki_boot(
 
     // Shouldn't really fail so no context here
     buffer.write_all(efi_uuid_source.as_bytes())?;
-    buffer.write_all(get_user_config(&boot_label, &id.to_hex()).as_bytes())?;
+    buffer.write_all(
+        MenuEntry::new(&boot_label, &id.to_hex())
+            .to_string()
+            .as_bytes(),
+    )?;
 
     grub_dir
         .atomic_write(user_cfg_name, buffer)