composefs/status: Read UKI entries to check for queued rollback

Johan-Liebert1 · Johan-Liebert1 · commit 95d5e55545dc · 2025-07-29T11:34:02.000+05:30
Parse the Grub menuentry file, `boot/grub2/user.cfg` to get a list of
bootable UKIs and figure out if a rollback is currently queued.

Signed-off-by: Johan-Liebert1 &lt;pragyanpoudyal41999@gmail.com&gt;
diff --git a/crates/lib/src/deploy.rs b/crates/lib/src/deploy.rs
@@ -783,8 +783,16 @@ const CURRENT_ENTRIES: &str = "entries";
 const STAGED_ENTRIES: &str = "entries.staged";
 const ROLLBACK_ENTRIES: &str = STAGED_ENTRIES;
 
+// Need str to store lifetime
+pub(crate) fn get_sorted_uki_boot_entries<'a>(str: &'a mut String) -> Result<Vec<MenuEntry<'a>>> {
+    let mut file = std::fs::File::open("/sysroot/boot/grub2/user.cfg")?;
+    file.read_to_string(str)?;
+    parse_grub_menuentry_file(str)
+}
+
+
 #[context("Getting boot entries")]
-pub(crate) fn get_sorted_boot_entries(ascending: bool) -> Result<Vec<BLSConfig>> {
+pub(crate) fn get_sorted_bls_boot_entries(ascending: bool) -> Result<Vec<BLSConfig>> {
     let mut all_configs = vec![];
 
     for entry in std::fs::read_dir(format!("/sysroot/boot/loader/{CURRENT_ENTRIES}"))? {
@@ -819,7 +827,7 @@ pub(crate) fn rollback_composefs_bls() -> Result<()> {
     // After this:
     // all_configs[0] -> booted depl
     // all_configs[1] -> rollback depl
-    let mut all_configs = get_sorted_boot_entries(false)?;
+    let mut all_configs = get_sorted_bls_boot_entries(false)?;
 
     // Update the indicies so that they're swapped
     for (idx, cfg) in all_configs.iter_mut().enumerate() {
diff --git a/crates/lib/src/status.rs b/crates/lib/src/status.rs
@@ -24,7 +24,8 @@ use ostree_ext::ostree;
 use tokio::io::AsyncReadExt;
 
 use crate::cli::OutputFormat;
-use crate::deploy::get_sorted_boot_entries;
+use crate::deploy::get_sorted_bls_boot_entries;
+use crate::deploy::get_sorted_uki_boot_entries;
 use crate::install::BootType;
 use crate::install::ORIGIN_KEY_BOOT;
 use crate::install::ORIGIN_KEY_BOOT_TYPE;
@@ -422,6 +423,9 @@ pub(crate) async fn composefs_deployment_status() -> Result<Host> {
         Err(e) => Err(e),
     }?;
 
+    // NOTE: This cannot work if we support both BLS and UKI at the same time
+    let mut boot_type: Option<BootType> = None;
+
     for depl in deployments {
         let depl = depl?;
 
@@ -441,6 +445,21 @@ pub(crate) async fn composefs_deployment_status() -> Result<Host> {
         let boot_entry =
             boot_entry_from_composefs_deployment(ini, depl_file_name.to_string()).await?;
 
+        // SAFETY: boot_entry.composefs will always be present
+        let boot_type_from_origin = boot_entry.composefs.as_ref().unwrap().boot_type;
+
+        match boot_type {
+            Some(current_type) => {
+                if current_type != boot_type_from_origin {
+                    anyhow::bail!("Conflicting boot types")
+                }
+            }
+
+            None => {
+                boot_type = Some(boot_type_from_origin);
+            }
+        };
+
         if depl.file_name() == booted_image_verity {
             host.spec.image = boot_entry.image.as_ref().map(|x| x.image.clone());
             host.status.booted = Some(boot_entry);
@@ -457,11 +476,31 @@ pub(crate) async fn composefs_deployment_status() -> Result<Host> {
         host.status.rollback = Some(boot_entry);
     }
 
-    host.status.rollback_queued = !get_sorted_boot_entries(false)?
-        .first()
-        .ok_or(anyhow::anyhow!("First boot entry not found"))?
-        .options
-        .contains(booted_image_verity);
+    // Shouldn't really happen, but for sanity nonetheless
+    let Some(boot_type) = boot_type else {
+        anyhow::bail!("Could not determine boot type");
+    };
+
+    match boot_type {
+        BootType::Bls => {
+            host.status.rollback_queued = !get_sorted_bls_boot_entries(false)?
+                .first()
+                .ok_or(anyhow::anyhow!("First boot entry not found"))?
+                .options
+                .contains(booted_image_verity);
+        }
+
+        BootType::Uki => {
+            let mut s = String::new();
+
+            host.status.rollback_queued = !get_sorted_uki_boot_entries(&mut s)?
+                .first()
+                .ok_or(anyhow::anyhow!("First boot entry not found"))?
+                .body
+                .chainloader
+                .contains(booted_image_verity);
+        }
+    };
 
     if host.status.rollback_queued {
         host.spec.boot_order = BootOrder::Rollback
