composefs/state: Use atomic writes for origin and staged deployment files

Signed-off-by: Johan-Liebert1 <[email protected]>

Author: Johan-Liebert1

crates/lib/src/bls_config.rs

@@ -1,7 +1,7 @@
-use serde::{Deserialize, Deserializer};
+use anyhow::Result;
 use serde::de::Error;
+use serde::{Deserialize, Deserializer};
 use std::collections::HashMap;
-use anyhow::Result;
 
 #[derive(Debug, Deserialize, Eq)]
 pub(crate) struct BLSConfig {

crates/lib/src/deploy.rs

@@ -788,7 +788,8 @@ pub(crate) fn rollback_composefs_uki() -> Result<()> {
     .context("renameat")?;
 
     tracing::debug!("Removing {USER_CFG_ROLLBACK}");
-    rustix::fs::unlinkat(&entries_dir, USER_CFG_ROLLBACK, AtFlags::REMOVEDIR).context("unlinkat")?;
+    rustix::fs::unlinkat(&entries_dir, USER_CFG_ROLLBACK, AtFlags::REMOVEDIR)
+        .context("unlinkat")?;
 
     tracing::debug!("Syncing to disk");
     fsync(
@@ -813,7 +814,6 @@ pub(crate) fn get_sorted_uki_boot_entries<'a>(str: &'a mut String) -> Result<Vec
     parse_grub_menuentry_file(str)
 }
 
-
 #[context("Getting boot entries")]
 pub(crate) fn get_sorted_bls_boot_entries(ascending: bool) -> Result<Vec<BLSConfig>> {
     let mut all_configs = vec![];

crates/lib/src/install.rs

@@ -2049,7 +2049,8 @@ fn setup_composefs_boot(root_setup: &RootSetup, state: &State, image_id: &str) -
 }
 
 pub(crate) const COMPOSEFS_TRANSIENT_STATE_DIR: &str = "/run/composefs";
-pub(crate) const COMPOSEFS_STAGED_DEPLOYMENT_PATH: &str = "/run/composefs/staged-deployment";
+/// File created in /run/composefs to record a staged-deployment
+pub(crate) const COMPOSEFS_STAGED_DEPLOYMENT_FNAME: &str = "staged-deployment";
 /// Relative to /sysroot
 pub(crate) const STATE_DIR_RELATIVE: &str = "state/deploy";
 
@@ -2091,25 +2092,32 @@ pub(crate) fn write_composefs_state(
         .section(ORIGIN_KEY_BOOT)
         .item(ORIGIN_KEY_BOOT_TYPE, boot_type);
 
-    let mut origin_file =
-        std::fs::File::create(state_path.join(format!("{}.origin", deployment_id.to_hex())))
-            .context("Failed to open .origin file")?;
+    let state_dir = cap_std::fs::Dir::open_ambient_dir(&state_path, cap_std::ambient_authority())
+        .context("Opening state dir")?;
 
-    origin_file
-        .write(config.to_string().as_bytes())
+    state_dir
+        .atomic_write(
+            format!("{}.origin", deployment_id.to_hex()),
+            config.to_string().as_bytes(),
+        )
         .context("Falied to write to .origin file")?;
 
     if staged {
         std::fs::create_dir_all(COMPOSEFS_TRANSIENT_STATE_DIR)
             .with_context(|| format!("Creating {COMPOSEFS_TRANSIENT_STATE_DIR}"))?;
 
-        let mut file = std::fs::OpenOptions::new()
-            .write(true)
-            .create(true)
-            .open(COMPOSEFS_STAGED_DEPLOYMENT_PATH)
-            .context("Opening staged-deployment file")?;
+        let staged_depl_dir = cap_std::fs::Dir::open_ambient_dir(
+            COMPOSEFS_TRANSIENT_STATE_DIR,
+            cap_std::ambient_authority(),
+        )
+        .with_context(|| format!("Opening {COMPOSEFS_TRANSIENT_STATE_DIR}"))?;
 
-        file.write_all(deployment_id.to_hex().as_bytes())?;
+        staged_depl_dir
+            .atomic_write(
+                COMPOSEFS_STAGED_DEPLOYMENT_FNAME,
+                deployment_id.to_hex().as_bytes(),
+            )
+            .with_context(|| format!("Writing to {COMPOSEFS_STAGED_DEPLOYMENT_FNAME}"))?;
     }
 
     Ok(())

crates/lib/src/lib.rs

@@ -4,6 +4,7 @@
 //! to provide a fully "container native" tool for using
 //! bootable container images.
 
+mod bls_config;
 mod boundimage;
 pub mod cli;
 pub(crate) mod deploy;
@@ -18,6 +19,7 @@ pub(crate) mod kargs;
 mod lints;
 mod lsm;
 pub(crate) mod metadata;
+pub(crate) mod parsers;
 mod podman;
 mod progress_jsonl;
 mod reboot;
@@ -27,8 +29,6 @@ mod status;
 mod store;
 mod task;
 mod utils;
-mod bls_config;
-pub(crate) mod parsers;
 
 #[cfg(feature = "docgen")]
 mod docgen;

crates/lib/src/spec.rs

@@ -165,7 +165,6 @@ pub struct BootEntryOstree {
     pub deploy_serial: u32,
 }
 
-
 /// A bootable entry
 #[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq, JsonSchema)]
 #[serde(rename_all = "camelCase")]

crates/lib/src/status.rs

@@ -29,7 +29,9 @@ use crate::deploy::get_sorted_uki_boot_entries;
 use crate::install::BootType;
 use crate::install::ORIGIN_KEY_BOOT;
 use crate::install::ORIGIN_KEY_BOOT_TYPE;
-use crate::install::{COMPOSEFS_STAGED_DEPLOYMENT_PATH, STATE_DIR_RELATIVE};
+use crate::install::{
+    COMPOSEFS_STAGED_DEPLOYMENT_FNAME, COMPOSEFS_TRANSIENT_STATE_DIR, STATE_DIR_RELATIVE,
+};
 use crate::spec::ImageStatus;
 use crate::spec::{BootEntry, BootOrder, Host, HostSpec, HostStatus, HostType};
 use crate::spec::{ImageReference, ImageSignature};
@@ -412,7 +414,9 @@ pub(crate) async fn composefs_deployment_status() -> Result<Host> {
 
     let mut host = Host::new(host_spec);
 
-    let staged_deployment_id = match std::fs::File::open(COMPOSEFS_STAGED_DEPLOYMENT_PATH) {
+    let staged_deployment_id = match std::fs::File::open(format!(
+        "{COMPOSEFS_TRANSIENT_STATE_DIR}/{COMPOSEFS_STAGED_DEPLOYMENT_FNAME}"
+    )) {
         Ok(mut f) => {
             let mut s = String::new();
             f.read_to_string(&mut s)?;

crates/ostree-ext/src/container_utils.rs

@@ -77,7 +77,6 @@ pub fn ostree_booted() -> io::Result<bool> {
     Path::new(&format!("/{OSTREE_BOOTED}")).try_exists()
 }
 
-
 /// Returns true if the system appears to have been booted with composefs without ostree.
 pub fn composefs_booted() -> io::Result<bool> {
     let cmdline = std::fs::read_to_string("/proc/cmdline")?;