composefs: Implement soft reboot

Add an internal command for soft rebooting the system. Similar to how
it's done for ostree, we only allow soft reboot if the other deployment
has the same kernel state, i.e. the SHASum of kernel + initrd is the
same as that of the current deployment.

soft reboot is not possible in case of UKI deployment

Signed-off-by: Pragyan Poudyal <[email protected]>

Author: Johan-Liebert1

crates/lib/src/bootc_composefs/mod.rs

@@ -6,6 +6,7 @@ pub(crate) mod gc;
 pub(crate) mod repo;
 pub(crate) mod rollback;
 pub(crate) mod service;
+pub(crate) mod soft_reboot;
 pub(crate) mod state;
 pub(crate) mod status;
 pub(crate) mod switch;

crates/lib/src/bootc_composefs/soft_reboot.rs

@@ -0,0 +1,68 @@
+use crate::{
+    bootc_composefs::{
+        service::start_finalize_stated_svc, status::composefs_deployment_status_from,
+    },
+    composefs_consts::COMPOSEFS_CMDLINE,
+    store::{BootedComposefs, Storage},
+};
+use anyhow::{Context, Result};
+use bootc_initramfs_setup::setup_root;
+use bootc_kernel_cmdline::utf8::Cmdline;
+use bootc_mount::{bind_mount_from_pidns, PID1};
+use camino::Utf8Path;
+use std::{fs::create_dir_all, os::unix::process::CommandExt, path::PathBuf, process::Command};
+
+const NEXTROOT: &str = "/run/nextroot";
+
+pub(crate) async fn soft_reboot_to_deployment(
+    storage: &Storage,
+    booted_cfs: &BootedComposefs,
+    deployment_id: &String,
+    reboot: bool,
+) -> Result<()> {
+    if *deployment_id == *booted_cfs.cmdline.digest {
+        anyhow::bail!("Cannot soft-reboot to currently booted deployment");
+    }
+
+    let host = composefs_deployment_status_from(storage, booted_cfs.cmdline).await?;
+
+    let all_deployments = host.all_composefs_deployments()?;
+
+    let requred_deployment = all_deployments
+        .iter()
+        .find(|entry| entry.deployment.verity == *deployment_id)
+        .ok_or_else(|| anyhow::anyhow!("Deployment '{deployment_id}' not found"))?;
+
+    if !requred_deployment.soft_reboot_capable {
+        anyhow::bail!("Cannot soft-reboot to deployment with a different kernel state");
+    }
+
+    start_finalize_stated_svc()?;
+
+    // escape to global mnt namespace
+    let run = Utf8Path::new("/run");
+    bind_mount_from_pidns(PID1, &run, &run, false).context("Bind mounting /run")?;
+
+    create_dir_all(NEXTROOT).context("Creating nextroot")?;
+
+    let cmdline = Cmdline::from(format!("{COMPOSEFS_CMDLINE}={deployment_id}"));
+
+    let args = bootc_initramfs_setup::Args {
+        cmd: vec![],
+        sysroot: PathBuf::from("/sysroot"),
+        config: Default::default(),
+        root_fs: None,
+        cmdline: Some(cmdline),
+        target: Some(NEXTROOT.into()),
+    };
+
+    setup_root(args)?;
+
+    if reboot {
+        // Replacing the current process should be fine as we restart userspace anyway
+        let err = Command::new("systemctl").arg("soft-reboot").exec();
+        return Err(anyhow::Error::from(err).context("Failed to exec 'systemctl soft-reboot'"));
+    }
+
+    Ok(())
+}

crates/lib/src/cli.rs

@@ -10,8 +10,8 @@ use std::process::Command;
 
 use anyhow::{anyhow, ensure, Context, Result};
 use camino::{Utf8Path, Utf8PathBuf};
-use cap_std_ext::cap_std::fs::Dir;
 use cap_std_ext::cap_std;
+use cap_std_ext::cap_std::fs::Dir;
 use clap::Parser;
 use clap::ValueEnum;
 use composefs::dumpfile;
@@ -33,6 +33,7 @@ use schemars::schema_for;
 use serde::{Deserialize, Serialize};
 
 use crate::bootc_composefs::delete::delete_composefs_deployment;
+use crate::bootc_composefs::soft_reboot::soft_reboot_to_deployment;
 use crate::bootc_composefs::{
     digest::{compute_composefs_digest, new_temp_composefs_repo},
     finalize::{composefs_backend_finalize, get_etc_diff},
@@ -603,6 +604,11 @@ pub(crate) enum InternalsOpts {
     #[cfg(feature = "docgen")]
     /// Dump CLI structure as JSON for documentation generation
     DumpCliJson,
+    PrepSoftReboot {
+        deployment: String,
+        #[clap(long)]
+        reboot: bool,
+    },
 }
 
 #[derive(Debug, clap::Subcommand, PartialEq, Eq)]
@@ -1769,6 +1775,19 @@ async fn run_from_opt(opt: Opt) -> Result<()> {
 
                 Ok(())
             }
+            InternalsOpts::PrepSoftReboot { deployment, reboot } => {
+                let storage = &get_storage().await?;
+
+                match storage.kind()? {
+                    BootedStorageKind::Ostree(..) => {
+                        // TODO: Call ostree implementation?
+                        anyhow::bail!("soft-reboot only implemented for composefs")
+                    }
+                    BootedStorageKind::Composefs(booted_cfs) => {
+                        soft_reboot_to_deployment(&storage, &booted_cfs, &deployment, reboot).await
+                    }
+                }
+            }
         },
         Opt::State(opts) => match opts {
             StateOpts::WipeOstree => {

crates/lib/src/spec.rs

@@ -295,6 +295,7 @@ pub(crate) struct DeploymentEntry<'a> {
     pub(crate) ty: Option<Slot>,
     pub(crate) deployment: &'a BootEntryComposefs,
     pub(crate) pinned: bool,
+    pub(crate) soft_reboot_capable: bool,
 }
 
 /// The result of a `bootc container inspect` command.
@@ -362,13 +363,15 @@ impl Host {
             ty: Some(Slot::Booted),
             deployment: booted,
             pinned: false,
+            soft_reboot_capable: false,
         });
 
         if let Some(staged) = &self.status.staged {
             all_deps.push(DeploymentEntry {
                 ty: Some(Slot::Staged),
                 deployment: staged.require_composefs()?,
                 pinned: false,
+                soft_reboot_capable: staged.soft_reboot_capable,
             });
         }
 
@@ -377,6 +380,7 @@ impl Host {
                 ty: Some(Slot::Rollback),
                 deployment: rollback.require_composefs()?,
                 pinned: false,
+                soft_reboot_capable: rollback.soft_reboot_capable,
             });
         }
 
@@ -385,6 +389,7 @@ impl Host {
                 ty: None,
                 deployment: pinned.require_composefs()?,
                 pinned: true,
+                soft_reboot_capable: pinned.soft_reboot_capable,
             });
         }