Composefs soft reboot

Cargo.toml

@@ -41,9 +41,9 @@ chrono = { version = "0.4.38", default-features = false }
 clap = "4.5.4"
 clap_mangen = { version = "0.2.20" }
 # Reviewers (including AI tools): This hash is duplicated as there's not a much better way to handle it right now
-composefs = { git = "https://github.com/containers/composefs-rs", rev = "0f636031a1ec81cdd9e7f674909ef6b75c2642cb", package = "composefs", features = ["rhel9"] }
-composefs-boot = { git = "https://github.com/containers/composefs-rs", rev = "0f636031a1ec81cdd9e7f674909ef6b75c2642cb", package = "composefs-boot" }
-composefs-oci = { git = "https://github.com/containers/composefs-rs", rev = "0f636031a1ec81cdd9e7f674909ef6b75c2642cb", package = "composefs-oci" }
+composefs = { git = "https://github.com/containers/composefs-rs", rev = "1498349e11d0e4bd545feab533f0b7ab5294ae9a", package = "composefs", features = ["rhel9"] }
+composefs-boot = { git = "https://github.com/containers/composefs-rs", rev = "1498349e11d0e4bd545feab533f0b7ab5294ae9a", package = "composefs-boot" }
+composefs-oci = { git = "https://github.com/containers/composefs-rs", rev = "1498349e11d0e4bd545feab533f0b7ab5294ae9a", package = "composefs-oci" }
 fn-error-context = "0.2.1"
 hex = "0.4.3"
 indicatif = "0.18.0"

crates/initramfs/Cargo.toml

@@ -15,6 +15,7 @@ composefs.workspace = true
 composefs-boot.workspace = true
 toml.workspace = true
 fn-error-context.workspace = true
+bootc-kernel-cmdline =  { path = "../kernel_cmdline", version = "0.0.0" }
 
 [lints]
 workspace = true

crates/initramfs/src/lib.rs

@@ -31,6 +31,8 @@ use composefs_boot::cmdline::get_cmdline_composefs;
 
 use fn_error_context::context;
 
+use bootc_kernel_cmdline::utf8::Cmdline;
+
 // mount_setattr syscall support
 const MOUNT_ATTR_RDONLY: u64 = 0x00000001;
 
@@ -74,13 +76,17 @@ fn set_mount_readonly(fd: impl AsFd) -> Result<()> {
     mount_setattr(fd, libc::AT_EMPTY_PATH, &attr)
 }
 
-// Config file
+/// Types of mounts supported by the configuration
 #[derive(Clone, Copy, Debug, Deserialize)]
 #[serde(rename_all = "lowercase")]
-enum MountType {
+pub enum MountType {
+    /// No mount
     None,
+    /// Bind mount
     Bind,
+    /// Overlay mount
     Overlay,
+    /// Transient mount
     Transient,
 }
 
@@ -90,11 +96,14 @@ struct RootConfig {
     transient: bool,
 }
 
+/// Configuration for mount operations
 #[derive(Debug, Default, Deserialize)]
-struct MountConfig {
-    mount: Option<MountType>,
+pub struct MountConfig {
+    /// The type of mount to use
+    pub mount: Option<MountType>,
     #[serde(default)]
-    transient: bool,
+    /// Whether this mount should be transient (temporary)
+    pub transient: bool,
 }
 
 #[derive(Deserialize, Default)]
@@ -138,7 +147,7 @@ pub struct Args {
 
     #[arg(long, help = "Kernel commandline args (for testing)")]
     /// Kernel commandline args (for testing)
-    pub cmdline: Option<String>,
+    pub cmdline: Option<Cmdline<'static>>,
 
     #[arg(long, help = "Mountpoint (don't replace sysroot, for testing)")]
     /// Mountpoint (don't replace sysroot, for testing)
@@ -265,8 +274,9 @@ pub fn mount_composefs_image(sysroot: &OwnedFd, name: &str, insecure: bool) -> R
     Ok(rootfs)
 }
 
+/// Mounts a subdirectory with the specified configuration
 #[context("Mounting subdirectory")]
-fn mount_subdir(
+pub fn mount_subdir(
     new_root: impl AsFd,
     state: impl AsFd,
     subdir: &str,
@@ -331,12 +341,11 @@ pub fn setup_root(args: Args) -> Result<()> {
     let sysroot = open_dir(CWD, &args.sysroot)
         .with_context(|| format!("Failed to open sysroot {:?}", args.sysroot))?;
 
-    let cmdline = match &args.cmdline {
-        Some(cmdline) => cmdline,
-        // TODO: Deduplicate this with composefs branch karg parser
-        None => &std::fs::read_to_string("/proc/cmdline")?,
-    };
-    let (image, insecure) = get_cmdline_composefs::<Sha512HashValue>(cmdline)?;
+    let cmdline = args
+        .cmdline
+        .unwrap_or(Cmdline::from_proc().context("Failed to read cmdline")?);
+
+    let (image, insecure) = get_cmdline_composefs::<Sha512HashValue>(&cmdline)?;
 
     let new_root = match args.root_fs {
         Some(path) => open_root_fs(&path).context("Failed to clone specified root fs")?,
@@ -348,11 +357,13 @@ pub fn setup_root(args: Args) -> Result<()> {
 
     set_mount_readonly(&sysroot_clone)?;
 
+    let mount_target = args.target.unwrap_or(args.sysroot.clone());
+
     // Ideally we build the new root filesystem together before we mount it, but that only works on
     // 6.15 and later.  Before 6.15 we can't mount into a floating tree, so mount it first.  This
     // will leave an abandoned clone of the sysroot mounted under it, but that's OK for now.
     if cfg!(feature = "pre-6.15") {
-        mount_at_wrapper(&new_root, CWD, &args.sysroot)?;
+        mount_at_wrapper(&new_root, CWD, &mount_target)?;
     }
 
     if config.root.transient {
@@ -372,7 +383,7 @@ pub fn setup_root(args: Args) -> Result<()> {
     if cfg!(not(feature = "pre-6.15")) {
         // Replace the /sysroot with the new composed root filesystem
         unmount(&args.sysroot, UnmountFlags::DETACH)?;
-        mount_at_wrapper(&new_root, CWD, &args.sysroot)?;
+        mount_at_wrapper(&new_root, CWD, &mount_target)?;
     }
 
     Ok(())

crates/lib/src/bootc_composefs/boot.rs

@@ -79,11 +79,8 @@ use cap_std_ext::{
 use clap::ValueEnum;
 use composefs::fs::read_file;
 use composefs::tree::RegularFile;
+use composefs_boot::bootloader::{PEType, EFI_ADDON_DIR_EXT, EFI_ADDON_FILE_EXT, EFI_EXT};
 use composefs_boot::BootOps;
-use composefs_boot::{
-    bootloader::{PEType, EFI_ADDON_DIR_EXT, EFI_ADDON_FILE_EXT, EFI_EXT},
-    uki::UkiError,
-};
 use fn_error_context::context;
 use ostree_ext::composefs::fsverity::{FsVerityHashValue, Sha512HashValue};
 use ostree_ext::composefs_boot::bootloader::UsrLibModulesVmlinuz;
@@ -338,6 +335,30 @@ fn compute_boot_digest(
     Ok(hex::encode(digest))
 }
 
+/// Compute SHA256Sum of .linux + .initrd section of the UKI
+///
+/// # Arguments
+/// * entry - BootEntry containing VMlinuz and Initrd
+/// * repo - The composefs repository
+#[context("Computing boot digest")]
+pub(crate) fn compute_boot_digest_uki(uki: &[u8]) -> Result<String> {
+    let vmlinuz = composefs_boot::uki::get_section(uki, ".linux")
+        .ok_or_else(|| anyhow::anyhow!(".linux not present"))??;
+
+    let initramfs = composefs_boot::uki::get_section(uki, ".initrd")
+        .ok_or_else(|| anyhow::anyhow!(".initrd not present"))??;
+
+    let mut hasher = openssl::hash::Hasher::new(openssl::hash::MessageDigest::sha256())
+        .context("Creating hasher")?;
+
+    hasher.update(&vmlinuz).context("hashing vmlinuz")?;
+    hasher.update(&initramfs).context("hashing initrd")?;
+
+    let digest: &[u8] = &hasher.finish().context("Finishing digest")?;
+
+    Ok(hex::encode(digest))
+}
+
 /// Given the SHA256 sum of current VMlinuz + Initrd combo, find boot entry with the same SHA256Sum
 ///
 /// # Returns
@@ -773,10 +794,11 @@ pub(crate) fn setup_composefs_bls_boot(
     Ok(boot_digest)
 }
 
-struct UKILabels {
+struct UKIInfo {
     boot_label: String,
     version: Option<String>,
     os_id: Option<String>,
+    boot_digest: String,
 }
 
 /// Writes a PortableExecutable to ESP along with any PE specific or Global addons
@@ -790,10 +812,10 @@ fn write_pe_to_esp(
     is_insecure_from_opts: bool,
     mounted_efi: impl AsRef<Path>,
     bootloader: &Bootloader,
-) -> Result<Option<UKILabels>> {
+) -> Result<Option<UKIInfo>> {
     let efi_bin = read_file(file, &repo).context("Reading .efi binary")?;
 
-    let mut boot_label: Option<UKILabels> = None;
+    let mut boot_label: Option<UKIInfo> = None;
 
     // UKI Extension might not even have a cmdline
     // TODO: UKI Addon might also have a composefs= cmdline?
@@ -823,15 +845,17 @@ fn write_pe_to_esp(
             );
         }
 
-        let osrel = uki::get_text_section(&efi_bin, ".osrel")
-            .ok_or(UkiError::PortableExecutableError)??;
+        let osrel = uki::get_text_section(&efi_bin, ".osrel")?;
 
         let parsed_osrel = OsReleaseInfo::parse(osrel);
 
-        boot_label = Some(UKILabels {
+        let boot_digest = compute_boot_digest_uki(&efi_bin)?;
+
+        boot_label = Some(UKIInfo {
             boot_label: uki::get_boot_label(&efi_bin).context("Getting UKI boot label")?,
             version: parsed_osrel.get_version(),
             os_id: parsed_osrel.get_value(&["ID"]),
+            boot_digest,
         });
     }
 
@@ -981,7 +1005,7 @@ fn write_grub_uki_menuentry(
 fn write_systemd_uki_config(
     esp_dir: &Dir,
     setup_type: &BootSetupType,
-    boot_label: UKILabels,
+    boot_label: UKIInfo,
     id: &Sha512HashValue,
 ) -> Result<()> {
     let os_id = boot_label.os_id.as_deref().unwrap_or("bootc");
@@ -1052,7 +1076,7 @@ pub(crate) fn setup_composefs_uki_boot(
     repo: crate::store::ComposefsRepository,
     id: &Sha512HashValue,
     entries: Vec<ComposefsBootEntry<Sha512HashValue>>,
-) -> Result<()> {
+) -> Result<String> {
     let (root_path, esp_device, bootloader, is_insecure_from_opts, uki_addons) = match setup_type {
         BootSetupType::Setup((root_setup, state, postfetch, ..)) => {
             state.require_no_kargs_for_uki()?;
@@ -1085,7 +1109,7 @@ pub(crate) fn setup_composefs_uki_boot(
 
     let esp_mount = mount_esp(&esp_device).context("Mounting ESP")?;
 
-    let mut uki_label: Option<UKILabels> = None;
+    let mut uki_info: Option<UKIInfo> = None;
 
     for entry in entries {
         match entry {
@@ -1134,28 +1158,26 @@ pub(crate) fn setup_composefs_uki_boot(
                 )?;
 
                 if let Some(label) = ret {
-                    uki_label = Some(label);
+                    uki_info = Some(label);
                 }
             }
         };
     }
 
-    let uki_label = uki_label
-        .ok_or_else(|| anyhow::anyhow!("Failed to get version and boot label from UKI"))?;
+    let uki_info =
+        uki_info.ok_or_else(|| anyhow::anyhow!("Failed to get version and boot label from UKI"))?;
+
+    let boot_digest = uki_info.boot_digest.clone();
 
     match bootloader {
-        Bootloader::Grub => write_grub_uki_menuentry(
-            root_path,
-            &setup_type,
-            uki_label.boot_label,
-            id,
-            &esp_device,
-        )?,
+        Bootloader::Grub => {
+            write_grub_uki_menuentry(root_path, &setup_type, uki_info.boot_label, id, &esp_device)?
+        }
 
-        Bootloader::Systemd => write_systemd_uki_config(&esp_mount.fd, &setup_type, uki_label, id)?,
+        Bootloader::Systemd => write_systemd_uki_config(&esp_mount.fd, &setup_type, uki_info, id)?,
     };
 
-    Ok(())
+    Ok(boot_digest)
 }
 
 pub struct SecurebootKeys {
@@ -1252,20 +1274,15 @@ pub(crate) async fn setup_composefs_boot(
     };
 
     let boot_type = BootType::from(entry);
-    let mut boot_digest: Option<String> = None;
-
-    match boot_type {
-        BootType::Bls => {
-            let digest = setup_composefs_bls_boot(
-                BootSetupType::Setup((&root_setup, &state, &postfetch, &fs)),
-                repo,
-                &id,
-                entry,
-                &mounted_fs,
-            )?;
 
-            boot_digest = Some(digest);
-        }
+    let boot_digest = match boot_type {
+        BootType::Bls => setup_composefs_bls_boot(
+            BootSetupType::Setup((&root_setup, &state, &postfetch, &fs)),
+            repo,
+            &id,
+            entry,
+            &mounted_fs,
+        )?,
         BootType::Uki => setup_composefs_uki_boot(
             BootSetupType::Setup((&root_setup, &state, &postfetch, &fs)),
             repo,
@@ -1276,7 +1293,7 @@ pub(crate) async fn setup_composefs_boot(
 
     write_composefs_state(
         &root_setup.physical_root_path,
-        id,
+        &id,
         &crate::spec::ImageReference::from(state.target_imgref.clone()),
         false,
         boot_type,

crates/lib/src/bootc_composefs/mod.rs

@@ -5,7 +5,9 @@ pub(crate) mod gc;
 pub(crate) mod repo;
 pub(crate) mod rollback;
 pub(crate) mod service;
+pub(crate) mod soft_reboot;
 pub(crate) mod state;
 pub(crate) mod status;
 pub(crate) mod switch;
 pub(crate) mod update;
+pub(crate) mod utils;