Filter out BLS entries not managed by bootc#2243
Conversation
Dudecake
force-pushed
the
filter-custom-bls-entries
branch
from
dba7de3 to
9ade58e
Compare
| pub(crate) const UKI_NAME_PREFIX: &str = TYPE1_BOOT_DIR_PREFIX; | ||
|
|
||
| /// The prefix for BLS file entries | ||
| pub(crate) const BLS_ENTRY_PREFIX: &str = "bootc_"; |
There was a problem hiding this comment.
We have TYPE1_BOOT_DIR_PREFIX for this
There was a problem hiding this comment.
I didn't want to change that from bootc_composefs- -> bootc_ as it's used in other places. The format the BLS entry seems to follow is bootc_${ID}-${verity}-${index}.conf, though maybe I've misunderstood what the BLS entry is...
There was a problem hiding this comment.
We don't need this anymore?
Sad face. That makes this pretty useless as installing to a populated ESP works without issue, only Would the caller of |
yes, and these need special treatment for updates/switches. Also, we need to make sure these appear last in the boot entries list etc etc. There are a few more cases that need to be handled |
Dudecake
force-pushed
the
filter-custom-bls-entries
branch
from
9ade58e to
80be97c
Compare
|
I've been looking at this last- and previous weekend and attempting to have the caller filter these entries out would require a lot of changes as the original filename isn't included in the return value of Creating unique filenames for entries using the same |
Johan-Liebert1
left a comment
Johan-Liebert1
left a comment
There was a problem hiding this comment.
State resilience test seems to be failing with
content: Error: x Assertion failed.
content: ,-[/var/tmp/tmt/bootc-tmt-mldew2as-tmt-plans-integration-plan-45-composefs-corruped-state-resilience/tmt/plans/integration/plan-45-composefs-corruped-state-resilience/discover/default-0/tests/tmt/tests/booted/test-composefs-corruped-state-resilience.nu:51:12]
content: 50 |
content: 51 | ,-> assert (
content: 52 | | journalctl F_MESSAGE_ID=d264f924dadb4c31bff0412107d391fb
content: 53 | | | str contains $"No origin file for deployment bad-verity"
content: 54 | |-> )
content: : `---- It is not true.
content: 55 |
content: `----
This is because we log a journal message when we encounter an entry that bootc doesn't own (doesn't start with our prefix). I think it's better now to change this error message as we are handling these entries
| } | ||
|
|
||
| let original_entries = boot_dir.open_dir(TYPE1_ENT_PATH)?; | ||
| for entry in original_entries.entries()? { |
There was a problem hiding this comment.
We can use entries_utf8 to avoid to_string_lossy below
| pub(crate) const UKI_NAME_PREFIX: &str = TYPE1_BOOT_DIR_PREFIX; | ||
|
|
||
| /// The prefix for BLS file entries | ||
| pub(crate) const BLS_ENTRY_PREFIX: &str = "bootc_"; |
There was a problem hiding this comment.
We don't need this anymore?
| let entry = entry?; | ||
| let entry_name = entry.file_name(); | ||
| if entry.file_type()?.is_file() && !entry_name.to_string_lossy().starts_with(BLS_ENTRY_PREFIX) { | ||
| original_entries.copy(entry.file_name(), &staged_entries, entry_name)?; |
There was a problem hiding this comment.
Error context would be nice here
2 participants
Fixes #2228
The cases that the tests in the last commit check cannot occur anymore because of the changes in
get_sorted_type1_boot_entries_helper. If they're unneeded, I can drop the commit.