lanzaboote/rust/tool/shared/src/esp.rs

use std::{
    array::IntoIter,
    path::{Path, PathBuf},
};

use anyhow::{bail, Context, Result};
use indoc::indoc;

use crate::architecture::Architecture;
use crate::generation::Generation;

/// Generic ESP paths which can be specific to a bootloader
pub trait EspPaths<const N: usize> {
    /// Build an ESP path structure out of the ESP root directory
    fn new(esp: impl AsRef<Path>, arch: Architecture) -> Self;

    /// Return the used file paths to store as garbage collection roots.
    fn iter(&self) -> std::array::IntoIter<&PathBuf, N>;

    /// Returns the path containing NixOS EFI binaries
    fn nixos_path(&self) -> &Path;

    /// Returns the path containing Linux EFI binaries
    fn linux_path(&self) -> &Path;
}

/// Paths to the boot files of a specific generation.
pub struct EspGenerationPaths {
    pub kernel: PathBuf,
    pub initrd: PathBuf,
    pub lanzaboote_image: PathBuf,
}

impl EspGenerationPaths {
    pub fn new<const N: usize, P: EspPaths<N>>(
        esp_paths: &P,
        generation: &Generation,
        system: Architecture,
    ) -> Result<Self> {
        let bootspec = &generation.spec.bootspec.bootspec;
        let bootspec_system: Architecture = Architecture::from_nixos_system(&bootspec.system)?;

        if system != bootspec_system {
            bail!(indoc! {r#"
                The CPU architecture declared in your module differs from the one declared in the
                bootspec of the current generation.
            "#})
        }

        Ok(Self {
            kernel: esp_paths
                .nixos_path()
                .join(nixos_path(&bootspec.kernel, "bzImage")?),
            initrd: esp_paths.nixos_path().join(nixos_path(
                bootspec
                    .initrd
                    .as_ref()
                    .context("Lanzaboote does not support missing initrd yet")?,
                "initrd",
            )?),
            lanzaboote_image: esp_paths.linux_path().join(generation_path(generation)),
        })
    }

    /// Return the used file paths to store as garbage collection roots.
    pub fn to_iter(&self) -> IntoIter<&PathBuf, 3> {
        [&self.kernel, &self.initrd, &self.lanzaboote_image].into_iter()
    }
}

fn nixos_path(path: impl AsRef<Path>, name: &str) -> Result<PathBuf> {
    let resolved = path
        .as_ref()
        .read_link()
        .unwrap_or_else(|_| path.as_ref().into());

    let parent_final_component = resolved
        .parent()
        .and_then(|x| x.file_name())
        .and_then(|x| x.to_str())
        .with_context(|| format!("Failed to extract final component from: {:?}", resolved))?;

    let nixos_filename = format!("{}-{}.efi", parent_final_component, name);

    Ok(PathBuf::from(nixos_filename))
}

fn generation_path(generation: &Generation) -> PathBuf {
    if let Some(specialisation_name) = generation.is_specialised() {
        PathBuf::from(format!(
            "nixos-generation-{}-specialisation-{}.efi",
            generation, specialisation_name
        ))
    } else {
        PathBuf::from(format!("nixos-generation-{}.efi", generation))
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn nixos_path_creates_correct_filename_from_nix_store_path() -> Result<()> {
        let path =
            Path::new("/nix/store/xqplddjjjy1lhzyzbcv4dza11ccpcfds-initrd-linux-6.1.1/initrd");

        let generated_filename = nixos_path(path, "initrd")?;

        let expected_filename =
            PathBuf::from("xqplddjjjy1lhzyzbcv4dza11ccpcfds-initrd-linux-6.1.1-initrd.efi");

        assert_eq!(generated_filename, expected_filename);
        Ok(())
    }
}
tool: split systemd into a new crate and make tool into a lib-only crate This is necessary to make integration testing specific to the backend. 2023-07-22 13:49:46 -05:00			`use std::{`
			`array::IntoIter,`
			`path::{Path, PathBuf},`
			`};`
lanzatool.install: init 2022-11-23 08:26:26 -06:00
tool: clean up a few minor details 2023-09-14 09:18:58 -05:00			`use anyhow::{bail, Context, Result};`
			`use indoc::indoc;`
lanzatool: implement configuration limit 2022-12-11 19:09:19 -06:00
tool(architecture): make it generic Architecture is now a generic structure that can be specialized via an "external" trait for generating the paths you care about depending on your target bootloader. 2023-07-22 12:16:39 -05:00			`use crate::architecture::Architecture;`
tool: split systemd into a new crate and make tool into a lib-only crate This is necessary to make integration testing specific to the backend. 2023-07-22 13:49:46 -05:00			`use crate::generation::Generation;`
lanzatool: implement configuration limit 2022-12-11 19:09:19 -06:00
lzbt: abstraction for multiple backends This generates `lzbt-systemd` binary instead of `lzbt` which is using a special systemd-specific entrypoint. This is part of the effort to enable multiple backends. 2023-07-08 13:54:42 -05:00			`/// Generic ESP paths which can be specific to a bootloader`
			`pub trait EspPaths<const N: usize> {`
			`/// Build an ESP path structure out of the ESP root directory`
tool(systemd-boot): install it once instead of checking for each generation systemd-boot is now installed once for many generations rather than multiple times. This means it is not really possible to manage different system in the same "machine", which is a very obscure usecase, theoretically possible, but not yet encountered. 2023-06-16 09:42:19 -05:00			`fn new(esp: impl AsRef<Path>, arch: Architecture) -> Self;`
tool: introduce some more whitespace 2023-09-14 05:38:40 -05:00
lanzatool: implement configuration limit 2022-12-11 19:09:19 -06:00			`/// Return the used file paths to store as garbage collection roots.`
lzbt: abstraction for multiple backends This generates `lzbt-systemd` binary instead of `lzbt` which is using a special systemd-specific entrypoint. This is part of the effort to enable multiple backends. 2023-07-08 13:54:42 -05:00			`fn iter(&self) -> std::array::IntoIter<&PathBuf, N>;`
tool: introduce some more whitespace 2023-09-14 05:38:40 -05:00
lzbt: abstraction for multiple backends This generates `lzbt-systemd` binary instead of `lzbt` which is using a special systemd-specific entrypoint. This is part of the effort to enable multiple backends. 2023-07-08 13:54:42 -05:00			`/// Returns the path containing NixOS EFI binaries`
			`fn nixos_path(&self) -> &Path;`
tool: introduce some more whitespace 2023-09-14 05:38:40 -05:00
lzbt: abstraction for multiple backends This generates `lzbt-systemd` binary instead of `lzbt` which is using a special systemd-specific entrypoint. This is part of the effort to enable multiple backends. 2023-07-08 13:54:42 -05:00			`/// Returns the path containing Linux EFI binaries`
			`fn linux_path(&self) -> &Path;`
lanzatool.install: init 2022-11-23 08:26:26 -06:00			`}`
lanzatool: add support for generations and correct naming of kernels a… (#12) * lanzatool: add support for generations and correct naming of kerels and initrds * test: use convert_to_esp(extract_bspec_attr(⋅)) for unsigned tests * lanzatool: ryan is a B class engineer Co-authored-by: nikstur@outlook.com 2022-11-25 20:14:21 -06:00
tool: split esp paths To access paths on the ESP before or after installing generations, split EspPaths into general EspPaths that only depend on the path to the ESP and EspGenerationPaths which additionally depend on generation specific information (e.g. version number and initrd filename). 2023-01-18 16:52:13 -06:00			`/// Paths to the boot files of a specific generation.`
			`pub struct EspGenerationPaths {`
			`pub kernel: PathBuf,`
			`pub initrd: PathBuf,`
			`pub lanzaboote_image: PathBuf,`
			`}`

			`impl EspGenerationPaths {`
tool: split systemd into a new crate and make tool into a lib-only crate This is necessary to make integration testing specific to the backend. 2023-07-22 13:49:46 -05:00			`pub fn new<const N: usize, P: EspPaths<N>>(`
			`esp_paths: &P,`
			`generation: &Generation,`
tool: introduce --target-system to choose target architecture We will hard fail in case of encountering different architectures in bootspec. This should still be compatible with cross-compiling systems in the future. 2023-06-16 09:23:39 -05:00			`system: Architecture,`
tool: split systemd into a new crate and make tool into a lib-only crate This is necessary to make integration testing specific to the backend. 2023-07-22 13:49:46 -05:00			`) -> Result<Self> {`
tool: adopt bootspec 0.1.0 2023-04-14 08:48:29 -05:00			`let bootspec = &generation.spec.bootspec.bootspec;`
tool: implement general architecture support - for aarch64, x86 for now 2023-04-24 18:53:46 -05:00			`let bootspec_system: Architecture = Architecture::from_nixos_system(&bootspec.system)?;`

tool: clean up a few minor details 2023-09-14 09:18:58 -05:00			`if system != bootspec_system {`
			`bail!(indoc! {r#"`
			`The CPU architecture declared in your module differs from the one declared in the`
			`bootspec of the current generation.`
			`"#})`
			`}`
tool: split esp paths To access paths on the ESP before or after installing generations, split EspPaths into general EspPaths that only depend on the path to the ESP and EspGenerationPaths which additionally depend on generation specific information (e.g. version number and initrd filename). 2023-01-18 16:52:13 -06:00
			`Ok(Self {`
			`kernel: esp_paths`
lzbt: abstraction for multiple backends This generates `lzbt-systemd` binary instead of `lzbt` which is using a special systemd-specific entrypoint. This is part of the effort to enable multiple backends. 2023-07-08 13:54:42 -05:00			`.nixos_path()`
tool: split esp paths To access paths on the ESP before or after installing generations, split EspPaths into general EspPaths that only depend on the path to the ESP and EspGenerationPaths which additionally depend on generation specific information (e.g. version number and initrd filename). 2023-01-18 16:52:13 -06:00			`.join(nixos_path(&bootspec.kernel, "bzImage")?),`
lzbt: abstraction for multiple backends This generates `lzbt-systemd` binary instead of `lzbt` which is using a special systemd-specific entrypoint. This is part of the effort to enable multiple backends. 2023-07-08 13:54:42 -05:00			`initrd: esp_paths.nixos_path().join(nixos_path(`
tool: split esp paths To access paths on the ESP before or after installing generations, split EspPaths into general EspPaths that only depend on the path to the ESP and EspGenerationPaths which additionally depend on generation specific information (e.g. version number and initrd filename). 2023-01-18 16:52:13 -06:00			`bootspec`
			`.initrd`
			`.as_ref()`
			`.context("Lanzaboote does not support missing initrd yet")?,`
			`"initrd",`
			`)?),`
lzbt: abstraction for multiple backends This generates `lzbt-systemd` binary instead of `lzbt` which is using a special systemd-specific entrypoint. This is part of the effort to enable multiple backends. 2023-07-08 13:54:42 -05:00			`lanzaboote_image: esp_paths.linux_path().join(generation_path(generation)),`
tool: split esp paths To access paths on the ESP before or after installing generations, split EspPaths into general EspPaths that only depend on the path to the ESP and EspGenerationPaths which additionally depend on generation specific information (e.g. version number and initrd filename). 2023-01-18 16:52:13 -06:00			`})`
			`}`

			`/// Return the used file paths to store as garbage collection roots.`
			`pub fn to_iter(&self) -> IntoIter<&PathBuf, 3> {`
			`[&self.kernel, &self.initrd, &self.lanzaboote_image].into_iter()`
			`}`
			`}`

lanzatool: add support for generations and correct naming of kernels a… (#12) * lanzatool: add support for generations and correct naming of kerels and initrds * test: use convert_to_esp(extract_bspec_attr(⋅)) for unsigned tests * lanzatool: ryan is a B class engineer Co-authored-by: nikstur@outlook.com 2022-11-25 20:14:21 -06:00			`fn nixos_path(path: impl AsRef<Path>, name: &str) -> Result<PathBuf> {`
lanzatool: appease clippy 2022-11-26 16:19:08 -06:00			`let resolved = path`
			`.as_ref()`
			`.read_link()`
			`.unwrap_or_else(\|_\| path.as_ref().into());`
lanzatool: add support for generations and correct naming of kernels a… (#12) * lanzatool: add support for generations and correct naming of kerels and initrds * test: use convert_to_esp(extract_bspec_attr(⋅)) for unsigned tests * lanzatool: ryan is a B class engineer Co-authored-by: nikstur@outlook.com 2022-11-25 20:14:21 -06:00
lanzatool: simplify nixos_path and add unit test 2022-12-29 18:40:22 -06:00			`let parent_final_component = resolved`
			`.parent()`
			`.and_then(\|x\| x.file_name())`
			`.and_then(\|x\| x.to_str())`
			`.with_context(\|\| format!("Failed to extract final component from: {:?}", resolved))?;`
lanzatool: add support for generations and correct naming of kernels a… (#12) * lanzatool: add support for generations and correct naming of kerels and initrds * test: use convert_to_esp(extract_bspec_attr(⋅)) for unsigned tests * lanzatool: ryan is a B class engineer Co-authored-by: nikstur@outlook.com 2022-11-25 20:14:21 -06:00
lanzatool: simplify nixos_path and add unit test 2022-12-29 18:40:22 -06:00			`let nixos_filename = format!("{}-{}.efi", parent_final_component, name);`
lanzatool: add support for generations and correct naming of kernels a… (#12) * lanzatool: add support for generations and correct naming of kerels and initrds * test: use convert_to_esp(extract_bspec_attr(⋅)) for unsigned tests * lanzatool: ryan is a B class engineer Co-authored-by: nikstur@outlook.com 2022-11-25 20:14:21 -06:00
			`Ok(PathBuf::from(nixos_filename))`
			`}`

nixos/lanzaboote: use upstream bootspec for extension generation 2022-12-17 17:31:09 -06:00			`fn generation_path(generation: &Generation) -> PathBuf {`
lanzatool: spell specialised consistently 2023-01-06 16:20:31 -06:00			`if let Some(specialisation_name) = generation.is_specialised() {`
lanzatool: enable specialisation 2022-11-27 04:19:02 -06:00			`PathBuf::from(format!(`
			`"nixos-generation-{}-specialisation-{}.efi",`
			`generation, specialisation_name`
			`))`
			`} else {`
			`PathBuf::from(format!("nixos-generation-{}.efi", generation))`
			`}`
lanzatool: add support for generations and correct naming of kernels a… (#12) * lanzatool: add support for generations and correct naming of kerels and initrds * test: use convert_to_esp(extract_bspec_attr(⋅)) for unsigned tests * lanzatool: ryan is a B class engineer Co-authored-by: nikstur@outlook.com 2022-11-25 20:14:21 -06:00			`}`
lanzatool: simplify nixos_path and add unit test 2022-12-29 18:40:22 -06:00
			`#[cfg(test)]`
			`mod tests {`
			`use super::*;`

			`#[test]`
			`fn nixos_path_creates_correct_filename_from_nix_store_path() -> Result<()> {`
			`let path =`
			`Path::new("/nix/store/xqplddjjjy1lhzyzbcv4dza11ccpcfds-initrd-linux-6.1.1/initrd");`

			`let generated_filename = nixos_path(path, "initrd")?;`

			`let expected_filename =`
			`PathBuf::from("xqplddjjjy1lhzyzbcv4dza11ccpcfds-initrd-linux-6.1.1-initrd.efi");`

			`assert_eq!(generated_filename, expected_filename);`
			`Ok(())`
			`}`
			`}`