Add a new ostree admin instutil subcommand to copy EFI binaries to the ESP #1649
Comments
|
How about a generic ESP updating service that does not depend on a. always keeping the ESP mounted; b. mdraid (because it's explicitly not recommended); c. assuming only one ESP; d. assuming traditional or ostree installation; e. users knowing a multitude of esoteric information, and documenters having to document and translate all of it. A more reliable design would be to update the binaries in a location common to traditional and ostree based installs own. Maybe this is in /usr, or maybe /boot/efi (no longer the ESP). And a trigger for a sync service that syncs to all ESPs. The service would mount any ESP (by partition type GUID) e.g. /run/mount/ and then use cp -r or rsync -r from our static location to the path we own, EFI$DISTRO, then unmount them. Maybe it'd be done after switchroot, before all other services are running. |
|
@cmurf sounds good to me. I don't really have a strong opinion on how this should be implemented. I just filed this because I think we should provide a way for users to update the ESP, specially since I guess may users are not aware that the bootloaders are not updated as a part of a |
|
Well if it's simple to do, it's certainly better than not being able to update the binaries. Someone taking on a more wholistic design and implementation may not happen anytime soon. |
|
@cmurf yes, having it as a The sync service that you propose sounds like a much generic solution and I'll be happy if someone implements it, but I personally don't think that will have the time for that. |
|
Let's revive this discussion... @cgwalters @martinezjavier This is my previous comment on this: I've been able to mess about with my distro and get some insight about the relationship between systemd, by default, really wants the ESP to be mounted to either I've been able to temporarily get OSTree working like so: I have a OSTree depends on symlinks in If, for compatability, you need to keep the old behavior, you can translate all of this new behavior to the I've already borked the system by accidentally typing in What are your thoughts? |
I can't find my test program right now, but I'm pretty sure I tested and |
|
@wjt I tested it and you are correct, trying to do the exchange on the ESP returns EINVAL OSTree can rely on creating/deleting files in the correct order instead For example:
|
martinezjavier
added a commit
to martinezjavier/ostree
that referenced
this issue
Jun 14, 2019
The files in the EFI System Partition (ESP) are never updated by OSTree so users will always have the same ESP that was created during installation. This happens because the ESP uses a vfat filesystem, which doesn't support symbolic links so the update can't be atomic and part of the transaction. But since the ESP contains the bootloader components (shim, grub, etc) and other important EFI binaries like the ones needed for firmware updates, it should be a way to update the ESP with the latest version of the binaries. These components are stored in the /usr/lib/ostree-boot/efi directory of a deployment due rpm-ostree replacing the /boot path to /usr/lib/ostree-boot. Add a ostree-admin-esp-upgrade subcommand, that just copies the content of /usr/lib/ostree-boot/efi to /boot/efi, so users can update the ESP and get the latest version of the files that are present in the booted deployment. Closes: ostreedev#1649
martinezjavier
added a commit
to martinezjavier/ostree
that referenced
this issue
Jun 14, 2019
The files in the EFI System Partition (ESP) are never updated by OSTree so users will always have the same ESP that was created during installation. This happens because the ESP uses a vfat filesystem, which doesn't support symbolic links so the update can't be atomic and part of the transaction. But since the ESP contains the bootloader components (shim, grub, etc) and other important EFI binaries like the ones needed for firmware updates, it should be a way to update the ESP with the latest version of the binaries. These components are stored in the /usr/lib/ostree-boot/efi directory of a deployment due rpm-ostree replacing the /boot path to /usr/lib/ostree-boot. Add a ostree-admin-esp-upgrade subcommand, that just copies the content of /usr/lib/ostree-boot/efi to /boot/efi, so users can update the ESP and get the latest version of the files that are present in the booted deployment. Closes: ostreedev#1649
martinezjavier
added a commit
to martinezjavier/ostree
that referenced
this issue
Jun 14, 2019
The files in the EFI System Partition (ESP) are never updated by OSTree so users will always have the same ESP that was created during installation. This happens because the ESP uses a vfat filesystem, which doesn't support symbolic links so the update can't be atomic and part of the transaction. But since the ESP contains the bootloader components (shim, grub, etc) and other important EFI binaries like the ones needed for firmware updates, it should be a way to update the ESP with the latest version of the binaries. These components are stored in the /usr/lib/ostree-boot/efi directory of a deployment due rpm-ostree replacing the /boot path to /usr/lib/ostree-boot. Add a ostree-admin-esp-upgrade subcommand, that just copies the content of /usr/lib/ostree-boot/efi to /boot/efi, so users can update the ESP and get the latest version of the files that are present in the booted deployment. Closes: ostreedev#1649
martinezjavier
added a commit
to martinezjavier/ostree
that referenced
this issue
Jun 14, 2019
The files in the EFI System Partition (ESP) are never updated by OSTree so users will always have the same ESP that was created during installation. This happens because the ESP uses a vfat filesystem which doesn't support symbolic links so the upgrade can't be atomic and part of the transaction. But since the ESP contains the bootloader components (shim, grub, etc) and other important EFI binaries like the ones used for firmware update, there should be a way to update the ESP with the latest version of these files. These binaries are stored in the /usr/lib/ostree-boot/efi directory of a deployment, because rpm-ostree places there everything that is in /boot. Add a ostree-admin-esp-upgrade subcommand, that just copies the content of /usr/lib/ostree-boot/efi to /boot/efi, so users can update the ESP and get the latest version of the files that are present in the booted deployment. This sub-command only works on a system that was booted with EFI and uses /boot/efi as the mountpoint for the ESP. Closes: ostreedev#1649
martinezjavier
added a commit
to martinezjavier/ostree
that referenced
this issue
Jun 14, 2019
The files in the EFI System Partition (ESP) are never updated by OSTree so users will always have the same ESP that was created during installation. This happens because the ESP uses a vfat filesystem which doesn't support symbolic links so the upgrade can't be atomic and part of the transaction. But since the ESP contains the bootloader components (shim, grub, etc) and other important EFI binaries like the ones used for firmware update, there should be a way to update the ESP with the latest version of these files. These binaries are stored in the /usr/lib/ostree-boot/efi directory of a deployment, because rpm-ostree places there everything that is in /boot. Add a ostree-admin-esp-upgrade subcommand, that just copies the content of /usr/lib/ostree-boot/efi to /boot/efi, so users can update the ESP and get the latest version of the files that are present in the booted deployment. This sub-command only works on a system that was booted with EFI and uses /boot/efi as the mountpoint for the ESP. Closes: ostreedev#1649
martinezjavier
added a commit
to martinezjavier/ostree
that referenced
this issue
Jun 14, 2019
The files in the EFI System Partition (ESP) are never updated by OSTree so users will always have the same ESP that was created during installation. This happens because the ESP uses a vfat filesystem which doesn't support symbolic links so the upgrade can't be atomic and part of the transaction. But since the ESP contains the bootloader components (shim, grub, etc) and other important EFI binaries like the ones used for firmware update, there should be a way to update the ESP with the latest version of these files. These binaries are stored in the /usr/lib/ostree-boot/efi directory of a deployment, because rpm-ostree places there everything that is in /boot. Add a ostree-admin-esp-upgrade subcommand, that just copies the content of /usr/lib/ostree-boot/efi to /boot/efi, so users can update the ESP and get the latest version of the files that are present in the booted deployment. This sub-command only works on a system that was booted with EFI and uses /boot/efi as the mountpoint for the ESP. Closes: ostreedev#1649
martinezjavier
added a commit
to martinezjavier/ostree
that referenced
this issue
Jun 14, 2019
The files in the EFI System Partition (ESP) are never updated by OSTree, users will always have the same ESP that was created during installation. This happens because the ESP uses a vfat filesystem which doesn't support symbolic links so the upgrade can't be atomic and part of the transaction. But since the ESP contains the bootloader components (shim, grub, etc) and other important EFI binaries like the ones used for firmware update, there should be a way to upgrade the ESP with the latest version of these files. These binaries are stored in the /usr/lib/ostree-boot/efi directory of a deployment, because rpm-ostree places there everything that is in /boot. Add a ostree-admin-esp-upgrade subcommand that just copies the content of /usr/lib/ostree-boot/efi to /boot/efi, so users can update the ESP and get the latest version of the files that are present in the booted deployment. This sub-command only works on a system that was booted with EFI and has the ESP mounted in /boot/efi. Closes: ostreedev#1649
martinezjavier
added a commit
to martinezjavier/ostree
that referenced
this issue
Jun 14, 2019
The files in the EFI System Partition (ESP) are never updated by OSTree, users will always have the same ESP that was created during installation. This happens because the ESP uses a vfat filesystem which doesn't support symbolic links so the upgrade can't be atomic and part of the transaction. But since the ESP contains the bootloader components (shim, grub, etc) and other important EFI binaries like the ones used for firmware update, there should be a way to upgrade the ESP with the latest version of these files. These binaries are stored in the /usr/lib/ostree-boot/efi directory of a deployment, because rpm-ostree places there everything that is in /boot. Add a ostree-admin-esp-upgrade subcommand that just copies the content of /usr/lib/ostree-boot/efi to /boot/efi, so users can update the ESP and get the latest version of the files that are present in the booted deployment. This sub-command only works on a system that was booted with EFI and has the ESP mounted in /boot/efi. Closes: ostreedev#1649
martinezjavier
added a commit
to martinezjavier/ostree
that referenced
this issue
Jun 14, 2019
The files in the EFI System Partition (ESP) are never updated by OSTree, users will always have the same ESP that was created during installation. This happens because the ESP uses a vfat filesystem which doesn't support symbolic links so the upgrade can't be atomic and part of the transaction. But since the ESP contains the bootloader components (shim, grub, etc) and other important EFI binaries like the ones used for firmware update, there should be a way to upgrade the ESP with the latest version of these files. These binaries are stored in the /usr/lib/ostree-boot/efi directory of a deployment, because rpm-ostree places there everything that is in /boot. Add a ostree-admin-esp-upgrade subcommand that just copies the content of /usr/lib/ostree-boot/efi to /boot/efi, so users can update the ESP and get the latest version of the files that are present in the current deployment. This sub-command only works on a system that was booted with EFI and has the ESP mounted in /boot/efi. Closes: ostreedev#1649
|
Any update? (didn't read all the conversation) |
|
@cgwalters I think this issue could be closed now that https://github.com/coreos/bootupd exists? |
|
Yep, thanks! To clarify, ostree doesn't depend on bootupd, and while bootupd currently only works with (rpm-)ostree based systems the idea is to support other systems too. So using bootupd is one solution; others may want to just take a similar approach with other software. |
martinezjavier
added a commit
to martinezjavier/linux
that referenced
this issue
May 19, 2022
Add a test for the renameat2 RENAME_EXCHANGE support in vfat, but split it in a tool that just does the rename exchange and a script that is run by the kselftests framework on `make TARGETS="filesystems/fat" kselftest`. That way the script can be easily extended to test other file operations. The script creates a 1 MiB disk image, that is then formated with a vfat filesystem and mounted using a loop device. That way all file operations are done on an ephemeral filesystem. Signed-off-by: Javier Martinez Canillas <[email protected]> Series-cc: Alexander Larsson <[email protected]> Series-cc: Peter Jones <[email protected]> Series-cc: Lennart Poettering <[email protected]> Series-cc: Colin Walters <[email protected]> Series-cc: Alberto Ruiz <[email protected]> Series-cc: Christian Kellner <[email protected]> Series-cc: Chung-Chiang Cheng <[email protected]> Series-version: 2 Cover-letter: fat: add support for the renameat2 RENAME_EXCHANGE flag Hello, This series add support for the renameat2 system call RENAME_EXCHANGE flag (which allows to atomically replace two paths) to the vfat filesystem code. There are many use cases for this, but we are particularly interested in making possible for vfat filesystems to be part of OSTree [0] deployments. Currently OSTree relies on symbolic links to make the deployment updates an atomic transactional operation. But RENAME_EXCHANGE could be used [1] to achieve a similar level of robustness when using a vfat filesystem. Patch #1 is just a preparatory patch to introduce the RENAME_EXCHANGE support in patch #2 and finally patch #3 adds some kselftests to test it. This is my first contribution to the fs/* subsystem, so I'm marking this set as RFC, in case I got anything wrong with the patches. But they work correctly on my local testing. [0]: https://github.com/ostreedev/ostree [1]: ostreedev/ostree#1649 END
martinezjavier
added a commit
to martinezjavier/linux
that referenced
this issue
May 19, 2022
Add a test for the renameat2 RENAME_EXCHANGE support in vfat, but split it in a tool that just does the rename exchange and a script that is run by the kselftests framework on `make TARGETS="filesystems/fat" kselftest`. That way the script can be easily extended to test other file operations. The script creates a 1 MiB disk image, that is then formated with a vfat filesystem and mounted using a loop device. That way all file operations are done on an ephemeral filesystem. Signed-off-by: Javier Martinez Canillas <[email protected]> Series-changes: 2 - Call fsync to flush the page cache before checking the file contents (Alex Larsson). Series-cc: Alexander Larsson <[email protected]> Series-cc: Peter Jones <[email protected]> Series-cc: Lennart Poettering <[email protected]> Series-cc: Colin Walters <[email protected]> Series-cc: Alberto Ruiz <[email protected]> Series-cc: Christian Kellner <[email protected]> Series-cc: Chung-Chiang Cheng <[email protected]> Series-version: 2 Cover-letter: fat: add support for the renameat2 RENAME_EXCHANGE flag Hello, This series add support for the renameat2 system call RENAME_EXCHANGE flag (which allows to atomically replace two paths) to the vfat filesystem code. There are many use cases for this, but we are particularly interested in making possible for vfat filesystems to be part of OSTree [0] deployments. Currently OSTree relies on symbolic links to make the deployment updates an atomic transactional operation. But RENAME_EXCHANGE could be used [1] to achieve a similar level of robustness when using a vfat filesystem. Patch #1 is just a preparatory patch to introduce the RENAME_EXCHANGE support in patch #2 and finally patch #3 adds some kselftests to test it. This is my first contribution to the fs/* subsystem, so I'm marking this set as RFC, in case I got anything wrong with the patches. But they work correctly on my local testing. [0]: https://github.com/ostreedev/ostree [1]: ostreedev/ostree#1649 END
martinezjavier
added a commit
to martinezjavier/linux
that referenced
this issue
May 19, 2022
Add a test for the renameat2 RENAME_EXCHANGE support in vfat, but split it in a tool that just does the rename exchange and a script that is run by the kselftests framework on `make TARGETS="filesystems/fat" kselftest`. That way the script can be easily extended to test other file operations. The script creates a 1 MiB disk image, that is then formated with a vfat filesystem and mounted using a loop device. That way all file operations are done on an ephemeral filesystem. Signed-off-by: Javier Martinez Canillas <[email protected]> Series-changes: 2 - Call sync to flush the page cache before checking the file contents (Alex Larsson). Series-cc: Alexander Larsson <[email protected]> Series-cc: Peter Jones <[email protected]> Series-cc: Lennart Poettering <[email protected]> Series-cc: Colin Walters <[email protected]> Series-cc: Alberto Ruiz <[email protected]> Series-cc: Christian Kellner <[email protected]> Series-cc: Chung-Chiang Cheng <[email protected]> Series-version: 2 Cover-letter: fat: add support for the renameat2 RENAME_EXCHANGE flag Hello, This series add support for the renameat2 system call RENAME_EXCHANGE flag (which allows to atomically replace two paths) to the vfat filesystem code. There are many use cases for this, but we are particularly interested in making possible for vfat filesystems to be part of OSTree [0] deployments. Currently OSTree relies on symbolic links to make the deployment updates an atomic transactional operation. But RENAME_EXCHANGE could be used [1] to achieve a similar level of robustness when using a vfat filesystem. Patch #1 is just a preparatory patch to introduce the RENAME_EXCHANGE support in patch #2 and finally patch #3 adds some kselftests to test it. This is my first contribution to the fs/* subsystem, so I'm marking this set as RFC, in case I got anything wrong with the patches. But they work correctly on my local testing. [0]: https://github.com/ostreedev/ostree [1]: ostreedev/ostree#1649 END
martinezjavier
added a commit
to martinezjavier/linux
that referenced
this issue
Jun 1, 2022
Add a test for the renameat2 RENAME_EXCHANGE support in vfat, but split it in a tool that just does the rename exchange and a script that is run by the kselftests framework on `make TARGETS="filesystems/fat" kselftest`. That way the script can be easily extended to test other file operations. The script creates a 1 MiB disk image, that is then formated with a vfat filesystem and mounted using a loop device. That way all file operations are done on an ephemeral filesystem. Signed-off-by: Javier Martinez Canillas <[email protected]> Acked-by: Muhammad Usama Anjum <[email protected]> Series-changes: 4 - Add Muhammad Usama Anjum Acked-by tag. Series-changes: 3 - Add a .gitignore for the rename_exchange binary (Muhammad Usama Anjum). - Include $(KHDR_INCLUDES) instead of hardcoding a relative path in Makefile (Muhammad Usama Anjum). Series-changes: 2 - Call sync to flush the page cache before checking the file contents (Alex Larsson). Series-cc: Alexander Larsson <[email protected]> Series-cc: Peter Jones <[email protected]> Series-cc: Lennart Poettering <[email protected]> Series-cc: Colin Walters <[email protected]> Series-cc: Alberto Ruiz <[email protected]> Series-cc: Christian Kellner <[email protected]> Series-cc: Chung-Chiang Cheng <[email protected]> Series-cc: Muhammad Usama Anjum <[email protected]> Series-version: 4 Cover-changes: 2 - Drop RFC prefix since the patches already got some review. Cover-letter: fat: add support for the renameat2 RENAME_EXCHANGE flag Hello, This series add support for the renameat2 system call RENAME_EXCHANGE flag (which allows to atomically replace two paths) to the vfat filesystem code. There are many use cases for this, but we are particularly interested in making possible for vfat filesystems to be part of OSTree [0] deployments. Currently OSTree relies on symbolic links to make the deployment updates an atomic transactional operation. But RENAME_EXCHANGE could be used [1] to achieve a similar level of robustness when using a vfat filesystem. Patch #1 is just a preparatory patch to introduce the RENAME_EXCHANGE support, patch #2 moves some code blocks in vfat_rename() to a set of helper functions, that can be reused by tvfat_rename_exchange() that's added by patch #3 and finally patch #4 adds some kselftests to test it. This is a v4 that addresses issues pointed out in the third version posted: https://lwn.net/Articles/896359/ [0]: https://github.com/ostreedev/ostree [1]: ostreedev/ostree#1649 END
martinezjavier
added a commit
to martinezjavier/linux
that referenced
this issue
Jun 1, 2022
Add a test for the renameat2 RENAME_EXCHANGE support in vfat, but split it in a tool that just does the rename exchange and a script that is run by the kselftests framework on `make TARGETS="filesystems/fat" kselftest`. That way the script can be easily extended to test other file operations. The script creates a 1 MiB disk image, that is then formated with a vfat filesystem and mounted using a loop device. That way all file operations are done on an ephemeral filesystem. Signed-off-by: Javier Martinez Canillas <[email protected]> Acked-by: Muhammad Usama Anjum <[email protected]> Series-changes: 4 - Add Muhammad Usama Anjum Acked-by tag. Series-changes: 3 - Add a .gitignore for the rename_exchange binary (Muhammad Usama Anjum). - Include $(KHDR_INCLUDES) instead of hardcoding a relative path in Makefile (Muhammad Usama Anjum). Series-changes: 2 - Call sync to flush the page cache before checking the file contents (Alex Larsson). Series-cc: Alexander Larsson <[email protected]> Series-cc: Peter Jones <[email protected]> Series-cc: Lennart Poettering <[email protected]> Series-cc: Colin Walters <[email protected]> Series-cc: Alberto Ruiz <[email protected]> Series-cc: Christian Kellner <[email protected]> Series-cc: Chung-Chiang Cheng <[email protected]> Series-cc: Muhammad Usama Anjum <[email protected]> Series-version: 4 Cover-changes: 2 - Drop RFC prefix since the patches already got some review. Cover-letter: fat: add support for the renameat2 RENAME_EXCHANGE flag Hello, This series add support for the renameat2 system call RENAME_EXCHANGE flag (which allows to atomically replace two paths) to the vfat filesystem code. There are many use cases for this, but we are particularly interested in making possible for vfat filesystems to be part of OSTree [0] deployments. Currently OSTree relies on symbolic links to make the deployment updates an atomic transactional operation. But RENAME_EXCHANGE could be used [1] to achieve a similar level of robustness when using a vfat filesystem. Patch #1 is just a preparatory patch to introduce the RENAME_EXCHANGE support, patch #2 moves some code blocks in vfat_rename() to a set of helper functions, that can be reused by tvfat_rename_exchange() that's added by patch #3 and finally patch #4 adds some kselftests to test it. This is a v4 that addresses issues pointed out in the third version posted: https://lwn.net/Articles/896359/ [0]: https://github.com/ostreedev/ostree [1]: ostreedev/ostree#1649 END
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently the only file in the EFI System Partition (ESP) that is updated is
grub.cfg. Every other file in the ESP is the one that was copied by Anaconda on installation. This means that shim, grub, firmware update, etc are never upgraded so users won't get any bugfixes or security updates for the bootloaders files, i.e:ESP is mounted on
/boot/efiand the packages copy the EFI binaries to/boot/efi/EFI/fedora/. The rpm-ostree unpacker translates the/bootpath to/usr/lib/ostree-boot. So the EFI binaries are in/usr/lib/ostree-boot/efi/EFI/fedora/. They just are never copied to the ESP as a part of a deploy.This is because the ESP is a vfat partition and so it can't be part of the ostree transactional deployment. But still users should be have the option to update the files in the ESP outside of the normal ostree deployments in case they want to update their bootloaders.
For example there could be a
ostree admin instutil esp-upgradecommand that copies the EFI binaries from/usr/lib/ostree-boot/efi/EFI/fedora/to/boot/efi/EFI/fedora/.The text was updated successfully, but these errors were encountered: