From 91543594b3e42489ad62f227b18bd31b3d490656 Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Fri, 2 Jun 2023 14:48:09 -0400
Subject: [PATCH 1/2] rdcore: Add context to bind-boot and rootmap

The FCOS coreos-boot-edit.sh runs both of these, and it wasn't
immediately clear to me which of them was failing.
---
 src/bin/rdcore/main.rs | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/bin/rdcore/main.rs b/src/bin/rdcore/main.rs
index 27abdc1e7..fd288aab8 100644
--- a/src/bin/rdcore/main.rs
+++ b/src/bin/rdcore/main.rs
@@ -18,7 +18,7 @@ mod rootmap;
 mod stream_hash;
 mod unique_fs;
 
-use anyhow::Result;
+use anyhow::{Context, Result};
 use clap::Parser;
 
 use crate::cmdline::*;
@@ -26,8 +26,8 @@ use crate::cmdline::*;
 fn main() -> Result<()> {
     match Cmd::parse() {
         Cmd::Kargs(c) => kargs::kargs(c),
-        Cmd::Rootmap(c) => rootmap::rootmap(c),
-        Cmd::BindBoot(c) => rootmap::bind_boot(c),
+        Cmd::Rootmap(c) => rootmap::rootmap(c).context("Configuring rootmap"),
+        Cmd::BindBoot(c) => rootmap::bind_boot(c).context("Failed to bind boot"),
         Cmd::StreamHash(c) => stream_hash::stream_hash(c),
         Cmd::VerifyUniqueFsLabel(c) => unique_fs::verify_unique_fs(c),
         #[cfg(target_arch = "s390x")]

From 22d4f2b9e1465ec36e9d5660b7569796378db923 Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Fri, 2 Jun 2023 16:33:42 -0400
Subject: [PATCH 2/2] rdcore: Juggle physical root versus deployment root

This is prep for supporting composefs, where the physical root
is distinct from the deployment root.  Specifically for the LUKS
case, we can find `/etc/crypttab` only in the deployment root.

Otherwise, we suffix the passed path (usually `/sysroot`) that
was mounted in the initramfs with `/sysroot` to find the physical
root.

xref https://github.com/ostreedev/ostree/issues/2867
---
 docs/release-notes.md     | 13 +++++++++++++
 src/bin/rdcore/rootmap.rs | 24 ++++++++++++++++++------
 2 files changed, 31 insertions(+), 6 deletions(-)

diff --git a/docs/release-notes.md b/docs/release-notes.md
index bd166c579..7696a3f7d 100644
--- a/docs/release-notes.md
+++ b/docs/release-notes.md
@@ -6,6 +6,19 @@ nav_order: 8
 
 ## Upcoming coreos-installer 0.19.0 (unreleased)
 
+Major changes:
+
+
+Minor changes:
+
+
+Internal changes:
+
+- rootmap/bind-boot: Support root devices using composefs
+
+Packaging changes:
+
+
 
 ## coreos-installer 0.18.0 (2023-08-24)
 
diff --git a/src/bin/rdcore/rootmap.rs b/src/bin/rdcore/rootmap.rs
index abeeb61c6..765c99f41 100644
--- a/src/bin/rdcore/rootmap.rs
+++ b/src/bin/rdcore/rootmap.rs
@@ -26,10 +26,17 @@ use libcoreinst::runcmd_output;
 
 use crate::cmdline::*;
 
+/// In the ostree model this will be the physical root mount.  When using
+/// composefs, the mount of / and /sysroot will be distinct.
+const PHYSICAL_ROOT_MOUNT: &str = "sysroot";
+
 pub fn rootmap(config: RootmapConfig) -> Result<()> {
-    // get the backing device for the root mount
-    let mount = Mount::from_existing(&config.root_mount)?;
-    let device = PathBuf::from(mount.device());
+    // Get the mount point for the deployment root, which will have e.g. /etc which we might parse
+    let rootfs_mount = Mount::from_existing(&config.root_mount)?;
+    // get the backing device for the "physical" root
+    let physical_root_path = format!("{}/{PHYSICAL_ROOT_MOUNT}", config.root_mount);
+    let physical_mount = Mount::from_existing(&physical_root_path)?;
+    let device = PathBuf::from(physical_mount.device());
 
     // and from that we can collect all the parent backing devices too
     let mut backing_devices = get_blkdev_deps_recursing(&device)?;
@@ -38,7 +45,7 @@ pub fn rootmap(config: RootmapConfig) -> Result<()> {
     // for each of those, convert them to kargs
     let mut kargs = Vec::new();
     for backing_device in backing_devices {
-        if let Some(dev_kargs) = device_to_kargs(&mount, backing_device)? {
+        if let Some(dev_kargs) = device_to_kargs(&rootfs_mount, backing_device)? {
             kargs.extend(dev_kargs);
         }
     }
@@ -46,7 +53,10 @@ pub fn rootmap(config: RootmapConfig) -> Result<()> {
     // we push the root kargs last, this has the nice property that the final order of kargs goes
     // from lowest level to highest; see also
     // https://github.com/coreos/fedora-coreos-tracker/issues/465
-    kargs.push(format!("root=UUID={}", mount.get_filesystem_uuid()?));
+    kargs.push(format!(
+        "root=UUID={}",
+        physical_mount.get_filesystem_uuid()?
+    ));
 
     // we need this because with root= it's systemd that takes care of mounting via
     // systemd-fstab-generator, and it defaults to read-only otherwise
@@ -224,7 +234,9 @@ fn get_luks_uuid(device: &Path) -> Result<String> {
 
 pub fn bind_boot(config: BindBootConfig) -> Result<()> {
     let boot_mount = Mount::from_existing(&config.boot_mount)?;
-    let root_mount = Mount::from_existing(&config.root_mount)?;
+    // We always operate here on the physical root
+    let physical_root_path = format!("{}/{PHYSICAL_ROOT_MOUNT}", config.root_mount);
+    let root_mount = Mount::from_existing(&physical_root_path)?;
     let boot_uuid = boot_mount.get_filesystem_uuid()?;
     let root_uuid = root_mount.get_filesystem_uuid()?;