1
// This Source Code Form is subject to the terms of the Mozilla Public
2
// License, v. 2.0. If a copy of the MPL was not distributed with this
3
// file, You can obtain one at http://mozilla.org/MPL/2.0/.
15
"github.com/cosi-project/runtime/pkg/state"
16
"github.com/siderolabs/gen/maps"
17
"github.com/siderolabs/go-blockdevice/blockdevice"
18
"github.com/siderolabs/go-blockdevice/blockdevice/filesystem"
19
"golang.org/x/sys/unix"
21
"github.com/aenix-io/talm/internal/app/machined/pkg/runtime"
22
"github.com/aenix-io/talm/internal/app/machined/pkg/runtime/disk"
23
"github.com/aenix-io/talm/internal/pkg/encryption"
24
"github.com/aenix-io/talm/internal/pkg/partition"
25
"github.com/siderolabs/talos/pkg/machinery/constants"
26
runtimeres "github.com/siderolabs/talos/pkg/machinery/resources/runtime"
27
"github.com/siderolabs/talos/pkg/machinery/resources/v1alpha1"
31
mountpoints = map[string]*Point{}
32
mountpointsMutex sync.RWMutex
35
// SystemMountPointsForDevice returns the mountpoints required to boot the system.
36
// This function is called exclusively during installations ( both image
37
// creation and bare metall installs ). This is why we want to look up
38
// device by specified disk as well as why we don't want to grow any
40
func SystemMountPointsForDevice(ctx context.Context, devpath string, opts ...Option) (mountpoints *Points, err error) {
41
mountpoints = NewMountPoints()
43
bd, err := blockdevice.Open(devpath)
48
defer bd.Close() //nolint:errcheck
50
for _, name := range []string{constants.EphemeralPartitionLabel, constants.BootPartitionLabel, constants.EFIPartitionLabel, constants.StatePartitionLabel} {
51
mountpoint, err := SystemMountPointForLabel(ctx, bd, name, opts...)
56
mountpoints.Set(name, mountpoint)
59
return mountpoints, nil
62
// SystemMountPointForLabel returns a mount point for the specified device and label.
65
func SystemMountPointForLabel(ctx context.Context, device *blockdevice.BlockDevice, label string, opts ...Option) (mountpoint *Point, err error) {
69
case constants.EphemeralPartitionLabel:
70
target = constants.EphemeralMountPoint
71
case constants.BootPartitionLabel:
72
target = constants.BootMountPoint
73
case constants.EFIPartitionLabel:
74
target = constants.EFIMountPoint
75
case constants.StatePartitionLabel:
76
target = constants.StateMountPoint
78
return nil, fmt.Errorf("unknown label: %q", label)
81
part, err := device.GetPartition(label)
82
if err != nil && !errors.Is(err, os.ErrNotExist) {
87
// A boot partitition is not required.
88
if label == constants.BootPartitionLabel {
92
return nil, fmt.Errorf("failed to find device with label %s: %w", label, err)
95
fsType, err := part.Filesystem()
100
partPath, err := part.Path()
105
o := NewDefaultOptions(opts...)
107
preMountHooks := []Hook{}
109
if o.Encryption != nil {
110
encryptionHandler, err := encryption.NewHandler(
114
o.SystemInformationGetter,
120
preMountHooks = append(preMountHooks,
121
func(p *Point) error {
127
if path, err = encryptionHandler.Open(ctx); err != nil {
138
WithPostUnmountHooks(
139
func(p *Point) error {
140
return encryptionHandler.Close()
146
// Format the partition if it does not have any filesystem
147
preMountHooks = append(preMountHooks, func(p *Point) error {
148
sb, err := filesystem.Probe(p.source)
155
// skip formatting the partition if filesystem is detected
156
// and assign proper fs type to the mountpoint
157
if sb != nil && sb.Type() != filesystem.Unknown {
163
opts := partition.NewFormatOptions(part.Name)
165
return fmt.Errorf("failed to determine format options for partition label %s", part.Name)
168
if !o.MountFlags.Check(SkipIfNoFilesystem) {
169
p.fstype = opts.FileSystemType
171
return partition.Format(p.source, opts, log.Printf)
177
opts = append(opts, WithPreMountHooks(preMountHooks...))
179
mountpoint = NewMountPoint(partPath, target, fsType, unix.MS_NOATIME, "", opts...)
181
return mountpoint, nil
184
// SystemPartitionMount mounts a system partition by the label.
187
func SystemPartitionMount(ctx context.Context, r runtime.Runtime, logger *log.Logger, label string, opts ...Option) (err error) {
188
device := r.State().Machine().Disk(disk.WithPartitionLabel(label))
190
return fmt.Errorf("failed to find device with partition labeled %s", label)
193
if r.Config() != nil && r.Config().Machine() != nil {
194
encryptionConfig := r.Config().Machine().SystemDiskEncryption().Get(label)
196
if encryptionConfig != nil {
198
WithEncryptionConfig(encryptionConfig),
199
WithSystemInformationGetter(r.GetSystemInformation),
204
opts = append(opts, WithLogger(logger))
206
mountpoint, err := SystemMountPointForLabel(ctx, device.BlockDevice, label, opts...)
211
if mountpoint == nil {
212
return fmt.Errorf("no mountpoints for label %q", label)
217
if skipMount, err = mountMountpoint(mountpoint); err != nil {
223
logger.Printf("mount skipped")
229
o := NewDefaultOptions(opts...)
230
encrypted := o.Encryption != nil
232
// record mount as the resource
233
mountStatus := runtimeres.NewMountStatus(v1alpha1.NamespaceName, label)
234
mountStatus.TypedSpec().Source = mountpoint.Source()
235
mountStatus.TypedSpec().Target = mountpoint.Target()
236
mountStatus.TypedSpec().FilesystemType = mountpoint.Fstype()
237
mountStatus.TypedSpec().Encrypted = encrypted
240
encryptionProviders := make(map[string]struct{})
242
for _, cfg := range o.Encryption.Keys() {
244
case cfg.Static() != nil:
245
encryptionProviders[cfg.Static().String()] = struct{}{}
246
case cfg.NodeID() != nil:
247
encryptionProviders[cfg.NodeID().String()] = struct{}{}
248
case cfg.KMS() != nil:
249
encryptionProviders[cfg.KMS().String()] = struct{}{}
250
case cfg.TPM() != nil:
251
encryptionProviders[cfg.TPM().String()] = struct{}{}
255
mountStatus.TypedSpec().EncryptionProviders = maps.Keys(encryptionProviders)
258
// ignore the error if the MountStatus already exists, as many mounts are silently skipped with the flag SkipIfMounted
259
if err = r.State().V1Alpha2().Resources().Create(context.Background(), mountStatus); err != nil && !state.IsConflictError(err) {
260
return fmt.Errorf("error creating mount status resource: %w", err)
263
mountpointsMutex.Lock()
264
defer mountpointsMutex.Unlock()
266
mountpoints[label] = mountpoint
271
// SystemPartitionUnmount unmounts a system partition by the label.
272
func SystemPartitionUnmount(r runtime.Runtime, logger *log.Logger, label string) (err error) {
273
mountpointsMutex.RLock()
274
mountpoint, ok := mountpoints[label]
275
mountpointsMutex.RUnlock()
279
logger.Printf("unmount skipped")
285
err = mountpoint.Unmount()
290
if err = r.State().V1Alpha2().Resources().Destroy(context.Background(), runtimeres.NewMountStatus(v1alpha1.NamespaceName, label).Metadata()); err != nil {
291
return fmt.Errorf("error destroying mount status resource: %w", err)
294
mountpointsMutex.Lock()
295
delete(mountpoints, label)
296
mountpointsMutex.Unlock()