WIP: install: rootless disk image

Refactor the install code to stop using loop devices and instead create and manipulate a disk image directly. Both ext4 and vfat have mechanisms for formatting and populating partitions at an offset inside an image, other filesystems likely do as well but so far have not been implemented or tested. With this "pmbootstrap install" works for standard EFI disk images (e.g. QEMU, X64 or trailblazer) entirely rootless. Since the creation of the disk images happens in the same user namespace as everything else, the resulting disk images have correct ownership and permissions even though from the host perspective they are all subuids. This gets image building working properly *for the default case*. We can now build disk images! In particular, we can build disk images with a 4k sector size even on a host with a 512 byte sector size (or block size in the filesystem). This is surprisingly hard for some reason since not all libfdisk tools have the right flags. Thankfully sfdisk does. In addition, we now generate UUIDs ourselves, to break the loop between generating fstab and running mkfs (since we also populate the disk image /with/ mkfs, we need to already know the UUID when we run it...). Signed-off-by: Casey Connolly <kcxt@postmarketos.org>
2025-07-21 19:45:11 +03:00 · 2025-05-08 17:23:32 +02:00 · 2025-05-08 17:23:32 +02:00 · 18d912d53d
commit 18d912d53d
parent 393f7e3616
19 changed files with 543 additions and 480 deletions
--- a/pmb/types.py
+++ b/pmb/types.py
@ -10,6 +10,8 @@ from typing import Any, Literal, TypedDict
 from pmb.core.arch import Arch
 from pmb.core.chroot import Chroot

+import uuid
+

 class CrossCompile(enum.Enum):
    # Cross compilation isn't needed for this package:
@ -58,6 +60,70 @@ class CrossCompile(enum.Enum):
                return Chroot.native()


+class DiskPartition:
+    name: str
+    size: int  # in bytes
+    filesystem: str | None
+    # offset into the disk image!
+    offset: int  # bytes
+    path: str  # e.g. /dev/install or /dev/installp1 for --split
+    _uuid: str
+
+    def __init__(self, name: str, size: int):
+        self.name = name
+        self.size = size
+        self.filesystem = None
+        self.offset = 0
+        self.path = ""
+        self._uuid = ""
+
+    @property
+    def uuid(self) -> str:
+        """
+        We generate a UUID the first time we're called. The length
+        depends on which filesystem, since FAT only supported short
+        volume IDs.
+        """
+        if self.filesystem is None:
+            raise ValueError("Can't get UUID when filesystem not set")
+
+        if self._uuid:
+            return self._uuid
+
+        if self.filesystem.startswith("fat"):
+            # FAT UUIDs are only 8 bytes and are always uppercase
+            self._uuid = ("-".join(str(uuid.uuid4()).split("-")[1:3])).upper()
+        else:
+            self._uuid = str(uuid.uuid4())
+
+        return self._uuid
+
+    @property
+    def size_mb(self) -> int:
+        return round(self.size / (1024**2))
+
+    @property
+    def partition_label(self) -> str:
+        return f"pmOS_{self.name}"
+
+    def offset_sectors(self, sector_size: int) -> int:
+        if self.offset % sector_size != 0:
+            raise ValueError(
+                f"Partition {self.name} offset not a multiple of sector size {sector_size}!"
+            )
+        return int(self.offset / sector_size)
+
+    def size_sectors(self, sector_size: int) -> int:
+        ss = int((self.size + sector_size) / sector_size)
+        # sgdisk requires aligning to 2048-sector boundaries.
+        # It conservatively rounds down but we want to round up...
+        ss = int((ss + 2047) / 2048) * 2048
+        return ss
+
+    def __str__(self) -> str:
+        return f"DiskPartition {{name: {self.name}, size: {self.size_mb}M, offset: {self.offset / 1024 / 1024}M{', path: ' + self.path if self.path else ''}{', fs: ' + self.filesystem if self.filesystem else ''}}}"
+
+
 RunOutputTypeDefault = Literal["log", "stdout", "interactive", "tui", "null"]
 RunOutputTypePopen = Literal["background", "pipe"]
 RunOutputType = RunOutputTypeDefault | RunOutputTypePopen
@ -72,11 +138,55 @@ WithExtraRepos = Literal["default", "enabled", "disabled"]
 # future refactoring efforts easier.


-class PartitionLayout(TypedDict):
-    kernel: int | None
-    boot: int
-    reserve: int | None
-    root: int
+class PartitionLayout(list[DiskPartition]):
+    """
+    Subclass list to provide easy accessors without relying on
+    fragile indexes while still allowing the partitions to be
+    iterated over for simplicity. This is not a good design tbh
+    """
+    path: str # path to disk image
+    split: bool # image per partition
+
+    def __init__(self, path: str, split: bool):
+        super().__init__(self)
+        # Path to the disk image
+        self.path = path
+        self.split = split
+
+    @property
+    def kernel(self):
+        """
+        Get the kernel partition (specific to Chromebooks).
+        """
+        if self[0].name != "kernel":
+            raise ValueError("First partition not kernel partition!")
+        return self[0]
+
+    @property
+    def boot(self):
+        """
+        Get the boot partition, must be the first or second if we have
+        a kernel partition
+        """
+        if self[0].name == "boot":
+            return self[0]
+        if self[0].name == "kernel" and self[1].name == "boot":
+            return self[1]
+
+        raise ValueError("First partition not boot partition!")
+
+    @property
+    def root(self):
+        """
+        Get the root partition, must be the second or third if we have
+        a kernel partition
+        """
+        if self[1].name == "root":
+            return self[1]
+        if self[0].name == "kernel" and self[2].name == "root":
+            return self[2]
+
+        raise ValueError("First partition not root partition!")


 class AportGenEntry(TypedDict):
@ -241,3 +351,6 @@ class PmbArgs(Namespace):
    xauth: bool
    xconfig: bool
    zap: bool
+
+
+# type: ignore