Initial reimplementation of composefs-c

.github/workflows/bootc-revdep.yml

@@ -44,3 +44,8 @@ jobs:
 
       - name: Build and test bootc with local composefs-rs
         run: just bootc/test
+        env:
+          # Use bootc branch adapted to composefs-rs API changes
+          # TODO: revert to main once bootc-dev/bootc merges these adaptations
+          COMPOSEFS_BOOTC_REPO: https://github.com/cgwalters/bootc
+          COMPOSEFS_BOOTC_REF: adapt-composefs-rs-api

.gitignore

@@ -5,3 +5,6 @@
 **/fuzz/target/
 **/fuzz/corpus/
 **/fuzz/artifacts/
+.worktrees
+*.rpm
+crates/composefs/fuzz/fuzz-0.log

Justfile

@@ -93,6 +93,21 @@ test-integration-vm *ARGS: build _integration-container-build
 install-nextest:
     @which cargo-nextest > /dev/null 2>&1 || cargo install cargo-nextest --locked
 
+# Build and run a bls example locally.
+# Usage: just test-example-local bls arch
+#        just test-example-local bls arch fsfmt=ext4 verity=none
+# 'fsfmt' defaults to ext4, 'verity' defaults to none (no fs-verity enforcement).
+# Requires: qemu-kvm, OVMF, skopeo, mtools, fsverity, mkfs.erofs, systemd-repart, podman.
+test-example-local example os fsfmt="ext4" verity="none": build
+    #!/usr/bin/env bash
+    set -euo pipefail
+    export FS_FORMAT={{ fsfmt }}
+    export FS_VERITY_MODE={{ verity }}
+    export CFSCTL_PATH=$(pwd)/target/debug/cfsctl
+    cd examples
+    {{ example }}/build {{ os }}
+    TEST_IMAGE="{{ example }}/{{ os }}-{{ example }}-efi.qcow2" pytest test -v
+
 # Run everything: checks + full integration tests including VM
 ci: check test-integration-vm
 

bootc/Justfile

@@ -51,10 +51,12 @@ patch: clone
     #!/bin/bash
     set -euo pipefail
 
-    # Require a clean composefs-rs working tree so we test a real commit
+    # Require a clean composefs-rs working tree so we test a real commit.
+    # Only tracked files matter; untracked files are allowed.
+    # git diff HEAD already excludes untracked files.
     if ! git -C "$_COMPOSEFS_SRC" diff --quiet HEAD 2>/dev/null; then
         echo "error: composefs-rs has uncommitted changes — commit or stash first" >&2
-        git -C "$_COMPOSEFS_SRC" status --short >&2
+        git -C "$_COMPOSEFS_SRC" diff --stat HEAD >&2
         exit 1
     fi
 

crates/composefs-boot/src/lib.rs

@@ -101,13 +101,19 @@ impl<ObjectID: FsVerityHashValue> BootOps<ObjectID> for FileSystem<ObjectID> {
     ) -> Result<Vec<BootEntry<ObjectID>>> {
         let boot_entries = get_boot_resources(self, repo)?;
         empty_toplevel_dirs(self)?;
+        // Compact the leaves table after clearing directories, so that leaves
+        // which were only referenced by /boot or /sysroot are removed and
+        // don't appear as orphans when the filesystem is validated.
+        self.compact();
         selabel::selabel(self, repo)?;
 
         Ok(boot_entries)
     }
 
     fn transform_for_boot_from_dir(&mut self, rootfs: impl AsFd) -> Result<()> {
         empty_toplevel_dirs(self)?;
+        // Same as above: compact to remove leaves orphaned by clearing dirs.
+        self.compact();
         selabel::selabel_from_dir(self, rootfs)?;
         Ok(())
     }

crates/composefs-boot/src/selabel.rs

@@ -581,6 +581,7 @@ mod tests {
             st_uid: 0,
             st_gid: 0,
             st_mtim_sec: 0,
+            st_mtim_nsec: 0,
             xattrs: Default::default(),
         };
 
@@ -595,6 +596,7 @@ mod tests {
                         st_uid: 0,
                         st_gid: 0,
                         st_mtim_sec: 0,
+                        st_mtim_nsec: 0,
                         xattrs: Default::default(),
                     },
                     LeafContent::Regular(RegularFile::Inline(data.to_vec().into_boxed_slice())),