overlord/fdestate/fdestate.go: fix path to data mount point on hybrid

canonical · Nov 18, 2024 · 39ad1ff · 39ad1ff
1 parent cbf35eb
commit 39ad1ff
Show file tree

Hide file tree

Showing 3 changed files with 50 additions and 8 deletions.
diff --git a/overlord/fdestate/fdemgr_test.go b/overlord/fdestate/fdemgr_test.go
@@ -24,6 +24,7 @@ import (
 	"crypto"
 	"fmt"
 	"os"
+	"path/filepath"
 	"testing"
 
 	. "gopkg.in/check.v1"
@@ -101,10 +102,19 @@ func (u *instrumentedUnlocker) Relock() {
 	u.relocked += 1
 }
 
-func (s *fdeMgrSuite) startedManager(c *C) *fdestate.FDEManager {
+func (s *fdeMgrSuite) startedManager(c *C, hasWritable bool) *fdestate.FDEManager {
+	if hasWritable {
+		err := os.MkdirAll(filepath.Join(dirs.GlobalRootDir, "writable"), 0755)
+		c.Assert(err, IsNil)
+	}
 	defer fdestate.MockDMCryptUUIDFromMountPoint(func(mountpoint string) (string, error) {
+		fmt.Printf("%s %s %s\n", mountpoint, dirs.GlobalRootDir, filepath.Join(dirs.GlobalRootDir, "writable"))
 		switch mountpoint {
-		case dirs.SnapdStateDir(dirs.GlobalRootDir):
+		case dirs.GlobalRootDir:
+			c.Check(hasWritable, Equals, false)
+			return "aaa", nil
+		case filepath.Join(dirs.GlobalRootDir, "writable"):
+			c.Check(hasWritable, Equals, true)
 			return "aaa", nil
 		case dirs.SnapSaveDir:
 			return "bbb", nil
@@ -134,7 +144,28 @@ func (s *fdeMgrSuite) startedManager(c *C) *fdestate.FDEManager {
 
 func (s *fdeMgrSuite) TestGetManagerFromState(c *C) {
 	st := s.st
-	manager := s.startedManager(c)
+	const hasWritable = false
+	manager := s.startedManager(c, hasWritable)
+
+	st.Lock()
+	defer st.Unlock()
+	foundManager := fdestate.FdeMgr(st)
+	c.Check(foundManager, Equals, manager)
+
+	var fdeSt fdestate.FdeState
+	err := st.Get("fde", &fdeSt)
+	c.Assert(err, IsNil)
+	primaryKey, hasPrimaryKey := fdeSt.PrimaryKeys[0]
+	c.Assert(hasPrimaryKey, Equals, true)
+	c.Check(crypto.Hash(primaryKey.Digest.Algorithm), Equals, crypto.Hash(crypto.SHA256))
+	c.Check(primaryKey.Digest.Salt, DeepEquals, []byte{1, 2, 3, 4})
+	c.Check(primaryKey.Digest.Digest, DeepEquals, []byte{5, 6, 7, 8})
+}
+
+func (s *fdeMgrSuite) TestGetManagerFromStateWithWritable(c *C) {
+	st := s.st
+	const hasWritable = true
+	manager := s.startedManager(c, hasWritable)
 
 	st.Lock()
 	defer st.Unlock()
@@ -180,7 +211,8 @@ func (m *mockModel) SignKeyID() string {
 
 func (s *fdeMgrSuite) TestUpdateState(c *C) {
 	st := s.st
-	manager := s.startedManager(c)
+	const hasWritable = false
+	manager := s.startedManager(c, hasWritable)
 
 	st.Lock()
 	defer st.Unlock()
@@ -209,7 +241,8 @@ func (s *fdeMgrSuite) TestUpdateState(c *C) {
 
 func (s *fdeMgrSuite) TestUpdateReseal(c *C) {
 	st := s.st
-	manager := s.startedManager(c)
+	const hasWritable = false
+	manager := s.startedManager(c, hasWritable)
 
 	st.Lock()
 	defer st.Unlock()
@@ -261,7 +294,8 @@ type mountResolveTestCase struct {
 func (s *fdeMgrSuite) testMountResolveError(c *C, tc mountResolveTestCase) {
 	defer fdestate.MockDMCryptUUIDFromMountPoint(func(mountpoint string) (string, error) {
 		switch mountpoint {
-		case dirs.SnapdStateDir(dirs.GlobalRootDir):
+		case filepath.Join(dirs.GlobalRootDir, "writable"):
+		case dirs.GlobalRootDir:
 			// ubuntu-data
 			if tc.dataResolveErr != nil {
 				return "", tc.dataResolveErr

diff --git a/overlord/fdestate/fdestate.go b/overlord/fdestate/fdestate.go
@@ -22,6 +22,7 @@ import (
 	"crypto"
 	"errors"
 	"fmt"
+	"path/filepath"
 
 	"github.com/snapcore/snapd/asserts"
 	"github.com/snapcore/snapd/dirs"
@@ -218,7 +219,12 @@ func initializeState(st *state.State) error {
 
 	// FIXME mount points will be different in recovery or factory-reset modes
 	// either inspect degraded.json, or use boot.HostUbuntuDataForMode()
-	dataUUID, dataErr := disksDMCryptUUIDFromMountPoint(dirs.SnapdStateDir(dirs.GlobalRootDir))
+	dataDir := dirs.GlobalRootDir
+	writable := filepath.Join(dirs.GlobalRootDir, "writable")
+	if osutil.FileExists(writable) {
+		dataDir = writable
+	}
+	dataUUID, dataErr := disksDMCryptUUIDFromMountPoint(dataDir)
 	saveUUID, saveErr := disksDMCryptUUIDFromMountPoint(dirs.SnapSaveDir)
 	if errors.Is(saveErr, disks.ErrMountPointNotFound) {
 		// TODO: do we need to care about old cases where there is no save partition?

diff --git a/overlord/managers_test.go b/overlord/managers_test.go
@@ -7461,7 +7461,9 @@ func (s *mgrsSuiteCore) testRemodelUC20WithRecoverySystem(c *C, encrypted bool)
 
 	restore = fdestate.MockDMCryptUUIDFromMountPoint(func(mountpoint string) (string, error) {
 		switch mountpoint {
-		case dirs.SnapdStateDir(dirs.GlobalRootDir):
+		case filepath.Join(dirs.GlobalRootDir, "writable"):
+			return "root-uuid", nil
+		case dirs.GlobalRootDir:
 			return "root-uuid", nil
 		case dirs.SnapSaveDir:
 			return "save-uuid", nil