boot/config: Add method to get boot artifact name

Johan-Liebert1 · cgwalters · commit c9b50cb70e69 · 2026-04-02T09:19:05.000-04:00
Add a method in BLSConfig and Grub Menuconfig to get the boot artifact
name, i.e. get the name of the UKI or the name of the directory
containing the Kernel + Initrd. The names are stripped of all our custom
prefixes and suffixes, so basically they return the verity digest part
of the name.

This is useful for GC-ing Kernel + Initrd that are shared among multiple
deployments since we can't rely on the composefs= parameter in the
options as the cmdline verity digest might be different than the verity
digest of the shared Kernel + Initrd.

Tests written by Claude Code (Opus)

Signed-off-by: Pragyan Poudyal &lt;pragyanpoudyal41999@gmail.com&gt;
diff --git a/crates/lib/src/parsers/bls_config.rs b/crates/lib/src/parsers/bls_config.rs
@@ -2,8 +2,6 @@
 //!
 //! This module parses the config files for the spec.
 
-#![allow(dead_code)]
-
 use anyhow::{Result, anyhow};
 use bootc_kernel_cmdline::utf8::{Cmdline, CmdlineOwned};
 use camino::Utf8PathBuf;
@@ -15,7 +13,7 @@ use std::fmt::Display;
 use uapi_version::Version;
 
 use crate::bootc_composefs::status::ComposefsCmdline;
-use crate::composefs_consts::UKI_NAME_PREFIX;
+use crate::composefs_consts::{TYPE1_BOOT_DIR_PREFIX, UKI_NAME_PREFIX};
 
 #[derive(Debug, PartialEq, Eq, Default)]
 pub enum BLSConfigType {
@@ -173,6 +171,9 @@ impl BLSConfig {
         self
     }
 
+    /// Get the fs-verity digest from a BLS config
+    /// For EFI BLS entries, this returns the name of the UKI
+    /// For Non-EFI BLS entries, this returns the fs-verity digest in the "options" field
     pub(crate) fn get_verity(&self) -> Result<String> {
         match &self.cfg_type {
             BLSConfigType::EFI { efi } => {
@@ -205,6 +206,56 @@ impl BLSConfig {
         }
     }
 
+    /// Returns name of UKI in case of EFI config
+    /// Returns name of the directory containing Kernel + Initrd in case of Non-EFI config
+    ///
+    /// The names are stripped of our custom prefix and suffixes, so this returns the
+    /// verity digest part of the name
+    #[allow(dead_code)]
+    pub(crate) fn boot_artifact_name(&self) -> Result<&str> {
+        match &self.cfg_type {
+            BLSConfigType::EFI { efi } => {
+                let file_name = efi
+                    .file_name()
+                    .ok_or_else(|| anyhow::anyhow!("EFI path missing file name: {}", efi))?;
+
+                let without_suffix = file_name.strip_suffix(EFI_EXT).ok_or_else(|| {
+                    anyhow::anyhow!(
+                        "EFI file name missing expected suffix '{}': {}",
+                        EFI_EXT,
+                        file_name
+                    )
+                })?;
+
+                // For backwards compatibility, we don't make this prefix mandatory
+                match without_suffix.strip_prefix(UKI_NAME_PREFIX) {
+                    Some(no_prefix) => Ok(no_prefix),
+                    None => Ok(without_suffix),
+                }
+            }
+
+            BLSConfigType::NonEFI { linux, .. } => {
+                let parent_dir = linux.parent().ok_or_else(|| {
+                    anyhow::anyhow!("Linux kernel path has no parent directory: {}", linux)
+                })?;
+
+                let dir_name = parent_dir.file_name().ok_or_else(|| {
+                    anyhow::anyhow!("Parent directory has no file name: {}", parent_dir)
+                })?;
+
+                // For backwards compatibility, we don't make this prefix mandatory
+                match dir_name.strip_prefix(TYPE1_BOOT_DIR_PREFIX) {
+                    Some(dir_name_no_prefix) => Ok(dir_name_no_prefix),
+                    None => Ok(dir_name),
+                }
+            }
+
+            BLSConfigType::Unknown => {
+                anyhow::bail!("Cannot extract boot artifact name from unknown config type")
+            }
+        }
+    }
+
     /// Gets the `options` field from the config
     /// Returns an error if the field doesn't exist
     /// or if the config is of type `EFI`
@@ -585,4 +636,99 @@ mod tests {
         assert!(config_final < config_rc1);
         Ok(())
     }
+
+    #[test]
+    fn test_boot_artifact_name_efi_success() -> Result<()> {
+        use camino::Utf8PathBuf;
+
+        let efi_path = Utf8PathBuf::from("bootc_composefs-abcd1234.efi");
+        let config = BLSConfig {
+            cfg_type: BLSConfigType::EFI { efi: efi_path },
+            version: "1".to_string(),
+            ..Default::default()
+        };
+
+        let artifact_name = config.boot_artifact_name()?;
+        assert_eq!(artifact_name, "abcd1234");
+        Ok(())
+    }
+
+    #[test]
+    fn test_boot_artifact_name_non_efi_success() -> Result<()> {
+        use camino::Utf8PathBuf;
+
+        let linux_path = Utf8PathBuf::from("/boot/bootc_composefs-xyz5678/vmlinuz");
+        let config = BLSConfig {
+            cfg_type: BLSConfigType::NonEFI {
+                linux: linux_path,
+                initrd: vec![],
+                options: None,
+            },
+            version: "1".to_string(),
+            ..Default::default()
+        };
+
+        let artifact_name = config.boot_artifact_name()?;
+        assert_eq!(artifact_name, "xyz5678");
+        Ok(())
+    }
+
+    #[test]
+    fn test_boot_artifact_name_efi_missing_prefix() {
+        use camino::Utf8PathBuf;
+
+        let efi_path = Utf8PathBuf::from("/EFI/Linux/abcd1234.efi");
+        let config = BLSConfig {
+            cfg_type: BLSConfigType::EFI { efi: efi_path },
+            version: "1".to_string(),
+            ..Default::default()
+        };
+
+        let artifact_name = config
+            .boot_artifact_name()
+            .expect("Should extract artifact name");
+        assert_eq!(artifact_name, "abcd1234");
+    }
+
+    #[test]
+    fn test_boot_artifact_name_efi_missing_suffix() {
+        use camino::Utf8PathBuf;
+
+        let efi_path = Utf8PathBuf::from("bootc_composefs-abcd1234");
+        let config = BLSConfig {
+            cfg_type: BLSConfigType::EFI { efi: efi_path },
+            version: "1".to_string(),
+            ..Default::default()
+        };
+
+        let result = config.boot_artifact_name();
+        assert!(result.is_err());
+        assert!(
+            result
+                .unwrap_err()
+                .to_string()
+                .contains("missing expected suffix")
+        );
+    }
+
+    #[test]
+    fn test_boot_artifact_name_efi_no_filename() {
+        use camino::Utf8PathBuf;
+
+        let efi_path = Utf8PathBuf::from("/");
+        let config = BLSConfig {
+            cfg_type: BLSConfigType::EFI { efi: efi_path },
+            version: "1".to_string(),
+            ..Default::default()
+        };
+
+        let result = config.boot_artifact_name();
+        assert!(result.is_err());
+        assert!(
+            result
+                .unwrap_err()
+                .to_string()
+                .contains("missing file name")
+        );
+    }
 }
diff --git a/crates/lib/src/parsers/grub_menuconfig.rs b/crates/lib/src/parsers/grub_menuconfig.rs
@@ -114,7 +114,7 @@ impl<'a> MenuEntry<'a> {
         let name = to_path
             .components()
             .last()
-            .ok_or(anyhow::anyhow!("Empty efi field"))?
+            .ok_or_else(|| anyhow::anyhow!("Empty efi field"))?
             .to_string()
             .strip_prefix(UKI_NAME_PREFIX)
             .ok_or_else(|| anyhow::anyhow!("efi does not start with custom prefix"))?
@@ -124,6 +124,35 @@ impl<'a> MenuEntry<'a> {
 
         Ok(name)
     }
+
+    /// Returns name of UKI in case of EFI config
+    ///
+    /// The names are stripped of our custom prefix and suffixes, so this returns
+    /// the verity digest part of the name
+    pub(crate) fn boot_artifact_name(&self) -> Result<String> {
+        let chainloader_path = Utf8PathBuf::from(&self.body.chainloader);
+
+        let file_name = chainloader_path.file_name().ok_or_else(|| {
+            anyhow::anyhow!(
+                "Chainloader path missing file name: {}",
+                &self.body.chainloader
+            )
+        })?;
+
+        let without_suffix = file_name.strip_suffix(EFI_EXT).ok_or_else(|| {
+            anyhow::anyhow!(
+                "EFI file name missing expected suffix '{}': {}",
+                EFI_EXT,
+                file_name
+            )
+        })?;
+
+        // For backwards compatibility, we don't make this prefix mandatory
+        match without_suffix.strip_prefix(UKI_NAME_PREFIX) {
+            Some(no_prefix) => Ok(no_prefix.into()),
+            None => Ok(without_suffix.into()),
+        }
+    }
 }
 
 /// Parser that takes content until balanced brackets, handling nested brackets and escapes.
@@ -547,4 +576,71 @@ mod test {
         assert_eq!(result[1].body.chainloader, "/EFI/Linux/second.efi");
         assert_eq!(result[1].body.search, "--set=root --fs-uuid \"some-uuid\"");
     }
+
+    #[test]
+    fn test_menuentry_boot_artifact_name_success() {
+        let body = MenuentryBody {
+            insmod: vec!["fat", "chain"],
+            chainloader: "/EFI/bootc_composefs/bootc_composefs-abcd1234.efi".to_string(),
+            search: "--no-floppy --set=root --fs-uuid test",
+            version: 0,
+            extra: vec![],
+        };
+
+        let entry = MenuEntry {
+            title: "Test Entry".to_string(),
+            body,
+        };
+
+        let artifact_name = entry
+            .boot_artifact_name()
+            .expect("Should extract artifact name");
+        assert_eq!(artifact_name, "abcd1234");
+    }
+
+    #[test]
+    fn test_menuentry_boot_artifact_name_missing_prefix() {
+        let body = MenuentryBody {
+            insmod: vec!["fat", "chain"],
+            chainloader: "/EFI/Linux/abcd1234.efi".to_string(),
+            search: "--no-floppy --set=root --fs-uuid test",
+            version: 0,
+            extra: vec![],
+        };
+
+        let entry = MenuEntry {
+            title: "Test Entry".to_string(),
+            body,
+        };
+
+        let artifact_name = entry
+            .boot_artifact_name()
+            .expect("Should extract artifact name");
+        assert_eq!(artifact_name, "abcd1234");
+    }
+
+    #[test]
+    fn test_menuentry_boot_artifact_name_missing_suffix() {
+        let body = MenuentryBody {
+            insmod: vec!["fat", "chain"],
+            chainloader: "/EFI/bootc_composefs/bootc_composefs-abcd1234".to_string(),
+            search: "--no-floppy --set=root --fs-uuid test",
+            version: 0,
+            extra: vec![],
+        };
+
+        let entry = MenuEntry {
+            title: "Test Entry".to_string(),
+            body,
+        };
+
+        let result = entry.boot_artifact_name();
+        assert!(result.is_err());
+        assert!(
+            result
+                .unwrap_err()
+                .to_string()
+                .contains("missing expected suffix")
+        );
+    }
 }
