search

NixOS / nix

Nix, the purely functional package manager
https://nixos.org/
GNU Lesser General Public License v2.1
11.6k stars 1.45k forks source link

Test: Readonly nix store mount still allows for reflinks #5513

Open Atemu opened 2 years ago

Atemu commented 2 years ago

N.B.from @Ericson2314: Author says bug is fixed elsewhere, but we should still have an integration test to ensure this doesn't regress.

Describe the bug

A clear and concise description of what the bug is.

If you have a problem with a specific package or NixOS, you probably want to file an issue at https://github.com/NixOS/nixpkgs/issues.

Steps To Reproduce

  1. Have a reflink capable fs like btrfs
  2. Have your $TMPDIR in the same mount as /nix so that things can theoretically be reflinked (i.e. TMPDIR=/nix/var/nix/tmp/ where /nix is a sinlgle mount)
  3. Try to copy a large file from the build dir to $out with cp --reflink=always for efficiency
  4. Invalid cross-device link

Expected behavior

A clear and concise description of what you expected to happen.

You should be able to reflink copy to the Nix store and back; its immutability should be achieved without a separate mount.

nix-env --version output

Additional context

Add any other context about the problem here.

Not being able to reflink across multiple mounts of the same FS is a kernel VFS limitation that is unlikely to be fixed any time soon.

The immutable xattr could be a good candidate. I kind of wonder why it wasn't chosen in the first place.

thufschmitt commented 2 years ago

The immutable xattr could be a good candidate. I kind of wonder why it wasn't chosen in the first place.

Maybe that’s also possible with xattrs, but one very compelling argument for a read-only bind-mount is that thanks to mount namespaces we can remount the store rw inside the Nix process when needed, while keeping it read-only for the rest of the system.

edolstra commented 2 years ago

We used to set the immutable bit but we got rid of it because it caused problems (b9c2b4d5b4cd5d52a950e6dd90eb2e2e79891fa0).

nixos-discourse commented 1 year ago

This issue has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/use-of-shallow-copy-reflinks-on-btrfs-xfs-zfs/24430/15

Atemu commented 1 year ago

At least for btrfs, this has been fixed in Linux. Modern kernels can now reflink across VFS boundaries as long as it's the same filesystem.

Ericson2314 commented 1 year ago

@Atemu I am reopening this issue because even if no code changes are needed on Nix's side anymore, it would still be very nice to have a NixOS VM Integration test ensuring this works.

Kha commented 1 year ago

In case anyone else is curious, the fix apparently landed in Linux 5.18

Ericson2314 commented 1 year ago

@Kha Thanks. Do you have a link to any sort of release notes? Or something else you read?

Atemu commented 1 year ago

@Ericson2314 https://lore.kernel.org/linux-btrfs/cover.1645194730.git.josef@toxicpanda.com/T/#mf251325026fe2e15ed5119856bf654ba4f0d298b

Ericson2314 commented 1 year ago

Thanks @Atemu. So yeah, would I love to see is a basic NixOS test reproducing this, and linking the above mailing list message.