qemu: Apply interim fix for overlayfs + O_NOATIME

Our VM tests and everything related to our virtualisation infrastructure
is currently broken if used with kernel 4.19 or later.

The reason for this is that since 4.19, overlayfs uses the O_NOATIME
flag when opening files in lowerdir and this doesn't play nice with the
way we pass the Nix store to our QEMU guests.

On a NixOS system, paths in the Nix store are typically owned by root
but the QEMU process is usually run by an ordinary user. Using O_NOATIME
on a file where you're not the owner (or superuser) will return with
EPERM (Operation not permitted).

This is exactly what happens in our VM tests, because we're using
overlayfs in the guests to allow writes to the store.

Another implication of this is that the default kernel version for NixOS
19.03 has been reverted to Linux 4.14.

Work on getting this upstream is still ongoing and the patch I posted
previously was incomplete, needs rework and also some more review from
upstream maintainers - in summary: This will take a while.

So instead of rushing in a kernel patch to nixpkgs, which will affect
all users of overlayfs, not just NixOS VM tests, I opted to patch QEMU
for now to ignore the O_NOATIME flag in 9p.

I think this is also the least impacting change, because even if you
care about whether access times are written or not, you get the same
behaviour as with Linux 4.19 in conjunction with QEMU.

Signed-off-by: aszlig <aszlig@nix.build>
Fixes: https://github.com/NixOS/nixpkgs/issues/54509
This commit is contained in:
aszlig 2019-03-14 14:56:55 +01:00
parent 17a2e7329b
commit 4c1ddb3a57
No known key found for this signature in database
GPG key ID: 684089CE67EBB691
2 changed files with 45 additions and 0 deletions

View file

@ -0,0 +1,44 @@
commit cdc3e7eeafa9f683214d2c15d52ef384c3de6611
Author: aszlig <aszlig@nix.build>
Date: Mon Mar 18 13:21:01 2019 +0100
9pfs: Ignore O_NOATIME open flag
Since Linux 4.19, overlayfs uses the O_NOATIME flag on its lowerdir,
which in turn causes errors when the Nix store is mounted in the guest
because the file owner of the store paths typically don't match the
owner of the QEMU process.
After submitting a patch to the overlayfs mailing list[1], it turns out
that my patch was incomplete[2] and needs a bit more rework.
So instead of using an incomplete kernel patch in nixpkgs, which affects
*all* users of overlayfs, not just NixOS VM tests, I decided that for
now it's better to patch QEMU instead.
The change here really only ignores the O_NOATIME flag so that the
behaviour is similar to what NFS does. From open(2):
This flag may not be effective on all filesystems. One example is NFS,
where the server maintains the access time.
This change is therefore only temporary until the final fix lands in the
stable kernel releases.
[1]: https://www.spinics.net/lists/linux-unionfs/msg06755.html
[2]: https://www.spinics.net/lists/linux-unionfs/msg06756.html
Signed-off-by: aszlig <aszlig@nix.build>
diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
index 55821343e5..0b8425fe18 100644
--- a/hw/9pfs/9p.c
+++ b/hw/9pfs/9p.c
@@ -127,7 +127,6 @@ static int dotl_to_open_flags(int flags)
{ P9_DOTL_LARGEFILE, O_LARGEFILE },
{ P9_DOTL_DIRECTORY, O_DIRECTORY },
{ P9_DOTL_NOFOLLOW, O_NOFOLLOW },
- { P9_DOTL_NOATIME, O_NOATIME },
{ P9_DOTL_SYNC, O_SYNC },
};

View file

@ -76,6 +76,7 @@ stdenv.mkDerivation rec {
patches = [
./no-etc-install.patch
./fix-qemu-ga.patch
./9p-ignore-noatime.patch
] ++ optional nixosTestRunner ./force-uid0-on-9p.patch
++ optional pulseSupport ./fix-hda-recording.patch
++ optionals stdenv.hostPlatform.isMusl [