Merge pull request #14080 from NixOS/storeFS-prep

Ericson2314 · web-flow · commit 46095284f1ae · 2025-09-25T10:50:25.000-04:00
Some `storeFS` and similar cleanup
diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc
@@ -17,6 +17,7 @@
 #include "nix/expr/print.hh"
 #include "nix/fetchers/filtering-source-accessor.hh"
 #include "nix/util/memory-source-accessor.hh"
+#include "nix/util/mounted-source-accessor.hh"
 #include "nix/expr/gc-small-vector.hh"
 #include "nix/util/url.hh"
 #include "nix/fetchers/fetch-to-store.hh"
@@ -225,22 +226,25 @@ EvalState::EvalState(
            */
           {CanonPath(store->storeDir), store->getFSAccessor(settings.pureEval)},
       }))
-    , rootFS(({
-        /* In pure eval mode, we provide a filesystem that only
-           contains the Nix store.
-
-           If we have a chroot store and pure eval is not enabled,
-           use a union accessor to make the chroot store available
-           at its logical location while still having the
-           underlying directory available. This is necessary for
-           instance if we're evaluating a file from the physical
-           /nix/store while using a chroot store. */
-        auto accessor = getFSSourceAccessor();
-
-        auto realStoreDir = dirOf(store->toRealPath(StorePath::dummy));
-        if (settings.pureEval || store->storeDir != realStoreDir) {
-            accessor = settings.pureEval ? storeFS : makeUnionSourceAccessor({accessor, storeFS});
-        }
+    , rootFS([&] {
+        auto accessor = [&]() -> decltype(rootFS) {
+            /* In pure eval mode, we provide a filesystem that only
+               contains the Nix store. */
+            if (settings.pureEval)
+                return storeFS;
+
+            /* If we have a chroot store and pure eval is not enabled,
+               use a union accessor to make the chroot store available
+               at its logical location while still having the underlying
+               directory available. This is necessary for instance if
+               we're evaluating a file from the physical /nix/store
+               while using a chroot store. */
+            auto realStoreDir = dirOf(store->toRealPath(StorePath::dummy));
+            if (store->storeDir != realStoreDir)
+                return makeUnionSourceAccessor({getFSSourceAccessor(), storeFS});
+
+            return getFSSourceAccessor();
+        }();
 
         /* Apply access control if needed. */
         if (settings.restrictEval || settings.pureEval)
@@ -251,8 +255,8 @@ EvalState::EvalState(
                     throw RestrictedPathError("access to absolute path '%1%' is forbidden %2%", path, modeInformation);
                 });
 
-        accessor;
-    }))
+        return accessor;
+    }())
     , corepkgsFS(make_ref<MemorySourceAccessor>())
     , internalFS(make_ref<MemorySourceAccessor>())
     , derivationInternal{corepkgsFS->addFile(
@@ -334,7 +338,7 @@ EvalState::EvalState(
 
 EvalState::~EvalState() {}
 
-void EvalState::allowPath(const Path & path)
+void EvalState::allowPathLegacy(const Path & path)
 {
     if (auto rootFS2 = rootFS.dynamic_pointer_cast<AllowListSourceAccessor>())
         rootFS2->allowPrefix(CanonPath(path));
@@ -3177,7 +3181,7 @@ std::optional<SourcePath> EvalState::resolveLookupPathPath(const LookupPath::Pat
 
         /* Allow access to paths in the search path. */
         if (initAccessControl) {
-            allowPath(path.path.abs());
+            allowPathLegacy(path.path.abs());
             if (store->isInStore(path.path.abs())) {
                 try {
                     allowClosure(store->toStorePath(path.path.abs()).first);
diff --git a/src/libexpr/include/nix/expr/eval.hh b/src/libexpr/include/nix/expr/eval.hh
@@ -49,6 +49,7 @@ class StorePath;
 struct SingleDerivedPath;
 enum RepairFlag : bool;
 struct MemorySourceAccessor;
+struct MountedSourceAccessor;
 
 namespace eval_cache {
 class EvalCache;
@@ -320,7 +321,7 @@ public:
     /**
      * The accessor corresponding to `store`.
      */
-    const ref<SourceAccessor> storeFS;
+    const ref<MountedSourceAccessor> storeFS;
 
     /**
      * The accessor for the root filesystem.
@@ -489,8 +490,11 @@ public:
 
     /**
      * Allow access to a path.
+     *
+     * Only for restrict eval: pure eval just whitelist store paths,
+     * never arbitrary paths.
      */
-    void allowPath(const Path & path);
+    void allowPathLegacy(const Path & path);
 
     /**
      * Allow access to a store path. Note that this gets remapped to
diff --git a/src/libfetchers/git.cc b/src/libfetchers/git.cc
@@ -15,6 +15,7 @@
 #include "nix/fetchers/fetch-settings.hh"
 #include "nix/util/json-utils.hh"
 #include "nix/util/archive.hh"
+#include "nix/util/mounted-source-accessor.hh"
 
 #include <regex>
 #include <string.h>
diff --git a/src/libutil/include/nix/util/meson.build b/src/libutil/include/nix/util/meson.build
@@ -47,6 +47,7 @@ headers = files(
   'logging.hh',
   'lru-cache.hh',
   'memory-source-accessor.hh',
+  'mounted-source-accessor.hh',
   'muxable-pipe.hh',
   'os-string.hh',
   'pool.hh',
diff --git a/src/libutil/include/nix/util/mounted-source-accessor.hh b/src/libutil/include/nix/util/mounted-source-accessor.hh
@@ -0,0 +1,20 @@
+#pragma once
+
+#include "source-accessor.hh"
+
+namespace nix {
+
+struct MountedSourceAccessor : SourceAccessor
+{
+    virtual void mount(CanonPath mountPoint, ref<SourceAccessor> accessor) = 0;
+
+    /**
+     * Return the accessor mounted on `mountPoint`, or `nullptr` if
+     * there is no such mount point.
+     */
+    virtual std::shared_ptr<SourceAccessor> getMount(CanonPath mountPoint) = 0;
+};
+
+ref<MountedSourceAccessor> makeMountedSourceAccessor(std::map<CanonPath, ref<SourceAccessor>> mounts);
+
+} // namespace nix
diff --git a/src/libutil/include/nix/util/source-accessor.hh b/src/libutil/include/nix/util/source-accessor.hh
@@ -214,8 +214,6 @@ ref<SourceAccessor> getFSSourceAccessor();
  */
 ref<SourceAccessor> makeFSSourceAccessor(std::filesystem::path root);
 
-ref<SourceAccessor> makeMountedSourceAccessor(std::map<CanonPath, ref<SourceAccessor>> mounts);
-
 /**
  * Construct an accessor that presents a "union" view of a vector of
  * underlying accessors. Earlier accessors take precedence over later.
diff --git a/src/libutil/mounted-source-accessor.cc b/src/libutil/mounted-source-accessor.cc
@@ -1,18 +1,22 @@
-#include "nix/util/source-accessor.hh"
+#include "nix/util/mounted-source-accessor.hh"
+
+#include <boost/unordered/concurrent_flat_map.hpp>
 
 namespace nix {
 
-struct MountedSourceAccessor : SourceAccessor
+struct MountedSourceAccessorImpl : MountedSourceAccessor
 {
-    std::map<CanonPath, ref<SourceAccessor>> mounts;
+    boost::concurrent_flat_map<CanonPath, ref<SourceAccessor>> mounts;
 
-    MountedSourceAccessor(std::map<CanonPath, ref<SourceAccessor>> _mounts)
-        : mounts(std::move(_mounts))
+    MountedSourceAccessorImpl(std::map<CanonPath, ref<SourceAccessor>> _mounts)
     {
         displayPrefix.clear();
 
         // Currently we require a root filesystem. This could be relaxed.
-        assert(mounts.contains(CanonPath::root));
+        assert(_mounts.contains(CanonPath::root));
+
+        for (auto & [path, accessor] : _mounts)
+            mount(path, accessor);
 
         // FIXME: return dummy parent directories automatically?
     }
@@ -52,10 +56,9 @@ struct MountedSourceAccessor : SourceAccessor
         // Find the nearest parent of `path` that is a mount point.
         std::vector<std::string> subpath;
         while (true) {
-            auto i = mounts.find(path);
-            if (i != mounts.end()) {
+            if (auto mount = getMount(path)) {
                 std::reverse(subpath.begin(), subpath.end());
-                return {i->second, CanonPath(subpath)};
+                return {ref(mount), CanonPath(subpath)};
             }
 
             assert(!path.isRoot());
@@ -69,11 +72,24 @@ struct MountedSourceAccessor : SourceAccessor
         auto [accessor, subpath] = resolve(path);
         return accessor->getPhysicalPath(subpath);
     }
+
+    void mount(CanonPath mountPoint, ref<SourceAccessor> accessor) override
+    {
+        mounts.emplace(std::move(mountPoint), std::move(accessor));
+    }
+
+    std::shared_ptr<SourceAccessor> getMount(CanonPath mountPoint) override
+    {
+        if (auto res = getConcurrent(mounts, mountPoint))
+            return *res;
+        else
+            return nullptr;
+    }
 };
 
-ref<SourceAccessor> makeMountedSourceAccessor(std::map<CanonPath, ref<SourceAccessor>> mounts)
+ref<MountedSourceAccessor> makeMountedSourceAccessor(std::map<CanonPath, ref<SourceAccessor>> mounts)
 {
-    return make_ref<MountedSourceAccessor>(std::move(mounts));
+    return make_ref<MountedSourceAccessorImpl>(std::move(mounts));
 }
 
 } // namespace nix
diff --git a/src/nix/env.cc b/src/nix/env.cc
@@ -7,6 +7,7 @@
 #include "nix/util/strings.hh"
 #include "nix/util/executable-path.hh"
 #include "nix/util/environment-variables.hh"
+#include "nix/util/mounted-source-accessor.hh"
 
 using namespace nix;
 
diff --git a/src/nix/profile.cc b/src/nix/profile.cc
@@ -177,8 +177,8 @@ struct ProfileManifest
 
         else if (std::filesystem::exists(profile / "manifest.nix")) {
             // FIXME: needed because of pure mode; ugly.
-            state.allowPath(state.store->followLinksToStore(profile.string()));
-            state.allowPath(state.store->followLinksToStore((profile / "manifest.nix").string()));
+            state.allowPath(state.store->followLinksToStorePath(profile.string()));
+            state.allowPath(state.store->followLinksToStorePath((profile / "manifest.nix").string()));
 
             auto packageInfos = queryInstalled(state, state.store->followLinksToStore(profile.string()));
 
