[PATCH 0/5] Speed up archive export/import

+++ b/nix/libstore/build.cc

+struct Agent;

+    std::shared_ptr<Agent> hook;

+/* An "agent" is a helper program that runs in the background and that we talk

+   to over pipes, such as the "guix offload" program.  */

+struct Agent

+    /* Pipes for talking to the agent. */

+    Pipe toAgent;

+    /* Pipe for the agent's standard output/error. */

+    Pipe fromAgent;

+    /* Pipe for build standard output/error--e.g., for build processes started

+       by "guix offload".  */

+    /* The process ID of the agent. */

+    /* The 'guix' sub-command and arguments passed to the agent.  */

+    Agent(const string &command, const Strings &args);

+    ~Agent();

+Agent::Agent(const string &command, const Strings &args)

+    debug(format("starting agent '%1%'") % command);

+    fromAgent.create();

+    toAgent.create();

+        commonChildInit(fromAgent);

+        if (dup2(toAgent.readSide, STDIN_FILENO) == -1)

+	Strings allArgs;

+	allArgs.push_back(buildHook);

+	allArgs.push_back(command);

+	allArgs.insert(allArgs.end(), args.begin(), args.end()); // append

+        execv(buildHook.c_str(), stringsToCharPtrs(allArgs).data());

+

+        throw SysError(format("executing `%1% %2%'") % buildHook % command);

+    fromAgent.writeSide.close();

+    toAgent.readSide.close();

+Agent::~Agent()

+        toAgent.writeSide.close();

+    std::shared_ptr<Agent> hook;

+        hook->fromAgent.readSide.close();

+    if (!worker.hook) {

+	Strings args = {

+	    settings.thisSystem.c_str(),

+            (format("%1%") % settings.maxSilentTime).str().c_str(),

+            (format("%1%") % settings.printBuildTrace).str().c_str(),

+            (format("%1%") % settings.buildTimeout).str().c_str()

+	};

+

+        worker.hook = std::shared_ptr<Agent>(new Agent("offload", args));

+    }

+    writeLine(worker.hook->toAgent.writeSide, (format("%1% %2% %3% %4%")

+        string s = readLine(worker.hook->fromAgent.readSide);

+    writeLine(hook->toAgent.writeSide, s);

+    writeLine(hook->toAgent.writeSide, s);

+    hook->toAgent.writeSide.close();

+    fds.insert(hook->fromAgent.readSide);

+    if (hook && fd == hook->fromAgent.readSide)

+++ b/nix/libstore/local-store.cc

+/* Sign HASH with the key stored in file SECRETKEY.  Return the signature as a

+   string, or raise an exception upon error.  */

+static std::string signHash(const string &secretKey, const Hash &hash)

+{

+    Strings args;

+    args.push_back("sign");

+    args.push_back(secretKey);

+    args.push_back(printHash(hash));

+

+    return runAuthenticationProgram(args);

+}

+

+/* Verify SIGNATURE and return the base16-encoded hash over which it was

+   computed.  */

+static std::string verifySignature(const string &signature)

+{

+    Path tmpDir = createTempDir("", "guix", true, true, 0700);

+    AutoDelete delTmp(tmpDir);

+

+    Path sigFile = tmpDir + "/sig";

+    writeFile(sigFile, signature);

+

+    Strings args;

+    args.push_back("verify");

+    args.push_back(sigFile);

+    return runAuthenticationProgram(args);

+}

+

+	string signature = signHash(secretKey, hash);

+	    string hash2 = verifySignature(signature);

+++ b/guix/scripts/authenticate.scm

+  #:use-module (guix diagnostics)

+  #:use-module (srfi srfi-34)

+  #:use-module (srfi srfi-35)

+  #:use-module (rnrs bytevectors)

+  "Sign the hash SHA256 (a bytevector) with KEY-FILE, and return the signature

+as a canonical sexp that includes both the hash and the actual signature."

+                         (raise

+                          (formatted-message

+                           (G_ "cannot find public key for secret key '~a'~%")

+                           key-file))))

+    signature))

+authorized, verify the signature, and return the signed data (a bytevector)

+upon success."

+                (hash-data->bytevector data)      ; success

+                (raise

+                 (formatted-message (G_ "invalid signature: ~a")

+                                    (canonical-sexp->string signature))))

+            (raise

+             (formatted-message (G_ "unauthorized public key: ~a")

+                                (canonical-sexp->string subject))))

+        (raise

+         (formatted-message (G_ "corrupt signature data: ~a")

+                            (canonical-sexp->string signature))))))

+

+(define (read-command port)

+  "Read a command from PORT and return the command and arguments as a list of

+strings.  Return the empty list when the end-of-file is reached.

+

+Commands are newline-terminated and must look something like this:

+

+  COMMAND 3:abc 5:abcde 1:x

+

+where COMMAND is an alphanumeric sequence and the remainder is the command

+arguments.  Each argument is written as its length (in characters), followed

+by colon, followed by the given number of characters."

+  (define (consume-whitespace port)

+    (let ((chr (lookahead-u8 port)))

+      (when (eqv? chr (char->integer #\space))

+        (get-u8 port)

+        (consume-whitespace port))))

+

+  (match (read-delimited " \t\n\r" port)

+    ((? eof-object?)

+     '())

+    (command

+     (let loop ((result (list command)))

+       (consume-whitespace port)

+       (let ((next (lookahead-u8 port)))

+         (cond ((eqv? next (char->integer #\newline))

+                (get-u8 port)

+                (reverse result))

+               ((eof-object? next)

+                (reverse result))

+               (else

+                (let* ((len (string->number (read-delimited ":" port)))

+                       (str (utf8->string

+                             (get-bytevector-n port len))))

+                  (loop (cons str result))))))))))

+  (define (send-reply code str)

+    ;; Send CODE and STR as a reply to our client.

+    (let ((bv (string->utf8 str)))

+      (format #t "~a ~a:" code (bytevector-length bv))

+      (put-bytevector (current-output-port) bv)

+      (force-output (current-output-port))))

+

+      (()

+       (let loop ()

+         (guard (c ((formatted-message? c)

+                    (send-reply 500

+                                (apply format #f

+                                       (G_ (formatted-message-string c))

+                                       (formatted-message-arguments c)))))

+           ;; Read a request on standard input and reply.

+           (match (read-command (current-input-port))

+             (("sign" signing-key (= base16-string->bytevector hash))

+              (let ((signature (sign-with-key signing-key hash)))

+                (send-reply 0 (canonical-sexp->string signature))))

+             (("verify" signature)

+              (send-reply 0

+                          (bytevector->base16-string

+                           (validate-signature

+                            (string->canonical-sexp signature)))))

+             (()

+              (exit 0))

+             (commands

+              (warning (G_ "~s: invalid command; ignoring~%") commands)

+              (send-reply 404 "invalid command"))))

+

+         (loop)))

+      (_

+       (leave (G_ "wrong arguments~%"))))))

+++ b/nix/libstore/local-store.cc

+/* Return the authentication agent, a "guix authenticate" process started

+   lazily.  */

+static std::shared_ptr<Agent> authenticationAgent()

+    static std::shared_ptr<Agent> agent;

+

+    if (!agent) {

+	Strings args = { "authenticate" };

+	agent = std::shared_ptr<Agent>(new Agent(settings.guixProgram, args));

+    }

+

+    return agent;

+}

+

+/* Read an integer and the byte that immediately follows it from FD.  Return

+   the integer.  */

+static int readInteger(int fd)

+{

+    string str;

+

+    while (1) {

+        char ch;

+        ssize_t rd = read(fd, &ch, 1);

+        if (rd == -1) {

+            if (errno != EINTR)

+                throw SysError("reading an integer");

+        } else if (rd == 0)

+            throw EndOfFile("unexpected EOF reading an integer");

+        else {

+	    if (strchr("0123456789", ch)) {

+		str += ch;

+	    } else {

+		break;

+	    }

+        }

+    }

+

+    return stoi(str);

+}

+

+/* Read from FD a reply coming from 'guix authenticate'.  The reply has the

+   form "CODE LEN:STR".  CODE is an integer, where zero indicates success.

+   LEN specifies the length in bytes of the string that immediately

+   follows.  */

+static std::string readAuthenticateReply(int fd)

+{

+    int code = readInteger(fd);

+    int len = readInteger(fd);

+

+    string str;

+    str.resize(len);

+    readFull(fd, (unsigned char *) &str[0], len);

+

+    if (code == 0)

+	return str;

+    else

+	throw Error(str);

+    auto agent = authenticationAgent();

+    auto hexHash = printHash(hash);

+    writeLine(agent->toAgent.writeSide,

+	      (format("sign %1%:%2% %3%:%4%")

+	       % secretKey.size() % secretKey

+	       % hexHash.size() % hexHash).str());

+

+    return readAuthenticateReply(agent->fromAgent.readSide);

+    auto agent = authenticationAgent();

+    writeLine(agent->toAgent.writeSide,

+	      (format("verify %1%:%2%")

+	       % signature.size() % signature).str());

+    return readAuthenticateReply(agent->fromAgent.readSide);

+++ b/tests/guix-authenticate.sh

+key="$abs_top_srcdir/tests/signing-key.sec"

+key_len="`echo -n $key | wc -c`"

+

+hash_len="`echo -n $hash | wc -c`"

+echo "sign $key_len:$key $hash_len:$hash" | guix authenticate > "$sig"

+case "$(cat $sig)" in

+    "0 "*) ;;

+    *)     echo "broken signature: $(cat $sig)"

+	   exit 42;;

+esac

+# Remove the leading "0".

+sed -i "$sig" -e's/^0 //g'

+

+hash2="$(echo verify $(cat "$sig") | guix authenticate)"

+test "$(echo $hash2 | cut -d : -f 2)" = "$hash"

+code="$(echo "verify 5:wrong" | guix authenticate | cut -f1 -d ' ')"

+test "$code" -ne 0

+code="$(echo "verify $(cat $sig)" | guix authenticate | cut -f1 -d ' ')"

+test "$code" -ne 0

+echo "sign $key_len:$key $hash_len:$hash" | guix authenticate > "$sig"

+# Remove the leading "0".

+sed -i "$sig" -e's/^0 //g'

+

+echo "verify $(cat $sig)" | guix authenticate

+hash2="$(echo "verify $(cat $sig)" | guix authenticate | cut -f2 -d ' ')"

+test "$(echo $hash2 | cut -d : -f 2)" = "$hash"

+++ b/tests/store.scm

+               (and (not (zero? (store-protocol-error-status c)))

+               (and (not (zero? (store-protocol-error-status c)))

+                    (string-contains (store-protocol-error-message c)

+                                     "unauthorized public key"))))

+++ b/guix/scripts/authenticate.scm

+  #:use-module (srfi srfi-71)

+  #:use-module (ice-9 vlist)

+(define (load-key-pair key-file)

+  "Load the key pair whose secret key lives at KEY-FILE.  Return a pair of

+canonical sexps representing those keys."

+  (catch 'system-error

+    (lambda ()

+      (let* ((secret-key (call-with-input-file key-file read-canonical-sexp))

+             (public-key (call-with-input-file

+                           read-canonical-sexp)))

+        (cons public-key secret-key)))

+    (lambda args

+      (let ((errno (system-error-errno args)))

+        (raise

+         (formatted-message

+          (G_ "failed to load key pair at '~a': ~a~%")

+          key-file (strerror errno)))))))

+(define (sign-with-key public-key secret-key sha256)

+  "Sign the hash SHA256 (a bytevector) with SECRET-KEY (a canonical sexp), and

+return the signature as a canonical sexp that includes SHA256, PUBLIC-KEY, and

+the actual signature."

+  (let ((data (bytevector->hash-data sha256

+                                     #:key-type (key-type public-key))))

+    (signature-sexp data secret-key public-key)))

+

+(define (validate-signature signature acl)

+authorized in ACL, verify the signature, and return the signed data (a

+bytevector) upon success."

+        (if (authorized-key? subject acl)

+       (let ((acl (current-acl)))

+         (let loop ((key-pairs vlist-null))

+           (guard (c ((formatted-message? c)

+                      (send-reply 500

+                                  (apply format #f

+                                         (G_ (formatted-message-string c))

+                                         (formatted-message-arguments c)))))

+             ;; Read a request on standard input and reply.

+             (match (read-command (current-input-port))

+               (("sign" signing-key (= base16-string->bytevector hash))

+                (let* ((key-pairs keys

+                                  (match (vhash-assoc signing-key key-pairs)

+                                    ((_ . keys)

+                                     (values key-pairs keys))

+                                    (#f

+                                     (let ((keys (load-key-pair signing-key)))

+                                       (values (vhash-cons signing-key keys

+                                                           key-pairs)

+                                               keys)))))

+                       (signature (match keys

+                                    ((public . secret)

+                                     (sign-with-key public secret hash)))))

+                  (send-reply 0 (canonical-sexp->string signature))

+                  (loop key-pairs)))

+               (("verify" signature)

+                (send-reply 0

+                            (bytevector->base16-string

+                             (validate-signature

+                              (string->canonical-sexp signature)

+                              acl)))

+                (loop key-pairs))

+               (()

+                (exit 0))

+               (commands

+                (warning (G_ "~s: invalid command; ignoring~%") commands)

+                (send-reply 404 "invalid command")

+                (loop key-pairs)))))))

+++ b/nix/libstore/build.cc

+	    "offload",

+        worker.hook = std::shared_ptr<Agent>(new Agent(settings.guixProgram, args));

+++ b/nix/libutil/util.cc

+static const string pathNullDevice = "/dev/null";

+

+/* Common initialisation performed in child processes. */

+void commonChildInit(Pipe & logPipe)

+{

+    /* Put the child in a separate session (and thus a separate

+       process group) so that it has no controlling terminal (meaning

+       that e.g. ssh cannot open /dev/tty) and it doesn't receive

+       terminal signals. */

+    if (setsid() == -1)

+        throw SysError(format("creating a new session"));

+

+    /* Dup the write side of the logger pipe into stderr. */

+    if (dup2(logPipe.writeSide, STDERR_FILENO) == -1)

+        throw SysError("cannot pipe standard error into log file");

+

+    /* Dup stderr to stdout. */

+    if (dup2(STDERR_FILENO, STDOUT_FILENO) == -1)

+        throw SysError("cannot dup stderr into stdout");

+

+    /* Reroute stdin to /dev/null. */

+    int fdDevNull = open(pathNullDevice.c_str(), O_RDWR);

+    if (fdDevNull == -1)

+        throw SysError(format("cannot open `%1%'") % pathNullDevice);

+    if (dup2(fdDevNull, STDIN_FILENO) == -1)

+        throw SysError("cannot dup null device into stdin");

+    close(fdDevNull);

+}

+

+//////////////////////////////////////////////////////////////////////

+

+Agent::Agent(const string &command, const Strings &args)

+{

+    debug(format("starting agent '%1%'") % command);

+

+    /* Create a pipe to get the output of the child. */

+    fromAgent.create();

+

+    /* Create the communication pipes. */

+    toAgent.create();

+

+    /* Create a pipe to get the output of the builder. */

+    builderOut.create();

+

+    /* Fork the hook. */

+    pid = startProcess([&]() {

+

+        commonChildInit(fromAgent);

+

+        if (chdir("/") == -1) throw SysError("changing into `/");

+

+        /* Dup the communication pipes. */

+        if (dup2(toAgent.readSide, STDIN_FILENO) == -1)

+            throw SysError("dupping to-hook read side");

+

+        /* Use fd 4 for the builder's stdout/stderr. */

+        if (dup2(builderOut.writeSide, 4) == -1)

+            throw SysError("dupping builder's stdout/stderr");

+

+	Strings allArgs;

+	allArgs.push_back(command);

+	allArgs.insert(allArgs.end(), args.begin(), args.end()); // append

+

+        execv(command.c_str(), stringsToCharPtrs(allArgs).data());

+

+        throw SysError(format("executing `%1%'") % command);

+    });

+

+    pid.setSeparatePG(true);

+    fromAgent.writeSide.close();

+    toAgent.readSide.close();

+}

+

+

+Agent::~Agent()

+{

+    try {

+        toAgent.writeSide.close();

+        pid.kill(true);

+    } catch (...) {

+        ignoreException();

+    }

+}

+

+++ b/nix/libutil/util.hh

+/* An "agent" is a helper program that runs in the background and that we talk

+   to over pipes, such as the "guix offload" program.  */

+struct Agent

+{

+    /* Pipes for talking to the agent. */

+    Pipe toAgent;

+

+    /* Pipe for the agent's standard output/error. */

+    Pipe fromAgent;

+

+    /* Pipe for build standard output/error--e.g., for build processes started

+       by "guix offload".  */

+    Pipe builderOut;

+

+    /* The process ID of the agent. */

+    Pid pid;

+

+    /* The command and arguments passed to the agent.  */

+    Agent(const string &command, const Strings &args);

+

+    ~Agent();

+};

+

+/* Common initialisation performed in child processes. */

+void commonChildInit(Pipe & logPipe);