Mirror of gocryptfs source code on Github http://nuetzlich.net/cgit/gocryptfs/atom?h=LockSharedStorage 2023-06-19T11:35:29+00:00 2023-06-19T11:35:29+00:00 Jakob Unterwurzacher 2023-06-19T11:35:29+00:00 urn:sha1:15d34762ab9f375b9aa738119aa7e2dd1497102e Complain loudly when the underlying storage does not support byte-range locks. https://github.com/rfjakob/gocryptfs/issues/754 2023-06-19T11:27:44+00:00 Jakob Unterwurzacher 2023-06-19T11:26:44+00:00 urn:sha1:a97df8508a3f9bfc6d398c152bf15c6fcd98c74b With -sharedstorage, when we get a decryption error, we lock the byte range and try again. This makes concurrent R/W safe agains torn writes. https://github.com/rfjakob/gocryptfs/issues/754 2023-06-09T13:07:45+00:00 Jakob Unterwurzacher 2023-06-09T12:34:20+00:00 urn:sha1:d8f4bdb72a1bcef509fd3e4258c96f8f67db8203 As we must write complete ciphertext blocks (except at EOF), non-overlapping plaintext writes can overlap in the ciphertext. And because overlapping writes can turn the data into data soup (see TestPoCTornWrite) we serialize them using fcntl locking. 2023-06-06T14:24:06+00:00 Jakob Unterwurzacher 2023-06-05T12:22:21+00:00 urn:sha1:c1c41d279a33afdeb930009bdd305c39a9920dcf With -sharedstorage, we keep the on-disk file header. Other mounts may have the file ID cached so we cannot mess with it. This makes TestOpenTruncate pass. 2023-06-05T12:28:58+00:00 Jakob Unterwurzacher 2023-06-02T12:24:44+00:00 urn:sha1:964f0c190932e5dc53b05ec69ccda6e8d33a73b6 Multiple hosts creating the same file at the same time could have overwritten each other's file header, leading to data corruption. Fix the race by placing a byte-range lock on the file when creating the file header. 2023-05-17T21:26:56+00:00 Jakob Unterwurzacher 2023-05-17T21:26:56+00:00 urn:sha1:09954c4bdecf0ca6da65776f176dc934ffced2b0 Not having Access() means go-fuse emulates it by looking at Getattr(). This works fine most of the time, but breaks down on sshfs, where sshfs-benchmark.bash shows this: gocryptfs/tests$ ./sshfs-benchmark.bash nuetzlich.net working directory: /tmp/sshfs-benchmark.bash.JQC sshfs mounted: nuetzlich.net:/tmp -> sshfs.mnt gocryptfs mounted: sshfs.mnt/sshfs-benchmark.bash.Wrz/gocryptfs.crypt -> gocryptfs.mnt sshfs-benchmark.bash: sshfs gocryptfs-on-sshfs git init 3.98 6.80 rsync 7.71 10.84 rm -R 4.30rm: descend into write-protected directory 'gocryptfs.mnt/git1'? The go-fuse emulation gets it wrong here because sshfs reports permissions but does not enforce them. Implement it ourselves properly. 2023-03-29T20:16:14+00:00 Jakob Unterwurzacher 2023-03-29T20:16:14+00:00 urn:sha1:24b3978715186bed3edc2703e81f165a73c0a74a And add a test for it. Fixes https://github.com/rfjakob/gocryptfs/issues/724 2023-02-21T21:08:41+00:00 Jakob Unterwurzacher 2023-02-21T21:04:30+00:00 urn:sha1:8f3ec5dcaa6eb18d11746675190a7aaceb422764 Commit 6196a5b5 got the logic inverted, hence we never set the last position markers. Fixes https://github.com/rfjakob/gocryptfs/issues/712 2023-02-21T21:08:41+00:00 Jakob Unterwurzacher 2023-01-24T21:07:28+00:00 urn:sha1:85297cda97d018b514361a2088a78f50f1446f95 It used to be reported as "function not implemented", accompanied with this log output: go-fuse: can't convert error type: ParseHeader: header is all-zero. Header hexdump: 000000000000000000000000000000000000 Now we report EIO and log this: doWrite 1372183: corrupt header: ParseHeader: header is all-zero. Header hexdump: 000000000000000000000000000000000000 2022-12-29T14:00:37+00:00 Jakob Unterwurzacher 2022-12-29T14:00:24+00:00 urn:sha1:856ccaac10579abda5620dfc86ad6031b1076a43 Run "make format" using go version go1.19.4 linux/amd64