Mirror of gocryptfs source code on Github http://nuetzlich.net/cgit/gocryptfs/atom?h=LockSharedStorage_rebase1 2024-12-30T11:08:41+00:00 2024-12-30T11:08:41+00:00 Jakob Unterwurzacher 2024-12-30T11:08:41+00:00 urn:sha1:b11aeec30866fe97b3c23488d51a47a040991b04 Prevent reads and writes concurrent with the truncate operation. It's racy on tmpfs and ext4 ( https://lore.kernel.org/all/18e9fa0f-ec31-9107-459c-ae1694503f87@gmail.com/t/ ) as evident by TestOpenTruncate test failures: === RUN TestOpenTruncate cluster_test.go:209: POSIX compliance issue: non-exlusive create failed with err=file exists doRead 16384215: corrupt block #0: cipher: message authentication failed ino16384215 fh8: RMW read failed: errno=5 cluster_test.go:214: iteration 1: WriteAt: write /tmp/gocryptfs-test-parent-1026/1358464214/TestOpenTruncate.1788296708.mnt2/foo: input/output error --- FAIL: TestOpenTruncate (0.06s) FAIL exit status 1 FAIL github.com/rfjakob/gocryptfs/v2/tests/cluster 7.880s Relates-to: https://github.com/rfjakob/gocryptfs/issues/56 2024-12-13T20:21:15+00:00 Jakob Unterwurzacher 2023-06-19T11:35:29+00:00 urn:sha1:8d2078b9cceaedd76a86f339165d0211cd78c8d9 Complain loudly when the underlying storage does not support byte-range locks. https://github.com/rfjakob/gocryptfs/issues/754 2024-12-13T20:21:15+00:00 Jakob Unterwurzacher 2023-06-19T11:26:44+00:00 urn:sha1:5c91672f190316d17f2293cb6f9602eac94b8b83 With -sharedstorage, when we get a decryption error, we lock the byte range and try again. This makes concurrent R/W safe agains torn writes. https://github.com/rfjakob/gocryptfs/issues/754 2024-12-13T20:21:15+00:00 Jakob Unterwurzacher 2023-06-09T12:34:20+00:00 urn:sha1:321471f513646663fcb6b9037dd85ffef52f558a As we must write complete ciphertext blocks (except at EOF), non-overlapping plaintext writes can overlap in the ciphertext. And because overlapping writes can turn the data into data soup (see TestPoCTornWrite) we serialize them using fcntl locking. 2024-12-13T20:21:15+00:00 Jakob Unterwurzacher 2023-06-05T12:22:21+00:00 urn:sha1:433f7d7379b9533611957644c5ee7a5ad15542eb With -sharedstorage, we keep the on-disk file header. Other mounts may have the file ID cached so we cannot mess with it. This makes TestOpenTruncate pass. 2024-12-04T18:53:15+00:00 Jakob Unterwurzacher 2023-06-02T12:24:44+00:00 urn:sha1:8f76d1ea0a63f546ad09fa70be1ed7b6a7d29fe6 Multiple host writing to the same empty file at the same time could have overwritten each other's newly created file header, leading to data corruption. Fix the race by placing a byte-range lock on the file when creating the file header. 2024-11-11T21:33:07+00:00 Jakob Unterwurzacher 2024-11-11T21:27:42+00:00 urn:sha1:86891054ef2a5d1b0b59c7c140aae284e7c5bd87 Now that https://github.com/hanwen/go-fuse/issues/399 has landed we can report an inode number for the root node. Fixes https://github.com/rfjakob/gocryptfs/issues/580 2024-03-09T20:32:48+00:00 Alex Shumsky 2024-03-07T20:33:11+00:00 urn:sha1:1d7dd0a76c15cf8c0dffef918a6b6c3dcb6347c4 2023-05-17T21:26:56+00:00 Jakob Unterwurzacher 2023-05-17T21:26:56+00:00 urn:sha1:09954c4bdecf0ca6da65776f176dc934ffced2b0 Not having Access() means go-fuse emulates it by looking at Getattr(). This works fine most of the time, but breaks down on sshfs, where sshfs-benchmark.bash shows this: gocryptfs/tests$ ./sshfs-benchmark.bash nuetzlich.net working directory: /tmp/sshfs-benchmark.bash.JQC sshfs mounted: nuetzlich.net:/tmp -> sshfs.mnt gocryptfs mounted: sshfs.mnt/sshfs-benchmark.bash.Wrz/gocryptfs.crypt -> gocryptfs.mnt sshfs-benchmark.bash: sshfs gocryptfs-on-sshfs git init 3.98 6.80 rsync 7.71 10.84 rm -R 4.30rm: descend into write-protected directory 'gocryptfs.mnt/git1'? The go-fuse emulation gets it wrong here because sshfs reports permissions but does not enforce them. Implement it ourselves properly. 2023-03-29T20:16:14+00:00 Jakob Unterwurzacher 2023-03-29T20:16:14+00:00 urn:sha1:24b3978715186bed3edc2703e81f165a73c0a74a And add a test for it. Fixes https://github.com/rfjakob/gocryptfs/issues/724