gocryptfs/internal, branch v1.6

gocryptfs/internal, branch v1.6 Mirror of gocryptfs source code on Github http://nuetzlich.net/cgit/gocryptfs/atom?h=v1.6 2018-08-15T21:31:37+00:00 trezor: show support in version string 2018-08-15T21:31:37+00:00 Jakob Unterwurzacher 2018-08-15T21:31:37+00:00 urn:sha1:bd054e70ef1c0f9709b5bc216ba148cf088d7edb Show enable_trezor in the version string if we were compiled with `-tags enable_trezor`. And hide the `-trezor` flag from the help output if we were not. fusefrontend: truncateGrowFile: pass zeroPad error to caller 2018-08-15T15:25:22+00:00 Jakob Unterwurzacher 2018-08-15T15:14:24+00:00 urn:sha1:dbd400d930ccd790c2918f6382c0efaeb353c282 Errors from zeroPad were ignored until now, as discovered using xfstests generic/083. fusefrontend_reverse: reject excludes for the root directory "" 2018-08-15T10:28:29+00:00 Jakob Unterwurzacher 2018-08-15T10:28:29+00:00 urn:sha1:7a02f71fc2fc8fc104ad1538f417d1e93e73cf11 This is most likely a mistake by the user. Reject it. reverse mode: add --exclude option 2018-08-11T21:26:49+00:00 Jakob Unterwurzacher 2018-08-11T21:26:49+00:00 urn:sha1:ec2fdc19cf9358ae7ba09c528a5807b6b0760f9b https://github.com/rfjakob/gocryptfs/issues/235 configfile: drop superflous Printf 2018-07-23T20:25:40+00:00 Jakob Unterwurzacher 2018-07-23T20:24:19+00:00 urn:sha1:f4a972ddf1f8002095b1e57bd93bb8894ae745f2 Before: $ gocryptfs -fsck . LoadConfFile: ReadFile: &os.PathError{Op:"open", Path:"/var/tmp/check-gocryptfs/scratchdev/gocryptfs.conf", Err:0xd} Cannot open config file: open /var/tmp/check-gocryptfs/scratchdev/gocryptfs.conf: permission denied After: $ gocryptfs -fsck . Cannot open config file: open /var/tmp/check-gocryptfs/scratchdev/gocryptfs.conf: permission denied fusefronted: disallow writes running concurrently with reads 2018-07-22T20:29:22+00:00 Jakob Unterwurzacher 2018-07-22T20:29:22+00:00 urn:sha1:f316f1b2df47dca651174e574ab072f6b46c0b01 As uncovered by xfstests generic/465, concurrent reads and writes could lead to this, doRead 3015532: corrupt block #1039: stupidgcm: message authentication failed, as the read could pick up a block that has not yet been completely written - write() is not atomic! Now writes take ContentLock exclusively, while reads take it shared, meaning that multiple reads can run in parallel with each other, but not with a write. This also simplifies the file header locking. fusefrontend: doWrite: delete file header if first write fails 2018-07-15T13:12:55+00:00 Jakob Unterwurzacher 2018-07-15T12:14:12+00:00 urn:sha1:c70df522d2a78f3152fa61511bed9fafa7c495a3 xfstests generic/083 fills the filesystem almost completely while running fsstress in parallel. In fsck, these would show up: readFileID 2580: incomplete file, got 18 instead of 19 bytes This could happen when writing the file header works, but writing the actual data fails. Now we kill the header again by truncating the file to zero. fusefrontend: doWrite: no need to take HeaderLock.RLock() 2018-07-15T10:40:23+00:00 Jakob Unterwurzacher 2018-07-15T10:40:23+00:00 urn:sha1:55bb22bad6c196f363ad27fbedad4f5360c4879f Other writers are blocked by ContentLock already. WriteDirIV: delete incomplete gocryptfs.diriv file if write fails 2018-07-15T10:02:39+00:00 Jakob Unterwurzacher 2018-07-15T10:00:08+00:00 urn:sha1:bbf5b72fff8b07251faacce9e77dd427a4379081 If the underlying filesystem is full, writing to gocryptfs.diriv may fail, and later fsck show this: OpenDir "xyz": could not read gocryptfs.diriv: wanted 16 bytes, got 0 Uncovered by xfstests generic/083. Also fixes a fd leak in the error path. contentenc: reserve one extra block in pool plaintext buffers 2018-07-15T09:39:19+00:00 Jakob Unterwurzacher 2018-07-15T09:39:07+00:00 urn:sha1:bcca323cb778d3ab9bf3b16e041ede5e67b18ff8 File holes and -fsck can cause unaligned read accesses, which means we have to decrypt one extra plaintext block. xfstests generic/083 manage to crash -fsck like this: generic/083 2018/07/14 15:25:21 wrong len=266240, want=131072 panic: wrong len=266240, want=131072 goroutine 1 [running]: log.Panicf(0x67fc00, 0x15, 0xc4204fec90, 0x2, 0x2) /usr/local/go/src/log/log.go:333 +0xda github.com/rfjakob/gocryptfs/internal/contentenc.(*bPool).Put(0xc4200d4800, 0xc4202f2000, 0x21000, 0x41000) /home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/contentenc/bpool.go:27 +0x15d github.com/rfjakob/gocryptfs/internal/fusefrontend.(*File).doRead(0xc4200b4500, 0xc42019e000, 0x0, 0x20000, 0x28400, 0x20000, 0xc42019e000, 0xc4204ff008, 0x435164, 0xc420000180) /home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/fusefrontend/file.go:227 +0xba9 github.com/rfjakob/gocryptfs/internal/fusefrontend.(*File).Read(0xc4200b4500, 0xc42019e000, 0x20000, 0x20000, 0x28400, 0x0, 0x0, 0x0) /home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/fusefrontend/file.go:246 +0x23e main.(*fsckObj).file(0xc420069320, 0xc42001a630, 0x21) /home/jakob/go/src/github.com/rfjakob/gocryptfs/fsck.go:126 +0x21f main.(*fsckObj).dir(0xc420069320, 0xc420014dc0, 0x1d) /home/jakob/go/src/github.com/rfjakob/gocryptfs/fsck.go:76 +0x387 main.(*fsckObj).dir(0xc420069320, 0xc42021dae0, 0x19) /home/jakob/go/src/github.com/rfjakob/gocryptfs/fsck.go:74 +0x347