diff options
author | Jakob Unterwurzacher | 2015-09-07 21:10:42 +0200 |
---|---|---|
committer | Jakob Unterwurzacher | 2015-09-07 21:10:42 +0200 |
commit | af0ae03db23f845dbcf8a6738057222ce7986bd8 (patch) | |
tree | 90aa7fc12b9b12b28c486b9bdc3e62ab40eb0fe6 /cluefs_frontend/fe_file.go | |
parent | cd9512801525a63530c1f74ac184fb1d73bff67b (diff) |
Rename frontend to "cluefs_frontend"
Enables adding another frontend later
Diffstat (limited to 'cluefs_frontend/fe_file.go')
-rw-r--r-- | cluefs_frontend/fe_file.go | 152 |
1 files changed, 152 insertions, 0 deletions
diff --git a/cluefs_frontend/fe_file.go b/cluefs_frontend/fe_file.go new file mode 100644 index 0000000..4c4e38a --- /dev/null +++ b/cluefs_frontend/fe_file.go @@ -0,0 +1,152 @@ +package cluefs_frontend + +// frontend sits between FUSE and ClueFS +// and uses cryptfs for all crypto operations +// +// cryptfs +// ^ +// | +// v +// FUSE <-> frontend <-> ClueFS +// +// This file handles files access + +import ( + "fmt" + "github.com/rfjakob/gocryptfs/cryptfs" + "github.com/rfjakob/cluefs/lib/cluefs" + + "bazil.org/fuse" + fusefs "bazil.org/fuse/fs" + "golang.org/x/net/context" +) + +func fixFlags(flags fuse.OpenFlags) (fuse.OpenFlags, bool) { + cryptfs.Debug.Printf("fixFlags: Before: %s\n", flags.String()) + var writeOnly bool + // We always need read access to do read-modify-write cycles + if flags & fuse.OpenWriteOnly > 0 { + flags = flags &^ fuse.OpenWriteOnly + flags = flags | fuse.OpenReadWrite + writeOnly = true + } + // We also cannot open the file in append mode, we need to seek back for RMW + flags = flags &^ fuse.OpenAppend + cryptfs.Debug.Printf("fixFlags: After: %s\n", flags.String()) + return flags, writeOnly +} + +func max(x int, y int) int { + if x > y { + return x + } + return y +} + +type File struct { + *cluefs.File + crfs *cryptfs.CryptFS + // Remember if the file is supposed to be write-only + writeOnly bool +} + +func (f *File) Open(ctx context.Context, req *fuse.OpenRequest, resp *fuse.OpenResponse) (fusefs.Handle, error) { + cryptfs.Debug.Printf("File.Open\n") + + req.Flags, f.writeOnly = fixFlags(req.Flags) + + h, err := f.File.Open(ctx, req, resp) + if err != nil { + return nil, err + } + clueFile := h.(*cluefs.File) + return &File { + File: clueFile, + crfs: f.crfs, + }, nil +} + +func (f *File) Read(ctx context.Context, req *fuse.ReadRequest, resp *fuse.ReadResponse) error { + + cryptfs.Debug.Printf("Read: o=%d l=%d\n", req.Offset, req.Size) + + // Read the backing ciphertext in one go + iblocks := f.crfs.SplitRange(uint64(req.Offset), uint64(req.Size)) + var cipherReq fuse.ReadRequest + var cipherResp fuse.ReadResponse + o, l := f.crfs.JoinCiphertextRange(iblocks) + cipherResp.Data = make([]byte, int(l)) + cipherReq.Offset = int64(o) + cipherReq.Size = int(l) + cryptfs.Debug.Printf("Read: cipherReq o=%d l=%d\n", o, l) + err := f.File.Read(ctx, &cipherReq, &cipherResp) + if err != nil { + return err + } + + // Decrypt it + plaintext, err := f.crfs.DecryptBlocks(cipherResp.Data) + if err != nil { + resp.Data = plaintext + return err + } + // Crop down to relevant part + resp.Data = f.crfs.CropPlaintext(plaintext, iblocks) + + return nil +} + +func (f *File) Write(ctx context.Context, req *fuse.WriteRequest, resp *fuse.WriteResponse) error { + cryptfs.Debug.Printf("File.Write\n") + resp.Size = 0 + iblocks := f.crfs.SplitRange(uint64(req.Offset), uint64(len(req.Data))) + var blockData []byte + for _, ib := range iblocks { + if ib.IsPartial() { + // RMW + cryptfs.Debug.Printf("RMW\n") + blockData = make([]byte, f.crfs.PlainBS()) + var readReq fuse.ReadRequest + var readResp fuse.ReadResponse + o, l := ib.PlaintextRange() + readReq.Offset = int64(o) + readReq.Size = int(l) + err := f.Read(ctx, &readReq, &readResp) + if err != nil { + return err + } + copy(blockData, readResp.Data) + copy(blockData[ib.Offset:ib.Offset+ib.Length], req.Data) + blockLen := max(len(readResp.Data), int(ib.Offset+ib.Length)) + blockData = blockData[0:blockLen] + } else { + blockData = req.Data[0:f.crfs.PlainBS()] + } + ciphertext := f.crfs.EncryptBlock(blockData) + var partReq fuse.WriteRequest + var partResp fuse.WriteResponse + o, _ := ib.CiphertextRange() + partReq.Data = ciphertext + partReq.Offset = int64(o) + err := f.File.Write(ctx, &partReq, &partResp) + if err != nil { + fmt.Printf("Write failure: %s\n", err.Error()) + return err + } + // Remove written data from the front of the request + cryptfs.Debug.Printf("req.Data[%d:%d]\n", int(ib.Length), len(req.Data)) + req.Data = req.Data[int(ib.Length):len(req.Data)] + resp.Size += int(ib.Length) + } + return nil +} + +func (f *File) Attr(ctx context.Context, attr *fuse.Attr) error { + cryptfs.Debug.Printf("Attr\n") + err := f.File.Node.Attr(ctx, attr) + if err != nil { + return err + } + attr.Size = f.crfs.PlainSize(attr.Size) + return nil +} |