aboutsummaryrefslogtreecommitdiff
path: root/internal/fusefrontend
diff options
context:
space:
mode:
authorJakob Unterwurzacher2017-04-24 00:25:02 +0200
committerJakob Unterwurzacher2017-04-24 00:25:02 +0200
commit3409ade2723d931097560fbbe35e461553c5912c (patch)
treec12f3eb3fa93eba352170ab597d70d6a72498ce2 /internal/fusefrontend
parentf1945c4daae65074cfca8f0ab5b97ac5a50c24a0 (diff)
forcedecode: tighten checks
...and fix a few golint issues and print a scary warning message on mount. Also, force the fs to ro,noexec.
Diffstat (limited to 'internal/fusefrontend')
-rw-r--r--internal/fusefrontend/file.go12
1 files changed, 9 insertions, 3 deletions
diff --git a/internal/fusefrontend/file.go b/internal/fusefrontend/file.go
index 4d75d64..111775c 100644
--- a/internal/fusefrontend/file.go
+++ b/internal/fusefrontend/file.go
@@ -18,6 +18,7 @@ import (
"github.com/rfjakob/gocryptfs/internal/contentenc"
"github.com/rfjakob/gocryptfs/internal/serialize_reads"
+ "github.com/rfjakob/gocryptfs/internal/stupidgcm"
"github.com/rfjakob/gocryptfs/internal/syscallcompat"
"github.com/rfjakob/gocryptfs/internal/tlog"
)
@@ -200,9 +201,14 @@ func (f *file) doRead(off uint64, length uint64) ([]byte, fuse.Status) {
// Decrypt it
plaintext, err := f.contentEnc.DecryptBlocks(ciphertext, firstBlockNo, fileID)
if err != nil {
- curruptBlockNo := firstBlockNo + f.contentEnc.PlainOffToBlockNo(uint64(len(plaintext)))
- tlog.Warn.Printf("ino%d: doRead: corrupt block #%d: %v", f.devIno.ino, curruptBlockNo, err)
- if (f.fs.args.ForceDecode == false) {
+ if f.fs.args.ForceDecode && err == stupidgcm.ErrAuth {
+ // We do not have the information which block was corrupt here anymore,
+ // but DecryptBlocks() has already logged it anyway.
+ tlog.Warn.Printf("ino%d: doRead off=%d len=%d: returning corrupt data due to forcedecode",
+ f.devIno.ino, off, length)
+ } else {
+ curruptBlockNo := firstBlockNo + f.contentEnc.PlainOffToBlockNo(uint64(len(plaintext)))
+ tlog.Warn.Printf("ino%d: doRead: corrupt block #%d: %v", f.devIno.ino, curruptBlockNo, err)
return nil, fuse.EIO
}
}