7 files changed, 509 insertions, 19 deletions
diff --git a/.gitignore b/.gitignore
index 8d65432..0929506 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,9 @@
 # Binary
 /gocryptfs
+
+# Manual test mounts
+/cipherdir
+/mountpoint
+
+# main_test.go temporary files
+/main_test_tmp
diff --git a/cryptfs/cryptfs_content.go b/cryptfs/cryptfs_content.go
index 4658529..e23d9b5 100644
--- a/cryptfs/cryptfs_content.go
+++ b/cryptfs/cryptfs_content.go
@@ -77,7 +77,7 @@ func (be *CryptFS) EncryptBlock(plaintext []byte) []byte {
 	return ciphertext
 }
 
-// Split a plaintext byte range into (possible partial) blocks
+// Split a plaintext byte range into (possibly partial) blocks
 func (be *CryptFS) SplitRange(offset uint64, length uint64) []intraBlock {
 	var b intraBlock
 	var parts []intraBlock
@@ -113,6 +113,22 @@ func (be *CryptFS) minu64(x uint64, y uint64) uint64 {
 	return y
 }
 
+// CiphertextRange - Get byte range in backing ciphertext corresponding
+// to plaintext range. Returns a range aligned to ciphertext blocks.
+func (be *CryptFS) CiphertextRange(offset uint64, length uint64) (uint64, uint64, int) {
+	// Decrypting the ciphertext will yield too many plaintext bytes. Skip this number
+	// of bytes from the front.
+	skip := offset % be.plainBS
+
+	firstBlockNo := offset / be.plainBS
+	lastBlockNo := ( offset + length - 1 ) / be.plainBS
+
+	alignedOffset := firstBlockNo * be.cipherBS
+	alignedLength := (lastBlockNo - firstBlockNo + 1) * be.cipherBS
+
+	return alignedOffset, alignedLength, int(skip)
+}
+
 // Get the byte range in the ciphertext corresponding to blocks
 // (full blocks!)
 func (be *CryptFS) JoinCiphertextRange(blocks []intraBlock) (uint64, uint64) {
@@ -138,3 +154,24 @@ func (be *CryptFS) CropPlaintext(plaintext []byte, blocks []intraBlock) []byte {
 	}
 	return cropped
 }
+
+// MergeBlocks - Merge newData into oldData at offset
+// New block may be bigger than both newData and oldData
+func (be *CryptFS) MergeBlocks(oldData []byte, newData []byte, offset int) []byte {
+
+	// Make block of maximum size
+	out := make([]byte, be.plainBS)
+
+	// Copy old and new data into it
+	copy(out, oldData)
+	l := len(newData)
+	copy(out[offset:offset + l], newData)
+
+	// Crop to length
+	outLen := len(oldData)
+	newLen := offset + len(newData)
+	if outLen < newLen {
+		outLen = newLen
+	}
+	return out[0:outLen]
+}
diff --git a/cryptfs/log.go b/cryptfs/log.go
index f9c46c8..8233529 100644
--- a/cryptfs/log.go
+++ b/cryptfs/log.go
@@ -15,5 +15,5 @@ func (l logChannel) Printf(format string, args ...interface{}) {
 }
 
 
-var Debug = logChannel{false}
+var Debug = logChannel{true}
 var Warn = logChannel{true}
diff --git a/main.go b/main.go
index c279612..2a140ab 100644
--- a/main.go
+++ b/main.go
@@ -1,18 +1,29 @@
 package main
 
 import (
-	"bazil.org/fuse"
-	fusefs "bazil.org/fuse/fs"
 	"flag"
 	"fmt"
-	frontend "github.com/rfjakob/gocryptfs/cluefs_frontend"
 	"os"
 	"path/filepath"
+	"time"
+
+	"github.com/rfjakob/gocryptfs/cluefs_frontend"
+	"github.com/rfjakob/gocryptfs/pathfs_frontend"
+
+	bazilfuse "bazil.org/fuse"
+	bazilfusefs "bazil.org/fuse/fs"
+
+	"github.com/hanwen/go-fuse/fuse"
+	"github.com/hanwen/go-fuse/fuse/nodefs"
+	"github.com/hanwen/go-fuse/fuse/pathfs"
 )
 
 const (
+	USE_CLUEFS   = false
+	USE_OPENSSL  = false
+	PATHFS_DEBUG = false
+
 	PROGRAM_NAME = "gocryptfs"
-	USE_OPENSSL  = true
 
 	ERREXIT_USAGE  = 1
 	ERREXIT_NEWFS  = 2
@@ -29,27 +40,34 @@ func main() {
 		fmt.Printf("usage: %s CIPHERDIR MOUNTPOINT\n", PROGRAM_NAME)
 		os.Exit(ERREXIT_USAGE)
 	}
-
 	cipherdir, _ := filepath.Abs(flag.Arg(0))
-	mountpoint, err := filepath.Abs(flag.Arg(1))
+	mountpoint, _ := filepath.Abs(flag.Arg(1))
 
-	// Create the file system object
 	var key [16]byte
-	cfs, err := frontend.NewFS(key, cipherdir, USE_OPENSSL)
+
+	if USE_CLUEFS {
+		cluefsFrontend(key, cipherdir, mountpoint)
+	} else {
+		pathfsFrontend(key, cipherdir, mountpoint)
+	}
+}
+
+func cluefsFrontend(key [16]byte, cipherdir string, mountpoint string) {
+	cfs, err := cluefs_frontend.NewFS(key, cipherdir, USE_OPENSSL)
 	if err != nil {
 		fmt.Println(err)
 		os.Exit(ERREXIT_NEWFS)
 	}
 
 	// Mount the file system
-	mountOpts := []fuse.MountOption{
-		fuse.FSName(PROGRAM_NAME),
-		fuse.Subtype(PROGRAM_NAME),
-		fuse.VolumeName(PROGRAM_NAME),
-		fuse.LocalVolume(),
-		fuse.MaxReadahead(1024 * 1024),
+	mountOpts := []bazilfuse.MountOption{
+		bazilfuse.FSName(PROGRAM_NAME),
+		bazilfuse.Subtype(PROGRAM_NAME),
+		bazilfuse.VolumeName(PROGRAM_NAME),
+		bazilfuse.LocalVolume(),
+		bazilfuse.MaxReadahead(1024 * 1024),
 	}
-	conn, err := fuse.Mount(mountpoint, mountOpts...)
+	conn, err := bazilfuse.Mount(mountpoint, mountOpts...)
 	if err != nil {
 		fmt.Println(err)
 		os.Exit(ERREXIT_MOUNT)
@@ -57,7 +75,7 @@ func main() {
 	defer conn.Close()
 
 	// Start serving requests
-	if err = fusefs.Serve(conn, cfs); err != nil {
+	if err = bazilfusefs.Serve(conn, cfs); err != nil {
 		fmt.Println(err)
 		os.Exit(ERREXIT_SERVE)
 	}
@@ -72,3 +90,30 @@ func main() {
 	// We are done
 	os.Exit(0)
 }
+
+func pathfsFrontend(key [16]byte, cipherdir string, mountpoint string){
+
+	finalFs := pathfs_frontend.NewFS(key, cipherdir, USE_OPENSSL)
+
+	opts := &nodefs.Options{
+		// These options are to be compatible with libfuse defaults,
+		// making benchmarking easier.
+		NegativeTimeout: time.Second,
+		AttrTimeout:     time.Second,
+		EntryTimeout:    time.Second,
+	}
+	pathFs := pathfs.NewPathNodeFs(finalFs, nil)
+	conn := nodefs.NewFileSystemConnector(pathFs.Root(), opts)
+	mOpts := &fuse.MountOptions{
+		AllowOther: false,
+	}
+	state, err := fuse.NewServer(conn.RawFS(), mountpoint, mOpts)
+	if err != nil {
+		fmt.Printf("Mount fail: %v\n", err)
+		os.Exit(1)
+	}
+	state.SetDebug(PATHFS_DEBUG)
+
+	fmt.Println("Mounted!")
+	state.Serve()
+}
diff --git a/main_test.go b/main_test.go
index 6b68b4a..70dbbe2 100644
--- a/main_test.go
+++ b/main_test.go
@@ -12,7 +12,7 @@ import (
 	"time"
 )
 
-const tmpDir = "test_tmp_dir/"
+const tmpDir = "main_test_tmp/"
 const plainDir = tmpDir + "plain/"
 const cipherDir = tmpDir + "cipher/"
 
diff --git a/pathfs_frontend/file.go b/pathfs_frontend/file.go
new file mode 100644
index 0000000..8b6d61d
--- /dev/null
+++ b/pathfs_frontend/file.go
@@ -0,0 +1,235 @@
+package pathfs_frontend
+
+import (
+	"io"
+	"bytes"
+	"fmt"
+	"os"
+	"sync"
+	"syscall"
+	"time"
+
+	"github.com/hanwen/go-fuse/fuse"
+	"github.com/hanwen/go-fuse/fuse/nodefs"
+	"github.com/rfjakob/gocryptfs/cryptfs"
+)
+
+// File - based on loopbackFile in go-fuse/fuse/nodefs/files.go
+type file struct {
+	fd *os.File
+
+	// os.File is not threadsafe. Although fd themselves are
+	// constant during the lifetime of an open file, the OS may
+	// reuse the fd number after it is closed. When open races
+	// with another close, they may lead to confusion as which
+	// file gets written in the end.
+	lock sync.Mutex
+
+	// Was the file opened O_WRONLY?
+	writeOnly bool
+
+	// Parent CryptFS
+	cfs *cryptfs.CryptFS
+}
+
+func NewFile(fd *os.File, writeOnly bool, cfs *cryptfs.CryptFS) nodefs.File {
+	return &file{
+		fd: fd,
+		writeOnly: writeOnly,
+		cfs: cfs,
+	}
+}
+
+func (f *file) InnerFile() nodefs.File {
+	return nil
+}
+
+func (f *file) SetInode(n *nodefs.Inode) {
+}
+
+func (f *file) String() string {
+	return fmt.Sprintf("cryptFile(%s)", f.fd.Name())
+}
+
+// Read - FUSE call
+func (f *file) Read(buf []byte, off int64) (resultData fuse.ReadResult, code fuse.Status) {
+	cryptfs.Debug.Printf("\n\nGot read request: len=%d off=%d\n", len(buf), off)
+
+	if f.writeOnly {
+		return nil, fuse.EBADF
+	}
+
+	// Read the backing ciphertext in one go
+	alignedOffset, alignedLength, skip := f.cfs.CiphertextRange(uint64(off), uint64(len(buf)))
+	ciphertext := make([]byte, int(alignedLength))
+	_, err := f.fd.ReadAt(ciphertext, int64(alignedOffset))
+	if err != nil && err != io.EOF {
+		cryptfs.Warn.Printf("Read error: %s\n", err.Error())
+		return nil, fuse.ToStatus(err)
+	}
+
+	// Decrypt it
+	plaintext, err := f.cfs.DecryptBlocks(ciphertext)
+	if err != nil {
+		cryptfs.Warn.Printf("Decryption error: %s\n", err.Error())
+		return nil, fuse.EIO
+	}
+
+	// Crop down to the relevant part
+	var out []byte
+	lenHave := len(plaintext)
+	lenWant := skip + len(buf)
+	if lenHave > lenWant {
+		out = plaintext[skip:skip + len(buf)]
+	} else if lenHave > skip {
+		out = plaintext[skip:lenHave]
+	}
+	// else: out stays empty
+
+	fmt.Printf("Read: returning %d bytes\n", len(plaintext))
+
+	return fuse.ReadResultData(out), fuse.OK
+}
+
+// Write - FUSE call
+func (f *file) Write(data []byte, off int64) (uint32, fuse.Status) {
+	var written uint32
+	var status fuse.Status
+	dataBuf := bytes.NewBuffer(data)
+	blocks := f.cfs.SplitRange(uint64(off), uint64(len(data)))
+	for _, b := range(blocks) {
+
+		blockData := dataBuf.Next(int(b.Length))
+
+		// Incomplete block -> Read-Modify-Write
+		if b.IsPartial() {
+			// Read
+			oldData := make([]byte, f.cfs.PlainBS())
+			o, _ := b.PlaintextRange()
+			res, status := f.Read(oldData, int64(o))
+			oldData, _ = res.Bytes(oldData)
+			if status != fuse.OK {
+				return written, status
+			}
+			// Modify
+			blockData = f.cfs.MergeBlocks(oldData, blockData, int(b.Offset))
+		}
+		// Write
+		blockOffset, _ := b.CiphertextRange()
+		blockData = f.cfs.EncryptBlock(blockData)
+		_, err := f.fd.WriteAt(blockData, int64(blockOffset))
+
+		if err != nil {
+			cryptfs.Warn.Printf("Write failed: %s\n", err.Error())
+			status = fuse.ToStatus(err)
+			break
+		}
+		written += uint32(b.Length)
+	}
+
+	return written, status
+}
+
+// Release - FUSE call, forget file
+func (f *file) Release() {
+	f.lock.Lock()
+	f.fd.Close()
+	f.lock.Unlock()
+}
+
+// Flush - FUSE call
+func (f *file) Flush() fuse.Status {
+	f.lock.Lock()
+
+	// Since Flush() may be called for each dup'd fd, we don't
+	// want to really close the file, we just want to flush. This
+	// is achieved by closing a dup'd fd.
+	newFd, err := syscall.Dup(int(f.fd.Fd()))
+	f.lock.Unlock()
+
+	if err != nil {
+		return fuse.ToStatus(err)
+	}
+	err = syscall.Close(newFd)
+	return fuse.ToStatus(err)
+}
+
+func (f *file) Fsync(flags int) (code fuse.Status) {
+	f.lock.Lock()
+	r := fuse.ToStatus(syscall.Fsync(int(f.fd.Fd())))
+	f.lock.Unlock()
+
+	return r
+}
+
+func (f *file) Truncate(size uint64) fuse.Status {
+	f.lock.Lock()
+	r := fuse.ToStatus(syscall.Ftruncate(int(f.fd.Fd()), int64(size)))
+	f.lock.Unlock()
+
+	return r
+}
+
+func (f *file) Chmod(mode uint32) fuse.Status {
+	f.lock.Lock()
+	r := fuse.ToStatus(f.fd.Chmod(os.FileMode(mode)))
+	f.lock.Unlock()
+
+	return r
+}
+
+func (f *file) Chown(uid uint32, gid uint32) fuse.Status {
+	f.lock.Lock()
+	r := fuse.ToStatus(f.fd.Chown(int(uid), int(gid)))
+	f.lock.Unlock()
+
+	return r
+}
+
+func (f *file) GetAttr(a *fuse.Attr) fuse.Status {
+	st := syscall.Stat_t{}
+	f.lock.Lock()
+	err := syscall.Fstat(int(f.fd.Fd()), &st)
+	f.lock.Unlock()
+	if err != nil {
+		return fuse.ToStatus(err)
+	}
+	a.FromStat(&st)
+
+	return fuse.OK
+}
+
+func (f *file) Allocate(off uint64, sz uint64, mode uint32) fuse.Status {
+	f.lock.Lock()
+	err := syscall.Fallocate(int(f.fd.Fd()), mode, int64(off), int64(sz))
+	f.lock.Unlock()
+	if err != nil {
+		return fuse.ToStatus(err)
+	}
+	return fuse.OK
+}
+
+const _UTIME_NOW = ((1 << 30) - 1)
+const _UTIME_OMIT = ((1 << 30) - 2)
+
+func (f *file) Utimens(a *time.Time, m *time.Time) fuse.Status {
+	tv := make([]syscall.Timeval, 2)
+	if a == nil {
+		tv[0].Usec = _UTIME_OMIT
+	} else {
+		n := a.UnixNano()
+		tv[0] = syscall.NsecToTimeval(n)
+	}
+
+	if m == nil {
+		tv[1].Usec = _UTIME_OMIT
+	} else {
+		n := a.UnixNano()
+		tv[1] = syscall.NsecToTimeval(n)
+	}
+
+	f.lock.Lock()
+	err := syscall.Futimes(int(f.fd.Fd()), tv)
+	f.lock.Unlock()
+	return fuse.ToStatus(err)
+}
diff --git a/pathfs_frontend/fs.go b/pathfs_frontend/fs.go
new file mode 100644
index 0000000..2f73462
--- /dev/null
+++ b/pathfs_frontend/fs.go
@@ -0,0 +1,166 @@
+package pathfs_frontend
+
+import (
+	"os"
+	"path/filepath"
+	"time"
+	"fmt"
+
+	"github.com/hanwen/go-fuse/fuse"
+	"github.com/hanwen/go-fuse/fuse/nodefs"
+	"github.com/hanwen/go-fuse/fuse/pathfs"
+	"github.com/rfjakob/gocryptfs/cryptfs"
+)
+
+type FS struct {
+	*cryptfs.CryptFS
+	pathfs.FileSystem    // loopbackFileSystem
+	backing string       // Backing directory
+}
+
+// Encrypted FUSE overlay filesystem
+func NewFS(key [16]byte, backing string, useOpenssl bool) *FS {
+	return &FS{
+		CryptFS:     cryptfs.NewCryptFS(key, useOpenssl),
+		FileSystem:  pathfs.NewLoopbackFileSystem(backing),
+		backing:     backing,
+
+	}
+}
+
+// GetPath - get the absolute path of the backing file
+func (fs *FS) GetPath(relPath string) string {
+	return filepath.Join(fs.backing, fs.EncryptPath(relPath))
+}
+
+func (fs *FS) GetAttr(name string, context *fuse.Context) (*fuse.Attr, fuse.Status) {
+	a, status := fs.FileSystem.GetAttr(fs.EncryptPath(name), context)
+	if a == nil {
+		return a, status
+	}
+
+	a.Size = fs.PlainSize(a.Size)
+	return a, status
+}
+
+func (fs *FS) OpenDir(name string, context *fuse.Context) ([]fuse.DirEntry, fuse.Status) {
+	cipherEntries, status := fs.FileSystem.OpenDir(fs.EncryptPath(name), context);
+	var plain []fuse.DirEntry
+	var skipped int
+	if cipherEntries != nil {
+		for i := range cipherEntries {
+			n, err := fs.DecryptPath(cipherEntries[i].Name)
+			if err != nil {
+				fmt.Printf("Skipping invalid filename \"%s\": %s\n", cipherEntries[i].Name, err)
+				skipped++
+				continue
+			}
+			cipherEntries[i].Name = n
+			plain = append(plain, cipherEntries[i])
+		}
+	}
+	return plain, status
+}
+
+// We always need read access to do read-modify-write cycles
+func (fs *FS) mangleOpenFlags(flags uint32) (newFlags int, writeOnly bool) {
+	newFlags = int(flags)
+	if newFlags & os.O_WRONLY > 0 {
+		writeOnly = true
+		newFlags = newFlags ^ os.O_WRONLY | os.O_RDWR
+	}
+	// We also cannot open the file in append mode, we need to seek back for RMW
+	newFlags = newFlags &^ os.O_APPEND
+
+	return newFlags, writeOnly
+}
+
+func (fs *FS) Open(name string, flags uint32, context *fuse.Context) (fuseFile nodefs.File, status fuse.Status) {
+	cryptfs.Debug.Printf("Open(%s)\n", name)
+
+	iflags, writeOnly := fs.mangleOpenFlags(flags)
+	f, err := os.OpenFile(fs.GetPath(name), iflags, 0666)
+	if err != nil {
+		return nil, fuse.ToStatus(err)
+	}
+
+	return NewFile(f, writeOnly, fs.CryptFS), fuse.OK
+}
+
+func (fs *FS) Create(path string, flags uint32, mode uint32, context *fuse.Context) (fuseFile nodefs.File, code fuse.Status) {
+	iflags, writeOnly := fs.mangleOpenFlags(flags)
+	f, err := os.OpenFile(fs.GetPath(path), iflags|os.O_CREATE, os.FileMode(mode))
+	if err != nil {
+		return nil, fuse.ToStatus(err)
+	}
+	return NewFile(f, writeOnly, fs.CryptFS), fuse.OK
+}
+
+func (fs *FS) Chmod(path string, mode uint32, context *fuse.Context) (code fuse.Status) {
+	return fs.FileSystem.Chmod(fs.EncryptPath(path), mode, context)
+}
+
+func (fs *FS) Chown(path string, uid uint32, gid uint32, context *fuse.Context) (code fuse.Status) {
+	return fs.FileSystem.Chmod(fs.EncryptPath(path), gid, context)
+}
+
+func (fs *FS) Truncate(path string, offset uint64, context *fuse.Context) (code fuse.Status) {
+	return fs.FileSystem.Truncate(fs.EncryptPath(path), offset, context)
+}
+
+func (fs *FS) Utimens(path string, Atime *time.Time, Mtime *time.Time, context *fuse.Context) (code fuse.Status) {
+	return fs.FileSystem.Utimens(fs.EncryptPath(path), Atime, Mtime, context)
+}
+
+func (fs *FS) Readlink(name string, context *fuse.Context) (out string, code fuse.Status) {
+	return fs.FileSystem.Readlink(fs.EncryptPath(name), context)
+}
+
+func (fs *FS) Mknod(name string, mode uint32, dev uint32, context *fuse.Context) (code fuse.Status) {
+	return fs.FileSystem.Mknod(fs.EncryptPath(name), mode, dev, context)
+}
+
+func (fs *FS) Mkdir(path string, mode uint32, context *fuse.Context) (code fuse.Status) {
+	return fs.FileSystem.Mkdir(fs.EncryptPath(path), mode, context)
+}
+
+func (fs *FS) Unlink(name string, context *fuse.Context) (code fuse.Status) {
+	return fs.FileSystem.Unlink(fs.EncryptPath(name), context)
+}
+
+func (fs *FS) Rmdir(name string, context *fuse.Context) (code fuse.Status) {
+	return fs.FileSystem.Rmdir(fs.EncryptPath(name), context)
+}
+
+func (fs *FS) Symlink(pointedTo string, linkName string, context *fuse.Context) (code fuse.Status) {
+	// TODO symlink encryption
+	return fs.FileSystem.Symlink(fs.EncryptPath(pointedTo), fs.EncryptPath(linkName), context)
+}
+
+func (fs *FS) Rename(oldPath string, newPath string, context *fuse.Context) (codee fuse.Status) {
+	return fs.FileSystem.Rename(fs.EncryptPath(oldPath), fs.EncryptPath(newPath), context)
+}
+
+func (fs *FS) Link(orig string, newName string, context *fuse.Context) (code fuse.Status) {
+	return fs.FileSystem.Link(fs.EncryptPath(orig), fs.EncryptPath(newName), context)
+}
+
+func (fs *FS) Access(name string, mode uint32, context *fuse.Context) (code fuse.Status) {
+	return fs.FileSystem.Access(fs.EncryptPath(name), mode, context)
+}
+
+func (fs *FS) GetXAttr(name string, attr string, context *fuse.Context) ([]byte, fuse.Status) {
+	return nil, fuse.ENOSYS
+}
+
+func (fs *FS) SetXAttr(name string, attr string, data []byte, flags int, context *fuse.Context) fuse.Status {
+	return fuse.ENOSYS
+}
+
+func (fs *FS) ListXAttr(name string, context *fuse.Context) ([]string, fuse.Status) {
+	return nil, fuse.ENOSYS
+}
+
+func (fs *FS) RemoveXAttr(name string, attr string, context *fuse.Context) fuse.Status {
+	return fuse.ENOSYS
+}