summaryrefslogtreecommitdiff
path: root/internal/fusefrontend/xattr.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/fusefrontend/xattr.go')
-rw-r--r--internal/fusefrontend/xattr.go157
1 files changed, 157 insertions, 0 deletions
diff --git a/internal/fusefrontend/xattr.go b/internal/fusefrontend/xattr.go
new file mode 100644
index 0000000..357e889
--- /dev/null
+++ b/internal/fusefrontend/xattr.go
@@ -0,0 +1,157 @@
+// Package fusefrontend interfaces directly with the go-fuse library.
+package fusefrontend
+
+// FUSE operations on paths
+
+import (
+ "strings"
+ "syscall"
+
+ "github.com/hanwen/go-fuse/fuse"
+ xattr "github.com/rfjakob/pkg-xattr"
+
+ "github.com/rfjakob/gocryptfs/internal/tlog"
+)
+
+// xattr names are encrypted like file names, but with a fixed IV.
+var xattrNameIV = []byte("xattr_name_iv_xx")
+
+// Only allow the "user" namespace, block "trusted" and "security", as
+// these may be interpreted by the system, and we don't want to cause
+// trouble with our encrypted garbage.
+var xattrUserPrefix = "user."
+
+// We store encrypted xattrs under this prefix plus the base64-encoded
+// encrypted original name.
+var xattrStorePrefix = "user.gocryptfs."
+
+// GetXAttr: read the value of extended attribute "attr".
+// Implements pathfs.Filesystem.
+func (fs *FS) GetXAttr(path string, attr string, context *fuse.Context) ([]byte, fuse.Status) {
+ if fs.isFiltered(path) {
+ return nil, fuse.EPERM
+ }
+ cAttr, err := fs.encryptXattrName(attr)
+ if err != nil {
+ return nil, fuse.ToStatus(err)
+ }
+ cPath, err := fs.getBackingPath(path)
+ if err != nil {
+ return nil, fuse.ToStatus(err)
+ }
+ cData64, err := xattr.Get(cPath, cAttr)
+ if err != nil {
+ return nil, unpackXattrErr(err)
+ }
+ // xattr data is decrypted like a symlink target
+ data, err := fs.decryptSymlinkTarget(string(cData64))
+ if err != nil {
+ tlog.Warn.Printf("GetXAttr: %v", err)
+ return nil, fuse.EIO
+ }
+ return []byte(data), fuse.OK
+}
+
+// SetXAttr implements pathfs.Filesystem.
+func (fs *FS) SetXAttr(path string, attr string, data []byte, flags int, context *fuse.Context) fuse.Status {
+ if fs.isFiltered(path) {
+ return fuse.EPERM
+ }
+ if flags != 0 {
+ return fuse.EPERM
+ }
+ cPath, err := fs.getBackingPath(path)
+ if err != nil {
+ return fuse.ToStatus(err)
+ }
+ cAttr, err := fs.encryptXattrName(attr)
+ if err != nil {
+ return fuse.ToStatus(err)
+ }
+ // xattr data is encrypted like a symlink target
+ cData64 := []byte(fs.encryptSymlinkTarget(string(data)))
+ return unpackXattrErr(xattr.Set(cPath, cAttr, cData64))
+}
+
+// RemoveXAttr implements pathfs.Filesystem.
+func (fs *FS) RemoveXAttr(path string, attr string, context *fuse.Context) fuse.Status {
+ if fs.isFiltered(path) {
+ return fuse.EPERM
+ }
+ cPath, err := fs.getBackingPath(path)
+ if err != nil {
+ return fuse.ToStatus(err)
+ }
+ cAttr, err := fs.encryptXattrName(attr)
+ if err != nil {
+ return fuse.ToStatus(err)
+ }
+ return unpackXattrErr(xattr.Remove(cPath, cAttr))
+}
+
+// ListXAttr implements pathfs.Filesystem.
+func (fs *FS) ListXAttr(path string, context *fuse.Context) ([]string, fuse.Status) {
+ if fs.isFiltered(path) {
+ return nil, fuse.EPERM
+ }
+ cPath, err := fs.getBackingPath(path)
+ if err != nil {
+ return nil, fuse.ToStatus(err)
+ }
+ cNames, err := xattr.List(cPath)
+ if err != nil {
+ return nil, unpackXattrErr(err)
+ }
+ names := make([]string, 0, len(cNames))
+ for _, curName := range cNames {
+ if !strings.HasPrefix(curName, xattrStorePrefix) {
+ continue
+ }
+ name, err := fs.decryptXattrName(curName)
+ if err != nil {
+ tlog.Warn.Printf("ListXAttr: invalid xattr name %q: %v", curName, err)
+ continue
+ }
+ names = append(names, name)
+ }
+ return names, fuse.OK
+}
+
+// encryptXattrName transforms "user.foo" to "user.gocryptfs.a5sAd4XAa47f5as6dAf"
+func (fs *FS) encryptXattrName(attr string) (cAttr string, err error) {
+ // Reject anything that does not start with "user."
+ if !strings.HasPrefix(attr, xattrUserPrefix) {
+ return "", syscall.EPERM
+ }
+ // xattr names are encrypted like file names, but with a fixed IV.
+ cAttr = xattrStorePrefix + fs.nameTransform.EncryptName(attr, xattrNameIV)
+ return cAttr, nil
+}
+
+func (fs *FS) decryptXattrName(cAttr string) (attr string, err error) {
+ // Reject anything that does not start with "user.gocryptfs."
+ if !strings.HasPrefix(cAttr, xattrStorePrefix) {
+ return "", syscall.EINVAL
+ }
+ // Strip "user.gocryptfs." prefix
+ cAttr = cAttr[len(xattrStorePrefix):]
+ attr, err = fs.nameTransform.DecryptName(cAttr, xattrNameIV)
+ if err != nil {
+ return "", err
+ }
+ return attr, nil
+}
+
+// unpackXattrErr unpacks an error value that we got from xattr.Get/Set/etc
+// and converts it to a fuse status.
+func unpackXattrErr(err error) fuse.Status {
+ if err == nil {
+ return fuse.OK
+ }
+ err2, ok := err.(*xattr.Error)
+ if !ok {
+ tlog.Warn.Printf("unpackXattrErr: cannot unpack err=%v", err)
+ return fuse.EIO
+ }
+ return fuse.ToStatus(err2.Err)
+}