6 files changed, 71 insertions, 58 deletions
diff --git a/internal/fusefrontend_reverse/reverse_longnames.go b/internal/fusefrontend_reverse/reverse_longnames.go
index f07e413..199356b 100644
--- a/internal/fusefrontend_reverse/reverse_longnames.go
+++ b/internal/fusefrontend_reverse/reverse_longnames.go
@@ -122,5 +122,5 @@ func (rfs *ReverseFS) newNameFile(relPath string) (nodefs.File, fuse.Status) {
 	}
 	content := []byte(rfs.nameTransform.EncryptName(pName, dirIV))
 	parentFile := filepath.Join(pDir, pName)
-	return rfs.newVirtualFile(content, rfs.args.Cipherdir, parentFile, inoBaseNameFile)
+	return rfs.newVirtualFile(content, rfs.args.Cipherdir, parentFile, inoTagNameFile)
 }
diff --git a/internal/fusefrontend_reverse/rfs.go b/internal/fusefrontend_reverse/rfs.go
index 49ce0a1..6bbdfb5 100644
--- a/internal/fusefrontend_reverse/rfs.go
+++ b/internal/fusefrontend_reverse/rfs.go
@@ -15,6 +15,7 @@ import (
 	"github.com/rfjakob/gocryptfs/internal/contentenc"
 	"github.com/rfjakob/gocryptfs/internal/cryptocore"
 	"github.com/rfjakob/gocryptfs/internal/fusefrontend"
+	"github.com/rfjakob/gocryptfs/internal/inomap"
 	"github.com/rfjakob/gocryptfs/internal/nametransform"
 	"github.com/rfjakob/gocryptfs/internal/pathiv"
 	"github.com/rfjakob/gocryptfs/internal/syscallcompat"
@@ -38,6 +39,9 @@ type ReverseFS struct {
 	contentEnc *contentenc.ContentEnc
 	// Tests wheter a path is excluded (hiden) from the user. Used by -exclude.
 	excluder ignore.IgnoreParser
+	// inoMap translates inode numbers from different devices to unique inode
+	// numbers.
+	inoMap *inomap.InoMap
 }
 
 var _ pathfs.FileSystem = &ReverseFS{}
@@ -54,6 +58,7 @@ func NewFS(args fusefrontend.Args, c *contentenc.ContentEnc, n nametransform.Nam
 		args:          args,
 		nameTransform: n,
 		contentEnc:    c,
+		inoMap:        inomap.New(),
 	}
 	fs.prepareExcluder(args)
 	return fs
@@ -180,6 +185,7 @@ func (rfs *ReverseFS) GetAttr(relPath string, context *fuse.Context) (*fuse.Attr
 		if err != nil {
 			return nil, fuse.ToStatus(err)
 		}
+		rfs.inoMap.TranslateStat(&st)
 		var a fuse.Attr
 		a.FromStat(&st)
 		if rfs.args.ForceOwner != nil {
@@ -211,26 +217,25 @@ func (rfs *ReverseFS) GetAttr(relPath string, context *fuse.Context) (*fuse.Attr
 		}
 		return &a, status
 	}
+	// Normal file / directory
 	dirfd, name, err := rfs.openBackingDir(pPath)
 	if err != nil {
 		return nil, fuse.ToStatus(err)
 	}
 	// Stat the backing file/dir using Fstatat
-	var st unix.Stat_t
-	err = syscallcompat.Fstatat(dirfd, name, &st, unix.AT_SYMLINK_NOFOLLOW)
-	syscall.Close(dirfd)
-	if err != nil {
-		return nil, fuse.ToStatus(err)
-	}
-	// Instead of risking an inode number collision, we return an error.
-	if st.Ino > inoBaseMin {
-		tlog.Warn.Printf("GetAttr %q: backing file inode number %d crosses reserved space, max=%d. Returning EOVERFLOW.",
-			relPath, st.Ino, inoBaseMin)
-		return nil, fuse.ToStatus(syscall.EOVERFLOW)
+	var st syscall.Stat_t
+	{
+		var st2 unix.Stat_t
+		err = syscallcompat.Fstatat(dirfd, name, &st2, unix.AT_SYMLINK_NOFOLLOW)
+		syscall.Close(dirfd)
+		if err != nil {
+			return nil, fuse.ToStatus(err)
+		}
+		st = syscallcompat.Unix2syscall(st2)
 	}
+	rfs.inoMap.TranslateStat(&st)
 	var a fuse.Attr
-	st2 := syscallcompat.Unix2syscall(st)
-	a.FromStat(&st2)
+	a.FromStat(&st)
 	// Calculate encrypted file size
 	if a.IsRegular() {
 		a.Size = rfs.contentEnc.PlainSizeToCipherSize(a.Size)
diff --git a/internal/fusefrontend_reverse/virtualfile.go b/internal/fusefrontend_reverse/virtualfile.go
index 963c801..7d1c18c 100644
--- a/internal/fusefrontend_reverse/virtualfile.go
+++ b/internal/fusefrontend_reverse/virtualfile.go
@@ -10,6 +10,7 @@ import (
 	"github.com/hanwen/go-fuse/fuse"
 	"github.com/hanwen/go-fuse/fuse/nodefs"
 
+	"github.com/rfjakob/gocryptfs/internal/inomap"
 	"github.com/rfjakob/gocryptfs/internal/nametransform"
 	"github.com/rfjakob/gocryptfs/internal/pathiv"
 	"github.com/rfjakob/gocryptfs/internal/syscallcompat"
@@ -20,19 +21,10 @@ const (
 	// virtualFileMode is the mode to use for virtual files (gocryptfs.diriv and
 	// *.name). They are always readable, as stated in func Access
 	virtualFileMode = syscall.S_IFREG | 0444
-	// inoBaseDirIV is the start of the inode number range that is used
-	// for virtual gocryptfs.diriv files. inoBaseNameFile is the thing for
-	// *.name files.
-	// The value 10^19 is just below 2^60. A power of 10 has been chosen so the
-	// "ls -li" output (which is base-10) is easy to read.
-	// 10^19 is the largest power of 10 that is smaller than
-	// INT64_MAX (=UINT64_MAX/2). This avoids signedness issues.
-	inoBaseDirIV    = uint64(1000000000000000000)
-	inoBaseNameFile = uint64(2000000000000000000)
-	// inoBaseMin marks the start of the inode number space that is
-	// reserved for virtual files. It is the lowest of the inoBaseXXX values
-	// above.
-	inoBaseMin = inoBaseDirIV
+	// We use inomap's `Tag` feature to generate unique inode numbers for
+	// virtual files. These are the tags we use.
+	inoTagDirIV    = 1
+	inoTagNameFile = 2
 )
 
 func (rfs *ReverseFS) newDirIVFile(cRelPath string) (nodefs.File, fuse.Status) {
@@ -42,20 +34,23 @@ func (rfs *ReverseFS) newDirIVFile(cRelPath string) (nodefs.File, fuse.Status) {
 		return nil, fuse.ToStatus(err)
 	}
 	iv := pathiv.Derive(cDir, pathiv.PurposeDirIV)
-	return rfs.newVirtualFile(iv, rfs.args.Cipherdir, dir, inoBaseDirIV)
+	return rfs.newVirtualFile(iv, rfs.args.Cipherdir, dir, inoTagDirIV)
 }
 
 type virtualFile struct {
 	// Embed nodefs.defaultFile for a ENOSYS implementation of all methods
 	nodefs.File
+	// pointer to parent filesystem
+	rfs *ReverseFS
 	// file content
 	content []byte
 	// backing directory
 	cipherdir string
 	// path to a parent file (relative to cipherdir)
 	parentFile string
-	// inode number of a virtual file is inode of parent file plus inoBase
-	inoBase uint64
+	// inomap `Tag`.
+	// Depending on the file type, either `inoTagDirIV` or `inoTagNameFile`.
+	inoTag uint8
 }
 
 // newVirtualFile creates a new in-memory file that does not have a representation
@@ -63,16 +58,17 @@ type virtualFile struct {
 // from "parentFile" (plaintext path relative to "cipherdir").
 // For a "gocryptfs.diriv" file, you would use the parent directory as
 // "parentFile".
-func (rfs *ReverseFS) newVirtualFile(content []byte, cipherdir string, parentFile string, inoBase uint64) (nodefs.File, fuse.Status) {
-	if inoBase < inoBaseMin {
-		log.Panicf("BUG: virtual inode number base %d is below reserved space", inoBase)
+func (rfs *ReverseFS) newVirtualFile(content []byte, cipherdir string, parentFile string, inoTag uint8) (nodefs.File, fuse.Status) {
+	if inoTag == 0 {
+		log.Panicf("BUG: inoTag for virtual file is zero - this will cause ino collisions!")
 	}
 	return &virtualFile{
 		File:       nodefs.NewDefaultFile(),
+		rfs:        rfs,
 		content:    content,
 		cipherdir:  cipherdir,
 		parentFile: parentFile,
-		inoBase:    inoBase,
+		inoTag:     inoTag,
 	}, fuse.OK
 }
 
@@ -97,22 +93,18 @@ func (f *virtualFile) GetAttr(a *fuse.Attr) fuse.Status {
 	}
 	defer syscall.Close(dirfd)
 	name := filepath.Base(f.parentFile)
-	var st unix.Stat_t
-	err = syscallcompat.Fstatat(dirfd, name, &st, unix.AT_SYMLINK_NOFOLLOW)
+	var st2 unix.Stat_t
+	err = syscallcompat.Fstatat(dirfd, name, &st2, unix.AT_SYMLINK_NOFOLLOW)
 	if err != nil {
 		tlog.Debug.Printf("GetAttr: Fstatat %q: %v\n", f.parentFile, err)
 		return fuse.ToStatus(err)
 	}
-	if st.Ino > inoBaseMin {
-		tlog.Warn.Printf("virtualFile.GetAttr: parent file inode number %d crosses reserved space, max=%d. Returning EOVERFLOW.",
-			st.Ino, inoBaseMin)
-		return fuse.ToStatus(syscall.EOVERFLOW)
-	}
-	st.Ino = st.Ino + f.inoBase
+	st := syscallcompat.Unix2syscall(st2)
+	q := inomap.NewQIno(uint64(st.Dev), f.inoTag, uint64(st.Ino))
+	st.Ino = f.rfs.inoMap.Translate(q)
 	st.Size = int64(len(f.content))
 	st.Mode = virtualFileMode
 	st.Nlink = 1
-	st2 := syscallcompat.Unix2syscall(st)
-	a.FromStat(&st2)
+	a.FromStat(&st)
 	return fuse.OK
 }
diff --git a/internal/inomap/inomap.go b/internal/inomap/inomap.go
index c277849..0ca43e4 100644
--- a/internal/inomap/inomap.go
+++ b/internal/inomap/inomap.go
@@ -15,6 +15,7 @@
 package inomap
 
 import (
+	"fmt"
 	"log"
 	"sync"
 	"syscall"
@@ -72,23 +73,30 @@ func (m *InoMap) spill(in QIno) (out uint64) {
 func (m *InoMap) Translate(in QIno) (out uint64) {
 	m.Lock()
 	defer m.Unlock()
+	defer func() {
+		fmt.Printf("Translate: %v -> %d\n", in, out)
+	}()
 
 	if in.Ino > maxPassthruIno {
-		return m.spill(in)
+		out = m.spill(in)
+		return out
 	}
 	ns, found := m.namespaceMap[in.namespaceData]
 	// Use existing namespace
 	if found {
-		return uint64(ns)<<48 | in.Ino
+		out = uint64(ns)<<48 | in.Ino
+		return out
 	}
 	// No free namespace slots?
 	if m.namespaceNext >= maxNamespaceId {
-		return m.spill(in)
+		out = m.spill(in)
+		return out
 	}
 	ns = m.namespaceNext
 	m.namespaceNext++
 	m.namespaceMap[in.namespaceData] = ns
-	return uint64(ns)<<48 | in.Ino
+	out = uint64(ns)<<48 | in.Ino
+	return out
 }
 
 // TranslateStat translates the inode number contained in "st" if neccessary.
diff --git a/internal/inomap/inomap_test.go b/internal/inomap/inomap_test.go
index 8efc960..78cb405 100644
--- a/internal/inomap/inomap_test.go
+++ b/internal/inomap/inomap_test.go
@@ -106,7 +106,7 @@ func TestUniqueness(t *testing.T) {
 	var q QIno
 	outMap := make(map[uint64]struct{})
 	for q.Dev = 0; q.Dev < 10; q.Dev++ {
-		for q.Flags = 0; q.Flags < 10; q.Flags++ {
+		for q.Tag = 0; q.Tag < 10; q.Tag++ {
 			// some go into spill
 			for q.Ino = maxPassthruIno - 100; q.Ino < maxPassthruIno+100; q.Ino++ {
 				out := m.Translate(q)
diff --git a/internal/inomap/qino.go b/internal/inomap/qino.go
index a74a96d..ed514e8 100644
--- a/internal/inomap/qino.go
+++ b/internal/inomap/qino.go
@@ -7,9 +7,11 @@ import (
 type namespaceData struct {
 	// Stat_t.Dev is uint64 on 32- and 64-bit Linux
 	Dev uint64
-	// Flags acts like an extension of the Dev field.
+	// Tag acts like an extension of the Dev field.
 	// It is used by reverse mode for virtual files.
-	Flags uint8
+	// Normal (forward) mode does not use it and it
+	// stays always zero there.
+	Tag uint8
 }
 
 // QIno = Qualified Inode number.
@@ -21,15 +23,21 @@ type QIno struct {
 	Ino uint64
 }
 
-// QInoFromStat fills a new QIno struct with the passed Stat_t info.
-func QInoFromStat(st *syscall.Stat_t) QIno {
+// NewQIno returns a filled QIno struct
+func NewQIno(dev uint64, tag uint8, ino uint64) QIno {
 	return QIno{
 		namespaceData: namespaceData{
-			// There are some architectures that use 32-bit values here
-			// (darwin, freebsd-32, maybe others). Add an explicit cast to make
-			// this function work everywhere.
-			Dev: uint64(st.Dev),
+			Dev: dev,
+			Tag: tag,
 		},
-		Ino: uint64(st.Ino),
+		Ino: ino,
 	}
 }
+
+// QInoFromStat fills a new QIno struct with the passed Stat_t info.
+func QInoFromStat(st *syscall.Stat_t) QIno {
+	// There are some architectures that use 32-bit values here
+	// (darwin, freebsd-32, maybe others). Add an explicit cast to make
+	// this function work everywhere.
+	return NewQIno(uint64(st.Dev), 0, uint64(st.Ino))
+}