diff options
Diffstat (limited to 'internal')
-rw-r--r-- | internal/fusefrontend_reverse/node.go | 19 | ||||
-rw-r--r-- | internal/fusefrontend_reverse/node_helpers.go | 26 | ||||
-rw-r--r-- | internal/fusefrontend_reverse/root_node.go | 24 | ||||
-rw-r--r-- | internal/fusefrontend_reverse/virtualnode.go | 11 | ||||
-rw-r--r-- | internal/generation_num/generation_num.go | 11 | ||||
-rw-r--r-- | internal/inomap/inomap.go | 41 | ||||
-rw-r--r-- | internal/inomap/inomap_test.go | 13 | ||||
-rw-r--r-- | internal/speed/speed.go | 6 | ||||
-rw-r--r-- | internal/stupidgcm/cipher_suites.go | 28 | ||||
-rw-r--r-- | internal/stupidgcm/prefer.go | 14 | ||||
-rw-r--r-- | internal/syscallcompat/sys_common.go | 5 |
11 files changed, 143 insertions, 55 deletions
diff --git a/internal/fusefrontend_reverse/node.go b/internal/fusefrontend_reverse/node.go index 170410f..22ad975 100644 --- a/internal/fusefrontend_reverse/node.go +++ b/internal/fusefrontend_reverse/node.go @@ -68,6 +68,25 @@ func (n *Node) Lookup(ctx context.Context, cName string, out *fuse.EntryOut) (ch if t == typeReal { n.translateSize(d.dirfd, cName, d.pName, &out.Attr) } + + // Usually we always create a new Node ID by always incrementing the generation + // number. + // + // If we already have a child node that matches what we found on disk* + // (as reflected in `ch`), return it here. + // + // This keeps the Node ID for each directory entry stable + // (until forgotten), preventing extra FORGETs from the kernel. + // + // *We compare `cName`, `Ino`, `Mode` (but not `Gen`!) + old := n.Inode.GetChild(cName) + if old != nil && + old.StableAttr().Ino == ch.StableAttr().Ino && + // `Mode` has already been masked with syscall.S_IFMT by n.newChild() + old.StableAttr().Mode == ch.StableAttr().Mode { + return old, 0 + } + return ch, 0 } diff --git a/internal/fusefrontend_reverse/node_helpers.go b/internal/fusefrontend_reverse/node_helpers.go index 96c3c2d..6bba097 100644 --- a/internal/fusefrontend_reverse/node_helpers.go +++ b/internal/fusefrontend_reverse/node_helpers.go @@ -91,18 +91,17 @@ func (n *Node) prepareAtSyscall(child string) (d *dirfdPlus, errno syscall.Errno // newChild attaches a new child inode to n. // The passed-in `st` will be modified to get a unique inode number. +// +// This function is not used for virtual files. See lookupLongnameName(), +// lookupDiriv() instead. func (n *Node) newChild(ctx context.Context, st *syscall.Stat_t, out *fuse.EntryOut) *fs.Inode { - isOtherFilesystem := (uint64(st.Dev) != n.rootNode().rootDev) - // Get unique inode number rn := n.rootNode() + isOtherFilesystem := (uint64(st.Dev) != rn.rootDev) + // Get unique inode number rn.inoMap.TranslateStat(st) out.Attr.FromStat(st) // Create child node - id := fs.StableAttr{ - Mode: uint32(st.Mode), - Gen: 1, - Ino: st.Ino, - } + id := rn.uniqueStableAttr(uint32(st.Mode), st.Ino) node := &Node{ isOtherFilesystem: isOtherFilesystem, } @@ -153,7 +152,7 @@ func (n *Node) lookupLongnameName(ctx context.Context, nameFile string, out *fus } out.Attr = vf.attr // Create child node - id := fs.StableAttr{Mode: uint32(vf.attr.Mode), Gen: 1, Ino: vf.attr.Ino} + id := rn.uniqueStableAttr(uint32(vf.attr.Mode), vf.attr.Ino) ch = n.NewInode(ctx, vf, id) return @@ -161,7 +160,8 @@ func (n *Node) lookupLongnameName(ctx context.Context, nameFile string, out *fus // lookupDiriv returns a new Inode for a gocryptfs.diriv file inside `n`. func (n *Node) lookupDiriv(ctx context.Context, out *fuse.EntryOut) (ch *fs.Inode, errno syscall.Errno) { - if rn := n.rootNode(); rn.args.DeterministicNames { + rn := n.rootNode() + if rn.args.DeterministicNames { log.Panic("BUG: lookupDiriv called but DeterministicNames is set") } @@ -183,7 +183,7 @@ func (n *Node) lookupDiriv(ctx context.Context, out *fuse.EntryOut) (ch *fs.Inod } out.Attr = vf.attr // Create child node - id := fs.StableAttr{Mode: uint32(vf.attr.Mode), Gen: 1, Ino: vf.attr.Ino} + id := rn.uniqueStableAttr(uint32(vf.attr.Mode), vf.attr.Ino) ch = n.NewInode(ctx, vf, id) return } @@ -202,11 +202,7 @@ func (n *Node) lookupConf(ctx context.Context, out *fuse.EntryOut) (ch *fs.Inode rn.inoMap.TranslateStat(&st) out.Attr.FromStat(&st) // Create child node - id := fs.StableAttr{ - Mode: uint32(st.Mode), - Gen: 1, - Ino: st.Ino, - } + id := rn.uniqueStableAttr(uint32(st.Mode), st.Ino) node := &VirtualConfNode{path: p} ch = n.NewInode(ctx, node, id) return diff --git a/internal/fusefrontend_reverse/root_node.go b/internal/fusefrontend_reverse/root_node.go index 8a2afd9..1a68ffd 100644 --- a/internal/fusefrontend_reverse/root_node.go +++ b/internal/fusefrontend_reverse/root_node.go @@ -5,6 +5,7 @@ import ( "os" "path/filepath" "strings" + "sync/atomic" "syscall" "github.com/rfjakob/gocryptfs/v2/internal/exitcodes" @@ -45,6 +46,13 @@ type RootNode struct { // If a file name length is shorter than shortNameMax, there is no need to // hash it. shortNameMax int + // gen is the node generation number. Normally, it is always set to 1, + // but reverse mode, like -sharestorage, uses an incrementing counter for new nodes. + // This makes each directory entry unique (even hard links), + // makes go-fuse hand out separate FUSE Node IDs for each, and prevents + // bizarre problems when inode numbers are reused behind our back, + // like this one: https://github.com/rfjakob/gocryptfs/issues/802 + gen uint64 } // NewRootNode returns an encrypted FUSE overlay filesystem. @@ -149,3 +157,19 @@ func (rn *RootNode) excludeDirEntries(d *dirfdPlus, entries []fuse.DirEntry) (fi } return filtered } + +// uniqueStableAttr returns a fs.StableAttr struct with a unique generation number, +// preventing files to appear hard-linked, even when they have the same inode number. +// +// This is good because inode numbers can be reused behind our back, which could make +// unrelated files appear hard-linked. +// Example: https://github.com/rfjakob/gocryptfs/issues/802 +func (rn *RootNode) uniqueStableAttr(mode uint32, ino uint64) fs.StableAttr { + return fs.StableAttr{ + Mode: mode, + Ino: ino, + // Make each directory entry a unique node by using a unique generation + // value. Also see the comment at RootNode.gen for details. + Gen: atomic.AddUint64(&rn.gen, 1), + } +} diff --git a/internal/fusefrontend_reverse/virtualnode.go b/internal/fusefrontend_reverse/virtualnode.go index 688f536..922cfa7 100644 --- a/internal/fusefrontend_reverse/virtualnode.go +++ b/internal/fusefrontend_reverse/virtualnode.go @@ -86,8 +86,15 @@ func (n *Node) newVirtualMemNode(content []byte, parentStat *syscall.Stat_t, ino // Adjust inode number and size rn := n.rootNode() st := parentStat - q := inomap.NewQIno(uint64(st.Dev), inoTag, uint64(st.Ino)) - st.Ino = rn.inoMap.Translate(q) + if inoTag == inoTagNameFile { + // No stable mapping for gocryptfs.longname.*.name files, instead use an + // incrementing counter. We don't want two of those files to ever have the + // same inode number, even for hard-linked files. + st.Ino = rn.inoMap.NextSpillIno() + } else { + q := inomap.NewQIno(uint64(st.Dev), inoTag, uint64(st.Ino)) + st.Ino = rn.inoMap.Translate(q) + } st.Size = int64(len(content)) st.Mode = virtualFileMode st.Nlink = 1 diff --git a/internal/generation_num/generation_num.go b/internal/generation_num/generation_num.go deleted file mode 100644 index 298db14..0000000 --- a/internal/generation_num/generation_num.go +++ /dev/null @@ -1,11 +0,0 @@ -package generation_num - -import ( - "sync/atomic" -) - -var gen uint64 - -func Next() uint64 { - return atomic.AddUint64(&gen, 1) -} diff --git a/internal/inomap/inomap.go b/internal/inomap/inomap.go index 0f7ade3..b4dbf27 100644 --- a/internal/inomap/inomap.go +++ b/internal/inomap/inomap.go @@ -3,8 +3,8 @@ // // Format of the returned inode numbers: // -// [spill bit = 0][15 bit namespace id][48 bit passthru inode number] -// [spill bit = 1][63 bit spill inode number ] +// [spill bit = 0][15 bit namespace id][48 bit passthru inode number] = 64 bit translated inode number +// [spill bit = 1][63 bit counter ] = 64 bit spill inode number // // Each (Dev, Tag) tuple gets a namespace id assigned. The original inode // number is then passed through in the lower 48 bits. @@ -16,7 +16,9 @@ package inomap import ( "log" + "math" "sync" + "sync/atomic" "syscall" "github.com/rfjakob/gocryptfs/v2/internal/tlog" @@ -27,10 +29,8 @@ const ( maxNamespaceId = 1<<15 - 1 // max value of 48 bit passthru inode number maxPassthruIno = 1<<48 - 1 - // max value of 63 bit spill inode number - maxSpillIno = 1<<63 - 1 - // bit 63 is used as the spill bit - spillBit = 1 << 63 + // the spill inode number space starts at 0b10000...0. + spillSpaceStart = 1 << 63 ) // InoMap stores the maps using for inode number translation. @@ -57,7 +57,7 @@ func New(rootDev uint64) *InoMap { namespaceMap: make(map[namespaceData]uint16), namespaceNext: 0, spillMap: make(map[QIno]uint64), - spillNext: 0, + spillNext: spillSpaceStart, } if rootDev > 0 { // Reserve namespace 0 for rootDev @@ -69,23 +69,32 @@ func New(rootDev uint64) *InoMap { var spillWarn sync.Once +// NextSpillIno returns a fresh inode number from the spill pool without adding it to +// spillMap. +// Reverse mode NextSpillIno() for gocryptfs.longname.*.name files where a stable +// mapping is not needed. +func (m *InoMap) NextSpillIno() (out uint64) { + if m.spillNext == math.MaxUint64 { + log.Panicf("spillMap overflow: spillNext = 0x%x", m.spillNext) + } + return atomic.AddUint64(&m.spillNext, 1) - 1 +} + func (m *InoMap) spill(in QIno) (out uint64) { - spillWarn.Do(func() { tlog.Warn.Printf("InoMap: opening spillMap for %v", in) }) + spillWarn.Do(func() { tlog.Warn.Printf("InoMap: opening spillMap for %#v", in) }) out, found := m.spillMap[in] if found { - return out | spillBit - } - if m.spillNext >= maxSpillIno { - log.Panicf("spillMap overflow: spillNext = 0x%x", m.spillNext) + return out } - out = m.spillNext - m.spillNext++ + + out = m.NextSpillIno() m.spillMap[in] = out - return out | spillBit + + return out } -// Translate maps the passed-in (device, inode) pair to a unique inode number. +// Translate maps the passed-in (device, tag, inode) tuple to a unique inode number. func (m *InoMap) Translate(in QIno) (out uint64) { m.Lock() defer m.Unlock() diff --git a/internal/inomap/inomap_test.go b/internal/inomap/inomap_test.go index 9ec2932..ce5b880 100644 --- a/internal/inomap/inomap_test.go +++ b/internal/inomap/inomap_test.go @@ -5,6 +5,11 @@ import ( "testing" ) +const ( + // bit 63 is used as the spill bit + spillBit = 1 << 63 +) + func TestTranslate(t *testing.T) { m := New(0) q := QIno{Ino: 1} @@ -102,6 +107,9 @@ func TestSpill(t *testing.T) { if out1&spillBit == 0 { t.Error("spill bit not set") } + if out1 != spillSpaceStart { + t.Errorf("unexpected first spill inode number %d", out1) + } out2 := m.Translate(q) if out2&spillBit == 0 { t.Error("spill bit not set") @@ -109,6 +117,11 @@ func TestSpill(t *testing.T) { if out1 != out2 { t.Errorf("unstable mapping: %d vs %d", out1, out2) } + q.Ino = maxPassthruIno + 2 + out3 := m.Translate(q) + if out3 != out1+1 { + t.Errorf("unexpected 2nd spill inode number %d", out1) + } } // TestUniqueness checks that unique (Dev, Flags, Ino) tuples get unique inode diff --git a/internal/speed/speed.go b/internal/speed/speed.go index a361cf5..d6fa12e 100644 --- a/internal/speed/speed.go +++ b/internal/speed/speed.go @@ -31,9 +31,9 @@ func Run() { if cpu == "" { cpu = "unknown" } - aes := "; no AES acceleration" - if stupidgcm.CpuHasAES() { - aes = "; with AES acceleration" + aes := "; no AES-GCM acceleration" + if stupidgcm.HasAESGCMHardwareSupport() { + aes = "; with AES-GCM acceleration" } fmt.Printf("cpu: %s%s\n", cpu, aes) diff --git a/internal/stupidgcm/cipher_suites.go b/internal/stupidgcm/cipher_suites.go new file mode 100644 index 0000000..fd032fd --- /dev/null +++ b/internal/stupidgcm/cipher_suites.go @@ -0,0 +1,28 @@ +package stupidgcm + +import ( + "runtime" + + "golang.org/x/sys/cpu" +) + +// ******** +// Carbon-copied from Go Stdlib +// https://github.com/golang/go/blob/45967bb18e04fa6dc62c2786c87ce120443c64f6/src/crypto/tls/cipher_suites.go#L367 +// ******** + +var ( + hasGCMAsmAMD64 = cpu.X86.HasAES && cpu.X86.HasPCLMULQDQ + hasGCMAsmARM64 = cpu.ARM64.HasAES && cpu.ARM64.HasPMULL + // Keep in sync with crypto/aes/cipher_s390x.go. + hasGCMAsmS390X = cpu.S390X.HasAES && cpu.S390X.HasAESCBC && cpu.S390X.HasAESCTR && + (cpu.S390X.HasGHASH || cpu.S390X.HasAESGCM) + + hasAESGCMHardwareSupport = runtime.GOARCH == "amd64" && hasGCMAsmAMD64 || + runtime.GOARCH == "arm64" && hasGCMAsmARM64 || + runtime.GOARCH == "s390x" && hasGCMAsmS390X +) + +// ******** +// End carbon-copy +// ******** diff --git a/internal/stupidgcm/prefer.go b/internal/stupidgcm/prefer.go index e3f52d4..6a8cf77 100644 --- a/internal/stupidgcm/prefer.go +++ b/internal/stupidgcm/prefer.go @@ -2,8 +2,6 @@ package stupidgcm import ( "runtime" - - "golang.org/x/sys/cpu" ) // PreferOpenSSLAES256GCM tells us if OpenSSL AES-256-GCM is faster than Go stdlib @@ -22,7 +20,7 @@ func PreferOpenSSLAES256GCM() bool { return false } // If the CPU has AES acceleration, Go stdlib is faster - if CpuHasAES() { + if HasAESGCMHardwareSupport() { return false } // Otherwise OpenSSL is probably faster @@ -44,13 +42,13 @@ func PreferOpenSSLXchacha20poly1305() bool { return true } -// CpuHasAES tells you if the CPU we are running has AES acceleration that is -// usable by the Go crypto library. -func CpuHasAES() bool { - // Safe to call on other architectures - will just read false. - if cpu.X86.HasAES || cpu.ARM64.HasAES { +// HasAESGCMHardwareSupport tells you if the CPU we are running has AES-GCM +// acceleration that is usable by the Go crypto library. +func HasAESGCMHardwareSupport() bool { + if hasAESGCMHardwareSupport { return true } + // On the Apple M1, the CPU has AES acceleration, despite cpu.ARM64.HasAES // reading false: https://github.com/rfjakob/gocryptfs/issues/556#issuecomment-848079309 if runtime.GOOS == "darwin" && runtime.GOARCH == "arm64" { diff --git a/internal/syscallcompat/sys_common.go b/internal/syscallcompat/sys_common.go index 50b8180..1aa6a6e 100644 --- a/internal/syscallcompat/sys_common.go +++ b/internal/syscallcompat/sys_common.go @@ -60,6 +60,11 @@ func Openat(dirfd int, path string, flags int, mode uint32) (fd int, err error) flags |= syscall.O_NOFOLLOW } } + + // os/exec expects all fds to have O_CLOEXEC or it will leak fds to subprocesses. + // In our case, that would be logger(1), and we did leak fds to it. + flags |= syscall.O_CLOEXEC + fd, err = retryEINTR2(func() (int, error) { return unix.Openat(dirfd, path, flags, mode) }) |