aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-03-27package-static.bash: add gocryptfs-xray to tarballJakob Unterwurzacher
Requested here https://github.com/rfjakob/gocryptfs/issues/558 and here https://github.com/rfjakob/gocryptfs/issues/496 Closes https://github.com/rfjakob/gocryptfs/issues/496
2021-03-27gocrypts-xray: add -version flagJakob Unterwurzacher
2021-03-27Delete obsolete script package.bashJakob Unterwurzacher
I only use package-static.bash nowadays.
2021-03-26README: fix compile instructions for Go 1.13+Jakob Unterwurzacher
"go get -d" does not download to GOPATH/src anymore: https://github.com/golang/go/issues/31529 Use explicit "git clone" to the current directory as suggested in https://github.com/golang/go/issues/31529#issuecomment-484920157 . Fixes https://github.com/rfjakob/gocryptfs/issues/553
2021-03-21Add tests/sharedstorageJakob Unterwurzacher
Towards better test coverage of shared backing storage mounts. https://github.com/rfjakob/gocryptfs/issues/525
2021-03-21test_helpers: VerifySize: don't complain about ino mismatchJakob Unterwurzacher
The inode number is not stable with `-sharedstorage`. Ignore it. Failure was like this: --- FAIL: TestFallocate (0.02s) helpers.go:229: Stat vs Fstat mismatch: st= {59 11543 1 33188 1026 1026 0 0 0 4096 8 {1616315569 838232716} {1616315569 838232716} {1616315569 838232716} [0 0 0]} st2={59 11545 1 33188 1026 1026 0 0 0 4096 8 {1616315569 838232716} {1616315569 838232716} {1616315569 838232716} [0 0 0]}
2021-03-21fusefronted: move Create() and Open() to new fileJakob Unterwurzacher
And deduplicate the code a little.
2021-03-21fusefrontend: -sharedstorage: fix TestRmwRace failureJakob Unterwurzacher
The Open() and Create() paths used different inode numbers, which broke openfiletable locking against concurred readers.
2021-03-20tests: matrix: add -sharestorage to test matrixJakob Unterwurzacher
Currently fails like this: === RUN TestRmwRace doRead 0: corrupt block #0: cipher: message authentication failed -wpanic turns this warning into a panic: doRead 0: corrupt block #0: cipher: message authentication failed panic: -wpanic turns this warning into a panic: doRead 0: corrupt block #0: cipher: message authentication failed goroutine 1293 [running]: log.(*Logger).Panic(0xc00011c230, 0xc0003b17c8, 0x1, 0x1) log/log.go:224 +0xac github.com/rfjakob/gocryptfs/internal/tlog.(*toggledLogger).Printf(0xc00007a780, 0x55a821a766a1, 0x20, 0xc0003b19f0, 0x3, 0x3) github.com/rfjakob/gocryptfs/internal/tlog/log.go:78 +0x1ef github.com/rfjakob/gocryptfs/internal/fusefrontend.(*File).doRead(0xc0001ff420, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x1, 0xc000880000, 0x1020) github.com/rfjakob/gocryptfs/internal/fusefrontend/file.go:201 +0x8c9 github.com/rfjakob/gocryptfs/internal/fusefrontend.(*File).doWrite(0xc0001ff420, 0xc000248428, 0x10, 0x30, 0xff0, 0x3, 0x18) github.com/rfjakob/gocryptfs/internal/fusefrontend/file.go:291 +0xc9e github.com/rfjakob/gocryptfs/internal/fusefrontend.(*File).Write(0xc0001ff420, 0x55a821b306a0, 0xc000fbde90, 0xc000248428, 0x10, 0x30, 0xff0, 0x7f4a00000000, 0x0) github.com/rfjakob/gocryptfs/internal/fusefrontend/file.go:378 +0x25e github.com/hanwen/go-fuse/v2/fs.(*rawBridge).Write(0xc000168140, 0xc000096000, 0xc0002483d8, 0xc000248428, 0x10, 0x30, 0x55a821ad40e0) github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fs/bridge.go:819 +0x26d github.com/hanwen/go-fuse/v2/fuse.doWrite(0xc000170160, 0xc000248240) github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fuse/opcode.go:191 +0x6f github.com/hanwen/go-fuse/v2/fuse.(*Server).handleRequest(0xc000170160, 0xc000248240, 0xc000000000) github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fuse/server.go:472 +0x2be github.com/hanwen/go-fuse/v2/fuse.(*Server).loop(0xc000170160, 0xc000cd4101) github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fuse/server.go:445 +0x198 created by github.com/hanwen/go-fuse/v2/fuse.(*Server).readRequest github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fuse/server.go:312 +0x41d matrix_test.go:354: Write failed
2021-03-20tests: MountOrFatal creates mnt dir itselfJakob Unterwurzacher
Allows to drop a few Mkdir()s.
2021-03-14syscallcompat: getdents: link to #483Jakob Unterwurzacher
Give a user receiving the Getdents warning some background info.
2021-03-12tests: add TestDiskFullJakob Unterwurzacher
Also fix incomplete uid restoration in TestSupplementaryGroups and replace syscall.Setregid and friends with unix.Setregid and friends. This test is added to check if have problems handling a full disk. The ticket https://github.com/rfjakob/gocryptfs/issues/550 states that the full disk was not where the backing gocryptfs filesystem was, but this has no effect on gocryptfs, so we test the harder case.
2021-03-12Makefile: root_test: don't run test when compile failsJakob Unterwurzacher
2021-03-07v2api: -sharestorage: disable hard link tracking & add testsJakob Unterwurzacher
Hard link tracking was not correctly disabled since the migration to the go-fuse v2 api. Add a test to ensure it stays off. Fixes https://github.com/rfjakob/gocryptfs/issues/525
2021-02-07fusefrontend: do not encrypt ACLsJakob Unterwurzacher
Pass through system.posix_acl_access and system.posix_acl_default unencrypted to fix "cp -a" problems. "cp -a" uses "setxattr" even to set normal permissions, see https://www.spinics.net/lists/linux-nfs/msg63986.html . Fixes https://github.com/rfjakob/gocryptfs/issues/543
2021-02-07tests/xattr: fix acl blobJakob Unterwurzacher
The blob was truncated to 31 bytes.
2021-02-07README: warn about incomplete ACL supportJakob Unterwurzacher
https://github.com/rfjakob/gocryptfs/issues/543 https://github.com/rfjakob/gocryptfs/issues/542 https://github.com/rfjakob/gocryptfs/issues/453
2021-02-06README: mention MacFUSE v4.x supportJakob Unterwurzacher
https://github.com/rfjakob/gocryptfs/issues/544
2021-02-06syscallcompat: MknodatUser: work around changed syscall.Setgroups semanticsJakob Unterwurzacher
Since go1.16beta1 (commit d1b1145cace8b968307f9311ff611e4bb810710c , https://go-review.googlesource.com/c/go/+/210639 ) syscall.{Setgroups,Setregid,Setreuid} affects all threads, which is exactly what we not want. We now use unix.{Setgroups,Setregid,Setreuid} instead. Workarounds https://github.com/golang/go/issues/1435 .
2021-01-31README: note Trezor removalJakob Unterwurzacher
Adding support for Trezor was listed, but removal was not, causing confusion. Closes https://github.com/rfjakob/gocryptfs/pull/534
2021-01-31go.mod: update go-fuse to latest masterJakob Unterwurzacher
We need https://github.com/hanwen/go-fuse/commit/09a3c381714cf1011fb2d08885f29896cd496a0c fuse: support the new macFUSE mount protocol so mounting on MacFuse 4.x works. Updated using go get github.com/hanwen/go-fuse/v2@master . Fixes https://github.com/rfjakob/gocryptfs/issues/524
2021-01-10nametransform: make `gocryptfs.diriv` and `gocryptfs.xxx.name` files ↵Jakob Unterwurzacher
world-readable Make `gocryptfs.diriv` and `gocryptfs.xxx.name` files world-readable to make encrypted backups easier when mounting via fstab. Having the files follow chmod/chown of their parent does not seem to be worth the hassle. The content of the diriv files is not secret, and both diriv and name files are protected by the perms of the parent dir. Fixes https://github.com/rfjakob/gocryptfs/issues/539
2021-01-10MANPAGE: add sub-headers to EXAMPLESJakob Unterwurzacher
Makes linking to them easier.
2021-01-10nametransform: move permission constants to perms.goJakob Unterwurzacher
Prep for https://github.com/rfjakob/gocryptfs/issues/539
2021-01-02-idle: don't lazy-unmountJakob Unterwurzacher
When a process has its working dir inside the mount, the only way we notice is that we get EBUSY when trying to unmount. We used to lazy-unmount in this case, but this means pulling the rug from under the process. For example, bash will start throwing cd: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory messages. Fixes https://github.com/rfjakob/gocryptfs/issues/533
2020-12-20main: add "-kernel_cache" flaggmd20
This option is similar to fuse(8) kernel_cache Verified using vmtouch. Without -kernel_cache: $ dd if=/dev/zero of=foo bs=1M count=10 ; vmtouch -t foo ; vmtouch foo 10+0 records in 10+0 records out 10485760 bytes (10 MB, 10 MiB) copied, 0,0242321 s, 433 MB/s Files: 1 Directories: 0 Touched Pages: 2560 (10M) Elapsed: 0.011159 seconds Files: 1 Directories: 0 Resident Pages: 0/2560 0/10M 0% Elapsed: 0.000993 seconds With -kernel_cache: $ dd if=/dev/zero of=foo bs=1M count=10 ; vmtouch -t foo ; vmtouch foo 10+0 records in 10+0 records out 10485760 bytes (10 MB, 10 MiB) copied, 0,0244015 s, 430 MB/s Files: 1 Directories: 0 Touched Pages: 2560 (10M) Elapsed: 0.011564 seconds Files: 1 Directories: 0 Resident Pages: 2560/2560 10M/10M 100% Elapsed: 0.000369 seconds
2020-11-14MANPAGE: add fstab exampleJakob Unterwurzacher
https://github.com/rfjakob/gocryptfs/issues/497
2020-11-14MANPAGE: add -info example outputJakob Unterwurzacher
2020-11-14MANPAGE: split up OPTIONS into action flags, init, mount, commonJakob Unterwurzacher
Fixes https://github.com/rfjakob/gocryptfs/issues/517
2020-11-14MANPAGE: clarify -fg and syslog interactionJakob Unterwurzacher
The flag -fg does NOT imply -nosyslog. Syslog redirection is active when -notifypid is passed.
2020-11-14Update Changelog for v2.0-beta2v2.0-beta2Jakob Unterwurzacher
2020-11-10fusefrontend_reverse: fix GETATTR panicJakob Unterwurzacher
We don't implement Getattr(), so don't try to call it. Reported at https://github.com/rfjakob/gocryptfs/issues/519#issuecomment-718790790 : 15:22:53.414101 rx 3344: READ n2565 {Fh 7 [42143744 +131072) L 0 RDONLY,0x8000} 15:22:53.414274 rx 3342: READ n2565 {Fh 7 [42012672 +131072) L 0 RDONLY,0x8000} 15:22:53.414787 rx 3346: READ n2565 {Fh 7 [42274816 +131072) L 0 RDONLY,0x8000} 15:22:53.414806 tx 3336: OK, 131072b data "\xcb\xd3<\"!-\xa7\xc4"... 15:22:53.414874 rx 3348: GETATTR n1446 {Fh 0} panic: interface conversion: *fusefrontend_reverse.File is not fs.FileGetattrer: missing method Getattr goroutine 451 [running]: github.com/rfjakob/gocryptfs/internal/fusefrontend_reverse.(*Node).Getattr(0xc00034c880, 0x5620579784c0, 0xc000593e60, 0x562057939800, 0xc000218050, 0xc0000fc108, 0x0) github.com/rfjakob/gocryptfs/internal/fusefrontend_reverse/node.go:69 +0x273 github.com/hanwen/go-fuse/v2/fs.(*rawBridge).getattr(0xc00011e000, 0x5620579784c0, 0xc000593e60, 0xc00034c880, 0x562057939800, 0xc000218050, 0xc0000fc108, 0xbfded1ef58ba7b13) github.com/hanwen/go-fuse/v2@v2.0.4-0.20200908172753-0b6cbc515082/fs/bridge.go:500 +0x2d4 github.com/hanwen/go-fuse/v2/fs.(*rawBridge).GetAttr(0xc00011e000, 0xc0000e0000, 0xc0000fc198, 0xc0000fc108, 0x0) github.com/hanwen/go-fuse/v2@v2.0.4-0.20200908172753-0b6cbc515082/fs/bridge.go:488 +0x11c github.com/hanwen/go-fuse/v2/fuse.doGetAttr(0xc000120000, 0xc0000fc000) github.com/hanwen/go-fuse/v2@v2.0.4-0.20200908172753-0b6cbc515082/fuse/opcode.go:287 +0x6f github.com/hanwen/go-fuse/v2/fuse.(*Server).handleRequest(0xc000120000, 0xc0000fc000, 0xc000000000) github.com/hanwen/go-fuse/v2@v2.0.4-0.20200908172753-0b6cbc515082/fuse/server.go:472 +0x2c1 github.com/hanwen/go-fuse/v2/fuse.(*Server).loop(0xc000120000, 0xc000288001) github.com/hanwen/go-fuse/v2@v2.0.4-0.20200908172753-0b6cbc515082/fuse/server.go:445 +0x18c created by github.com/hanwen/go-fuse/v2/fuse.(*Server).readRequest github.com/hanwen/go-fuse/v2@v2.0.4-0.20200908172753-0b6cbc515082/fuse/server.go:312 +0x419
2020-11-10performance.txt: add v2.0-beta1-9 resultsJakob Unterwurzacher
2020-11-10go.mod: switch back to mainline go-fuseJakob Unterwurzacher
https://review.gerrithub.io/c/hanwen/go-fuse/+/503508 was merged as https://github.com/hanwen/go-fuse/commit/1d0096e57910b8277fd8862b5f0932c04d41857b so we don't need our fork anymore.
2020-10-22README: add link to gocryptfs-inspectJakob Unterwurzacher
This is *very* hard to find. https://github.com/rfjakob/gocryptfs/issues/152
2020-10-19Drop two more generated filesJakob Unterwurzacher
These were committed by mistake.
2020-10-19Drop generated filesJakob Unterwurzacher
These were committed by mistake.
2020-10-18fusefronted: reject GETXATTR "security.capability"Jakob Unterwurzacher
Unless we are mounted with -suid, we can reject these requests, and gain back some lost speed. Closes https://github.com/rfjakob/gocryptfs/issues/515
2020-10-18syscallcompat: add getxattr fastpathsJakob Unterwurzacher
The allocations from Lgetxattr were #1 in the tar extract allocation profile (caused by security.capability lookups). No more! $ benchstat old.txt new.txt name old time/op new time/op delta Lgetxattr-4 15.2µs ± 0% 1.8µs ± 0% ~ (p=1.000 n=1+1) $ ./benchmark.bash Testing gocryptfs at /tmp/benchmark.bash.H8p: gocryptfs v2.0-beta1-4-g95ea738-dirty; go-fuse v2.0.4-0.20200908172753-0b6cbc515082 => github.com/rfjakob/go-fuse/v2 v2.0.4-0.20201015204057-88b12c99f8af; 2020-10-18 go1.15.3 linux/amd64 /tmp/benchmark.bash.H8p.mnt is a mountpoint WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 0,520109 s, 504 MB/s READ: 262144000 bytes (262 MB, 250 MiB) copied, 0,255672 s, 1,0 GB/s UNTAR: 30,238 MD5: 12,721 LS: 10,038 RM: 16,536
2020-10-17fsck: make sure we unmount in all casesJakob Unterwurzacher
2020-10-16syscallcompat: add Lgetxattr benchmarkJakob Unterwurzacher
2020-10-16performance.txt: add gocryptfs v1.8.0 resultsJakob Unterwurzacher
2020-10-16Update performance.txt with gocryptfs v2.0-beta1 resultJakob Unterwurzacher
As expected, we are slow. Fd caching will be implemented later.
2020-10-15Update README for v2.0-beta1v2.0-beta1Jakob Unterwurzacher
2020-10-15v2pai: delete fusefrontend_reverse_v1apiJakob Unterwurzacher
Served its mission a copy-paste source but can now be deleted.
2020-10-15go.mod: temporarily switch to patched go-fuse forkJakob Unterwurzacher
Use our fork until https://review.gerrithub.io/c/hanwen/go-fuse/+/503508 gets merged. Command used was: go mod edit -replace github.com/hanwen/go-fuse/v2=github.com/rfjakob/go-fuse/v2@knodes_upstreaming_v3
2020-10-15contrib: cleanup-tmp-mounts: also clean ext4-ramdiskJakob Unterwurzacher
2020-10-14main: show microseconds in go-fuse logsJakob Unterwurzacher
Suppress the date but show microseconds in fuse debug logs (-fusedebug) and go-fuse warnings.
2020-10-14syscallcompat: don't retry Close()Jakob Unterwurzacher
After Close() returns, the fd is dead, even if we received EINTR. Don't retry, we could shoot down an unrelated fd that received the same fd number.
2020-10-14syscallcompat: retry ops on EINTRJakob Unterwurzacher
Retry operations that have been shown to throw EINTR errors on CIFS. Todo: Solution for this pain in the back: warning: unix.Getdents returned errno 2 in the middle of data rm: cannot remove 'linux-3.0.old3/Documentation/ABI/removed': Input/output error Progress towards fixing https://github.com/rfjakob/gocryptfs/issues/483 .