aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-08-11main: purge masterkey from memory as soon as possibleJakob Unterwurzacher
Remove the "Masterkey" field from fusefrontend.Args because it should not be stored longer than neccessary. Instead pass the masterkey as a separate argument to the filesystem initializers. Then overwrite it with zeros immediately so we don't have to wait for garbage collection. Note that the crypto implementation still stores at least a masterkey-derived value, so this change makes it harder, but not impossible, to extract the encryption keys from memory. Suggested at https://github.com/rfjakob/gocryptfs/issues/137
2017-08-10tests: add diriv cache race testJakob Unterwurzacher
Passes.
2017-08-09nametransform: extend diriv cache to 100 entriesJakob Unterwurzacher
* extend the diriv cache to 100 entries * add special handling for the immutable root diriv The better cache allows to shed some complexity from the path encryption logic (parent-of-parent check). Mitigates https://github.com/rfjakob/gocryptfs/issues/127
2017-08-06nametransform: add Dir() functionJakob Unterwurzacher
Dir is like filepath.Dir but returns "" instead of ".". This was already implemented in fusefrontend_reverse as saneDir(). We will need it in nametransform for the improved diriv caching.
2017-08-06nametransform: move diriv cache into it's own packageJakob Unterwurzacher
Needs some space to grow. renamed: internal/nametransform/diriv_cache.go -> internal/nametransform/dirivcache/dirivcache.go
2017-08-06nametransform: deduplicate code to encryptAndHashName()Jakob Unterwurzacher
This operation has been done three time by identical sections of code. Create a function for it.
2017-08-02build.bash: implement "you need Go 1.5" lockout in pure GoJakob Unterwurzacher
As noticed by @riking, the logic in the bash script will break when Go 1 version numbers reach double-digits. Instead, use a build tag "!go1.5" to cause a syntax error: $ /opt/go1.4.3/bin/go build can't load package: package github.com/rfjakob/gocryptfs: go1.4.go:5:1: expected 'package', found 'STRING' "You need Go 1.5 or higher to compile gocryptfs!" Fixes https://github.com/rfjakob/gocryptfs/issues/133
2017-07-30main: save memory profile every 60 secondsJakob Unterwurzacher
...and move all profiling functionality to its own file, as the main function is already long enough. Periodically saving the memory profile allows capturing the used memory during normal operation, as opposed to on exit, where the kernel has already issued FORGETs for all inodes. This functionality has been used to create the memory profile shown in https://github.com/rfjakob/gocryptfs/issues/132 .
2017-07-29main: doMount: call FreeOSMemory() before jumping into server loopJakob Unterwurzacher
scrypt (used during masterkey decryption) allocates a lot of memory. Go only returns memory to the OS after 5 minutes, which looks like a waste. Call FreeOSMemory() to return it immediately. Looking a fresh mount: before: VmRSS: 73556 kB after: VmRSS: 8568 kB
2017-07-29fusefronted_reverse: fix ino collision between .name and .diriv filesJakob Unterwurzacher
A directory with a long name has two associated virtual files: the .name file and the .diriv files. These used to get the same inode number: $ ls -di1 * */* 33313535 gocryptfs.longname.2togDFouca9mrTwtfF1RNW5DZRAQY8alaR7wO_Xd5Zw 1000000000033313535 gocryptfs.longname.2togDFouca9mrTwtfF1RNW5DZRAQY8alaR7wO_Xd5Zw/gocryptfs.diriv 1000000000033313535 gocryptfs.longname.2togDFouca9mrTwtfF1RNW5DZRAQY8alaR7wO_Xd5Zw.name With this change we use another prefix (2 instead of 1) for .name files. $ ls -di1 * */* 33313535 gocryptfs.longname.2togDFouca9mrTwtfF1RNW5DZRAQY8alaR7wO_Xd5Zw 1000000000033313535 gocryptfs.longname.2togDFouca9mrTwtfF1RNW5DZRAQY8alaR7wO_Xd5Zw/gocryptfs.diriv 2000000000033313535 gocryptfs.longname.2togDFouca9mrTwtfF1RNW5DZRAQY8alaR7wO_Xd5Zw.name
2017-07-27fusefrontend_reverse: return ENOENT for undecryptable namesJakob Unterwurzacher
This was working until DecryptName switched to returning EBADMSG instead of EINVAL. Add a test to catch the regression next time.
2017-07-24main: redirectStdFds: keep logger from holding stdout openJakob Unterwurzacher
We passed our stdout and stderr to the new logger instance, which makes sense to see any error message, but also means that the fd is kept open even when we close it. Fixes the new TestMountBackground test and https://github.com/rfjakob/gocryptfs/issues/130 .
2017-07-24tests: check if we close stderr and stdout correctly on mountJakob Unterwurzacher
Currently fails, as reported at https://github.com/rfjakob/gocryptfs/issues/130 .
2017-07-23main: move redirectStdFds() to daemonize.goJakob Unterwurzacher
This really is a part of daemonization. No code changes.
2017-07-21tests: fsstress-gocryptfs.bash: sync up with EncFSJakob Unterwurzacher
I have added a subset of fsstress-gocryptfs.bash to EncFS as fsstress-encfs.sh, improving the code a bit. This change forward-ports these improvements to fsstress-gocryptfs.bash.
2017-07-14macos: make testing without openssl work properlyJakob Unterwurzacher
On MacOS, building and testing without openssl is much easier. The tests should skip tests that fail because of missing openssl instead of aborting. Fixes https://github.com/rfjakob/gocryptfs/issues/123
2017-07-14stupidgcm: fix openssl 1.1 build failureJakob Unterwurzacher
Fixed by including the correct header. Should work on older openssl versions as well. Error was: locking.go:21: undefined reference to `CRYPTO_set_locking_callback'
2017-07-11fusefronted: enable writing to write-only filesJakob Unterwurzacher
Due to RMW, we always need read permissions on the backing file. This is a problem if the file permissions do not allow reading (i.e. 0200 permissions). This patch works around that problem by chmod'ing the file, obtaining a fd, and chmod'ing it back. Test included. Issue reported at: https://github.com/rfjakob/gocryptfs/issues/125
2017-07-10macos: print load_osxfuse hint if fuse.NewServer failsJakob Unterwurzacher
Currently neither gocryptfs nor go-fuse automatically call load_osxfuse if the /dev/osxfuse* device(s) do not exist. At least tell the user what to do. See https://github.com/rfjakob/gocryptfs/issues/124 for user pain.
2017-07-10Specify a volname for osxfuseJeff Kriske
If I use gocryptfs cypher plain then the resulting volume should be named 'plain' just as it would be on Linux.
2017-07-02contentenc: MergeBlocks: short-circuit the trivial caseJakob Unterwurzacher
Saves 3% for the tar extract benchmark because we skip the allocation.
2017-07-02fusefrontend: doRead: skip decryption for an empty readJakob Unterwurzacher
Previously we ran through the decryption steps even for an empty ciphertext slice. The functions handle it correctly, but returning early skips all the extra calls. Speeds up the tar extract benchmark by about 4%.
2017-07-01README: update mac os x support status to "beta"Jakob Unterwurzacher
2017-07-01profiling: add tar-extract helperJakob Unterwurzacher
Extracts the linux-3.0.tar.gz tarball while capturing memory and cpu profiles.
2017-07-01Travis CI: update to latest stable Go point releasesJakob Unterwurzacher
2017-07-01main: get rid of magic "MaxWrite: 1048576" constantJakob Unterwurzacher
go-fuse caps MaxWrite at MAX_KERNEL_WRITE anyway, and we actually depend on this behavoir now as the byte pools are sized according to MAX_KERNEL_WRITE. So let's use MAX_KERNEL_WRITE explicitely.
2017-07-01Update performance.txt with new resultsJakob Unterwurzacher
Massive speed boost for streaming reads.
2017-07-01stupidgcm: add test for in-place OpenJakob Unterwurzacher
Adds a test for the optimization introduced in: stupidgcm: Open: if "dst" is big enough, use it as the output buffer
2017-06-30contentenc: add PReqPool and use it in DecryptBlocksJakob Unterwurzacher
This gets us a massive speed boost in streaming reads.
2017-06-30stupidgcm: Open: if "dst" is big enough, use it as the output bufferJakob Unterwurzacher
This means we won't need any allocation for the plaintext.
2017-06-30fusefrontend: doRead: use CReqPool for ciphertext bufferJakob Unterwurzacher
Easily saves lots of allocations.
2017-06-30fusefrontend: Read: use provided bufferJakob Unterwurzacher
This will allow us to return internal buffers to a pool.
2017-06-29Update performance.txt with new numbersJakob Unterwurzacher
2017-06-29contentenc: add safer "bPool" pool variant; add pBlockPoolJakob Unterwurzacher
bPool verifies the lengths of slices going in and out. Also, add a plaintext block pool - pBlockPool - and use it for decryption.
2017-06-29profiling: fix hardcoded path in hintJakob Unterwurzacher
2017-06-29Update performance.txt with new numbersJakob Unterwurzacher
2017-06-29stupidgcm: use "dst" as the output buffer it is big enoughJakob Unterwurzacher
This saves an allocation of the ciphertext block.
2017-06-27benchmarks: add streaming read benchmarkJakob Unterwurzacher
2017-06-24profiling: add streaming read profiling helperJakob Unterwurzacher
Reads 1GB of zeros while collecting memory and cpu profiles.
2017-06-20Update performance numbersJakob Unterwurzacher
2017-06-20contentenc: use sync.Pool memory pools for encryptionJakob Unterwurzacher
We use two levels of buffers: 1) 4kiB+overhead for each ciphertext block 2) 128kiB+overhead for each FUSE write (32 ciphertext blocks) This commit adds a sync.Pool for both levels. The memory-efficiency for small writes could be improved, as we now always use a 128kiB buffer.
2017-06-20README: update changelog for v1.4v1.4Jakob Unterwurzacher
2017-06-20MANPAGE: reorder options to match "-hh" output; add "-hkdf", "-trace"Jakob Unterwurzacher
2017-06-20build.bash: use plain "git describe" for go-fuseJakob Unterwurzacher
go-fuse recently added a git tag - let's use it.
2017-06-18profiling: add streaming-write profiling helperJakob Unterwurzacher
Writes 1GB of zeros to a gocryptfs mount while collecting cpu and memory profiles.
2017-06-18main, syscallcompat: use Dup3 instead of Dup2Jakob Unterwurzacher
Dup2 is not implemented on linux/arm64. Fixes https://github.com/rfjakob/gocryptfs/issues/121 . Also adds cross-compilation to CI.
2017-06-11Add performance numbers for v1.3-69-ge52594dJakob Unterwurzacher
2017-06-11contentenc: parallelize encryption for 128kiB writesJakob Unterwurzacher
128kiB = 32 x 4kiB pages is the maximum we get from the kernel. Splitting up smaller writes is probably not worth it. Parallelism is limited to two for now.
2017-06-11Add performance numbers for last changeJakob Unterwurzacher
Slight streaming write improvement.
2017-06-11cryptocore: prefetch nonces in the backgroundJakob Unterwurzacher
Spawn a worker goroutine that reads the next 512-byte block while the current one is being drained. This should help reduce waiting times when /dev/urandom is very slow (like on Linux 3.16 kernels).