summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2020-05-24syscallcompat: warn when Getdents truncates dataJakob Unterwurzacher
On CIFS mounts, unix.Getdents can return sudden ENOENT in the middle of data. This will not be reported as an error by user space tools, so return EIO instead. Also log it as a warning. https://github.com/rfjakob/gocryptfs/issues/483
2020-05-24contrib: add getdents_cJakob Unterwurzacher
Same thing like contrib/getdents, but written in C.
2020-05-24Add contrib/getdentsJakob Unterwurzacher
Small tool to try to debug unix.Getdents problems on CIFS mounts https://github.com/rfjakob/gocryptfs/issues/483
2020-05-24contrib/sshfs-benchmark.bash: add rmdir, mkdir, touchJakob Unterwurzacher
And also, stop using the wrong directory for sshfs git init. sshfs-benchmark.bash: sshfs gocryptfs-on-sshfs git init 4.35 7.82 rsync 7.72 11.66 rm -R 2.71 11.04 mkdir 1.33 4.15 rmdir 0.47 3.97 touch 2.32 2.85 rm 0.45 0.45
2020-05-24fusefrontend: don't always clear the dircache in RenameJakob Unterwurzacher
When filename encryption is on, we do know when we overwrite a directory, and can clear only in this case. sshfs-benchmark.bash: sshfs gocryptfs-on-sshfs git init 1.74 7.80 rsync 6.19 11.63
2020-05-24fusefrontend: don't clear dircache on MkdirJakob Unterwurzacher
Mkdir can not cause existing entries in the cache to go stale. So don't clear it. Benchmark results: sshfs-benchmark.bash: sshfs gocryptfs-on-sshfs git init 1.65 8.74 rsync 6.09 17.54
2020-05-24contrib: add sshfs-benchmark.bashJakob Unterwurzacher
Let's get some reproducible numbers for https://github.com/rfjakob/gocryptfs/issues/481 and https://github.com/rfjakob/gocryptfs/issues/410 Example run: $ ./sshfs-benchmark.bash nuetzlich.net working directory: /tmp/sshfs-benchmark.bash.vu4 sshfs mounted: nuetzlich.net:/tmp -> sshfs.mnt gocryptfs mounted: sshfs.mnt/sshfs-benchmark.bash.KM9/gocryptfs.crypt -> gocryptfs.mnt sshfs gocryptfs-on-sshfs git init 1.68 11.23 rsync 6.07 20.35
2020-05-23syscallcompat: getdents: retry on EINTRJakob Unterwurzacher
Fixes: https://github.com/rfjakob/gocryptfs/issues/483 Related: https://github.com/golang/go/issues/38836
2020-05-17dircache: increase cache size & lifetimeJakob Unterwurzacher
Looking at the dircache debug output, we see that a "git status" workload has a very bad cache hit rate because the entries expire or get evicted before they can be reused. Increase both cache size and lifetime for a 4x speedup: Before: 75s After: 17s https://github.com/rfjakob/gocryptfs/issues/410
2020-05-17dircache: improve debug messagesJakob Unterwurzacher
Before: Lookup "errno.html/1/2/3/4/5": miss Store: "errno.html/1/2/3/4/5" fd=26 iv=21be6e083d60dcabfe7368264d5082b7 Lookup "errno.html": hit 25 6d68a16d217978915036a3bd55428ae7 Lookup "errno.html/1": hit 25 932a464c299b3430c5e55c924f98ac4d Lookup "errno.html/1/2": hit 25 7d53348b1692d537f017bf86b3cf5feb Lookup "errno.html/1/2/3": hit 25 2aef1c9d1ab2b55b163215053fefe703 Lookup "errno.html/1/2/3/4": hit 25 cb802be53721c46a46247c5e4e0f4ce6 Lookup "errno.html/1/2/3/4": hit 25 cb802be53721c46a46247c5e4e0f4ce6 Lookup "errno.html": hit 25 6d68a16d217978915036a3bd55428ae7 After: Lookup "earlyoom/.git/refs" hit fd=10 dup=17 iv=6ae2cecd269a25e8d946aff6afe9b8b8 Lookup "earlyoom/.git/refs/remotes" hit fd=19 dup=17 iv=f04c2d2a5bcc33ebdeaca664859c980d Lookup "earlyoom/.git/refs/remotes/origin" miss Store "earlyoom/.git/refs/remotes/origin" fd=17 iv=834a64a1697c9f5705455ba6dbed22b5 Lookup "earlyoom" hit fd=7 dup=25 iv=2303a892d6e2357c483574a8070b7679 Lookup "earlyoom/.git" hit fd=11 dup=25 iv=d43ca4aff23720c57789c9f62f0aee00 Lookup "earlyoom/.git" hit fd=11 dup=25 iv=d43ca4aff23720c57789c9f62f0aee00 Lookup "earlyoom/.git/refs" hit fd=10 dup=25 iv=6ae2cecd269a25e8d946aff6afe9b8b8 Lookup "earlyoom/.git/refs/heads" hit fd=13 dup=25 iv=f9245e7c066b9adc768a1a666da9fbc8
2020-05-17Update changelogJakob Unterwurzacher
2020-05-17main: accept multiple -passfile optionsJakob Unterwurzacher
Each file will be read and then concatenated for the effictive password. This can be used as a kind of multi-factor authenticiton. Fixes https://github.com/rfjakob/gocryptfs/issues/288
2020-05-17go mod tidyJakob Unterwurzacher
The go-fuse v1 dependency is spurious. Will be fixed by https://github.com/hanwen/go-fuse/pull/360
2020-05-17Update go-fuse import path to github.com/hanwen/go-fuse/v2Jakob Unterwurzacher
We need https://github.com/hanwen/go-fuse/commit/fd7328faf9fdf75709f7ba7df7072aaf4eeb18b3 to fix a crash reported in https://github.com/rfjakob/gocryptfs/issues/430 : 2019/10/30 17:14:16 Unknown opcode 2016 panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x508d38] This patch is only in the v2.x.x branch. Upgrade to v2, as the old API is also supported there. Running git grep hanwen/go-fuse | grep -v hanwen/go-fuse/v2 to check for forgotten references comes back clean.
2020-05-10Fix spelling mistakes found by misspellJakob Unterwurzacher
https://github.com/client9/misspell
2020-05-10contrib: delete ctlsock-encrypt.bashJakob Unterwurzacher
Closes https://github.com/rfjakob/gocryptfs/issues/416
2020-05-10gocryptfs-xray: document -encrypt-paths / -decrypt-pathsJakob Unterwurzacher
2020-05-10gocryptfs-xray: add -0 flag, add testsJakob Unterwurzacher
The -0 flags works like xargs -0.
2020-05-09main: add "go doc" package commentJakob Unterwurzacher
Should show up on https://pkg.go.dev/github.com/rfjakob/gocryptfs?tab=doc which currently reads "No documentation available for this package!"
2020-05-09gocryptfs-xray: integrate ctlsock path encryption/decryptionJakob Unterwurzacher
Implementation seems to work ok, but is missing tests and documentation for now. I will only delete ctlsock-encrypt.bash when both are done. https://github.com/rfjakob/gocryptfs/issues/416
2020-05-09test_helpers: use new ctlsock.CtlSock APIJakob Unterwurzacher
2020-05-09ctlsock: add CtlSock APIJakob Unterwurzacher
2020-05-09test_helper: kill lsof after 1 secondJakob Unterwurzacher
lsof may get stuck when gocryptfs itself is stuck.
2020-05-09ctlsock: create exported ctlsock client libraryJakob Unterwurzacher
The former interal ctlsock server package is renamed to ctlsocksrv.
2020-05-09tests: add TestPasswdMasterkeyStdinJakob Unterwurzacher
Tests that `gocryptfs -passwd -masterkey=stdin` works. This was fixed by ff04b1d83ab1201. Fixes https://github.com/rfjakob/gocryptfs/issues/461
2020-05-09main: untangle `-masterkey` handling and config loadingJakob Unterwurzacher
This was handled both in getMasterKey(). Split it apart.
2020-05-09main: rename parseMasterKey() -> unhexMasterKey()Jakob Unterwurzacher
Make it clear that function does NOT parse the "-masterkey" command line argument, it just unhexes the payload.
2020-05-09tests: use t.Name()Jakob Unterwurzacher
We did not use t.Name() as it was not available before Go 1.8. Now the oldest Go version we support is Go 1.11, so we can use it.
2020-05-09tests: cli: rename TestBypass -> TestBadnameJakob Unterwurzacher
The command line option is now called `-badname`, so adjust the test name to match.
2020-05-09Update README for v1.8.0 releasev1.8.0Jakob Unterwurzacher
2020-05-03Documentation: update performance.txtJakob Unterwurzacher
Bisecting shows that the performance drop is caused by this commit: commit ca9e912a28b901387e1dbb85f6c531119f2d5ef2 (refs/bisect/bad) Author: Jakob Unterwurzacher <jakobunt@gmail.com> Date: Sat Feb 29 19:58:08 2020 +0100 fusefrontend: drop xattr user namespace restriction
2020-05-03go mod: update dependenciesJakob Unterwurzacher
Updated using go get -t -u ./...
2020-05-03build-without-openssl.bash: suppress "not a dynamic executable" messageJakob Unterwurzacher
We redirected the wrong ldd fd to /dev/null. Fix it.
2020-05-03inomap: fix TestSpill bit checkJakob Unterwurzacher
Wrong bit operator was used.
2020-05-03inomap: fix spillBit not set on 2nd hitJakob Unterwurzacher
Also add a test for this. Thanks @slackner for the comment.
2020-05-03inomap: remove leftover debug outputJakob Unterwurzacher
This was committed by accident.
2020-05-03fusefrontend_reverse: use inomap for inode number translationJakob Unterwurzacher
Gets rid of static inode number value limitations. Fixes https://github.com/rfjakob/gocryptfs/issues/457
2020-05-03tests: reverse: add inode mapping test (TestVirtualFileIno)Jakob Unterwurzacher
Verify that virtual files get assigned inode numbers we expect.
2020-04-19inomap: comment constantsJakob Unterwurzacher
2020-04-19inomap: rework logic to efficiently support flagsJakob Unterwurzacher
Adding flags allows to use inomap in reverse mode, replacing the clunky inoBaseDirIV/inoBaseNameFile logic that causes problems with high underlying inode numbers ( https://github.com/rfjakob/gocryptfs/issues/457 ) Microbenchmarks (values below) show that the "SingleDev" case is now much slower due to an extra map lookup, but this has no visible effects in ./test.bash results, so there was no time spent optimizing the case further. $ go test -bench=. goos: linux goarch: amd64 pkg: github.com/rfjakob/gocryptfs/internal/inomap BenchmarkTranslateSingleDev-4 18757510 61.5 ns/op BenchmarkTranslateManyDevs-4 18061515 64.5 ns/op PASS ok github.com/rfjakob/gocryptfs/internal/inomap 2.467s
2020-04-19inomap: add benchmarkJakob Unterwurzacher
$ go test -bench=. goos: linux goarch: amd64 pkg: github.com/rfjakob/gocryptfs/internal/inomap BenchmarkTranslateSingleDev-4 202479382 5.88 ns/op BenchmarkTranslateManyDevs-4 16095795 71.9 ns/op PASS ok github.com/rfjakob/gocryptfs/internal/inomap 3.039s
2020-04-18build.bash: handle missing git tagsJakob Unterwurzacher
The case of a git repo without any tags used to fail with: fatal: No names found, cannot describe anything. Now we continue, using "[no_tags_found]" as the version string.
2020-04-18build.bash: don't enable -buildmode=pie for static buildsJakob Unterwurzacher
Causes warnings: $ ./build-without-openssl.bash # github.com/rfjakob/gocryptfs loadinternal: cannot find runtime/cgo # github.com/rfjakob/gocryptfs/gocryptfs-xray loadinternal: cannot find runtime/cgo # github.com/rfjakob/gocryptfs/contrib/statfs loadinternal: cannot find runtime/cgo gocryptfs v1.7.1-48-gf6b1c68 without_openssl; go-fuse v1.0.1-0.20190319092520-161a16484456; 2020-04-18 go1.13.6 linux/amd64 https://github.com/golang/go/issues/30986
2020-04-18nametransform: update comment & simplify testsJakob Unterwurzacher
The comment still mentioned CBC, which has been removed a long time ago. The test definition can be rewritten using slice literals, saving sume stuttering.
2020-04-13Prefer Go stdlib aes-gcm on arm64 with aes instructionsJakob Unterwurzacher
We used to prefer openssl in this situation, which used to make sense, but now Go gained an optimized assembly implementation for aes-gcm on arm64 with aes instructions: root@q1:~/go/src/github.com/rfjakob/gocryptfs# ./gocryptfs -speed gocryptfs v1.7.1-46-g73436d9; go-fuse v1.0.1-0.20190319092520-161a16484456; 2020-04-13 go1.14.2 linux/arm64 AES-GCM-256-OpenSSL 212.30 MB/s (selected in auto mode) AES-GCM-256-Go 452.30 MB/s AES-SIV-512-Go 100.25 MB/s XChaCha20-Poly1305-Go 137.35 MB/s https://github.com/rfjakob/gocryptfs/issues/452
2020-04-13travis: fix Go Modules build problemsJakob Unterwurzacher
2020-04-13build.bash: use GOFLAGS -trimpath and enable PIEJakob Unterwurzacher
GOFLAGS exists since Go 1.11: https://golang.org/doc/go1.11 https://github.com/rfjakob/gocryptfs/pull/460
2020-04-13Convert build and packaging scripts to Go ModulesJakob Unterwurzacher
2020-04-13dep: migrate to Go ModulesJakob Unterwurzacher
Following https://blog.golang.org/migrating-to-go-modules
2020-04-13shellcheck: make top-level bash scripts warning-freeJakob Unterwurzacher
And run shellcheck in test.bash.