aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-01-02tests: better error message for TestBase64XattrReadJakob Unterwurzacher
Make clear what we have and what we want.
2019-01-02tests: add fd leak retry logic to UnmountErr, really return errorJakob Unterwurzacher
Give the gocryptfs process one extra millisecond to close files. Allows us to drop several other sleeps. UnmountErr now really returns an error when it detects an fd leak instead of just printing a message.
2019-01-02fusefrontend: openBackingDir: fix fd leak in error pathJakob Unterwurzacher
Reported by @slackner at https://github.com/rfjakob/gocryptfs/commit/932efbd4593fe6be6c86f0dafeaea32910b7c246#r31813373 thanks!
2019-01-02nametransform: fix possible incomplete read in ReadLongNameAtJakob Unterwurzacher
Pread() needs retry logic, so instead of implementing it ourselves, use os.File. Reported by @slackner at https://github.com/rfjakob/gocryptfs/commit/c09bf1f2284706232642431c75fa1f3d8500a9d0#r31813394
2019-01-02tests: ListFds(): filter out pipe and eventpoll fdsJakob Unterwurzacher
These are created on demand by the Go runtime and are usually not interesting.
2019-01-02tests: make MountInfo field accessibleJakob Unterwurzacher
Tests outside the test_helpers package may want to look at this.
2019-01-02tests: reverse: add ctlsocket cleanup delayJakob Unterwurzacher
2019-01-01tests: ListFds: show r/w statusJakob Unterwurzacher
Also, drop entries that disappear while we stat them.
2019-01-01tests: split mount_unmount.go from helpers.goJakob Unterwurzacher
With the FD leak logic, the mount/unmount functions have become complex enough to give them their own file.
2019-01-01tests: detect fd leaks on unmountJakob Unterwurzacher
For now, this only prints a message but does not fail the tests.
2019-01-01fusefrontend: fix fd leak in error pathJakob Unterwurzacher
2019-01-01fusefrontend: fix fd leak in Access()Jakob Unterwurzacher
Thanks @slackner! Fixes https://github.com/rfjakob/gocryptfs/issues/306
2019-01-01tests: teach ListFds() to check other processesJakob Unterwurzacher
2019-01-01tests: save gocryptfs process id in test_helpers.MountPIDJakob Unterwurzacher
This will allow to tests to monitor fd usage and maybe other things.
2019-01-01fusefrontend: xattr: fix hang on FIFOsJakob Unterwurzacher
An Open() a fifo blocks until it is opened for writing. This meant that xattr operations on FIFOs would block. Pass O_NONBLOCK to fix that, and add a test.
2019-01-01fusefrontend: only compile getBackingPath() on DarwinJakob Unterwurzacher
This function is NOT symlink-safe. Darwin needs it because it lacks fgetxattr(2) and friends.
2019-01-01fusefrontend: make ListXAttr symlink-safe on LinuxJakob Unterwurzacher
Uses /proc/self/fd.
2019-01-01fusefrontend: make RemoveXAttr() symlink-safeJakob Unterwurzacher
Uses /proc/self/fd on Linux.
2019-01-01fusefrontend: make SetXAttr() symlink-safe on LinuxJakob Unterwurzacher
Uses the /proc/self/fd trick.
2019-01-01fusefrontend: make GetXAttr() symlink-safe on LinuxJakob Unterwurzacher
Uses the /proc/self/fd trick, which does not work on Darwin.
2019-01-01tests: add Flistxattr/Fgetxattr/Fremovexattr testsJakob Unterwurzacher
Test for the upcoming fd-based xattr support.
2019-01-01fusefrontend: make Utimens symlink-safeJakob Unterwurzacher
unix.UtimesNanoAt now also exists on Darwin, yay!
2019-01-01fusefrontend: fix compile failure on DarwinJakob Unterwurzacher
Failure was: + GOOS=darwin + GOARCH=amd64 + go build -tags without_openssl # github.com/rfjakob/gocryptfs/internal/fusefrontend internal/fusefrontend/fs_dir.go:159:60: cannot use origMode | 448 (type uint16) as type uint32 in argument to syscallcompat.Fchmodat internal/fusefrontend/fs_dir.go:170:33: cannot use origMode (type uint16) as type uint32 in argument to syscallcompat.Fchmodat
2019-01-01fusefrontend: mark Truncate, Unlink, Symlink symlink-safeJakob Unterwurzacher
No changes needed.
2019-01-01fusefrontend: make Rmdir symlink-safeJakob Unterwurzacher
Now uses Unlinkat.
2019-01-01nametransform: rename WriteLongName() -> WriteLongNameAt()Jakob Unterwurzacher
And also rename DeleteLongName() -> DeleteLongNameAt(). The naming follow the names open the openat() etc syscalls.
2019-01-01fusefrontend: make Readlink() symlink-safeJakob Unterwurzacher
Now symlink-safe through Readlinkat().
2019-01-01fusefrontend: make OpenDir() symlink-safeJakob Unterwurzacher
Interestingly, little or no performance impact: $ ./benchmark.bash Testing gocryptfs at /tmp/benchmark.bash.39W: gocryptfs v1.6-42-g30c2349-dirty; go-fuse v20170619-66-g6df8ddc; 2018-11-04 go1.11 Downloading linux-3.0.tar.gz /tmp/linux-3.0.tar.gz 100%[=========================================================================>] 92.20M 2.93MB/s in 31s 2018-11-04 21:44:44 URL:https://cdn.kernel.org/pub/linux/kernel/v3.0/linux-3.0.tar.gz [96675825/96675825] -> "/tmp/linux-3.0.tar.gz" [1] WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 1.1808 s, 222 MB/s READ: 262144000 bytes (262 MB, 250 MiB) copied, 0.866438 s, 303 MB/s UNTAR: 24.745 MD5: 12.050 LS: 3.525 RM: 9.544 Note: kernel has been updated: $ uname -a Linux brikett 4.18.16-200.fc28.x86_64 #1 SMP Sat Oct 20 23:53:47 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
2019-01-01fusefrontend: mark a few more functions as symlink-safe / unsafeJakob Unterwurzacher
2019-01-01fusefrontend: use openBackingDir in ctlsock interfaceJakob Unterwurzacher
Instead of calling syscall.Open() ourselves, rely on openBackingDir().
2019-01-01fusefrontend: make GetAttr() symlink-safeJakob Unterwurzacher
Use openBackingDir() and Fstatat(). High performance impact, though part of it should be mitigated by adding DirIV caching to the new code paths. $ ./benchmark.bash Testing gocryptfs at /tmp/benchmark.bash.Eou: gocryptfs v1.6-37-ge3914b3-dirty; go-fuse v20170619-66-g6df8ddc; 2018-10-14 go1.11 WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 1.2289 s, 213 MB/s READ: 262144000 bytes (262 MB, 250 MiB) copied, 1.02616 s, 255 MB/s UNTAR: 24.490 MD5: 13.120 LS: 3.368 RM: 9.232
2019-01-01fusefrontend: make openBackingDir() symlink-safeJakob Unterwurzacher
openBackingDir() used encryptPath(), which is not symlink-safe itself. Drop encryptPath() and implement our own directory walk. Adds three seconds to untar and two seconds to rm: $ ./benchmark.bash Testing gocryptfs at /tmp/benchmark.bash.MzG: gocryptfs v1.6-36-g8fb3c2f-dirty; go-fuse v20170619-66-g6df8ddc; 2018-10-14 go1.11 WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 1.25078 s, 210 MB/s READ: 262144000 bytes (262 MB, 250 MiB) copied, 1.0318 s, 254 MB/s UNTAR: 20.941 MD5: 11.568 LS: 1.638 RM: 5.337
2019-01-01fusefrontend: mark symlink-safe FUSE callsJakob Unterwurzacher
Document which FUSE calls are already symlink-safe in the function comment.
2019-01-01fusefrontend: make DecryptPath() symlink-safeJakob Unterwurzacher
DecryptPath is now symlink-safe through the use of *at() functions.
2019-01-01fusefrontend: make Access() symlink-safe.Jakob Unterwurzacher
Make Access() symlink-safe through use of faccessat.
2019-01-01nametransform: comments: directly link to ioutil.WriteFile fixJakob Unterwurzacher
So the reader does not have to read through the whole ticket. The commit message has a nice summary of the problem.
2019-01-01fusefrontend: Fix debug message in doWrite() method.Sebastian Lackner
2019-01-01fusefrontend: Fix order of arguments in debug message for Read() FUSE call.Sebastian Lackner
2019-01-01nametransform: Delete incomplete longname files on error.Sebastian Lackner
2018-12-30main: Remove a duplicate word in a comment.Sebastian Lackner
2018-12-28configfile: Fix a copy&paste error in validateParams method.Sebastian Lackner
2018-12-27configfile: Explicitly wipe scrypt derived key after decrypting/encrypting ↵Sebastian Lackner
master key. Further raises the bar for recovering keys from memory.
2018-12-27Assorted spelling fixes.Sebastian Lackner
Mostly detected with the 'codespell' utility, but also includes some manual grammar fixes.
2018-12-27fusefrontend: Remove unnecessary check in doRead function.Sebastian Lackner
The same condition is already checked a few lines above, and 'err' is not changed inbetween.
2018-12-27fusefrontend: Don't treat Fchownat error as failure in Mkdir.Sebastian Lackner
The directory was already created, so return success even if Fchownat fails. The same error handling is already used if fs.args.PlaintextNames is false.
2018-12-27fusefrontend: Check the correct 'err' variable.Sebastian Lackner
2018-12-27build.bash: Escape LDFLAGS before passing them to 'go build'.Sebastian Lackner
This ensures that ./build.bash still works when the LDFLAGS environment variable contains multiple options, e.g., LDFLAGS="-lpthread -lm". The correct way of passing multiple options is discussed here: https://github.com/golang/go/issues/6234 For some unknown reason, the method only works when -extldflags is the last argument - is this a bug in Go?
2018-12-16build.bash: support user-set LDFLAGSJakob Unterwurzacher
As requested at https://github.com/rfjakob/gocryptfs/pull/280
2018-12-16build.bash: use -trimpath for reproducible buildsJakob Unterwurzacher
Support both Go 1.7...1.9 and Go 1.10 by checking the version and using the appropropriate syntax. We trim GOPATH/src and use both -gcflags and -asmflags like Debian does in https://salsa.debian.org/go-team/packages/dh-golang/blob/ab2bbcfc00b1229066cc3d3d1195ac901a2b9411/lib/Debian/Debhelper/Buildsystem/golang.pm#L465 .
2018-12-16build.bash: respect SOURCE_DATE_EPOCHJakob Unterwurzacher
SOURCE_DATE_EPOCH seems to be the standard env variable for faking a build date for reproducible builds.