aboutsummaryrefslogtreecommitdiff
path: root/internal/fusefrontend/args.go
AgeCommit message (Collapse)Author
2021-08-20Implement -deterministic-names: extended -zerodirivJakob Unterwurzacher
-deterministc-names uses all-zero dirivs but does not write them to disk anymore.
2021-08-19Flag -zerodiriv to create all diriv as all zero byte filesJose M Perez
2021-08-16reverse mode: implement -one-file-systemJakob Unterwurzacher
Fixes https://github.com/rfjakob/gocryptfs/issues/475
2021-03-07v2api: -sharestorage: disable hard link tracking & add testsJakob Unterwurzacher
Hard link tracking was not correctly disabled since the migration to the go-fuse v2 api. Add a test to ensure it stays off. Fixes https://github.com/rfjakob/gocryptfs/issues/525
2020-12-20main: add "-kernel_cache" flaggmd20
This option is similar to fuse(8) kernel_cache Verified using vmtouch. Without -kernel_cache: $ dd if=/dev/zero of=foo bs=1M count=10 ; vmtouch -t foo ; vmtouch foo 10+0 records in 10+0 records out 10485760 bytes (10 MB, 10 MiB) copied, 0,0242321 s, 433 MB/s Files: 1 Directories: 0 Touched Pages: 2560 (10M) Elapsed: 0.011159 seconds Files: 1 Directories: 0 Resident Pages: 0/2560 0/10M 0% Elapsed: 0.000993 seconds With -kernel_cache: $ dd if=/dev/zero of=foo bs=1M count=10 ; vmtouch -t foo ; vmtouch foo 10+0 records in 10+0 records out 10485760 bytes (10 MB, 10 MiB) copied, 0,0244015 s, 430 MB/s Files: 1 Directories: 0 Touched Pages: 2560 (10M) Elapsed: 0.011564 seconds Files: 1 Directories: 0 Resident Pages: 2560/2560 10M/10M 100% Elapsed: 0.000369 seconds
2020-10-18fusefronted: reject GETXATTR "security.capability"Jakob Unterwurzacher
Unless we are mounted with -suid, we can reject these requests, and gain back some lost speed. Closes https://github.com/rfjakob/gocryptfs/issues/515
2020-05-17Update go-fuse import path to github.com/hanwen/go-fuse/v2Jakob Unterwurzacher
We need https://github.com/hanwen/go-fuse/commit/fd7328faf9fdf75709f7ba7df7072aaf4eeb18b3 to fix a crash reported in https://github.com/rfjakob/gocryptfs/issues/430 : 2019/10/30 17:14:16 Unknown opcode 2016 panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x508d38] This patch is only in the v2.x.x branch. Upgrade to v2, as the old API is also supported there. Running git grep hanwen/go-fuse | grep -v hanwen/go-fuse/v2 to check for forgotten references comes back clean.
2019-03-26reverse mode: support wildcard exclude (--exclude-wildcard)Eduardo M KALINOWSKI
This adds support for gitignore-like wildcards and exclude patters in reverse mode. It (somewhat) fixes #273: no regexp support, but the syntax should be powerful enough to satisfy most needs. Also, since adding a lot of --exclude options can be tedious, it adds the --exclude-from option to read patterns from a file (or files).
2018-08-11reverse mode: add --exclude optionJakob Unterwurzacher
https://github.com/rfjakob/gocryptfs/issues/235
2018-02-18fusefrontend[_reverse]: move crypto init up to callerJakob Unterwurzacher
Both fusefrontend and fusefrontend_reverse were doing essentially the same thing, move it into main's initFuseFrontend. A side-effect is that we have a reference to cryptocore in main, which will help with wiping the keys on exit (https://github.com/rfjakob/gocryptfs/issues/211).
2017-08-11main: purge masterkey from memory as soon as possibleJakob Unterwurzacher
Remove the "Masterkey" field from fusefrontend.Args because it should not be stored longer than neccessary. Instead pass the masterkey as a separate argument to the filesystem initializers. Then overwrite it with zeros immediately so we don't have to wait for garbage collection. Note that the crypto implementation still stores at least a masterkey-derived value, so this change makes it harder, but not impossible, to extract the encryption keys from memory. Suggested at https://github.com/rfjakob/gocryptfs/issues/137
2017-06-01Implement force_owner option to display ownership as a specific user.Charles Duffy
2017-04-23Add -forcedecodedanim7
Force decode of encrypted files even if the integrity check fails, instead of failing with an IO error. Warning messages are still printed to syslog if corrupted files are encountered. It can be useful to recover files from disks with bad sectors or other corrupted media. Closes https://github.com/rfjakob/gocryptfs/pull/102 .
2017-04-01fusefrontend_reverse: switch to stable inode numbersJakob Unterwurzacher
The volatile inode numbers that we used before cause "find" to complain and error out. Virtual inode numbers are derived from their parent file inode number by adding 10^19, which is hopefully large enough no never cause problems in practice. If the backing directory contains inode numbers higher than that, stat() on these files will return EOVERFLOW. Example directory lising after this change: $ ls -i 926473 gocryptfs.conf 1000000000000926466 gocryptfs.diriv 944878 gocryptfs.longname.hmZojMqC6ns47eyVxLlH2ailKjN9bxfosi3C-FR8mjA 1000000000000944878 gocryptfs.longname.hmZojMqC6ns47eyVxLlH2ailKjN9bxfosi3C-FR8mjA.name 934408 Tdfbf02CKsTaGVYnAsSypA
2017-03-18serialize_reads: add read serialization logicJakob Unterwurzacher
Due to kernel readahead, we usually get multiple read requests at the same time. These get submitted to the backing storage in random order, which is a problem if seeking is very expensive. Details: https://github.com/rfjakob/gocryptfs/issues/92
2017-03-05full stack: implement HKDF supportJakob Unterwurzacher
...but keep it disabled by default for new filesystems. We are still missing an example filesystem and CLI arguments to explicitely enable and disable it.
2017-03-05cryptocore: rename "BackendTypeEnum" -> "AEADTypeEnum"Jakob Unterwurzacher
There are two independent backends, one for name encryption, the other one, AEAD, for file content. "BackendTypeEnum" only applies to AEAD (file content), so make that clear in the name.
2016-11-25main, fusefrontend: add "-noprealloc" optionJakob Unterwurzacher
Preallocation is very slow on hdds that run btrfs. Give the user the option to disable it. This greatly speeds up small file operations but reduces the robustness against out-of-space errors. Also add the option to the man page. More info: https://github.com/rfjakob/gocryptfs/issues/63
2016-11-01Add support for unpadded base64 filenames, "-raw64"Jakob Unterwurzacher
Through base64.RawURLEncoding. New command-line parameter "-raw64".
2016-10-08reverse: make gocryptfs.conf mapping plaintextnames-awareJakob Unterwurzacher
Only in plaintextnames-mode AND with the config file at the default location it will be mapped into the mountpoint. Also adds a test for that.
2016-10-04lint fixesValient Gough
2016-09-25cryptocore: add support for GCM-SIVJakob Unterwurzacher
2016-06-26fusefronted: preserve owner if running as rootJakob Unterwurzacher
If allow_other is set and we run as root, try to give newly created files to the right user.
2016-06-23Drop deprecated "-gcmiv128" optionJakob Unterwurzacher
The GCMIV128 feature flag is already mandatory, dropping the command line option is the final step. Completes https://github.com/rfjakob/gocryptfs/issues/29 .
2016-06-23Drop deprecated "-emenames" optionJakob Unterwurzacher
The EMENames feature flag is already mandatory, dropping the command line option is the final step.
2016-06-23Drop deprecated "-diriv" optionJakob Unterwurzacher
The DirIV feature flag is already mandatory, dropping the command line option is the final step.
2016-02-06longnames part I: Create and OpenDir work with long filenames > 176 bytesJakob Unterwurzacher
Todo: Rename, Unlink, Rmdir, Mknod, Mkdir
2016-02-06Move pathfs_frontend to internal/fusefrontendJakob Unterwurzacher
"git status" for reference: renamed: pathfs_frontend/args.go -> internal/fusefrontend/args.go renamed: pathfs_frontend/compat_darwin.go -> internal/fusefrontend/compat_darwin.go renamed: pathfs_frontend/compat_linux.go -> internal/fusefrontend/compat_linux.go renamed: pathfs_frontend/file.go -> internal/fusefrontend/file.go renamed: pathfs_frontend/file_holes.go -> internal/fusefrontend/file_holes.go renamed: pathfs_frontend/fs.go -> internal/fusefrontend/fs.go renamed: pathfs_frontend/fs_dir.go -> internal/fusefrontend/fs_dir.go renamed: pathfs_frontend/names.go -> internal/fusefrontend/names.go renamed: pathfs_frontend/write_lock.go -> internal/fusefrontend/write_lock.go modified: main.go