aboutsummaryrefslogtreecommitdiff
path: root/internal/fusefrontend
AgeCommit message (Collapse)Author
21 hoursfusefrontend: sharedstorage: truncate: error out on failed file lockJakob Unterwurzacher
21 hourstests/cluster: fix possible fd exhaustionJakob Unterwurzacher
...and one typo.
21 hoursfusefrontend: LockSharedStorage: loop on EINTR, add debug outputJakob Unterwurzacher
21 hoursfusefrontend: sharedstorage: add two missing unlocksJakob Unterwurzacher
21 hoursfusefrontend: sharedstorage: introduce UnlockSharedStorage helperJakob Unterwurzacher
22 hoursfusefrontend: sharedstorage: lock truncate agains concurrent accessJakob Unterwurzacher
Prevent reads and writes concurrent with the truncate operation. It's racy on tmpfs and ext4 ( https://lore.kernel.org/all/18e9fa0f-ec31-9107-459c-ae1694503f87@gmail.com/t/ ) as evident by TestOpenTruncate test failures: === RUN TestOpenTruncate cluster_test.go:209: POSIX compliance issue: non-exlusive create failed with err=file exists doRead 16384215: corrupt block #0: cipher: message authentication failed ino16384215 fh8: RMW read failed: errno=5 cluster_test.go:214: iteration 1: WriteAt: write /tmp/gocryptfs-test-parent-1026/1358464214/TestOpenTruncate.1788296708.mnt2/foo: input/output error --- FAIL: TestOpenTruncate (0.06s) FAIL exit status 1 FAIL github.com/rfjakob/gocryptfs/v2/tests/cluster 7.880s Relates-to: https://github.com/rfjakob/gocryptfs/issues/56
22 hoursfusefrontend: sharedstorage: add warnings for lock failureJakob Unterwurzacher
Complain loudly when the underlying storage does not support byte-range locks. https://github.com/rfjakob/gocryptfs/issues/754
22 hoursfusefrontend: sharedstorage: retry read-path on EIO errorJakob Unterwurzacher
With -sharedstorage, when we get a decryption error, we lock the byte range and try again. This makes concurrent R/W safe agains torn writes. https://github.com/rfjakob/gocryptfs/issues/754
22 hoursfusefrontend: sharedstorage: add file content byte-range locksJakob Unterwurzacher
As we must write complete ciphertext blocks (except at EOF), non-overlapping plaintext writes can overlap in the ciphertext. And because overlapping writes can turn the data into data soup (see TestPoCTornWrite) we serialize them using fcntl locking.
22 hoursfusefrontend: sharedstorage: keep file header on truncateJakob Unterwurzacher
With -sharedstorage, we keep the on-disk file header. Other mounts may have the file ID cached so we cannot mess with it. This makes TestOpenTruncate pass.
22 hoursfusefrontend: sharedstorage: use byte-range lock on file header creationJakob Unterwurzacher
Multiple host writing to the same empty file at the same time could have overwritten each other's newly created file header, leading to data corruption. Fix the race by placing a byte-range lock on the file when creating the file header.
5 daysreverse: hide custom -config file located inside CIPHERDIRmaximilize
In reverse mode, a custom config file passed via -config that lives inside CIPHERDIR was presented as an ordinary encrypted file in the encrypted view, which is useless and confusing. By default the config is mapped to a virtual gocryptfs.conf, but ConfigCustom skips that mapping, so an in-CIPHERDIR custom config was neither mapped nor hidden. Plumb the config path into the reverse RootNode and treat a custom config file located inside CIPHERDIR as excluded in isExcludedPlain, hiding it from both readdir and lookup. Also document the -config reverse-mode behaviour in MANPAGE.md and add a regression test. Fixes #1009
2026-03-08Added basic support for FreeBSD.Ankush Patel
Freebsd-support: Change bash shebang to use /usr/bin/env Freebsd-support: Fix go vet "undefined" fixes when running make ci freebsd: stub xattr functions /proc/PID/fd does not exist on freebsd. freebsd-support: modify FchmodatNofollow for FreeBSD FreeBSD supports the Fchmodat system call, with the AT_SYMLINK_NOFOLLOW flag. FchmodatNofollow has been modified to use this system call and flag. freebsd-support: PR changes and fixes * Functions in fusefrontend_reverse/node_xattr_freebsd.go have been stubbed for now. * asuser_freebsd.go updated to only run f() when context is nil; otherwise log a warning and return an error. * emulate.go build flags updated, and FreeBSD specific version added. * sys_freebsd.go bug in Renameat2 with RENAME_EXCHANGE flag fixed. FreeBSD does not support atomic file swapping, so this flag now returns an error. * unix2syscall and atime is identical between FreeBSD and Darwin, updated filenames so Go will build the file for FreeBSD and Mac OS. freebsd-support: Addressed more PR comments and fixed build tags
2026-02-10enable falloc on btrfs if CoW is disabledJared Van Bortel
2026-02-09fusefrontend: convert mangleOpenFlags method to a functionJakob Unterwurzacher
No need to attach it to the root node. Also rename it to mangleOpenCreateFlags.
2026-02-09darwin: syscallcompat: Openat: use O_SYMLINKJakob Unterwurzacher
Also add tests that opening a symlink (using unix.O_PATH | unix.O_NOFOLLOW) works. https://github.com/rfjakob/gocryptfs/issues/993
2026-02-09darwin: fusefrontend: use O_SYMLINK for get,set,remove,listxattrJakob Unterwurzacher
With O_NOFOLLOW we error out with ELOOP when the user tries to manipulate symlinks. https://github.com/rfjakob/gocryptfs/issues/993
2026-02-01syscallcompat: DetectQuirks: suppress Btrfs message when -noprealloc has ↵Jakob Unterwurzacher
been passed Reported by @Tunoac, https://github.com/rfjakob/gocryptfs/issues/395#issuecomment-3828507487
2026-01-18added -noxattr flag which ignores all xattr operations (#987)Jarek Kowalski
* added -noxattr flag which ignores all xattr operations
2025-11-22Xattrs support in reverse modeAleksey Vasenev
Fixes https://github.com/rfjakob/gocryptfs/issues/827
2025-10-02fusefrontend: Mkdir: Stat after fixing permissionsJakob Unterwurzacher
Fixes https://github.com/rfjakob/gocryptfs/issues/964
2025-08-03fusefronted: report correct directory size in fstatJakob Unterwurzacher
Fixes https://github.com/rfjakob/gocryptfs/issues/951
2025-07-10remove redundant contentEnc reference from fileLars Quentin
2025-07-08Fix all staticcheck errors in gocryptfs codebasecopilot-swe-agent[bot]
Co-authored-by: rfjakob <286847+rfjakob@users.noreply.github.com> Add staticcheck to test.bash for continuous static analysis Co-authored-by: rfjakob <286847+rfjakob@users.noreply.github.com> Fix nil pointer dereference in timesToTimespec function The previous fix for deprecated fuse.UtimeToTimespec caused a panic because unix.TimeToTimespec doesn't handle nil pointers. This fix properly handles nil pointers by using unix.UTIME_OMIT while still using the non-deprecated unix.TimeToTimespec function. Co-authored-by: rfjakob <286847+rfjakob@users.noreply.github.com> Undo SA6002 changes and add staticcheck ignore directive instead Co-authored-by: rfjakob <286847+rfjakob@users.noreply.github.com>
2025-07-07Fix a bunch of staticcheck errorsJakob Unterwurzacher
Tool-assisted.
2025-06-15fusefronted: fake fstat for deleted fifosJakob Unterwurzacher
git test suite t9300-fast-import.sh test 245 does the equivalent of this: mkfifo fifo exec 8<>fifo rm fifo cat /dev/null >&8 This used to fail with cat: standard output: No such file or directory because cat tries to fstat stdout. The open() on the fifo does not reach the filesystem, so we don't have an fd open for the delted file, hence no way to access it. Fake fstat success as good as we can to make cat happy. Fixes https://github.com/rfjakob/gocryptfs/issues/929
2025-06-15fusefronted: comment syscall.S_IFMT maskingJakob Unterwurzacher
2025-05-29idleMonitor: switch to the new atomic.Bool apiJakob Unterwurzacher
2025-05-06Switch to the new atomic Uint64.Add apiJakob Unterwurzacher
The new api guarantees that the value is aligned, preventing stuff like this on 32 bit platforms: goroutine 26 [running]: internal/runtime/atomic.panicUnaligned() /usr/lib/go-1.24/src/internal/runtime/atomic/unaligned.go:8 +0x24 internal/runtime/atomic.Xadd64(0x2496c74, 0x1) /usr/lib/go-1.24/src/internal/runtime/atomic/atomic_arm.s:318 +0x14 github.com/rfjakob/gocryptfs/internal/inomap.(*InoMap).NextSpillIno(0x2496c60) Fixes https://github.com/rfjakob/gocryptfs/issues/912
2025-04-26fusefrontend: switch to new go-fuse dir apiJakob Unterwurzacher
go-fuse 2.6.0, specifically, https://github.com/hanwen/go-fuse/commit/e885cea8d4d40a5a9bb92bc3cef7193f2a316f59 introduced a new, file-based directory API while deprecating the old one. Switch to the new API. xfstests generic/035 now passes. Fixes https://github.com/hanwen/go-fuse/issues/55
2025-03-26fusefrontend: fix unconditional FileGetattrer castJakob Unterwurzacher
Essentially a port of https://github.com/hanwen/go-fuse/commit/531a68551e40e7303e94b53fb3792e6dfb28d15a . This fixes panic: interface conversion: *fs.dirStreamAsFile is not fs.FileGetattrer: missing method Getattr goroutine 20 [running]: github.com/rfjakob/gocryptfs/v2/internal/fusefrontend.(*Node).Getattr(0x55a7ac9d9090?, {0x55a7ac85a4d8, 0xc0013401c8}, {0x55a7ac80eb40?, 0xc0013401b0}, 0xc000586938) github.com/rfjakob/gocryptfs/v2/internal/fusefrontend/node.go:74 +0x22c github.com/hanwen/go-fuse/v2/fs.(*rawBridge).getattr(0xc0000b6180, {0x55a7ac85a4d8, 0xc0013401c8}, 0xc0010ea160, {0x55a7ac80eb40?, 0xc0013401b0}, 0xc000586938) github.com/hanwen/go-fuse/v2@v2.7.2/fs/bridge.go:569 +0x9b [...] which is a bug exposed by a go-fuse update. Fixes https://github.com/rfjakob/gocryptfs/issues/897
2024-11-11Report inode number for the root nodeJakob Unterwurzacher
Now that https://github.com/hanwen/go-fuse/issues/399 has landed we can report an inode number for the root node. Fixes https://github.com/rfjakob/gocryptfs/issues/580
2024-03-09fusefrontend: fix excessive file fragmentation on BTRFSAlex Shumsky
2023-05-17fusefrontend: implement our own Access()Jakob Unterwurzacher
Not having Access() means go-fuse emulates it by looking at Getattr(). This works fine most of the time, but breaks down on sshfs, where sshfs-benchmark.bash shows this: gocryptfs/tests$ ./sshfs-benchmark.bash nuetzlich.net working directory: /tmp/sshfs-benchmark.bash.JQC sshfs mounted: nuetzlich.net:/tmp -> sshfs.mnt gocryptfs mounted: sshfs.mnt/sshfs-benchmark.bash.Wrz/gocryptfs.crypt -> gocryptfs.mnt sshfs-benchmark.bash: sshfs gocryptfs-on-sshfs git init 3.98 6.80 rsync 7.71 10.84 rm -R 4.30rm: descend into write-protected directory 'gocryptfs.mnt/git1'? The go-fuse emulation gets it wrong here because sshfs reports permissions but does not enforce them. Implement it ourselves properly.
2023-03-29fusefrontent: report correct size on hard link creationJakob Unterwurzacher
And add a test for it. Fixes https://github.com/rfjakob/gocryptfs/issues/724
2023-02-21fusefrontend: unbreak isConsecutiveWrite streaming write optimizationJakob Unterwurzacher
Commit 6196a5b5 got the logic inverted, hence we never set the last position markers. Fixes https://github.com/rfjakob/gocryptfs/issues/712
2023-02-21fusefrontend: doWrite: report readFileID errors as I/O errorJakob Unterwurzacher
It used to be reported as "function not implemented", accompanied with this log output: go-fuse: can't convert error type: ParseHeader: header is all-zero. Header hexdump: 000000000000000000000000000000000000 Now we report EIO and log this: doWrite 1372183: corrupt header: ParseHeader: header is all-zero. Header hexdump: 000000000000000000000000000000000000
2022-12-29make formatJakob Unterwurzacher
Run "make format" using go version go1.19.4 linux/amd64
2022-06-26Fix typosYuta Hayashibe
2022-01-22fusefrontend: support RENAME_WHITEOUT, RENAME_EXCHANGEJakob Unterwurzacher
Both new internal test and xfstests generic/013 are happy. https://github.com/rfjakob/gocryptfs/issues/641
2022-01-10fusefrontend: fix -force_owner not affecting MKNODJakob Unterwurzacher
Fixes https://github.com/rfjakob/gocryptfs/issues/629
2021-12-19fusefrontend: allow slashes in xattr namesJakob Unterwurzacher
xattr names have fewer restrictions than file names, relax the validation. Fixes https://github.com/rfjakob/gocryptfs/issues/627
2021-12-09darwin: use O_NOFOLLOW for xattr opensJakob Unterwurzacher
Running the tests we have lots of these: Openat: O_NOFOLLOW missing: flags = 0x4 -wpanic turns this warning into a panic: Openat: O_NOFOLLOW missing: flags = 0x4 panic: -wpanic turns this warning into a panic: Openat: O_NOFOLLOW missing: flags = 0x4 goroutine 114 [running]: log.(*Logger).Panic(0x14000118280, {0x14000313ca8, 0x1, 0x1}) log/log.go:224 +0x90 github.com/rfjakob/gocryptfs/v2/internal/tlog.(*toggledLogger).Printf(0x14000076780, {0x1009dc2e8, 0x27}, {0x14000313d18, 0x1, 0x1}) github.com/rfjakob/gocryptfs/v2/internal/tlog/log.go:78 +0x168 github.com/rfjakob/gocryptfs/v2/internal/syscallcompat.Openat(0x9, {0x1009d0747, 0x1}, 0x4, 0x0) github.com/rfjakob/gocryptfs/v2/internal/syscallcompat/sys_common.go:59 +0xf0 github.com/rfjakob/gocryptfs/v2/internal/fusefrontend.(*Node).getXAttr(0x14000142000, {0x1400001c140, 0x3a}) github.com/rfjakob/gocryptfs/v2/internal/fusefrontend/node_xattr_darwin.go:30 +0x8c github.com/rfjakob/gocryptfs/v2/internal/fusefrontend.(*Node).Getxattr(0x14000142000, {0x100a7eba0, 0x1400000c2e8}, {0x14000016348, 0x14}, {0x14000326000, 0x20, 0x4000}) github.com/rfjakob/gocryptfs/v2/internal/fusefrontend/node_xattr.go:65 +0x1ac github.com/hanwen/go-fuse/v2/fs.(*rawBridge).GetXAttr(0x1400008e140, 0x140001901e0, 0x140001133c0, {0x14000016348, 0x14}, {0x14000326000, 0x20, 0x4000}) github.com/hanwen/go-fuse/v2@v2.1.1-0.20210825171523-3ab5d95a30ae/fs/bridge.go:685 +0x114 github.com/hanwen/go-fuse/v2/fuse.doGetXAttr(0x14000144000, 0x14000113200) github.com/hanwen/go-fuse/v2@v2.1.1-0.20210825171523-3ab5d95a30ae/fuse/opcode.go:270 +0x224 github.com/hanwen/go-fuse/v2/fuse.(*Server).handleRequest(0x14000144000, 0x14000113200) github.com/hanwen/go-fuse/v2@v2.1.1-0.20210825171523-3ab5d95a30ae/fuse/server.go:499 +0x214 created by github.com/hanwen/go-fuse/v2/fuse.(*Server).loop github.com/hanwen/go-fuse/v2@v2.1.1-0.20210825171523-3ab5d95a30ae/fuse/server.go:470 +0xac https://github.com/rfjakob/gocryptfs/issues/625
2021-10-21nametransform: add longNameMax parameterJakob Unterwurzacher
Determines when to start hashing long names instead of hardcoded 255. Will be used to alleviate "name too long" issues some users see on cloud storage. https://github.com/rfjakob/gocryptfs/issues/499
2021-10-15fusefrontend: honor ForceOwner for LOOKUP and CREATE operationsCharles Duffy
2021-09-10inomap: deterministically set root deviceJakob Unterwurzacher
We used to have "first Translate() wins". This is not deterministic, as the LOOKUP for the root directory does not seem to reach us, so the first user LOOKUP would win, which may be on a mountpoint.
2021-09-10cli: drop -forcedecode flagJakob Unterwurzacher
The rewritten openssl backend does not support this flag anymore, and it was inherently dangerour. Drop it (ignored for compatibility)
2021-08-30fusefrontend: remove leftover PrintfJakob Unterwurzacher
Commit b83ca9c921019fc3b790dabb6198bb77ef2f9a34 inadveredly added a leftover debug Printf. Delete it.
2021-08-30Unbreak hyperlinks broken by go mod v2 conversionJakob Unterwurzacher
Commit 69d88505fd7f4cb0d9e4f1918de296342fe05858 go mod: declare module version v2 translated all instances of "github.com/rfjakob/gocryptfs/" to "github.com/rfjakob/gocryptfs/v2/". Unfortunately, this included hyperlinks. Unbreak the hyperlinks like this: find . -name \*.go | xargs sed -i s%https://github.com/rfjakob/gocryptfs/v2/%https://github.com/rfjakob/gocryptfs/v2/%
2021-08-30Reimplement -serialize_reads flag using new SyncRead mount flagJakob Unterwurzacher
Let the kernel do the work for us. See https://github.com/hanwen/go-fuse/commit/15a8bb029a4e1a51e10043c370970596b1fbb737 for more info.