| Age | Commit message (Collapse) | Author |
|
|
|
...and one typo.
|
|
|
|
|
|
|
|
Prevent reads and writes concurrent with the truncate operation. It's
racy on tmpfs and ext4 ( https://lore.kernel.org/all/18e9fa0f-ec31-9107-459c-ae1694503f87@gmail.com/t/ )
as evident by TestOpenTruncate test failures:
=== RUN TestOpenTruncate
cluster_test.go:209: POSIX compliance issue: non-exlusive create failed with err=file exists
doRead 16384215: corrupt block #0: cipher: message authentication failed
ino16384215 fh8: RMW read failed: errno=5
cluster_test.go:214: iteration 1: WriteAt: write /tmp/gocryptfs-test-parent-1026/1358464214/TestOpenTruncate.1788296708.mnt2/foo: input/output error
--- FAIL: TestOpenTruncate (0.06s)
FAIL
exit status 1
FAIL github.com/rfjakob/gocryptfs/v2/tests/cluster 7.880s
Relates-to: https://github.com/rfjakob/gocryptfs/issues/56
|
|
Complain loudly when the underlying storage does not support
byte-range locks.
https://github.com/rfjakob/gocryptfs/issues/754
|
|
With -sharedstorage, when we get a decryption error, we lock the
byte range and try again.
This makes concurrent R/W safe agains torn writes.
https://github.com/rfjakob/gocryptfs/issues/754
|
|
As we must write complete ciphertext blocks (except at EOF), non-overlapping
plaintext writes can overlap in the ciphertext.
And because overlapping writes can turn the data into data soup (see
TestPoCTornWrite) we serialize them using fcntl locking.
|
|
With -sharedstorage, we keep the on-disk file header.
Other mounts may have the file ID cached so we cannot mess with it.
This makes TestOpenTruncate pass.
|
|
Multiple host writing to the same empty file at the same time
could have overwritten each other's newly created file header,
leading to data corruption.
Fix the race by placing a byte-range lock on the file when
creating the file header.
|
|
In reverse mode, a custom config file passed via -config that lives inside
CIPHERDIR was presented as an ordinary encrypted file in the encrypted view,
which is useless and confusing. By default the config is mapped to a virtual
gocryptfs.conf, but ConfigCustom skips that mapping, so an in-CIPHERDIR custom
config was neither mapped nor hidden.
Plumb the config path into the reverse RootNode and treat a custom config file
located inside CIPHERDIR as excluded in isExcludedPlain, hiding it from both
readdir and lookup. Also document the -config reverse-mode behaviour in
MANPAGE.md and add a regression test.
Fixes #1009
|
|
Freebsd-support: Change bash shebang to use /usr/bin/env
Freebsd-support: Fix go vet "undefined" fixes when running make ci
freebsd: stub xattr functions
/proc/PID/fd does not exist on freebsd.
freebsd-support: modify FchmodatNofollow for FreeBSD
FreeBSD supports the Fchmodat system call, with the AT_SYMLINK_NOFOLLOW
flag. FchmodatNofollow has been modified to use this system call and
flag.
freebsd-support: PR changes and fixes
* Functions in fusefrontend_reverse/node_xattr_freebsd.go have been
stubbed for now.
* asuser_freebsd.go updated to only run f() when context is nil;
otherwise log a warning and return an error.
* emulate.go build flags updated, and FreeBSD specific version added.
* sys_freebsd.go bug in Renameat2 with RENAME_EXCHANGE flag fixed.
FreeBSD does not support atomic file swapping, so this flag now
returns an error.
* unix2syscall and atime is identical between FreeBSD and Darwin,
updated filenames so Go will build the file for FreeBSD and Mac OS.
freebsd-support: Addressed more PR comments and fixed build tags
|
|
|
|
No need to attach it to the root node. Also rename it
to mangleOpenCreateFlags.
|
|
Also add tests that opening a symlink (using unix.O_PATH | unix.O_NOFOLLOW)
works.
https://github.com/rfjakob/gocryptfs/issues/993
|
|
With O_NOFOLLOW we error out with ELOOP when the user tries
to manipulate symlinks.
https://github.com/rfjakob/gocryptfs/issues/993
|
|
been passed
Reported by @Tunoac, https://github.com/rfjakob/gocryptfs/issues/395#issuecomment-3828507487
|
|
* added -noxattr flag which ignores all xattr operations
|
|
Fixes https://github.com/rfjakob/gocryptfs/issues/827
|
|
Fixes https://github.com/rfjakob/gocryptfs/issues/964
|
|
Fixes https://github.com/rfjakob/gocryptfs/issues/951
|
|
|
|
Co-authored-by: rfjakob <286847+rfjakob@users.noreply.github.com>
Add staticcheck to test.bash for continuous static analysis
Co-authored-by: rfjakob <286847+rfjakob@users.noreply.github.com>
Fix nil pointer dereference in timesToTimespec function
The previous fix for deprecated fuse.UtimeToTimespec caused a panic
because unix.TimeToTimespec doesn't handle nil pointers. This fix
properly handles nil pointers by using unix.UTIME_OMIT while still
using the non-deprecated unix.TimeToTimespec function.
Co-authored-by: rfjakob <286847+rfjakob@users.noreply.github.com>
Undo SA6002 changes and add staticcheck ignore directive instead
Co-authored-by: rfjakob <286847+rfjakob@users.noreply.github.com>
|
|
Tool-assisted.
|
|
git test suite t9300-fast-import.sh test 245 does the equivalent of this:
mkfifo fifo
exec 8<>fifo
rm fifo
cat /dev/null >&8
This used to fail with
cat: standard output: No such file or directory
because cat tries to fstat stdout.
The open() on the fifo does not reach the filesystem, so we don't
have an fd open for the delted file, hence no way to access it.
Fake fstat success as good as we can to make cat happy.
Fixes https://github.com/rfjakob/gocryptfs/issues/929
|
|
|
|
|
|
The new api guarantees that the value is aligned, preventing
stuff like this on 32 bit platforms:
goroutine 26 [running]:
internal/runtime/atomic.panicUnaligned()
/usr/lib/go-1.24/src/internal/runtime/atomic/unaligned.go:8 +0x24
internal/runtime/atomic.Xadd64(0x2496c74, 0x1)
/usr/lib/go-1.24/src/internal/runtime/atomic/atomic_arm.s:318 +0x14
github.com/rfjakob/gocryptfs/internal/inomap.(*InoMap).NextSpillIno(0x2496c60)
Fixes https://github.com/rfjakob/gocryptfs/issues/912
|
|
go-fuse 2.6.0, specifically,
https://github.com/hanwen/go-fuse/commit/e885cea8d4d40a5a9bb92bc3cef7193f2a316f59
introduced a new, file-based directory API while
deprecating the old one.
Switch to the new API.
xfstests generic/035 now passes.
Fixes https://github.com/hanwen/go-fuse/issues/55
|
|
Essentially a port of
https://github.com/hanwen/go-fuse/commit/531a68551e40e7303e94b53fb3792e6dfb28d15a .
This fixes
panic: interface conversion: *fs.dirStreamAsFile is not fs.FileGetattrer: missing method Getattr
goroutine 20 [running]:
github.com/rfjakob/gocryptfs/v2/internal/fusefrontend.(*Node).Getattr(0x55a7ac9d9090?, {0x55a7ac85a4d8, 0xc0013401c8}, {0x55a7ac80eb40?, 0xc0013401b0}, 0xc000586938)
github.com/rfjakob/gocryptfs/v2/internal/fusefrontend/node.go:74 +0x22c
github.com/hanwen/go-fuse/v2/fs.(*rawBridge).getattr(0xc0000b6180, {0x55a7ac85a4d8, 0xc0013401c8}, 0xc0010ea160, {0x55a7ac80eb40?, 0xc0013401b0}, 0xc000586938)
github.com/hanwen/go-fuse/v2@v2.7.2/fs/bridge.go:569 +0x9b
[...]
which is a bug exposed by a go-fuse update.
Fixes https://github.com/rfjakob/gocryptfs/issues/897
|
|
Now that https://github.com/hanwen/go-fuse/issues/399 has
landed we can report an inode number for the root node.
Fixes https://github.com/rfjakob/gocryptfs/issues/580
|
|
|
|
Not having Access() means go-fuse emulates it by looking at Getattr().
This works fine most of the time, but breaks down on sshfs, where
sshfs-benchmark.bash shows this:
gocryptfs/tests$ ./sshfs-benchmark.bash nuetzlich.net
working directory: /tmp/sshfs-benchmark.bash.JQC
sshfs mounted: nuetzlich.net:/tmp -> sshfs.mnt
gocryptfs mounted: sshfs.mnt/sshfs-benchmark.bash.Wrz/gocryptfs.crypt -> gocryptfs.mnt
sshfs-benchmark.bash: sshfs gocryptfs-on-sshfs
git init 3.98 6.80
rsync 7.71 10.84
rm -R 4.30rm: descend into write-protected directory 'gocryptfs.mnt/git1'?
The go-fuse emulation gets it wrong here because sshfs reports
permissions but does not enforce them.
Implement it ourselves properly.
|
|
And add a test for it.
Fixes https://github.com/rfjakob/gocryptfs/issues/724
|
|
Commit 6196a5b5 got the logic inverted, hence we never
set the last position markers.
Fixes https://github.com/rfjakob/gocryptfs/issues/712
|
|
It used to be reported as "function not implemented", accompanied
with this log output:
go-fuse: can't convert error type: ParseHeader: header is all-zero. Header hexdump: 000000000000000000000000000000000000
Now we report EIO and log this:
doWrite 1372183: corrupt header: ParseHeader: header is all-zero. Header hexdump: 000000000000000000000000000000000000
|
|
Run "make format" using
go version go1.19.4 linux/amd64
|
|
|
|
Both new internal test and xfstests generic/013 are happy.
https://github.com/rfjakob/gocryptfs/issues/641
|
|
Fixes https://github.com/rfjakob/gocryptfs/issues/629
|
|
xattr names have fewer restrictions than file names,
relax the validation.
Fixes https://github.com/rfjakob/gocryptfs/issues/627
|
|
Running the tests we have lots of these:
Openat: O_NOFOLLOW missing: flags = 0x4
-wpanic turns this warning into a panic: Openat: O_NOFOLLOW missing: flags = 0x4
panic: -wpanic turns this warning into a panic: Openat: O_NOFOLLOW missing: flags = 0x4
goroutine 114 [running]:
log.(*Logger).Panic(0x14000118280, {0x14000313ca8, 0x1, 0x1})
log/log.go:224 +0x90
github.com/rfjakob/gocryptfs/v2/internal/tlog.(*toggledLogger).Printf(0x14000076780, {0x1009dc2e8, 0x27}, {0x14000313d18, 0x1, 0x1})
github.com/rfjakob/gocryptfs/v2/internal/tlog/log.go:78 +0x168
github.com/rfjakob/gocryptfs/v2/internal/syscallcompat.Openat(0x9, {0x1009d0747, 0x1}, 0x4, 0x0)
github.com/rfjakob/gocryptfs/v2/internal/syscallcompat/sys_common.go:59 +0xf0
github.com/rfjakob/gocryptfs/v2/internal/fusefrontend.(*Node).getXAttr(0x14000142000, {0x1400001c140, 0x3a})
github.com/rfjakob/gocryptfs/v2/internal/fusefrontend/node_xattr_darwin.go:30 +0x8c
github.com/rfjakob/gocryptfs/v2/internal/fusefrontend.(*Node).Getxattr(0x14000142000, {0x100a7eba0, 0x1400000c2e8}, {0x14000016348, 0x14}, {0x14000326000, 0x20, 0x4000})
github.com/rfjakob/gocryptfs/v2/internal/fusefrontend/node_xattr.go:65 +0x1ac
github.com/hanwen/go-fuse/v2/fs.(*rawBridge).GetXAttr(0x1400008e140, 0x140001901e0, 0x140001133c0, {0x14000016348, 0x14}, {0x14000326000, 0x20, 0x4000})
github.com/hanwen/go-fuse/v2@v2.1.1-0.20210825171523-3ab5d95a30ae/fs/bridge.go:685 +0x114
github.com/hanwen/go-fuse/v2/fuse.doGetXAttr(0x14000144000, 0x14000113200)
github.com/hanwen/go-fuse/v2@v2.1.1-0.20210825171523-3ab5d95a30ae/fuse/opcode.go:270 +0x224
github.com/hanwen/go-fuse/v2/fuse.(*Server).handleRequest(0x14000144000, 0x14000113200)
github.com/hanwen/go-fuse/v2@v2.1.1-0.20210825171523-3ab5d95a30ae/fuse/server.go:499 +0x214
created by github.com/hanwen/go-fuse/v2/fuse.(*Server).loop
github.com/hanwen/go-fuse/v2@v2.1.1-0.20210825171523-3ab5d95a30ae/fuse/server.go:470 +0xac
https://github.com/rfjakob/gocryptfs/issues/625
|
|
Determines when to start hashing long names instead
of hardcoded 255. Will be used to alleviate "name too long"
issues some users see on cloud storage.
https://github.com/rfjakob/gocryptfs/issues/499
|
|
|
|
We used to have "first Translate() wins". This is not deterministic,
as the LOOKUP for the root directory does not seem to reach us, so
the first user LOOKUP would win, which may be on a mountpoint.
|
|
The rewritten openssl backend does not support this flag anymore,
and it was inherently dangerour. Drop it (ignored for compatibility)
|
|
Commit b83ca9c921019fc3b790dabb6198bb77ef2f9a34
inadveredly added a leftover debug Printf.
Delete it.
|
|
Commit
69d88505fd7f4cb0d9e4f1918de296342fe05858 go mod: declare module version v2
translated all instances of "github.com/rfjakob/gocryptfs/" to
"github.com/rfjakob/gocryptfs/v2/".
Unfortunately, this included hyperlinks.
Unbreak the hyperlinks like this:
find . -name \*.go | xargs sed -i s%https://github.com/rfjakob/gocryptfs/v2/%https://github.com/rfjakob/gocryptfs/v2/%
|
|
Let the kernel do the work for us.
See https://github.com/hanwen/go-fuse/commit/15a8bb029a4e1a51e10043c370970596b1fbb737
for more info.
|