| Age | Commit message (Collapse) | Author |
|---|
|
We need
https://github.com/hanwen/go-fuse/commit/fd7328faf9fdf75709f7ba7df7072aaf4eeb18b3
to fix a crash reported in https://github.com/rfjakob/gocryptfs/issues/430 :
2019/10/30 17:14:16 Unknown opcode 2016
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x508d38]
This patch is only in the v2.x.x branch. Upgrade to v2, as the
old API is also supported there.
Running
git grep hanwen/go-fuse | grep -v hanwen/go-fuse/v2
to check for forgotten references comes back clean.
|
|
For Linux, everything effectively stays the same. For both path-based and
fd-based Utimens() calls, we use unix.UtimesNanoAt(). To avoid introducing
a separate syscall wrapper for futimens() (as done in go-fuse, for example),
we instead use the /proc/self/fd - trick.
On macOS, this changes quite a lot:
* Path-based Utimens() calls were previously completely broken, since
unix.UtimensNanoAt() ignores the passed file descriptor. Note that this
cannot be fixed easily since there IS no appropriate syscall available on
macOS prior to High Sierra (10.13). We emulate this case by using
Fchdir() + setattrlist().
* Fd-based Utimens() calls were previously translated to f.GetAttr() (to
fill any empty parameters) and syscall.Futimes(), which does not does
support nanosecond precision. Both issues can be fixed by switching to
fsetattrlist().
Fixes https://github.com/rfjakob/gocryptfs/issues/350
|
|
We never want Fchmodat to follow symlinks, so follow what
Qemu does, and call our function FchmodatNofollow.
|
|
|
|
|
|
|
|
|
|
On macOS the function has a flags argument, so we don't need the
/proc/self/fd trick used on Linux.
|
|
|
|
|
|
|
|
Fixes -allow_other mode on macOS.
|
|
When gocryptfs runs as root, we don't want to allow people to create
SUID root files.
|
|
Instead of manually adjusting the user after creating the symlink,
adjust effective permissions and let the kernel deal with it.
Related to https://github.com/rfjakob/gocryptfs/issues/338.
|
|
Instead of manually adjusting the user and mode after creating the
device file, adjust effective permissions and let the kernel deal
with it.
Related to https://github.com/rfjakob/gocryptfs/issues/338.
|
|
Revert commit fcaca5fc94d981aa637beb752edc8cb3c2265e96.
Instead of manually adjusting the user and mode after creating the
directory, adjust effective permissions and let the kernel deal with it.
Related to https://github.com/rfjakob/gocryptfs/issues/338.
|
|
Revert commit b22cc03c7516b2003880db8375d26c76d6dff093.
Instead of manually adjusting the user and mode after creating the
file, adjust effective permissions and let the kernel deal with it.
Related to https://github.com/rfjakob/gocryptfs/issues/338.
|
|
This fixes the "0100 directory" problem in reverse mode,
and should be slightly faster.
|
|
O_DIRECT has no direct equivalent on MacOS
(check out https://github.com/libuv/libuv/issues/1600 for details).
Just define it to zero there.
|
|
Fstatat has recently been added to x/sys/unix. Make
it available for use in gocryptfs.
|
|
This will allow to test them under linux as well.
|
|
Fixes the same problem as described in 72b975867a3b9bdf53fc2da62e2ba4a328d7e4ab,
except for directories instead of device nodes.
|
|
|
|
|
|
|
|
* Acquire the lock before reading the current directory
* Fix a file descriptor leak
|
|
If the user manages to replace the directory with
a symlink at just the right time, we could be tricked
into chown'ing the wrong file.
This change fixes the race by using fchownat, which
unfortunately is not available on darwin, hence a compat
wrapper is added.
Scenario, as described by @slackner at
https://github.com/rfjakob/gocryptfs/issues/177 :
1. Create a forward mount point with `plaintextnames` enabled
2. Mount as root user with `allow_other`
3. For testing purposes create a file `/tmp/file_owned_by_root`
which is owned by the root user
4. As a regular user run inside of the GoCryptFS mount:
```
mkdir tempdir
mknod tempdir/file_owned_by_root p &
mv tempdir tempdir2
ln -s /tmp tempdir
```
When the steps are done fast enough and in the right order
(run in a loop!), the device file will be created in
`tempdir`, but the `lchown` will be executed by following
the symlink. As a result, the ownership of the file located
at `/tmp/file_owned_by_root` will be changed.
|
|
Dup2 is not implemented on linux/arm64.
Fixes https://github.com/rfjakob/gocryptfs/issues/121 .
Also adds cross-compilation to CI.
|
|
As suggested by
https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217
|
|
Protip: find naked *at syscalls using:
git grep "syscall." | grep "at(" | grep -v syscallcompat
|
|
Also, replace remaining naked syscall.Openat calls.
|
|
Adds a poor man's renameat implementation for OSX.
|
|
...and convert all calls to syscall.{Fallocate,Openat}
to syscallcompat .
Both syscalls are not available on OSX. We emulate Openat and just
return EOPNOTSUPP for Fallocate.
|
|
We will get more of them as OSX also lacks support for openat.
|
