aboutsummaryrefslogtreecommitdiff
path: root/internal/syscallcompat
AgeCommit message (Collapse)Author
2024-12-04fusefrontend: sharedstorage: use byte-range lock on file header creationJakob Unterwurzacher
Multiple host writing to the same empty file at the same time could have overwritten each other's newly created file header, leading to data corruption. Fix the race by placing a byte-range lock on the file when creating the file header.
2024-05-17syscallcompat: Openat: always set O_CLOEXECJakob Unterwurzacher
Let's not leak fds to logger. Before: $ lsof -p $(pgrep logger) COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME logger 146410 jakob cwd DIR 253,0 4096 2 / logger 146410 jakob rtd DIR 253,0 4096 2 / logger 146410 jakob txt REG 253,0 41560 6293858 /usr/bin/logger logger 146410 jakob mem REG 253,0 229754784 6292695 /usr/lib/locale/locale-archive logger 146410 jakob mem REG 253,0 186480 6292031 /usr/lib64/libgcc_s-14-20240508.so.1 logger 146410 jakob mem REG 253,0 787128 6294119 /usr/lib64/libzstd.so.1.5.6 logger 146410 jakob mem REG 253,0 211424 6294587 /usr/lib64/liblzma.so.5.4.6 logger 146410 jakob mem REG 253,0 131128 6302636 /usr/lib64/liblz4.so.1.9.4 logger 146410 jakob mem REG 253,0 49184 6302330 /usr/lib64/libcap.so.2.69 logger 146410 jakob mem REG 253,0 2476880 6295299 /usr/lib64/libc.so.6 logger 146410 jakob mem REG 253,0 987256 6292058 /usr/lib64/libsystemd.so.0.38.0 logger 146410 jakob mem REG 253,0 906256 6295295 /usr/lib64/ld-linux-x86-64.so.2 logger 146410 jakob 0r FIFO 0,14 0t0 607727 pipe logger 146410 jakob 1w CHR 1,3 0t0 4 /dev/null logger 146410 jakob 2w CHR 1,3 0t0 4 /dev/null logger 146410 jakob 3u unix 0x0000000046d9c96b 0t0 607729 type=DGRAM (CONNECTED) logger 146410 jakob 10u DIR 0,33 80 7758 /tmp/tmp.lbUiEw9P6W/a After: $ lsof -p $(pgrep logger) COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME logger 147982 jakob cwd DIR 253,0 4096 2 / logger 147982 jakob rtd DIR 253,0 4096 2 / logger 147982 jakob txt REG 253,0 41560 6293858 /usr/bin/logger logger 147982 jakob mem REG 253,0 229754784 6292695 /usr/lib/locale/locale-archive logger 147982 jakob mem REG 253,0 186480 6292031 /usr/lib64/libgcc_s-14-20240508.so.1 logger 147982 jakob mem REG 253,0 787128 6294119 /usr/lib64/libzstd.so.1.5.6 logger 147982 jakob mem REG 253,0 211424 6294587 /usr/lib64/liblzma.so.5.4.6 logger 147982 jakob mem REG 253,0 131128 6302636 /usr/lib64/liblz4.so.1.9.4 logger 147982 jakob mem REG 253,0 49184 6302330 /usr/lib64/libcap.so.2.69 logger 147982 jakob mem REG 253,0 2476880 6295299 /usr/lib64/libc.so.6 logger 147982 jakob mem REG 253,0 987256 6292058 /usr/lib64/libsystemd.so.0.38.0 logger 147982 jakob mem REG 253,0 906256 6295295 /usr/lib64/ld-linux-x86-64.so.2 logger 147982 jakob 0r FIFO 0,14 0t0 609636 pipe logger 147982 jakob 1w CHR 1,3 0t0 4 /dev/null logger 147982 jakob 2w CHR 1,3 0t0 4 /dev/null logger 147982 jakob 3u unix 0x00000000bc46d033 0t0 610344 type=DGRAM (CONNECTED) Fixes https://github.com/rfjakob/gocryptfs/issues/846
2022-08-28make formatJakob Unterwurzacher
2022-01-27root_test: add TestOverlay ; syscallcompat: add QuirkNoUserXattrJakob Unterwurzacher
2022-01-22fusefrontend: fix "duplicate case" darwin build failureJakob Unterwurzacher
$ ./crossbuild.bash [...] + GOOS=darwin + GOARCH=amd64 + build + go build -tags without_openssl -o /dev/null internal/fusefrontend/node.go:397:2: duplicate case syscallcompat.RENAME_NOREPLACE (value 0) in switch previous case at internal/fusefrontend/node.go:397:7 internal/fusefrontend/node.go:397:2: duplicate case syscallcompat.RENAME_EXCHANGE (value 0) in switch previous case at internal/fusefrontend/node.go:397:7 internal/fusefrontend/node.go:397:2: duplicate case syscallcompat.RENAME_WHITEOUT (value 0) in switch previous case at internal/fusefrontend/node.go:397:7 internal/fusefrontend/node.go:399:38: duplicate case syscallcompat.RENAME_NOREPLACE | syscallcompat.RENAME_WHITEOUT (value 0) in switch previous case at internal/fusefrontend/node.go:397:7
2022-01-22fusefrontend: support RENAME_WHITEOUT, RENAME_EXCHANGEJakob Unterwurzacher
Both new internal test and xfstests generic/013 are happy. https://github.com/rfjakob/gocryptfs/issues/641
2021-12-09darwin: use O_NOFOLLOW for xattr opensJakob Unterwurzacher
Running the tests we have lots of these: Openat: O_NOFOLLOW missing: flags = 0x4 -wpanic turns this warning into a panic: Openat: O_NOFOLLOW missing: flags = 0x4 panic: -wpanic turns this warning into a panic: Openat: O_NOFOLLOW missing: flags = 0x4 goroutine 114 [running]: log.(*Logger).Panic(0x14000118280, {0x14000313ca8, 0x1, 0x1}) log/log.go:224 +0x90 github.com/rfjakob/gocryptfs/v2/internal/tlog.(*toggledLogger).Printf(0x14000076780, {0x1009dc2e8, 0x27}, {0x14000313d18, 0x1, 0x1}) github.com/rfjakob/gocryptfs/v2/internal/tlog/log.go:78 +0x168 github.com/rfjakob/gocryptfs/v2/internal/syscallcompat.Openat(0x9, {0x1009d0747, 0x1}, 0x4, 0x0) github.com/rfjakob/gocryptfs/v2/internal/syscallcompat/sys_common.go:59 +0xf0 github.com/rfjakob/gocryptfs/v2/internal/fusefrontend.(*Node).getXAttr(0x14000142000, {0x1400001c140, 0x3a}) github.com/rfjakob/gocryptfs/v2/internal/fusefrontend/node_xattr_darwin.go:30 +0x8c github.com/rfjakob/gocryptfs/v2/internal/fusefrontend.(*Node).Getxattr(0x14000142000, {0x100a7eba0, 0x1400000c2e8}, {0x14000016348, 0x14}, {0x14000326000, 0x20, 0x4000}) github.com/rfjakob/gocryptfs/v2/internal/fusefrontend/node_xattr.go:65 +0x1ac github.com/hanwen/go-fuse/v2/fs.(*rawBridge).GetXAttr(0x1400008e140, 0x140001901e0, 0x140001133c0, {0x14000016348, 0x14}, {0x14000326000, 0x20, 0x4000}) github.com/hanwen/go-fuse/v2@v2.1.1-0.20210825171523-3ab5d95a30ae/fs/bridge.go:685 +0x114 github.com/hanwen/go-fuse/v2/fuse.doGetXAttr(0x14000144000, 0x14000113200) github.com/hanwen/go-fuse/v2@v2.1.1-0.20210825171523-3ab5d95a30ae/fuse/opcode.go:270 +0x224 github.com/hanwen/go-fuse/v2/fuse.(*Server).handleRequest(0x14000144000, 0x14000113200) github.com/hanwen/go-fuse/v2@v2.1.1-0.20210825171523-3ab5d95a30ae/fuse/server.go:499 +0x214 created by github.com/hanwen/go-fuse/v2/fuse.(*Server).loop github.com/hanwen/go-fuse/v2@v2.1.1-0.20210825171523-3ab5d95a30ae/fuse/server.go:470 +0xac https://github.com/rfjakob/gocryptfs/issues/625
2021-08-30Unbreak hyperlinks broken by go mod v2 conversionJakob Unterwurzacher
Commit 69d88505fd7f4cb0d9e4f1918de296342fe05858 go mod: declare module version v2 translated all instances of "github.com/rfjakob/gocryptfs/" to "github.com/rfjakob/gocryptfs/v2/". Unfortunately, this included hyperlinks. Unbreak the hyperlinks like this: find . -name \*.go | xargs sed -i s%https://github.com/rfjakob/gocryptfs/v2/%https://github.com/rfjakob/gocryptfs/v2/%
2021-08-23go mod: declare module version v2Jakob Unterwurzacher
Our git version is v2+ for some time now, but go.mod still declared v1. Hopefully making both match makes https://pkg.go.dev/github.com/rfjakob/gocryptfs/v2 work. All the import paths have been fixed like this: find . -name \*.go | xargs sed -i s%github.com/rfjakob/gocryptfs/%github.com/rfjakob/gocryptfs/v2/%
2021-08-19syscallcompat: use early return in asUser()Jakob Unterwurzacher
2021-08-18Fix issues found by ineffassignJakob Unterwurzacher
gocryptfs$ ineffassign ./... /home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/configfile/config_file.go:243:2: ineffectual assignment to scryptHash /home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/configfile/config_file.go:272:2: ineffectual assignment to scryptHash /home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/fusefrontend/file.go:285:3: ineffectual assignment to fileID /home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/fusefrontend/node.go:367:3: ineffectual assignment to err /home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/fusefrontend/node_open_create.go:68:2: ineffectual assignment to fd /home/jakob/go/src/github.com/rfjakob/gocryptfs/mount.go:308:2: ineffectual assignment to masterkey /home/jakob/go/src/github.com/rfjakob/gocryptfs/gocryptfs-xray/xray_main.go:156:13: ineffectual assignment to err /home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/fusefrontend/prepare_syscall_test.go:65:16: ineffectual assignment to errno /home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/syscallcompat/open_nofollow_test.go:34:2: ineffectual assignment to fd /home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/defaults/acl_test.go:111:6: ineffectual assignment to err /home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/defaults/acl_test.go:181:2: ineffectual assignment to sz /home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/defaults/acl_test.go:198:2: ineffectual assignment to sz /home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/defaults/main_test.go:365:8: ineffectual assignment to err /home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/xattr/xattr_fd_test.go:30:6: ineffectual assignment to err /home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/xattr/xattr_fd_test.go:66:6: ineffectual assignment to err
2021-08-11syscallcompat: use BTRFS_SUPER_MAGIC from unix libJakob Unterwurzacher
2021-08-11syscallcompat: move quirks logic here & fix darwinJakob Unterwurzacher
We need to look at f_fstypename acc. to https://stackoverflow.com/a/52299141/1380267 : > As filesystem type numbers are now assigned at runtime in > recent versions of MacOS, you must use f_fstypename to > determine the type. https://github.com/rfjakob/gocryptfs/issues/585
2021-06-05syscallcompat: drop obsolete wrappersJakob Unterwurzacher
These are now available cross-platform in the unix package.
2021-06-02fusefrontend: run acl Setxattr in user contextJakob Unterwurzacher
The result of setting an acl depends on who runs the operation! Fixes fuse-xfstests generic/375 (see https://github.com/rfjakob/fuse-xfstests/wiki/results_2021-05-19)
2021-05-26syscallcompat: add GetdentsSpecial()Jakob Unterwurzacher
GetdentsSpecial calls then Getdents syscall, with normal entries and "." / ".." split into two slices.
2021-05-22syscallcompat: also refactor MkdiratUser on GOOS=darwinJakob Unterwurzacher
Breakage was: +GOOS=darwin +GOARCH=amd64 +go build -tags without_openssl internal/fusefrontend/node_dir_ops.go:45:34: cannot use context (type *fuse.Context) as type *fuse.Caller in argument to syscallcompat.MkdiratUser internal/fusefrontend/node_dir_ops.go:83:35: cannot use context (type *fuse.Context) as type *fuse.Caller in argument to syscallcompat.MkdiratUser
2021-05-22syscallcompat: refactor MkdiratUser to take fuse.ContextJakob Unterwurzacher
Let's have MkdiratUser take fuse.Context like everybody else.
2021-05-22syscallcompat: deduplicate OpenatUser/MknodatUser/SymlinkatUser/MkdiratUserJakob Unterwurzacher
Turns out the whole euid switching logic can be shared when wrapping the syscall in a closure.
2021-03-14syscallcompat: getdents: link to #483Jakob Unterwurzacher
Give a user receiving the Getdents warning some background info.
2021-02-06syscallcompat: MknodatUser: work around changed syscall.Setgroups semanticsJakob Unterwurzacher
Since go1.16beta1 (commit d1b1145cace8b968307f9311ff611e4bb810710c , https://go-review.googlesource.com/c/go/+/210639 ) syscall.{Setgroups,Setregid,Setreuid} affects all threads, which is exactly what we not want. We now use unix.{Setgroups,Setregid,Setreuid} instead. Workarounds https://github.com/golang/go/issues/1435 .
2020-10-19Drop two more generated filesJakob Unterwurzacher
These were committed by mistake.
2020-10-19Drop generated filesJakob Unterwurzacher
These were committed by mistake.
2020-10-18fusefronted: reject GETXATTR "security.capability"Jakob Unterwurzacher
Unless we are mounted with -suid, we can reject these requests, and gain back some lost speed. Closes https://github.com/rfjakob/gocryptfs/issues/515
2020-10-18syscallcompat: add getxattr fastpathsJakob Unterwurzacher
The allocations from Lgetxattr were #1 in the tar extract allocation profile (caused by security.capability lookups). No more! $ benchstat old.txt new.txt name old time/op new time/op delta Lgetxattr-4 15.2µs ± 0% 1.8µs ± 0% ~ (p=1.000 n=1+1) $ ./benchmark.bash Testing gocryptfs at /tmp/benchmark.bash.H8p: gocryptfs v2.0-beta1-4-g95ea738-dirty; go-fuse v2.0.4-0.20200908172753-0b6cbc515082 => github.com/rfjakob/go-fuse/v2 v2.0.4-0.20201015204057-88b12c99f8af; 2020-10-18 go1.15.3 linux/amd64 /tmp/benchmark.bash.H8p.mnt is a mountpoint WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 0,520109 s, 504 MB/s READ: 262144000 bytes (262 MB, 250 MiB) copied, 0,255672 s, 1,0 GB/s UNTAR: 30,238 MD5: 12,721 LS: 10,038 RM: 16,536
2020-10-16syscallcompat: add Lgetxattr benchmarkJakob Unterwurzacher
2020-10-14syscallcompat: don't retry Close()Jakob Unterwurzacher
After Close() returns, the fd is dead, even if we received EINTR. Don't retry, we could shoot down an unrelated fd that received the same fd number.
2020-10-14syscallcompat: retry ops on EINTRJakob Unterwurzacher
Retry operations that have been shown to throw EINTR errors on CIFS. Todo: Solution for this pain in the back: warning: unix.Getdents returned errno 2 in the middle of data rm: cannot remove 'linux-3.0.old3/Documentation/ABI/removed': Input/output error Progress towards fixing https://github.com/rfjakob/gocryptfs/issues/483 .
2020-10-11syscallcompat: Openat: retry on EINTRJakob Unterwurzacher
Towards fixing https://github.com/rfjakob/gocryptfs/issues/507
2020-09-09syscallcompat: add Renameat2 for DarwinJakob Unterwurzacher
2020-07-11v2api: remove OpenatUserCtx, MknodatUserCtx helpersJakob Unterwurzacher
Instead, use the new toFuseCtx() function introduced in an earlier commit.
2020-07-11v2api: implement MknodJakob Unterwurzacher
2020-06-21v2api: implement MkdirJakob Unterwurzacher
2020-06-21v2api: implement CreateJakob Unterwurzacher
2020-06-21v2api: implement Lookup()Jakob Unterwurzacher
Compiles, but untested otherwise. No caching.
2020-05-24syscallcompat: warn when Getdents truncates dataJakob Unterwurzacher
On CIFS mounts, unix.Getdents can return sudden ENOENT in the middle of data. This will not be reported as an error by user space tools, so return EIO instead. Also log it as a warning. https://github.com/rfjakob/gocryptfs/issues/483
2020-05-23syscallcompat: getdents: retry on EINTRJakob Unterwurzacher
Fixes: https://github.com/rfjakob/gocryptfs/issues/483 Related: https://github.com/golang/go/issues/38836
2020-05-17Update go-fuse import path to github.com/hanwen/go-fuse/v2Jakob Unterwurzacher
We need https://github.com/hanwen/go-fuse/commit/fd7328faf9fdf75709f7ba7df7072aaf4eeb18b3 to fix a crash reported in https://github.com/rfjakob/gocryptfs/issues/430 : 2019/10/30 17:14:16 Unknown opcode 2016 panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x508d38] This patch is only in the v2.x.x branch. Upgrade to v2, as the old API is also supported there. Running git grep hanwen/go-fuse | grep -v hanwen/go-fuse/v2 to check for forgotten references comes back clean.
2019-05-19Fix unix2syscall_darwin.go build failureJakob Unterwurzacher
Error was +GOOS=darwin +GOARCH=amd64 +go build -tags without_openssl # github.com/rfjakob/gocryptfs/internal/syscallcompat internal/syscallcompat/unix2syscall_darwin.go:22:32: u.Atimespec undefined (type unix.Stat_t has no field or method Atimespec) internal/syscallcompat/unix2syscall_darwin.go:23:32: u.Mtimespec undefined (type unix.Stat_t has no field or method Mtimespec) internal/syscallcompat/unix2syscall_darwin.go:24:32: u.Ctimespec undefined (type unix.Stat_t has no field or method Ctimespec) caused by https://github.com/golang/sys/commit/87c872767d25fb96dfe96c794fd028b38a08440b#diff-4913a9178621eadcdf191db17915fbcb
2019-05-01syscallcompat: fetch supplementary groups for OpenatUser & friendsSebastian Lackner
Handled the same way in GlusterFS, disorderfs, libfuse. Fixes https://github.com/rfjakob/gocryptfs/issues/394
2019-05-01tests: split testParentDir by UIDJakob Unterwurzacher
When we run tests as root, they will leave root-owned files in testParentDir, which causes trouble when we run tests as a normal user later on. Split by UID.
2019-01-20Revert "syscallcompat: drop Faccessat AT_SYMLINK_NOFOLLOW helper"Jakob Unterwurzacher
Breaks mounting on MacOS: unix.Faccessat on Darwin does NOT (yet) support AT_SYMLINK_NOFOLLOW. See d44fe89ba4f3252c5bd00c4f7730197732f2a26a . This reverts commit 0805a63df1b5f915b228727f6074c2506922d0ad.
2019-01-20syscallcompat: drop Faccessat AT_SYMLINK_NOFOLLOW helperJakob Unterwurzacher
unix.Faccessat has added support for AT_SYMLINK_NOFOLLOW in July 2018, https://github.com/golang/sys/commit/bd9dbc187b6e1dacfdd2722a87e83093c2d7bd6e#diff-341484dbbe3180cd7a31ef2ad2d679b6 which means we no longer need our own helper. Closes https://github.com/rfjakob/gocryptfs/issues/347
2019-01-16fusefrontend: Rework the Utimens handling on macOS.Sebastian Lackner
For Linux, everything effectively stays the same. For both path-based and fd-based Utimens() calls, we use unix.UtimesNanoAt(). To avoid introducing a separate syscall wrapper for futimens() (as done in go-fuse, for example), we instead use the /proc/self/fd - trick. On macOS, this changes quite a lot: * Path-based Utimens() calls were previously completely broken, since unix.UtimensNanoAt() ignores the passed file descriptor. Note that this cannot be fixed easily since there IS no appropriate syscall available on macOS prior to High Sierra (10.13). We emulate this case by using Fchdir() + setattrlist(). * Fd-based Utimens() calls were previously translated to f.GetAttr() (to fill any empty parameters) and syscall.Futimes(), which does not does support nanosecond precision. Both issues can be fixed by switching to fsetattrlist(). Fixes https://github.com/rfjakob/gocryptfs/issues/350
2019-01-14tests: reduce noise on MacOSJakob Unterwurzacher
This should get rid of Openat: O_NOFOLLOW missing: flags = 0x0 Fchmodat: adding missing AT_SYMLINK_NOFOLLOW flag sys_common_test.go:203: chmod on symlink should have failed, but did not. New mode=0333 UnmountErr: "[...]/057376762.mnt" was not found in MountInfo, cannot check for FD leak and add some context to --- FAIL: TestUtimesNano (0.00s) matrix_test.go:628: no such file or directory See https://github.com/rfjakob/gocryptfs/pull/343#issuecomment-453888006 for full test output
2019-01-14syscallcompat: fix FchmodatNofollow testsJakob Unterwurzacher
FchmodatNofollow dropped the flags parameter.
2019-01-14syscallcompat: rework Fchmodat to FchmodatNofollowJakob Unterwurzacher
We never want Fchmodat to follow symlinks, so follow what Qemu does, and call our function FchmodatNofollow.
2019-01-14syscallcompat: Drop Fstatat emulation on macOS.Sebastian Lackner
2019-01-14syscallcompat: Drop Mkdirat emulation on macOS.Sebastian Lackner
2019-01-14syscallcompat: Drop Symlinkat emulation on macOS.Sebastian Lackner