aboutsummaryrefslogtreecommitdiff
path: root/internal
AgeCommit message (Collapse)Author
2019-01-03fusefronted: dirCache: fix bug handling ""Jakob Unterwurzacher
Bug looked like this: $ ls -l . total 0 drwxrwxr-x. 2 jakob jakob 60 Jan 3 15:42 foo -rw-rw-r--. 1 jakob jakob 0 Jan 3 15:46 x $ ls -l . ls: cannot access '.': No such file or directory (only happened when "" was in the dirCache)
2019-01-03fusefrontend: add dirCacheJakob Unterwurzacher
2019-01-03nametransform: simplify WriteDirIV to WriteDirIVAtJakob Unterwurzacher
Un-spaghettify the function and let the callers open the directory.
2019-01-02fusefrontend: use O_RDONLY in the ListXAttr fallback pathJakob Unterwurzacher
Copy-paste error. https://github.com/rfjakob/gocryptfs/issues/308
2019-01-02fusefrontend: move openBackingDir into its own fileJakob Unterwurzacher
This function is in all fastpaths, will get a cache, and needs its own file. renamed: internal/fusefrontend/names.go -> internal/fusefrontend/openbackingdir.go renamed: internal/fusefrontend/names_test.go -> internal/fusefrontend/openbackingdir_test.go
2019-01-02fusefronted: make EncryptPath symlink-safeJakob Unterwurzacher
Finally allows us to delete EncryptPathDirIV.
2019-01-02fusefrontend: xattr: fix operations on files without read permissionsJakob Unterwurzacher
* listxattr is fixed via the /proc/self/fd trick * setxattr,removexattr are fixed by opening the file O_WRONLY Fixes https://github.com/rfjakob/gocryptfs/issues/308
2019-01-02fusefrontend: don't downgrade type needlesslyJakob Unterwurzacher
2019-01-02fusefrontend: use Fsetxattr/Fgetxattr/etc on all platformsJakob Unterwurzacher
Darwin now also has these functions, use them. Simplifies the code and makes it symlink-safe on Darwin as well.
2019-01-02syscallcompat: add Fgetxattr / Fsetxattr wrappersJakob Unterwurzacher
These take care of buffer sizing and parsing.
2019-01-02fusefrontend: openBackingDir: fix fd leak in error pathJakob Unterwurzacher
Reported by @slackner at https://github.com/rfjakob/gocryptfs/commit/932efbd4593fe6be6c86f0dafeaea32910b7c246#r31813373 thanks!
2019-01-02nametransform: fix possible incomplete read in ReadLongNameAtJakob Unterwurzacher
Pread() needs retry logic, so instead of implementing it ourselves, use os.File. Reported by @slackner at https://github.com/rfjakob/gocryptfs/commit/c09bf1f2284706232642431c75fa1f3d8500a9d0#r31813394
2019-01-01fusefrontend: fix fd leak in error pathJakob Unterwurzacher
2019-01-01fusefrontend: fix fd leak in Access()Jakob Unterwurzacher
Thanks @slackner! Fixes https://github.com/rfjakob/gocryptfs/issues/306
2019-01-01fusefrontend: xattr: fix hang on FIFOsJakob Unterwurzacher
An Open() a fifo blocks until it is opened for writing. This meant that xattr operations on FIFOs would block. Pass O_NONBLOCK to fix that, and add a test.
2019-01-01fusefrontend: only compile getBackingPath() on DarwinJakob Unterwurzacher
This function is NOT symlink-safe. Darwin needs it because it lacks fgetxattr(2) and friends.
2019-01-01fusefrontend: make ListXAttr symlink-safe on LinuxJakob Unterwurzacher
Uses /proc/self/fd.
2019-01-01fusefrontend: make RemoveXAttr() symlink-safeJakob Unterwurzacher
Uses /proc/self/fd on Linux.
2019-01-01fusefrontend: make SetXAttr() symlink-safe on LinuxJakob Unterwurzacher
Uses the /proc/self/fd trick.
2019-01-01fusefrontend: make GetXAttr() symlink-safe on LinuxJakob Unterwurzacher
Uses the /proc/self/fd trick, which does not work on Darwin.
2019-01-01fusefrontend: make Utimens symlink-safeJakob Unterwurzacher
unix.UtimesNanoAt now also exists on Darwin, yay!
2019-01-01fusefrontend: fix compile failure on DarwinJakob Unterwurzacher
Failure was: + GOOS=darwin + GOARCH=amd64 + go build -tags without_openssl # github.com/rfjakob/gocryptfs/internal/fusefrontend internal/fusefrontend/fs_dir.go:159:60: cannot use origMode | 448 (type uint16) as type uint32 in argument to syscallcompat.Fchmodat internal/fusefrontend/fs_dir.go:170:33: cannot use origMode (type uint16) as type uint32 in argument to syscallcompat.Fchmodat
2019-01-01fusefrontend: mark Truncate, Unlink, Symlink symlink-safeJakob Unterwurzacher
No changes needed.
2019-01-01fusefrontend: make Rmdir symlink-safeJakob Unterwurzacher
Now uses Unlinkat.
2019-01-01nametransform: rename WriteLongName() -> WriteLongNameAt()Jakob Unterwurzacher
And also rename DeleteLongName() -> DeleteLongNameAt(). The naming follow the names open the openat() etc syscalls.
2019-01-01fusefrontend: make Readlink() symlink-safeJakob Unterwurzacher
Now symlink-safe through Readlinkat().
2019-01-01fusefrontend: make OpenDir() symlink-safeJakob Unterwurzacher
Interestingly, little or no performance impact: $ ./benchmark.bash Testing gocryptfs at /tmp/benchmark.bash.39W: gocryptfs v1.6-42-g30c2349-dirty; go-fuse v20170619-66-g6df8ddc; 2018-11-04 go1.11 Downloading linux-3.0.tar.gz /tmp/linux-3.0.tar.gz 100%[=========================================================================>] 92.20M 2.93MB/s in 31s 2018-11-04 21:44:44 URL:https://cdn.kernel.org/pub/linux/kernel/v3.0/linux-3.0.tar.gz [96675825/96675825] -> "/tmp/linux-3.0.tar.gz" [1] WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 1.1808 s, 222 MB/s READ: 262144000 bytes (262 MB, 250 MiB) copied, 0.866438 s, 303 MB/s UNTAR: 24.745 MD5: 12.050 LS: 3.525 RM: 9.544 Note: kernel has been updated: $ uname -a Linux brikett 4.18.16-200.fc28.x86_64 #1 SMP Sat Oct 20 23:53:47 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
2019-01-01fusefrontend: mark a few more functions as symlink-safe / unsafeJakob Unterwurzacher
2019-01-01fusefrontend: use openBackingDir in ctlsock interfaceJakob Unterwurzacher
Instead of calling syscall.Open() ourselves, rely on openBackingDir().
2019-01-01fusefrontend: make GetAttr() symlink-safeJakob Unterwurzacher
Use openBackingDir() and Fstatat(). High performance impact, though part of it should be mitigated by adding DirIV caching to the new code paths. $ ./benchmark.bash Testing gocryptfs at /tmp/benchmark.bash.Eou: gocryptfs v1.6-37-ge3914b3-dirty; go-fuse v20170619-66-g6df8ddc; 2018-10-14 go1.11 WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 1.2289 s, 213 MB/s READ: 262144000 bytes (262 MB, 250 MiB) copied, 1.02616 s, 255 MB/s UNTAR: 24.490 MD5: 13.120 LS: 3.368 RM: 9.232
2019-01-01fusefrontend: make openBackingDir() symlink-safeJakob Unterwurzacher
openBackingDir() used encryptPath(), which is not symlink-safe itself. Drop encryptPath() and implement our own directory walk. Adds three seconds to untar and two seconds to rm: $ ./benchmark.bash Testing gocryptfs at /tmp/benchmark.bash.MzG: gocryptfs v1.6-36-g8fb3c2f-dirty; go-fuse v20170619-66-g6df8ddc; 2018-10-14 go1.11 WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 1.25078 s, 210 MB/s READ: 262144000 bytes (262 MB, 250 MiB) copied, 1.0318 s, 254 MB/s UNTAR: 20.941 MD5: 11.568 LS: 1.638 RM: 5.337
2019-01-01fusefrontend: mark symlink-safe FUSE callsJakob Unterwurzacher
Document which FUSE calls are already symlink-safe in the function comment.
2019-01-01fusefrontend: make DecryptPath() symlink-safeJakob Unterwurzacher
DecryptPath is now symlink-safe through the use of *at() functions.
2019-01-01fusefrontend: make Access() symlink-safe.Jakob Unterwurzacher
Make Access() symlink-safe through use of faccessat.
2019-01-01nametransform: comments: directly link to ioutil.WriteFile fixJakob Unterwurzacher
So the reader does not have to read through the whole ticket. The commit message has a nice summary of the problem.
2019-01-01fusefrontend: Fix debug message in doWrite() method.Sebastian Lackner
2019-01-01fusefrontend: Fix order of arguments in debug message for Read() FUSE call.Sebastian Lackner
2019-01-01nametransform: Delete incomplete longname files on error.Sebastian Lackner
2018-12-28configfile: Fix a copy&paste error in validateParams method.Sebastian Lackner
2018-12-27configfile: Explicitly wipe scrypt derived key after decrypting/encrypting ↵Sebastian Lackner
master key. Further raises the bar for recovering keys from memory.
2018-12-27Assorted spelling fixes.Sebastian Lackner
Mostly detected with the 'codespell' utility, but also includes some manual grammar fixes.
2018-12-27fusefrontend: Remove unnecessary check in doRead function.Sebastian Lackner
The same condition is already checked a few lines above, and 'err' is not changed inbetween.
2018-12-27fusefrontend: Don't treat Fchownat error as failure in Mkdir.Sebastian Lackner
The directory was already created, so return success even if Fchownat fails. The same error handling is already used if fs.args.PlaintextNames is false.
2018-12-27fusefrontend: Check the correct 'err' variable.Sebastian Lackner
2018-12-16tests: fix TestPassfileNewlineJakob Unterwurzacher
Due to a copy-paste error, we ran the wrong test in the subprocess. Thanks @slackner for noticing at https://github.com/rfjakob/gocryptfs/commit/295d432175292dbaef572093d784aab55f5c0b8f#r31690478 !
2018-12-15passfile: directly read file instead of invoking catJakob Unterwurzacher
Allows better error handling, gets rid of the call to an external program, and fixes https://github.com/rfjakob/gocryptfs/issues/278 .
2018-11-17syscallcompat: downgrade DT_UNKNOWN message level on XFSJakob Unterwurzacher
Old XFS filesystems always return DT_UNKNOWN. Downgrade the message to "info" level if we are on XFS. Using the "warning" level means that users on old XFS filesystems cannot run the test suite as it intentionally aborts on any warnings. Fixes https://github.com/rfjakob/gocryptfs/issues/267
2018-10-17tlog: disable color codes when switching to syslogJakob Unterwurzacher
When gocryptfs was started on a terminal and later daemonized, the color codes stayed active in the syslog output. The codes are not visible in "journalctl -f", which is why I have not noticed it yet, but they do show up in normal syslog as the usual "#033[33m" crap.
2018-10-17fusefronted: log more details on WriteAt failuresJakob Unterwurzacher
Also log inode number, fd number, offset and length. Maybe help debugging https://github.com/rfjakob/gocryptfs/issues/269 .
2018-10-11Add option for autounmountJesse Dunietz
Even though filesystem notifications aren't implemented for FUSE, I decided to try my hand at implementing the autounmount feature (#128). I based it on the EncFS autounmount code, which records filesystem accesses and checks every X seconds whether it's idled long enough to unmount. I've tested the feature locally, but I haven't added any tests for this flag. I also haven't worked with Go before. So please let me know if there's anything that should be done differently. One particular concern: I worked from the assumption that the open files table is unique per-filesystem. If that's not true, I'll need to add an open file count and associated lock to the Filesystem type instead. https://github.com/rfjakob/gocryptfs/pull/265