aboutsummaryrefslogtreecommitdiff
path: root/pathfs_frontend
AgeCommit message (Collapse)Author
2015-12-19Increase GCM IV size from 96 to 128 bitsJakob Unterwurzacher
This pushes back the birthday bound for collisions to make it virtually irrelevant.
2015-12-19diriv: handle directory rename over directoryJakob Unterwurzacher
If an empty directory is overwritten we will always get ENOTEMPTY as the "empty" directory will still contain gocryptfs.diriv. Handle that case by removing the target directory and trying again. Fixes issue #10
2015-12-13go fmtJakob Unterwurzacher
...and minimal comment changes.
2015-12-13Handle EINTR returned by FallocateJakob Unterwurzacher
Fallocate can return EINTR (interrupted system call) and does so quite often when cpu profiling is enabled.
2015-12-11Rmdir: handle creating and removing unreadable directoriesJakob Unterwurzacher
This patch also splits off Mkdir and Rmdir into its own file. Fixes issue #8, thanks to @diseq for the bug report.
2015-12-10Add missing PlaintextNames checks in OpenDir, Mkdir, Rmdir, initDirJakob Unterwurzacher
Plaintextnames support has bitrotted during the DirIV additions, this needs test cases. Will be added in a future patch. Fixes issue #9.
2015-12-08Add EME filename encryption & enable it by defaultJakob Unterwurzacher
2015-12-08go fmtJakob Unterwurzacher
2015-12-06fallocate the space needed for the file header beforehandJakob Unterwurzacher
This makes sure writing to a file fails early if the underlying filesystem does not support fallocate. It also prevents partial header write due to ENOSPC.
2015-12-06Fix rename, was broken broken by DirIV introductionJakob Unterwurzacher
As it was, CIPHERDIR was prepended twice, causing every rename to fail with ENOENT.
2015-11-29Run go fmtJakob Unterwurzacher
2015-11-29Add single-element cache for DirIV lookupJakob Unterwurzacher
Another 3x performance boost for applications that walk the directory tree. Excerpt from performance.txt: VERSION UNTAR LS RM v0.4 48 1.5 5 v0.5-rc1 56 7 19 v0.5-rc1-1 54 4.1 9 v0.5-rc1-2 45 1.7 3.4 <---- THIS VERSION
2015-11-29OpenDir performance: Read DirIV once and reuse it for all namesJakob Unterwurzacher
Formerly, we called decryptPath for every name. That resulted in a directory walk that reads in all diriv files on the way. Massive improvement for RM and LS (check performance.txt for details) VERSION UNTAR RM LS v0.4 48 5 1.5 v0.5-rc1 56 19 7 v0.5-rc1-1 54 9 4.1 <---- THIS VERSION
2015-11-28diriv: also support old CBC symlinkJakob Unterwurzacher
2015-11-28diriv: fix Symlink() and Readlink()Jakob Unterwurzacher
Both were missing adaptions for diriv usage resulting in broken functionality
2015-11-28diriv: fix readdirJakob Unterwurzacher
It decrypted all file names using the root directory iv
2015-11-28diriv: use "DirIV" flag to discern and support mounting old filesystemsJakob Unterwurzacher
2015-11-27Run go fmtJakob Unterwurzacher
2015-11-27diriv: Move WriteDirIV() to cryptfs; add locking to Mkdir, RmdirJakob Unterwurzacher
2015-11-27diriv: Convert filename encryption users to dirivJakob Unterwurzacher
2015-11-25diriv: Transactionally delete gocryptfs.diriv in RmdirJakob Unterwurzacher
2015-11-25diriv: Create gocryptfs.diriv in every directoryJakob Unterwurzacher
2015-11-14Run go fmt and go vetJakob Unterwurzacher
2015-11-09Add "-q" (quiet) flagJakob Unterwurzacher
2015-11-08Handle ENOSPC errors better by preallocating the space before writingJakob Unterwurzacher
Prevent the case that we run out of space in the middle of writing a block - that would leave a corrupt block behind.
2015-11-03Centralize path filter decision in CryptFS.IsFiltered()Jakob Unterwurzacher
2015-11-03Implement PlainTextNames modeJakob Unterwurzacher
Also, forbid access to "gocryptfs.conf" in the root dir.
2015-11-01Remove code detected by "deadcode"Jakob Unterwurzacher
go get github.com/remyoudompheng/go-misc/deadcode
2015-11-01Refactor ciphertext <-> plaintext offset translation functionsJakob Unterwurzacher
Move all the intelligence into the new file address_translation.go. That the calculations were spread out too much became apparent when adding the file header. This should make the code much easier to modify in the future.
2015-11-01Add file header (on-disk-format change)Jakob Unterwurzacher
Format: [ "Version" uint16 big endian ] [ "Id" 16 random bytes ] Quoting SECURITY.md: * Every file has a header that contains a 16-byte random *file id* * Each block uses the file id and its block number as GCM *authentication data* * This means the position of the blocks is protected as well. The blocks can not be reordered or copied between different files without causing an decryption error.
2015-10-06Use block number as authentication dataJakob Unterwurzacher
2015-10-04Utimens: Use UtimesNano instead of FutimesJakob Unterwurzacher
Futimes() only takes microsecond resolution while the FUSE call Utimens() wants nanosecond precision. This is why UTIME_OMIT did not work - this change fixes the xfstests generic/258 test failure. The go library does not provide a FutimesNano() function which is why I use UtimesNano() on /proc/self/fd/n. This is what the Go library does in Futimes().
2015-10-04fallocate: return ENOSYSJakob Unterwurzacher
The implementation was incomplete, disable fallocate completely for now. See https://github.com/rfjakob/gocryptfs/issues/1 Fixes xfstests generic/075
2015-10-04truncate: Fix bug that caused xfstests generic/030 to failJakob Unterwurzacher
The bug was caused by using cipherOff where plainOff should have been used. Renamed the symbols for less confusion.
2015-10-04Truncate: Logging improvements, show number of blocks as floatJakob Unterwurzacher
2015-10-04Fix Trucate() bug causing files to be too smallJakob Unterwurzacher
Uncovered by running xfstests generic/014 several times
2015-10-04Run go fmtJakob Unterwurzacher
2015-10-04intraBlock: Rename Offset to SkipJakob Unterwurzacher
"Offset" is unclear whether it is an offset from the start of file or start of block. "Skip" seems much better.
2015-10-04Utilize file hole passtrough capability in Truncate()Jakob Unterwurzacher
Cuts down the runtime of xfstests generic/014 from 1822 seconds to 36 seconds
2015-10-04Zero-pad last block if a file hole is created on Write()Jakob Unterwurzacher
Fixes TestFileHoles test
2015-10-04Fix xfstests generic/030 failureJakob Unterwurzacher
The actual fix is oldSize := f.cfs.PlainSize(uint64(fi.Size())) the rest is logging improvements
2015-10-03debug: log inode number instead of encrypted filenameJakob Unterwurzacher
Makes the log output smaller and more readable.
2015-09-30tests: Add append testJakob Unterwurzacher
2015-09-30Implement Truncate() + TestJakob Unterwurzacher
2015-09-30debug: Log encrypted filenameJakob Unterwurzacher
2015-09-19Fix Chown parameter orderJakob Unterwurzacher
2015-09-17Fix read benchmarkJakob Unterwurzacher
2015-09-16Fix symlink size reportingJakob Unterwurzacher
2015-09-13Don't warn about "gocryptfs.conf" in the ciphertext root dirJakob Unterwurzacher
2015-09-13Encrypt key with scrypt-hashed passwordJakob Unterwurzacher