Age | Commit message (Collapse) | Author |
|
At the moment, FUSE writes to a single file are serialized by the kernel.
However, it is unclear if this is guaranteed behaviour or may change
in the future.
This patch adds our own per-inode write lock to rule out races regardless
of kernel behavoir.
|
|
This is in preparation of logging to syslog.
|
|
|
|
|
|
This pushes back the birthday bound for collisions to make it virtually
irrelevant.
|
|
If an empty directory is overwritten we will always get
ENOTEMPTY as the "empty" directory will still contain gocryptfs.diriv.
Handle that case by removing the target directory and trying again.
Fixes issue #10
|
|
...and minimal comment changes.
|
|
Fallocate can return EINTR (interrupted system call) and does so
quite often when cpu profiling is enabled.
|
|
This patch also splits off Mkdir and Rmdir into its own file.
Fixes issue #8, thanks to @diseq for the bug report.
|
|
Plaintextnames support has bitrotted during the DirIV additions,
this needs test cases. Will be added in a future patch.
Fixes issue #9.
|
|
|
|
|
|
This makes sure writing to a file fails early if the underlying
filesystem does not support fallocate. It also prevents partial header
write due to ENOSPC.
|
|
As it was, CIPHERDIR was prepended twice, causing every rename
to fail with ENOENT.
|
|
|
|
Another 3x performance boost for applications that walk the
directory tree.
Excerpt from performance.txt:
VERSION UNTAR LS RM
v0.4 48 1.5 5
v0.5-rc1 56 7 19
v0.5-rc1-1 54 4.1 9
v0.5-rc1-2 45 1.7 3.4 <---- THIS VERSION
|
|
Formerly, we called decryptPath for every name.
That resulted in a directory walk that reads in all diriv files
on the way.
Massive improvement for RM and LS (check performance.txt for details)
VERSION UNTAR RM LS
v0.4 48 5 1.5
v0.5-rc1 56 19 7
v0.5-rc1-1 54 9 4.1 <---- THIS VERSION
|
|
|
|
Both were missing adaptions for diriv usage resulting in broken
functionality
|
|
It decrypted all file names using the root directory iv
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Prevent the case that we run out of space in the middle of
writing a block - that would leave a corrupt block behind.
|
|
|
|
Also, forbid access to "gocryptfs.conf" in the root dir.
|
|
go get github.com/remyoudompheng/go-misc/deadcode
|
|
Move all the intelligence into the new file address_translation.go.
That the calculations were spread out too much became apparent when adding
the file header. This should make the code much easier to modify in the
future.
|
|
Format: [ "Version" uint16 big endian ] [ "Id" 16 random bytes ]
Quoting SECURITY.md:
* Every file has a header that contains a 16-byte random *file id*
* Each block uses the file id and its block number as GCM *authentication data*
* This means the position of the blocks is protected as well. The blocks
can not be reordered or copied between different files without
causing an decryption error.
|
|
|
|
Futimes() only takes microsecond resolution while the FUSE call
Utimens() wants nanosecond precision.
This is why UTIME_OMIT did not work - this change fixes the
xfstests generic/258 test failure.
The go library does not provide a FutimesNano() function which is
why I use UtimesNano() on /proc/self/fd/n.
This is what the Go library does in Futimes().
|
|
The implementation was incomplete, disable fallocate completely for now.
See https://github.com/rfjakob/gocryptfs/issues/1
Fixes xfstests generic/075
|
|
The bug was caused by using cipherOff where plainOff should
have been used.
Renamed the symbols for less confusion.
|
|
|
|
Uncovered by running xfstests generic/014 several times
|
|
|
|
"Offset" is unclear whether it is an offset from the start of file
or start of block. "Skip" seems much better.
|
|
Cuts down the runtime of xfstests generic/014
from 1822 seconds to 36 seconds
|
|
Fixes TestFileHoles test
|
|
The actual fix is
oldSize := f.cfs.PlainSize(uint64(fi.Size()))
the rest is logging improvements
|
|
Makes the log output smaller and more readable.
|
|
|
|
|
|
|
|
|