Age | Commit message (Collapse) | Author |
|
"git status" for reference:
renamed: pathfs_frontend/args.go -> internal/fusefrontend/args.go
renamed: pathfs_frontend/compat_darwin.go -> internal/fusefrontend/compat_darwin.go
renamed: pathfs_frontend/compat_linux.go -> internal/fusefrontend/compat_linux.go
renamed: pathfs_frontend/file.go -> internal/fusefrontend/file.go
renamed: pathfs_frontend/file_holes.go -> internal/fusefrontend/file_holes.go
renamed: pathfs_frontend/fs.go -> internal/fusefrontend/fs.go
renamed: pathfs_frontend/fs_dir.go -> internal/fusefrontend/fs_dir.go
renamed: pathfs_frontend/names.go -> internal/fusefrontend/names.go
renamed: pathfs_frontend/write_lock.go -> internal/fusefrontend/write_lock.go
modified: main.go
|
|
"git status" for reference:
deleted: cryptfs/cryptfs.go
deleted: cryptfs/names_core.go
modified: integration_tests/cli_test.go
modified: integration_tests/helpers.go
renamed: cryptfs/config_file.go -> internal/configfile/config_file.go
renamed: cryptfs/config_test.go -> internal/configfile/config_test.go
renamed: cryptfs/config_test/.gitignore -> internal/configfile/config_test/.gitignore
renamed: cryptfs/config_test/PlaintextNames.conf -> internal/configfile/config_test/PlaintextNames.conf
renamed: cryptfs/config_test/StrangeFeature.conf -> internal/configfile/config_test/StrangeFeature.conf
renamed: cryptfs/config_test/v1.conf -> internal/configfile/config_test/v1.conf
renamed: cryptfs/config_test/v2.conf -> internal/configfile/config_test/v2.conf
renamed: cryptfs/kdf.go -> internal/configfile/kdf.go
renamed: cryptfs/kdf_test.go -> internal/configfile/kdf_test.go
renamed: cryptfs/cryptfs_content.go -> internal/contentenc/content.go
new file: internal/contentenc/content_api.go
renamed: cryptfs/content_test.go -> internal/contentenc/content_test.go
renamed: cryptfs/file_header.go -> internal/contentenc/file_header.go
renamed: cryptfs/intrablock.go -> internal/contentenc/intrablock.go
renamed: cryptfs/address_translation.go -> internal/contentenc/offsets.go
new file: internal/cryptocore/crypto_api.go
renamed: cryptfs/gcm_go1.4.go -> internal/cryptocore/gcm_go1.4.go
renamed: cryptfs/gcm_go1.5.go -> internal/cryptocore/gcm_go1.5.go
renamed: cryptfs/nonce.go -> internal/cryptocore/nonce.go
renamed: cryptfs/openssl_aead.go -> internal/cryptocore/openssl_aead.go
renamed: cryptfs/openssl_benchmark.bash -> internal/cryptocore/openssl_benchmark.bash
renamed: cryptfs/openssl_test.go -> internal/cryptocore/openssl_test.go
new file: internal/nametransform/name_api.go
new file: internal/nametransform/names_core.go
renamed: cryptfs/names_diriv.go -> internal/nametransform/names_diriv.go
renamed: cryptfs/names_noiv.go -> internal/nametransform/names_noiv.go
renamed: cryptfs/names_test.go -> internal/nametransform/names_test.go
new file: internal/nametransform/pad16.go
renamed: cryptfs/log.go -> internal/toggledlog/log.go
renamed: cryptfs/log_go1.4.go -> internal/toggledlog/log_go1.4.go
renamed: cryptfs/log_go1.5.go -> internal/toggledlog/log_go1.5.go
modified: main.go
modified: masterkey.go
modified: pathfs_frontend/file.go
modified: pathfs_frontend/file_holes.go
modified: pathfs_frontend/fs.go
modified: pathfs_frontend/fs_dir.go
modified: pathfs_frontend/names.go
modified: test.bash
|
|
...and unexport dirIVCache
|
|
|
|
|
|
...against concurrent closes.
The testcase
(set -e; while true; do truncate -s $RANDOM b; done) &
(set -e; while true; do truncate -s $RANDOM b; done) &
uncovered lots of unnecessary RMW failures that were the result
of concurrent closes.
With this patch, the only remaining error is "Truncate on forgotten file"
that is probably caused by a problem in the go-fuse lib
( https://github.com/hanwen/go-fuse/issues/95 )
|
|
Also, print the inode number in Ftruncate warnings.
|
|
At the moment, FUSE writes to a single file are serialized by the kernel.
However, it is unclear if this is guaranteed behaviour or may change
in the future.
This patch adds our own per-inode write lock to rule out races regardless
of kernel behavoir.
|
|
This is in preparation of logging to syslog.
|
|
|
|
|
|
This pushes back the birthday bound for collisions to make it virtually
irrelevant.
|
|
If an empty directory is overwritten we will always get
ENOTEMPTY as the "empty" directory will still contain gocryptfs.diriv.
Handle that case by removing the target directory and trying again.
Fixes issue #10
|
|
...and minimal comment changes.
|
|
Fallocate can return EINTR (interrupted system call) and does so
quite often when cpu profiling is enabled.
|
|
This patch also splits off Mkdir and Rmdir into its own file.
Fixes issue #8, thanks to @diseq for the bug report.
|
|
Plaintextnames support has bitrotted during the DirIV additions,
this needs test cases. Will be added in a future patch.
Fixes issue #9.
|
|
|
|
|
|
This makes sure writing to a file fails early if the underlying
filesystem does not support fallocate. It also prevents partial header
write due to ENOSPC.
|
|
As it was, CIPHERDIR was prepended twice, causing every rename
to fail with ENOENT.
|
|
|
|
Another 3x performance boost for applications that walk the
directory tree.
Excerpt from performance.txt:
VERSION UNTAR LS RM
v0.4 48 1.5 5
v0.5-rc1 56 7 19
v0.5-rc1-1 54 4.1 9
v0.5-rc1-2 45 1.7 3.4 <---- THIS VERSION
|
|
Formerly, we called decryptPath for every name.
That resulted in a directory walk that reads in all diriv files
on the way.
Massive improvement for RM and LS (check performance.txt for details)
VERSION UNTAR RM LS
v0.4 48 5 1.5
v0.5-rc1 56 19 7
v0.5-rc1-1 54 9 4.1 <---- THIS VERSION
|
|
|
|
Both were missing adaptions for diriv usage resulting in broken
functionality
|
|
It decrypted all file names using the root directory iv
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Prevent the case that we run out of space in the middle of
writing a block - that would leave a corrupt block behind.
|
|
|
|
Also, forbid access to "gocryptfs.conf" in the root dir.
|
|
go get github.com/remyoudompheng/go-misc/deadcode
|
|
Move all the intelligence into the new file address_translation.go.
That the calculations were spread out too much became apparent when adding
the file header. This should make the code much easier to modify in the
future.
|
|
Format: [ "Version" uint16 big endian ] [ "Id" 16 random bytes ]
Quoting SECURITY.md:
* Every file has a header that contains a 16-byte random *file id*
* Each block uses the file id and its block number as GCM *authentication data*
* This means the position of the blocks is protected as well. The blocks
can not be reordered or copied between different files without
causing an decryption error.
|
|
|
|
Futimes() only takes microsecond resolution while the FUSE call
Utimens() wants nanosecond precision.
This is why UTIME_OMIT did not work - this change fixes the
xfstests generic/258 test failure.
The go library does not provide a FutimesNano() function which is
why I use UtimesNano() on /proc/self/fd/n.
This is what the Go library does in Futimes().
|
|
The implementation was incomplete, disable fallocate completely for now.
See https://github.com/rfjakob/gocryptfs/issues/1
Fixes xfstests generic/075
|
|
The bug was caused by using cipherOff where plainOff should
have been used.
Renamed the symbols for less confusion.
|
|
|
|
Uncovered by running xfstests generic/014 several times
|
|
|
|
"Offset" is unclear whether it is an offset from the start of file
or start of block. "Skip" seems much better.
|
|
Cuts down the runtime of xfstests generic/014
from 1822 seconds to 36 seconds
|