Age | Commit message (Collapse) | Author |
|
gocryptfs 2.0 introduced the regression that the size
reported at symlink creation was the ciphertext size,
which is wrong.
Report the plaintext size.
Fixes https://github.com/rfjakob/gocryptfs/issues/574
|
|
xfstests generic/523 discovered that we allowed to set
xattrs with "/" in the name, but did not allow to read
them later.
With this change we do not allow to set them in the first
place.
|
|
Failure looked like this:
--- FAIL: TestFileHoleCopy (3.73s)
--- FAIL: TestFileHoleCopy/k81 (0.04s)
file_holes_test.go:93: size changed: st0.Blocks=88 st2.Blocks=96
file_holes_test.go:147: aborting further subtests
$ findholes TestFileHoleCopy.k81.1
0 data
36864 hole
45056 data
50434 hole
50434 eof
$ findholes TestFileHoleCopy.k81.2
0 data
36864 hole
45056 data
50434 hole
50434 eof
$ filefrag -v TestFileHoleCopy.k81.1
Filesystem type is: ef53
File size of TestFileHoleCopy.k81.1 is 50434 (13 blocks of 4096 bytes)
ext: logical_offset: physical_offset: length: expected: flags:
0: 0.. 2: 23702311.. 23702313: 3:
1: 3.. 8: 20389855.. 20389860: 6: 23702314:
2: 11.. 12: 23702314.. 23702315: 2: 20389863: last,eof
TestFileHoleCopy.k81.1: 3 extents found
$ filefrag -v TestFileHoleCopy.k81.2
Filesystem type is: ef53
File size of TestFileHoleCopy.k81.2 is 50434 (13 blocks of 4096 bytes)
ext: logical_offset: physical_offset: length: expected: flags:
0: 0.. 2: 20389861.. 20389863: 3:
1: 3.. 4: 23702316.. 23702317: 2: 20389864:
2: 5.. 6: 20389864.. 20389865: 2: 23702318:
3: 7.. 8: 23702318.. 23702319: 2: 20389866:
4: 11.. 12: 23702320.. 23702321: 2: last,eof
TestFileHoleCopy.k81.2: 4 extents found
|
|
In response to the discussion of the xfstests mailing list [1],
I looked at the Lseek implementation, which was naive and
did not handle all cases correctly.
The new implementation aligns the returned values to 4096 bytes
as most callers expect.
A lot of tests are added to verify that we handle all
cases correctly now.
[1]: https://www.spinics.net/lists/fstests/msg16554.html
|
|
Currently fails.
|
|
Problem in go-fuse has long been fixed.
|
|
As discovered by xfstests generic/401 [1], during the move to
the v2 api we seem to have lost the "." and ".." directory
entries.
[1]: https://github.com/rfjakob/fuse-xfstests/blob/4ef5b032bc283743d0eb58a8a28738766e664899/screenlog.0#L520
|
|
With test to verify that it actually works this
time: Run "make root_test".
Depends-on: https://github.com/rfjakob/gocryptfs/issues/536
Fixes: https://github.com/rfjakob/gocryptfs/issues/536
|
|
With 1.0 seconds we see failures on Travis, example:
https://travis-ci.org/github/rfjakob/gocryptfs/builds/765648739
With 1.1 seconds it seems to always work.
|
|
|
|
Towards better test coverage of shared backing storage
mounts.
https://github.com/rfjakob/gocryptfs/issues/525
|
|
The inode number is not stable with `-sharedstorage`.
Ignore it.
Failure was like this:
--- FAIL: TestFallocate (0.02s)
helpers.go:229: Stat vs Fstat mismatch:
st= {59 11543 1 33188 1026 1026 0 0 0 4096 8 {1616315569 838232716} {1616315569 838232716} {1616315569 838232716} [0 0 0]}
st2={59 11545 1 33188 1026 1026 0 0 0 4096 8 {1616315569 838232716} {1616315569 838232716} {1616315569 838232716} [0 0 0]}
|
|
Currently fails like this:
=== RUN TestRmwRace
doRead 0: corrupt block #0: cipher: message authentication failed
-wpanic turns this warning into a panic: doRead 0: corrupt block #0: cipher: message authentication failed
panic: -wpanic turns this warning into a panic: doRead 0: corrupt block #0: cipher: message authentication failed
goroutine 1293 [running]:
log.(*Logger).Panic(0xc00011c230, 0xc0003b17c8, 0x1, 0x1)
log/log.go:224 +0xac
github.com/rfjakob/gocryptfs/internal/tlog.(*toggledLogger).Printf(0xc00007a780, 0x55a821a766a1, 0x20, 0xc0003b19f0, 0x3, 0x3)
github.com/rfjakob/gocryptfs/internal/tlog/log.go:78 +0x1ef
github.com/rfjakob/gocryptfs/internal/fusefrontend.(*File).doRead(0xc0001ff420, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x1, 0xc000880000, 0x1020)
github.com/rfjakob/gocryptfs/internal/fusefrontend/file.go:201 +0x8c9
github.com/rfjakob/gocryptfs/internal/fusefrontend.(*File).doWrite(0xc0001ff420, 0xc000248428, 0x10, 0x30, 0xff0, 0x3, 0x18)
github.com/rfjakob/gocryptfs/internal/fusefrontend/file.go:291 +0xc9e
github.com/rfjakob/gocryptfs/internal/fusefrontend.(*File).Write(0xc0001ff420, 0x55a821b306a0, 0xc000fbde90, 0xc000248428, 0x10, 0x30, 0xff0, 0x7f4a00000000, 0x0)
github.com/rfjakob/gocryptfs/internal/fusefrontend/file.go:378 +0x25e
github.com/hanwen/go-fuse/v2/fs.(*rawBridge).Write(0xc000168140, 0xc000096000, 0xc0002483d8, 0xc000248428, 0x10, 0x30, 0x55a821ad40e0)
github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fs/bridge.go:819 +0x26d
github.com/hanwen/go-fuse/v2/fuse.doWrite(0xc000170160, 0xc000248240)
github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fuse/opcode.go:191 +0x6f
github.com/hanwen/go-fuse/v2/fuse.(*Server).handleRequest(0xc000170160, 0xc000248240, 0xc000000000)
github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fuse/server.go:472 +0x2be
github.com/hanwen/go-fuse/v2/fuse.(*Server).loop(0xc000170160, 0xc000cd4101)
github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fuse/server.go:445 +0x198
created by github.com/hanwen/go-fuse/v2/fuse.(*Server).readRequest
github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fuse/server.go:312 +0x41d
matrix_test.go:354: Write failed
|
|
Allows to drop a few Mkdir()s.
|
|
Also fix incomplete uid restoration in TestSupplementaryGroups
and replace syscall.Setregid and friends with unix.Setregid and
friends.
This test is added to check if have problems handling a full disk.
The ticket https://github.com/rfjakob/gocryptfs/issues/550 states
that the full disk was not where the backing gocryptfs filesystem
was, but this has no effect on gocryptfs, so we test the harder
case.
|
|
Hard link tracking was not correctly disabled
since the migration to the go-fuse v2 api.
Add a test to ensure it stays off.
Fixes https://github.com/rfjakob/gocryptfs/issues/525
|
|
Pass through system.posix_acl_access and system.posix_acl_default
unencrypted to fix "cp -a" problems.
"cp -a" uses "setxattr" even to set normal permissions, see
https://www.spinics.net/lists/linux-nfs/msg63986.html .
Fixes https://github.com/rfjakob/gocryptfs/issues/543
|
|
The blob was truncated to 31 bytes.
|
|
world-readable
Make `gocryptfs.diriv` and `gocryptfs.xxx.name` files world-readable to make encrypted backups easier
when mounting via fstab.
Having the files follow chmod/chown of their parent does not seem
to be worth the hassle. The content of the diriv files is not
secret, and both diriv and name files are protected by the
perms of the parent dir.
Fixes https://github.com/rfjakob/gocryptfs/issues/539
|
|
|
|
Also add a wrapper script, fsstress.collect-crashes.sh, to collect
the debug output.
https://github.com/hanwen/go-fuse/issues/372
|
|
We would hang like this
./fsstress-loopback.bash
Recompile go-fuse loopback: v2.0.3-7-g0b6cbc5
Waiting for mount: xxxxxxxx^C
if TMPDIR has a trailing /. The reason is that the
paths in /proc/self/mounts are normalized, while
TMPDIR may not be.
|
|
To make the used go-fuse version clear in logs,
print it on startup, similar to what we do with gocryptfs.
|
|
Apparently, kernel 5.8 now allows unprivileged "mknod /tmp/x c 0 0":
vfs: allow unprivileged whiteout creation
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.8.9&id=a3c751a50fe6bbe50eb7622a14b18b361804ee0c
which is why rm throws a new prompt:
rm: remove write-protected character special file '...'?
Use rm -Rf to suppress that.
|
|
|
|
|
|
ext4 reuses inode numbers, tmpfs does not.
|
|
|
|
Fixes https://github.com/rfjakob/gocryptfs/pull/503
|
|
v1api reverse mode did not have xattr support,
the v2api version may have at some point. Prep the
test already.
|
|
|
|
|
|
Tests pass now.
|
|
Instead bubble up the error to the testing object.
|
|
Like extractloop.bash.
|
|
|
|
This also fixes the last remaining tests/fsck failure.
|
|
Directly accessing the Nodes does not work properly,
as there is no way to attach a newly LOOKUPped Node
to the tree. This means Path() does not work.
Use an actual mount instead and walk the tree.
|
|
Chasing a bug that seems to have nothing to do
with magic names, as it already triggers during
warmup:
--- FAIL: TestMagicNames (0.00s)
matrix_test.go:773: Testing n="warmup1"
matrix_test.go:773: Testing n="warmup2"
matrix_test.go:820: no such file or directory
|
|
|
|
|
|
|
|
|
|
Simplify the tests by using empty files. Empty
files are valid, and we don't check the content
anyway.
Also adjust comment style a little and add
a missing break statement.
|
|
Changed invalid file decoding and decryption. Function
DecryptName now shortens the filename until the filename is
decodable and decryptable. Will work with valid **and**
invalid Base64URL delimiter (valid delimiter [0-9a-zA-z_\\-].
If the filename is not decryptable at all, it returns the
original cipher name with flag suffix Changed cli tests to
generate decryptable and undecryptable file names with correct
encrypted content. Replacing #474, extends #393
|
|
Locale trouble was
sshfs-benchmark.bash: line 31: printf: 4.71: invalid number
because printf expected "4,71" in the German locale.
Force the C locale.
|
|
Looking at the dircache debug output, we see
that a "git status" workload has a very bad
cache hit rate because the entries expire or
get evicted before they can be reused.
Increase both cache size and lifetime for
a 4x speedup:
Before: 75s
After: 17s
https://github.com/rfjakob/gocryptfs/issues/410
|
|
Each file will be read and then concatenated
for the effictive password. This can be used as a
kind of multi-factor authenticiton.
Fixes https://github.com/rfjakob/gocryptfs/issues/288
|
|
https://github.com/client9/misspell
|
|
The -0 flags works like xargs -0.
|