summaryrefslogtreecommitdiff
path: root/internal/nametransform/dirivcache/dirivcache.go
blob: 962ae372e67d3ca6b5667c8d8c64b9a7a0711d9e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
package dirivcache

import (
	"log"
	"strings"
	"sync"
	"time"
)

const (
	maxEntries = 100
	expireTime = 1 * time.Second
)

type cacheEntry struct {
	// DirIV of the directory.
	iv []byte
	// Relative ciphertext path of the directory.
	cDir string
}

// DirIVCache stores up to "maxEntries" directory IVs.
type DirIVCache struct {
	// data in the cache, indexed by relative plaintext path
	// of the directory.
	data map[string]cacheEntry

	// The DirIV of the root directory gets special treatment because it
	// cannot change (the root directory cannot be renamed or deleted).
	// It is unaffected by the expiry timer and cache clears.
	rootDirIV []byte

	// expiry is the time when the whole cache expires.
	// The cached entry might become out-of-date if the ciphertext directory is
	// modified behind the back of gocryptfs. Having an expiry time limits the
	// inconstancy to one second, like attr_timeout does for the kernel
	// getattr cache.
	expiry time.Time

	sync.RWMutex
}

// Lookup - fetch entry for "dir" (relative plaintext path) from the cache.
// Returns the directory IV and the relative encrypted path, or (nil, "")
// if the entry was not found.
func (c *DirIVCache) Lookup(dir string) (iv []byte, cDir string) {
	c.RLock()
	defer c.RUnlock()
	if dir == "" {
		return c.rootDirIV, ""
	}
	if c.data == nil {
		return nil, ""
	}
	if time.Since(c.expiry) > 0 {
		c.data = nil
		return nil, ""
	}
	v := c.data[dir]
	return v.iv, v.cDir
}

// Store - write an entry for directory "dir" into the cache.
// Arguments:
// dir ... relative plaintext path
// iv .... directory IV
// cDir .. relative ciphertext path
func (c *DirIVCache) Store(dir string, iv []byte, cDir string) {
	c.Lock()
	defer c.Unlock()
	if dir == "" {
		c.rootDirIV = iv
	}
	// Sanity check: plaintext and chiphertext paths must have the same number
	// of segments
	if strings.Count(dir, "/") != strings.Count(cDir, "/") {
		log.Panicf("inconsistent number of path segments: dir=%q cDir=%q", dir, cDir)
	}
	// Clear() may have cleared c.data: re-initialize
	if c.data == nil {
		c.data = make(map[string]cacheEntry, maxEntries)
		// Set expiry time one second into the future
		c.expiry = time.Now().Add(expireTime)
	}
	// Delete a random entry from the map if reached maxEntries
	if len(c.data) >= maxEntries {
		for k := range c.data {
			delete(c.data, k)
			break
		}
	}
	c.data[dir] = cacheEntry{iv, cDir}
}

// Clear ... clear the cache.
// Called from fusefrontend when directories are renamed or deleted.
func (c *DirIVCache) Clear() {
	c.Lock()
	defer c.Unlock()
	// Will be re-initialized in the next Store()
	c.data = nil
}