libgocryptfs/internal/fusefrontend/node.go

487 lines
13 KiB
Go
Raw Normal View History

package fusefrontend
import (
"context"
"syscall"
"golang.org/x/sys/unix"
"github.com/hanwen/go-fuse/v2/fs"
"github.com/hanwen/go-fuse/v2/fuse"
2020-06-21 13:25:12 +02:00
"github.com/rfjakob/gocryptfs/internal/nametransform"
"github.com/rfjakob/gocryptfs/internal/syscallcompat"
2020-06-21 13:25:12 +02:00
"github.com/rfjakob/gocryptfs/internal/tlog"
)
// Node is a file or directory in the filesystem tree
// in a gocryptfs mount.
type Node struct {
fs.Inode
}
2020-07-04 21:16:20 +02:00
// Lookup - FUSE call for discovering a file.
func (n *Node) Lookup(ctx context.Context, name string, out *fuse.EntryOut) (ch *fs.Inode, errno syscall.Errno) {
dirfd, cName, errno := n.prepareAtSyscall(name)
if errno != 0 {
return
}
2020-06-21 12:42:18 +02:00
defer syscall.Close(dirfd)
2020-07-04 21:16:20 +02:00
// Get device number and inode number into `st`
st, err := syscallcompat.Fstatat2(dirfd, cName, unix.AT_SYMLINK_NOFOLLOW)
if err != nil {
return nil, fs.ToErrno(err)
}
// Create new inode and fill `out`
2020-07-19 13:15:18 +02:00
ch = n.newChild(ctx, st, out)
// Translate ciphertext size in `out.Attr.Size` to plaintext size
n.translateSize(dirfd, cName, &out.Attr)
rn := n.rootNode()
if rn.args.SharedStorage {
// If we already have a child node that matches what we found on disk*
// (as reflected in `ch`), return it here.
//
// This keeps the Node ID for each directory entry stable
// (until forgotten).
//
// *We compare `name`, `Ino`, `Mode` (but not `Gen`!)
old := n.Inode.GetChild(name)
if old != nil &&
old.StableAttr().Ino == ch.StableAttr().Ino &&
// `Mode` has already been masked with syscall.S_IFMT by n.newChild()
old.StableAttr().Mode == ch.StableAttr().Mode {
return old, 0
}
}
return ch, 0
}
2020-06-21 14:08:53 +02:00
// GetAttr - FUSE call for stat()ing a file.
//
// GetAttr is symlink-safe through use of openBackingDir() and Fstatat().
2020-07-04 21:16:20 +02:00
func (n *Node) Getattr(ctx context.Context, f fs.FileHandle, out *fuse.AttrOut) (errno syscall.Errno) {
// If the kernel gives us a file handle, use it.
if f != nil {
return f.(fs.FileGetattrer).Getattr(ctx, out)
}
dirfd, cName, errno := n.prepareAtSyscallMyself()
2020-07-04 21:16:20 +02:00
if errno != 0 {
return
2020-06-21 12:42:18 +02:00
}
defer syscall.Close(dirfd)
2020-06-21 12:42:18 +02:00
st, err := syscallcompat.Fstatat2(dirfd, cName, unix.AT_SYMLINK_NOFOLLOW)
if err != nil {
return fs.ToErrno(err)
}
2020-07-12 15:03:42 +02:00
// Fix inode number
rn := n.rootNode()
rn.inoMap.TranslateStat(st)
2020-06-21 12:42:18 +02:00
out.Attr.FromStat(st)
2020-07-12 15:03:42 +02:00
// Translate ciphertext size in `out.Attr.Size` to plaintext size
n.translateSize(dirfd, cName, &out.Attr)
2020-07-12 15:03:42 +02:00
if rn.args.ForceOwner != nil {
out.Owner = *rn.args.ForceOwner
}
2020-06-21 12:42:18 +02:00
return 0
}
2020-06-21 13:25:12 +02:00
2020-06-21 14:08:53 +02:00
// Unlink - FUSE call. Delete a file.
//
// Symlink-safe through use of Unlinkat().
2020-07-04 21:16:20 +02:00
func (n *Node) Unlink(ctx context.Context, name string) (errno syscall.Errno) {
dirfd, cName, errno := n.prepareAtSyscall(name)
if errno != 0 {
return
2020-06-21 14:08:53 +02:00
}
defer syscall.Close(dirfd)
2020-07-04 21:16:20 +02:00
2020-06-21 14:08:53 +02:00
// Delete content
2020-07-04 21:16:20 +02:00
err := syscallcompat.Unlinkat(dirfd, cName, 0)
2020-06-21 14:08:53 +02:00
if err != nil {
return fs.ToErrno(err)
}
// Delete ".name" file
2020-07-04 21:16:20 +02:00
if !n.rootNode().args.PlaintextNames && nametransform.IsLongContent(cName) {
2020-06-21 14:08:53 +02:00
err = nametransform.DeleteLongNameAt(dirfd, cName)
if err != nil {
tlog.Warn.Printf("Unlink: could not delete .name file: %v", err)
}
}
return fs.ToErrno(err)
}
2020-07-04 20:32:02 +02:00
// Readlink - FUSE call.
//
// Symlink-safe through openBackingDir() + Readlinkat().
2020-07-04 21:16:20 +02:00
func (n *Node) Readlink(ctx context.Context) (out []byte, errno syscall.Errno) {
dirfd, cName, errno := n.prepareAtSyscallMyself()
2020-07-04 21:16:20 +02:00
if errno != 0 {
return
2020-07-04 20:32:02 +02:00
}
defer syscall.Close(dirfd)
return n.readlink(dirfd, cName)
2020-07-04 20:32:02 +02:00
}
2020-07-04 21:37:44 +02:00
2020-07-05 20:05:07 +02:00
// Setattr - FUSE call. Called for chmod, truncate, utimens, ...
func (n *Node) Setattr(ctx context.Context, f fs.FileHandle, in *fuse.SetAttrIn, out *fuse.AttrOut) (errno syscall.Errno) {
v2api: properly implement Node.Setattr We used to always open a *File2 and letting the *File2 handle Setattr. This does not work it we cannot open the file! Before: $ go test 2020/07/12 20:14:57 writer: Write/Writev failed, err: 2=no such file or directory. opcode: INTERRUPT 2020/07/12 20:14:57 writer: Write/Writev failed, err: 2=no such file or directory. opcode: INTERRUPT --- FAIL: TestLchown (0.00s) matrix_test.go:634: lchown /tmp/gocryptfs-test-parent-1026/014500839/default-plain/symlink: too many levels of symbolic links touch: setting times of '/tmp/gocryptfs-test-parent-1026/014500839/default-plain/utimesnano_symlink': Too many levels of symbolic links --- FAIL: TestUtimesNanoSymlink (0.00s) matrix_test.go:655: exit status 1 --- FAIL: TestMkfifo (0.00s) matrix_test.go:755: file exists --- FAIL: TestMagicNames (0.00s) matrix_test.go:773: Testing n="gocryptfs.longname.QhUr5d9FHerwEs--muUs6_80cy6JRp89c1otLwp92Cs" matrix_test.go:773: Testing n="gocryptfs.diriv" matrix_test.go:815: open /tmp/gocryptfs-test-parent-1026/014500839/default-plain/linktarget: permission denied --- FAIL: TestChmod (0.00s) matrix_test.go:840: chmod 444 -> 000 failed: permission denied matrix_test.go:840: chmod 444 -> 111 failed: permission denied matrix_test.go:840: chmod 444 -> 123 failed: permission denied matrix_test.go:840: chmod 444 -> 321 failed: permission denied FAIL exit status 1 FAIL github.com/rfjakob/gocryptfs/tests/matrix 0.790s After: $ go test --- FAIL: TestMkfifo (0.00s) matrix_test.go:755: file exists --- FAIL: TestMagicNames (0.00s) matrix_test.go:773: Testing n="gocryptfs.longname.QhUr5d9FHerwEs--muUs6_80cy6JRp89c1otLwp92Cs" matrix_test.go:773: Testing n="gocryptfs.diriv" matrix_test.go:815: open /tmp/gocryptfs-test-parent-1026/501766059/default-plain/linktarget: permission denied --- FAIL: TestChmod (0.00s) matrix_test.go:849: modeHave 0644 != modeWant 0 FAIL exit status 1 FAIL github.com/rfjakob/gocryptfs/tests/matrix 0.787s
2020-07-12 20:17:15 +02:00
// Use the fd if the kernel gave us one
2020-07-05 20:05:07 +02:00
if f != nil {
f2 := f.(*File)
v2api: properly implement Node.Setattr We used to always open a *File2 and letting the *File2 handle Setattr. This does not work it we cannot open the file! Before: $ go test 2020/07/12 20:14:57 writer: Write/Writev failed, err: 2=no such file or directory. opcode: INTERRUPT 2020/07/12 20:14:57 writer: Write/Writev failed, err: 2=no such file or directory. opcode: INTERRUPT --- FAIL: TestLchown (0.00s) matrix_test.go:634: lchown /tmp/gocryptfs-test-parent-1026/014500839/default-plain/symlink: too many levels of symbolic links touch: setting times of '/tmp/gocryptfs-test-parent-1026/014500839/default-plain/utimesnano_symlink': Too many levels of symbolic links --- FAIL: TestUtimesNanoSymlink (0.00s) matrix_test.go:655: exit status 1 --- FAIL: TestMkfifo (0.00s) matrix_test.go:755: file exists --- FAIL: TestMagicNames (0.00s) matrix_test.go:773: Testing n="gocryptfs.longname.QhUr5d9FHerwEs--muUs6_80cy6JRp89c1otLwp92Cs" matrix_test.go:773: Testing n="gocryptfs.diriv" matrix_test.go:815: open /tmp/gocryptfs-test-parent-1026/014500839/default-plain/linktarget: permission denied --- FAIL: TestChmod (0.00s) matrix_test.go:840: chmod 444 -> 000 failed: permission denied matrix_test.go:840: chmod 444 -> 111 failed: permission denied matrix_test.go:840: chmod 444 -> 123 failed: permission denied matrix_test.go:840: chmod 444 -> 321 failed: permission denied FAIL exit status 1 FAIL github.com/rfjakob/gocryptfs/tests/matrix 0.790s After: $ go test --- FAIL: TestMkfifo (0.00s) matrix_test.go:755: file exists --- FAIL: TestMagicNames (0.00s) matrix_test.go:773: Testing n="gocryptfs.longname.QhUr5d9FHerwEs--muUs6_80cy6JRp89c1otLwp92Cs" matrix_test.go:773: Testing n="gocryptfs.diriv" matrix_test.go:815: open /tmp/gocryptfs-test-parent-1026/501766059/default-plain/linktarget: permission denied --- FAIL: TestChmod (0.00s) matrix_test.go:849: modeHave 0644 != modeWant 0 FAIL exit status 1 FAIL github.com/rfjakob/gocryptfs/tests/matrix 0.787s
2020-07-12 20:17:15 +02:00
return f2.Setattr(ctx, in, out)
}
dirfd, cName, errno := n.prepareAtSyscallMyself()
v2api: properly implement Node.Setattr We used to always open a *File2 and letting the *File2 handle Setattr. This does not work it we cannot open the file! Before: $ go test 2020/07/12 20:14:57 writer: Write/Writev failed, err: 2=no such file or directory. opcode: INTERRUPT 2020/07/12 20:14:57 writer: Write/Writev failed, err: 2=no such file or directory. opcode: INTERRUPT --- FAIL: TestLchown (0.00s) matrix_test.go:634: lchown /tmp/gocryptfs-test-parent-1026/014500839/default-plain/symlink: too many levels of symbolic links touch: setting times of '/tmp/gocryptfs-test-parent-1026/014500839/default-plain/utimesnano_symlink': Too many levels of symbolic links --- FAIL: TestUtimesNanoSymlink (0.00s) matrix_test.go:655: exit status 1 --- FAIL: TestMkfifo (0.00s) matrix_test.go:755: file exists --- FAIL: TestMagicNames (0.00s) matrix_test.go:773: Testing n="gocryptfs.longname.QhUr5d9FHerwEs--muUs6_80cy6JRp89c1otLwp92Cs" matrix_test.go:773: Testing n="gocryptfs.diriv" matrix_test.go:815: open /tmp/gocryptfs-test-parent-1026/014500839/default-plain/linktarget: permission denied --- FAIL: TestChmod (0.00s) matrix_test.go:840: chmod 444 -> 000 failed: permission denied matrix_test.go:840: chmod 444 -> 111 failed: permission denied matrix_test.go:840: chmod 444 -> 123 failed: permission denied matrix_test.go:840: chmod 444 -> 321 failed: permission denied FAIL exit status 1 FAIL github.com/rfjakob/gocryptfs/tests/matrix 0.790s After: $ go test --- FAIL: TestMkfifo (0.00s) matrix_test.go:755: file exists --- FAIL: TestMagicNames (0.00s) matrix_test.go:773: Testing n="gocryptfs.longname.QhUr5d9FHerwEs--muUs6_80cy6JRp89c1otLwp92Cs" matrix_test.go:773: Testing n="gocryptfs.diriv" matrix_test.go:815: open /tmp/gocryptfs-test-parent-1026/501766059/default-plain/linktarget: permission denied --- FAIL: TestChmod (0.00s) matrix_test.go:849: modeHave 0644 != modeWant 0 FAIL exit status 1 FAIL github.com/rfjakob/gocryptfs/tests/matrix 0.787s
2020-07-12 20:17:15 +02:00
if errno != 0 {
return
}
defer syscall.Close(dirfd)
// chmod(2)
//
// gocryptfs.diriv & gocryptfs.longname.[sha256].name files do NOT get chmod'ed
// or chown'ed with their parent file/dir for simplicity.
// See nametransform/perms.go for details.
v2api: properly implement Node.Setattr We used to always open a *File2 and letting the *File2 handle Setattr. This does not work it we cannot open the file! Before: $ go test 2020/07/12 20:14:57 writer: Write/Writev failed, err: 2=no such file or directory. opcode: INTERRUPT 2020/07/12 20:14:57 writer: Write/Writev failed, err: 2=no such file or directory. opcode: INTERRUPT --- FAIL: TestLchown (0.00s) matrix_test.go:634: lchown /tmp/gocryptfs-test-parent-1026/014500839/default-plain/symlink: too many levels of symbolic links touch: setting times of '/tmp/gocryptfs-test-parent-1026/014500839/default-plain/utimesnano_symlink': Too many levels of symbolic links --- FAIL: TestUtimesNanoSymlink (0.00s) matrix_test.go:655: exit status 1 --- FAIL: TestMkfifo (0.00s) matrix_test.go:755: file exists --- FAIL: TestMagicNames (0.00s) matrix_test.go:773: Testing n="gocryptfs.longname.QhUr5d9FHerwEs--muUs6_80cy6JRp89c1otLwp92Cs" matrix_test.go:773: Testing n="gocryptfs.diriv" matrix_test.go:815: open /tmp/gocryptfs-test-parent-1026/014500839/default-plain/linktarget: permission denied --- FAIL: TestChmod (0.00s) matrix_test.go:840: chmod 444 -> 000 failed: permission denied matrix_test.go:840: chmod 444 -> 111 failed: permission denied matrix_test.go:840: chmod 444 -> 123 failed: permission denied matrix_test.go:840: chmod 444 -> 321 failed: permission denied FAIL exit status 1 FAIL github.com/rfjakob/gocryptfs/tests/matrix 0.790s After: $ go test --- FAIL: TestMkfifo (0.00s) matrix_test.go:755: file exists --- FAIL: TestMagicNames (0.00s) matrix_test.go:773: Testing n="gocryptfs.longname.QhUr5d9FHerwEs--muUs6_80cy6JRp89c1otLwp92Cs" matrix_test.go:773: Testing n="gocryptfs.diriv" matrix_test.go:815: open /tmp/gocryptfs-test-parent-1026/501766059/default-plain/linktarget: permission denied --- FAIL: TestChmod (0.00s) matrix_test.go:849: modeHave 0644 != modeWant 0 FAIL exit status 1 FAIL github.com/rfjakob/gocryptfs/tests/matrix 0.787s
2020-07-12 20:17:15 +02:00
if mode, ok := in.GetMode(); ok {
errno = fs.ToErrno(syscallcompat.FchmodatNofollow(dirfd, cName, mode))
if errno != 0 {
return errno
}
}
// chown(2)
uid32, uOk := in.GetUID()
gid32, gOk := in.GetGID()
if uOk || gOk {
uid := -1
gid := -1
if uOk {
uid = int(uid32)
}
if gOk {
gid = int(gid32)
}
errno = fs.ToErrno(syscallcompat.Fchownat(dirfd, cName, uid, gid, unix.AT_SYMLINK_NOFOLLOW))
if errno != 0 {
return errno
}
}
// utimens(2)
mtime, mok := in.GetMTime()
atime, aok := in.GetATime()
if mok || aok {
ap := &atime
mp := &mtime
if !aok {
ap = nil
}
if !mok {
mp = nil
}
errno = fs.ToErrno(syscallcompat.UtimesNanoAtNofollow(dirfd, cName, ap, mp))
if errno != 0 {
return errno
}
}
// For truncate, the user has to have write permissions. That means we can
// depend on opening a RDWR fd and letting the File handle truncate.
if sz, ok := in.GetSize(); ok {
2020-07-05 20:05:07 +02:00
f, _, errno := n.Open(ctx, syscall.O_RDWR)
if errno != 0 {
return errno
}
f2 := f.(*File)
2020-07-12 21:17:52 +02:00
defer f2.Release(ctx)
v2api: properly implement Node.Setattr We used to always open a *File2 and letting the *File2 handle Setattr. This does not work it we cannot open the file! Before: $ go test 2020/07/12 20:14:57 writer: Write/Writev failed, err: 2=no such file or directory. opcode: INTERRUPT 2020/07/12 20:14:57 writer: Write/Writev failed, err: 2=no such file or directory. opcode: INTERRUPT --- FAIL: TestLchown (0.00s) matrix_test.go:634: lchown /tmp/gocryptfs-test-parent-1026/014500839/default-plain/symlink: too many levels of symbolic links touch: setting times of '/tmp/gocryptfs-test-parent-1026/014500839/default-plain/utimesnano_symlink': Too many levels of symbolic links --- FAIL: TestUtimesNanoSymlink (0.00s) matrix_test.go:655: exit status 1 --- FAIL: TestMkfifo (0.00s) matrix_test.go:755: file exists --- FAIL: TestMagicNames (0.00s) matrix_test.go:773: Testing n="gocryptfs.longname.QhUr5d9FHerwEs--muUs6_80cy6JRp89c1otLwp92Cs" matrix_test.go:773: Testing n="gocryptfs.diriv" matrix_test.go:815: open /tmp/gocryptfs-test-parent-1026/014500839/default-plain/linktarget: permission denied --- FAIL: TestChmod (0.00s) matrix_test.go:840: chmod 444 -> 000 failed: permission denied matrix_test.go:840: chmod 444 -> 111 failed: permission denied matrix_test.go:840: chmod 444 -> 123 failed: permission denied matrix_test.go:840: chmod 444 -> 321 failed: permission denied FAIL exit status 1 FAIL github.com/rfjakob/gocryptfs/tests/matrix 0.790s After: $ go test --- FAIL: TestMkfifo (0.00s) matrix_test.go:755: file exists --- FAIL: TestMagicNames (0.00s) matrix_test.go:773: Testing n="gocryptfs.longname.QhUr5d9FHerwEs--muUs6_80cy6JRp89c1otLwp92Cs" matrix_test.go:773: Testing n="gocryptfs.diriv" matrix_test.go:815: open /tmp/gocryptfs-test-parent-1026/501766059/default-plain/linktarget: permission denied --- FAIL: TestChmod (0.00s) matrix_test.go:849: modeHave 0644 != modeWant 0 FAIL exit status 1 FAIL github.com/rfjakob/gocryptfs/tests/matrix 0.787s
2020-07-12 20:17:15 +02:00
errno = syscall.Errno(f2.truncate(sz))
if errno != 0 {
return errno
}
2020-07-12 21:17:52 +02:00
return f2.Getattr(ctx, out)
2020-07-05 20:05:07 +02:00
}
2020-07-12 21:17:52 +02:00
return n.Getattr(ctx, nil, out)
2020-07-05 20:05:07 +02:00
}
2020-07-11 18:59:54 +02:00
// StatFs - FUSE call. Returns information about the filesystem.
//
// Symlink-safe because the path is ignored.
func (n *Node) Statfs(ctx context.Context, out *fuse.StatfsOut) syscall.Errno {
p := n.rootNode().args.Cipherdir
var st syscall.Statfs_t
err := syscall.Statfs(p, &st)
if err != nil {
return fs.ToErrno(err)
}
out.FromStatfsT(&st)
return 0
}
2020-07-11 19:23:04 +02:00
// Mknod - FUSE call. Create a device file.
//
// Symlink-safe through use of Mknodat().
func (n *Node) Mknod(ctx context.Context, name string, mode, rdev uint32, out *fuse.EntryOut) (inode *fs.Inode, errno syscall.Errno) {
2020-07-12 20:19:29 +02:00
dirfd, cName, errno := n.prepareAtSyscall(name)
2020-07-11 19:23:04 +02:00
if errno != 0 {
return
}
defer syscall.Close(dirfd)
// Make sure context is nil if we don't want to preserve the owner
rn := n.rootNode()
if !rn.args.PreserveOwner {
ctx = nil
}
// Create ".name" file to store long file name (except in PlaintextNames mode)
var err error
ctx2 := toFuseCtx(ctx)
2020-07-11 19:23:04 +02:00
if !rn.args.PlaintextNames && nametransform.IsLongContent(cName) {
err := rn.nameTransform.WriteLongNameAt(dirfd, cName, name)
if err != nil {
errno = fs.ToErrno(err)
return
}
// Create "gocryptfs.longfile." device node
err = syscallcompat.MknodatUser(dirfd, cName, mode, int(rdev), ctx2)
2020-07-11 19:23:04 +02:00
if err != nil {
nametransform.DeleteLongNameAt(dirfd, cName)
}
} else {
// Create regular device node
err = syscallcompat.MknodatUser(dirfd, cName, mode, int(rdev), ctx2)
2020-07-11 19:23:04 +02:00
}
if err != nil {
errno = fs.ToErrno(err)
return
}
st, err := syscallcompat.Fstatat2(dirfd, cName, unix.AT_SYMLINK_NOFOLLOW)
if err != nil {
errno = fs.ToErrno(err)
return
}
inode = n.newChild(ctx, st, out)
return inode, 0
}
2020-07-11 19:32:38 +02:00
// Link - FUSE call. Creates a hard link at "newPath" pointing to file
// "oldPath".
//
// Symlink-safe through use of Linkat().
func (n *Node) Link(ctx context.Context, target fs.InodeEmbedder, name string, out *fuse.EntryOut) (inode *fs.Inode, errno syscall.Errno) {
dirfd, cName, errno := n.prepareAtSyscall(name)
if errno != 0 {
return
}
defer syscall.Close(dirfd)
2020-07-11 20:27:47 +02:00
n2 := toNode(target)
dirfd2, cName2, errno := n2.prepareAtSyscallMyself()
2020-07-11 19:32:38 +02:00
if errno != 0 {
return
}
defer syscall.Close(dirfd2)
// Handle long file name (except in PlaintextNames mode)
rn := n.rootNode()
var err error
if !rn.args.PlaintextNames && nametransform.IsLongContent(cName) {
err = rn.nameTransform.WriteLongNameAt(dirfd, cName, name)
if err != nil {
errno = fs.ToErrno(err)
return
}
// Create "gocryptfs.longfile." link
err = unix.Linkat(dirfd2, cName2, dirfd, cName, 0)
2020-07-11 19:32:38 +02:00
if err != nil {
nametransform.DeleteLongNameAt(dirfd, cName)
}
} else {
// Create regular link
err = unix.Linkat(dirfd2, cName2, dirfd, cName, 0)
2020-07-11 19:32:38 +02:00
}
if err != nil {
errno = fs.ToErrno(err)
return
}
st, err := syscallcompat.Fstatat2(dirfd, cName, unix.AT_SYMLINK_NOFOLLOW)
if err != nil {
errno = fs.ToErrno(err)
return
}
inode = n.newChild(ctx, st, out)
return inode, 0
}
2020-07-11 19:43:07 +02:00
// Symlink - FUSE call. Create a symlink.
//
// Symlink-safe through use of Symlinkat.
func (n *Node) Symlink(ctx context.Context, target, name string, out *fuse.EntryOut) (inode *fs.Inode, errno syscall.Errno) {
dirfd, cName, errno := n.prepareAtSyscall(name)
if errno != 0 {
return
}
defer syscall.Close(dirfd)
// Make sure context is nil if we don't want to preserve the owner
rn := n.rootNode()
if !rn.args.PreserveOwner {
ctx = nil
}
cTarget := target
if !rn.args.PlaintextNames {
// Symlinks are encrypted like file contents (GCM) and base64-encoded
cTarget = rn.encryptSymlinkTarget(target)
}
// Create ".name" file to store long file name (except in PlaintextNames mode)
var err error
ctx2 := toFuseCtx(ctx)
if !rn.args.PlaintextNames && nametransform.IsLongContent(cName) {
err = rn.nameTransform.WriteLongNameAt(dirfd, cName, name)
if err != nil {
errno = fs.ToErrno(err)
return
}
// Create "gocryptfs.longfile." symlink
err = syscallcompat.SymlinkatUser(cTarget, dirfd, cName, ctx2)
if err != nil {
nametransform.DeleteLongNameAt(dirfd, cName)
}
} else {
// Create symlink
err = syscallcompat.SymlinkatUser(cTarget, dirfd, cName, ctx2)
}
st, err := syscallcompat.Fstatat2(dirfd, cName, unix.AT_SYMLINK_NOFOLLOW)
if err != nil {
errno = fs.ToErrno(err)
return
}
// Report the plaintext size, not the encrypted blob size
st.Size = int64(len(target))
2020-07-11 19:43:07 +02:00
inode = n.newChild(ctx, st, out)
return inode, 0
}
2020-07-11 19:56:45 +02:00
// xfstests generic/013 now also exercises RENAME_EXCHANGE and RENAME_WHITEOUT,
// uncovering lots of problems with longnames
//
// Reject those flags with syscall.EINVAL.
// If we can handle the flags, this function returns 0.
func rejectRenameFlags(flags uint32) syscall.Errno {
// Normal rename, we can handle that
if flags == 0 {
return 0
}
// We also can handle RENAME_NOREPLACE
if flags == syscallcompat.RENAME_NOREPLACE {
return 0
}
// We cannot handle RENAME_EXCHANGE and RENAME_WHITEOUT yet.
// Needs extra code for .name files.
return syscall.EINVAL
}
2020-07-11 19:56:45 +02:00
// Rename - FUSE call.
// This function is called on the PARENT DIRECTORY of `name`.
2020-07-11 19:56:45 +02:00
//
// Symlink-safe through Renameat().
func (n *Node) Rename(ctx context.Context, name string, newParent fs.InodeEmbedder, newName string, flags uint32) (errno syscall.Errno) {
if errno = rejectRenameFlags(flags); errno != 0 {
return errno
}
2020-07-11 19:56:45 +02:00
dirfd, cName, errno := n.prepareAtSyscall(name)
if errno != 0 {
return
}
defer syscall.Close(dirfd)
2020-07-11 20:27:47 +02:00
n2 := toNode(newParent)
dirfd2, cName2, errno := n2.prepareAtSyscall(newName)
2020-07-11 19:56:45 +02:00
if errno != 0 {
return
}
defer syscall.Close(dirfd2)
// Easy case.
rn := n.rootNode()
if rn.args.PlaintextNames {
2020-09-09 11:17:19 +02:00
return fs.ToErrno(syscallcompat.Renameat2(dirfd, cName, dirfd2, cName2, uint(flags)))
2020-07-11 19:56:45 +02:00
}
// Long destination file name: create .name file
nameFileAlreadyThere := false
var err error
if nametransform.IsLongContent(cName2) {
err = rn.nameTransform.WriteLongNameAt(dirfd2, cName2, newName)
// Failure to write the .name file is expected when the target path already
// exists. Since hashes are pretty unique, there is no need to modify the
// .name file in this case, and we ignore the error.
if err == syscall.EEXIST {
nameFileAlreadyThere = true
} else if err != nil {
return fs.ToErrno(err)
}
}
// Actual rename
tlog.Debug.Printf("Renameat %d/%s -> %d/%s\n", dirfd, cName, dirfd2, cName2)
2020-09-09 11:17:19 +02:00
err = syscallcompat.Renameat2(dirfd, cName, dirfd2, cName2, uint(flags))
if (flags&syscallcompat.RENAME_NOREPLACE == 0) && (err == syscall.ENOTEMPTY || err == syscall.EEXIST) {
2020-07-11 19:56:45 +02:00
// If an empty directory is overwritten we will always get an error as
// the "empty" directory will still contain gocryptfs.diriv.
// Interestingly, ext4 returns ENOTEMPTY while xfs returns EEXIST.
// We handle that by trying to fs.Rmdir() the target directory and trying
// again.
tlog.Debug.Printf("Rename: Handling ENOTEMPTY")
if n2.Rmdir(ctx, newName) == 0 {
2020-09-09 11:17:19 +02:00
err = syscallcompat.Renameat2(dirfd, cName, dirfd2, cName2, uint(flags))
2020-07-11 19:56:45 +02:00
}
}
if err != nil {
if nametransform.IsLongContent(cName2) && nameFileAlreadyThere == false {
// Roll back .name creation unless the .name file was already there
nametransform.DeleteLongNameAt(dirfd2, cName2)
}
return fs.ToErrno(err)
}
if nametransform.IsLongContent(cName) {
nametransform.DeleteLongNameAt(dirfd, cName)
}
return 0
}
// Fsync: handles FUSE opcodes FSYNC & FDIRSYNC
//
// Note: f is always set to nil by go-fuse
func (n *Node) Fsync(ctx context.Context, f fs.FileHandle, flags uint32) syscall.Errno {
dirfd, cName, errno := n.prepareAtSyscallMyself()
if errno != 0 {
return errno
}
defer syscall.Close(dirfd)
fd, err := syscallcompat.Openat(dirfd, cName, syscall.O_RDONLY|syscall.O_NOFOLLOW, 0)
if err != nil {
return fs.ToErrno(err)
}
defer syscall.Close(fd)
return fs.ToErrno(syscall.Fsync(fd))
}