diff --git a/Documentation/MANPAGE.md b/Documentation/MANPAGE.md index 7ac0a1b..a984aa6 100644 --- a/Documentation/MANPAGE.md +++ b/Documentation/MANPAGE.md @@ -241,6 +241,9 @@ Only for forward mode: automatically unmount the filesystem if it has been idle for the specified duration. Durations can be specified like "500s" or "2h45m". 0 (the default) means stay mounted indefinitely. +#### -kernel_cache +Enable the kernel_cache option of the FUSE filesystem, see fuse(8) for details. + #### -ko Pass additional mount options to the kernel (comma-separated list). FUSE filesystems are mounted with "nodev,nosuid" by default. If gocryptfs diff --git a/cli_args.go b/cli_args.go index 11bb96e..8451083 100644 --- a/cli_args.go +++ b/cli_args.go @@ -30,7 +30,7 @@ type argContainer struct { noprealloc, speed, hkdf, serialize_reads, forcedecode, hh, info, sharedstorage, devrandom, fsck bool // Mount options with opposites - dev, nodev, suid, nosuid, exec, noexec, rw, ro bool + dev, nodev, suid, nosuid, exec, noexec, rw, ro, kernel_cache bool masterkey, mountpoint, cipherdir, cpuprofile, memprofile, ko, ctlsock, fsname, force_owner, trace, fido2 string // -extpass, -badname, -passfile can be passed multiple times @@ -179,6 +179,7 @@ func parseCliOpts() (args argContainer) { flagSet.BoolVar(&args.noexec, "noexec", false, "Deny executables") flagSet.BoolVar(&args.rw, "rw", false, "Mount the filesystem read-write") flagSet.BoolVar(&args.ro, "ro", false, "Mount the filesystem read-only") + flagSet.BoolVar(&args.kernel_cache, "kernel_cache", false, "Enable the FUSE kernel_cache option") flagSet.StringVar(&args.masterkey, "masterkey", "", "Mount with explicit master key") flagSet.StringVar(&args.cpuprofile, "cpuprofile", "", "Write cpu profile to specified file") diff --git a/internal/fusefrontend/args.go b/internal/fusefrontend/args.go index f822650..5eb6bff 100644 --- a/internal/fusefrontend/args.go +++ b/internal/fusefrontend/args.go @@ -44,4 +44,6 @@ type Args struct { // which are a performance problem for writes. See // https://github.com/rfjakob/gocryptfs/issues/515 for details. Suid bool + // Enable the FUSE kernel_cache option + KernelCache bool } diff --git a/internal/fusefrontend/node.go b/internal/fusefrontend/node.go index bc4eb3b..80d642c 100644 --- a/internal/fusefrontend/node.go +++ b/internal/fusefrontend/node.go @@ -190,6 +190,10 @@ func (n *Node) Open(ctx context.Context, flags uint32) (fh fs.FileHandle, fuseFl rn.openWriteOnlyLock.RLock() defer rn.openWriteOnlyLock.RUnlock() + if rn.args.KernelCache { + fuseFlags = fuse.FOPEN_KEEP_CACHE + } + // Open backing file fd, err := syscallcompat.Openat(dirfd, cName, newFlags, 0) // Handle a few specific errors diff --git a/mount.go b/mount.go index 39f3f3c..9240afc 100644 --- a/mount.go +++ b/mount.go @@ -267,6 +267,7 @@ func initFuseFrontend(args *argContainer) (rootNode fs.InodeEmbedder, wipeKeys f ExcludeWildcard: args.excludeWildcard, ExcludeFrom: args.excludeFrom, Suid: args.suid, + KernelCache: args.kernel_cache, } // confFile is nil when "-zerokey" or "-masterkey" was used if confFile != nil {