fusefronted_reverse: fix ino collision between .name and .diriv files
A directory with a long name has two associated virtual files:
the .name file and the .diriv files.
These used to get the same inode number:
$ ls -di1 * */*
33313535 gocryptfs.longname.2togDFouca9mrTwtfF1RNW5DZRAQY8alaR7wO_Xd5Zw
1000000000033313535 gocryptfs.longname.2togDFouca9mrTwtfF1RNW5DZRAQY8alaR7wO_Xd5Zw/gocryptfs.diriv
1000000000033313535 gocryptfs.longname.2togDFouca9mrTwtfF1RNW5DZRAQY8alaR7wO_Xd5Zw.name
With this change we use another prefix (2 instead of 1) for .name files.
$ ls -di1 * */*
33313535 gocryptfs.longname.2togDFouca9mrTwtfF1RNW5DZRAQY8alaR7wO_Xd5Zw
1000000000033313535 gocryptfs.longname.2togDFouca9mrTwtfF1RNW5DZRAQY8alaR7wO_Xd5Zw/gocryptfs.diriv
2000000000033313535 gocryptfs.longname.2togDFouca9mrTwtfF1RNW5DZRAQY8alaR7wO_Xd5Zw.name
This commit is contained in:
Jakob Unterwurzacher
parent
d5133ca5ac
commit
d12aa57715
|
|
@ -100,5 +100,5 @@ func (rfs *ReverseFS) newNameFile(relPath string) (nodefs.File, fuse.Status) {
|
||||||
}
|
}
|
||||||
content := []byte(rfs.nameTransform.EncryptName(pName, dirIV))
|
content := []byte(rfs.nameTransform.EncryptName(pName, dirIV))
|
||||||
parentFile := filepath.Join(rfs.args.Cipherdir, pDir, pName)
|
parentFile := filepath.Join(rfs.args.Cipherdir, pDir, pName)
|
||||||
return rfs.newVirtualFile(content, parentFile)
|
return rfs.newVirtualFile(content, parentFile, inoBaseNameFile)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -162,9 +162,9 @@ func (rfs *ReverseFS) GetAttr(relPath string, context *fuse.Context) (*fuse.Attr
|
||||||
return nil, fuse.ToStatus(err)
|
return nil, fuse.ToStatus(err)
|
||||||
}
|
}
|
||||||
// Instead of risking an inode number collision, we return an error.
|
// Instead of risking an inode number collision, we return an error.
|
||||||
if st.Ino > virtualInoBase {
|
if st.Ino > inoBaseMin {
|
||||||
tlog.Warn.Printf("GetAttr %q: backing file inode number %d crosses reserved space, max=%d. Returning EOVERFLOW.",
|
tlog.Warn.Printf("GetAttr %q: backing file inode number %d crosses reserved space, max=%d. Returning EOVERFLOW.",
|
||||||
relPath, st.Ino, virtualInoBase)
|
relPath, st.Ino, inoBaseMin)
|
||||||
return nil, fuse.ToStatus(syscall.EOVERFLOW)
|
return nil, fuse.ToStatus(syscall.EOVERFLOW)
|
||||||
}
|
}
|
||||||
var a fuse.Attr
|
var a fuse.Attr
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
package fusefrontend_reverse
|
package fusefrontend_reverse
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"log"
|
||||||
"syscall"
|
"syscall"
|
||||||
|
|
||||||
"github.com/hanwen/go-fuse/fuse"
|
"github.com/hanwen/go-fuse/fuse"
|
||||||
|
|
@ -14,12 +15,19 @@ const (
|
||||||
// virtualFileMode is the mode to use for virtual files (gocryptfs.diriv and
|
// virtualFileMode is the mode to use for virtual files (gocryptfs.diriv and
|
||||||
// *.name). They are always readable, as stated in func Access
|
// *.name). They are always readable, as stated in func Access
|
||||||
virtualFileMode = syscall.S_IFREG | 0444
|
virtualFileMode = syscall.S_IFREG | 0444
|
||||||
// virtualInoBase is the start of the inode number range that is used
|
// inoBaseDirIV is the start of the inode number range that is used
|
||||||
// for virtual files.
|
// for virtual gocryptfs.diriv files. inoBaseNameFile is the thing for
|
||||||
|
// *.name files.
|
||||||
// The value 10^19 is just below 2^60. A power of 10 has been chosen so the
|
// The value 10^19 is just below 2^60. A power of 10 has been chosen so the
|
||||||
// "ls -li" output (which is base-10) is easy to read.
|
// "ls -li" output (which is base-10) is easy to read.
|
||||||
// 10^19 is the largest power of 10 that is smaller than UINT64_MAX/2.
|
// 10^19 is the largest power of 10 that is smaller than
|
||||||
virtualInoBase = uint64(1000000000000000000)
|
// INT64_MAX (=UINT64_MAX/2). This avoids signedness issues.
|
||||||
|
inoBaseDirIV = uint64(1000000000000000000)
|
||||||
|
inoBaseNameFile = uint64(2000000000000000000)
|
||||||
|
// inoBaseMin marks the start of the inode number space that is
|
||||||
|
// reserved for virtual files. It is the lowest of the inoBaseXXX values
|
||||||
|
// above.
|
||||||
|
inoBaseMin = inoBaseDirIV
|
||||||
)
|
)
|
||||||
|
|
||||||
func (rfs *ReverseFS) newDirIVFile(cRelPath string) (nodefs.File, fuse.Status) {
|
func (rfs *ReverseFS) newDirIVFile(cRelPath string) (nodefs.File, fuse.Status) {
|
||||||
|
|
@ -28,7 +36,7 @@ func (rfs *ReverseFS) newDirIVFile(cRelPath string) (nodefs.File, fuse.Status) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fuse.ToStatus(err)
|
return nil, fuse.ToStatus(err)
|
||||||
}
|
}
|
||||||
return rfs.newVirtualFile(pathiv.Derive(cDir, pathiv.PurposeDirIV), absDir)
|
return rfs.newVirtualFile(pathiv.Derive(cDir, pathiv.PurposeDirIV), absDir, inoBaseDirIV)
|
||||||
}
|
}
|
||||||
|
|
||||||
type virtualFile struct {
|
type virtualFile struct {
|
||||||
|
|
@ -38,17 +46,23 @@ type virtualFile struct {
|
||||||
content []byte
|
content []byte
|
||||||
// absolute path to a parent file
|
// absolute path to a parent file
|
||||||
parentFile string
|
parentFile string
|
||||||
|
// inode number of a virtual file is inode of parent file plus inoBase
|
||||||
|
inoBase uint64
|
||||||
}
|
}
|
||||||
|
|
||||||
// newVirtualFile creates a new in-memory file that does not have a representation
|
// newVirtualFile creates a new in-memory file that does not have a representation
|
||||||
// on disk. "content" is the file content. Timestamps and file owner are copied
|
// on disk. "content" is the file content. Timestamps and file owner are copied
|
||||||
// from "parentFile" (absolute plaintext path). For a "gocryptfs.diriv" file, you
|
// from "parentFile" (absolute plaintext path). For a "gocryptfs.diriv" file, you
|
||||||
// would use the parent directory as "parentFile".
|
// would use the parent directory as "parentFile".
|
||||||
func (rfs *ReverseFS) newVirtualFile(content []byte, parentFile string) (nodefs.File, fuse.Status) {
|
func (rfs *ReverseFS) newVirtualFile(content []byte, parentFile string, inoBase uint64) (nodefs.File, fuse.Status) {
|
||||||
|
if inoBase < inoBaseMin {
|
||||||
|
log.Panicf("BUG: virtual inode number base %d is below reserved space", inoBase)
|
||||||
|
}
|
||||||
return &virtualFile{
|
return &virtualFile{
|
||||||
File: nodefs.NewDefaultFile(),
|
File: nodefs.NewDefaultFile(),
|
||||||
content: content,
|
content: content,
|
||||||
parentFile: parentFile,
|
parentFile: parentFile,
|
||||||
|
inoBase: inoBase,
|
||||||
}, fuse.OK
|
}, fuse.OK
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -72,12 +86,12 @@ func (f *virtualFile) GetAttr(a *fuse.Attr) fuse.Status {
|
||||||
tlog.Debug.Printf("GetAttr: Lstat %q: %v\n", f.parentFile, err)
|
tlog.Debug.Printf("GetAttr: Lstat %q: %v\n", f.parentFile, err)
|
||||||
return fuse.ToStatus(err)
|
return fuse.ToStatus(err)
|
||||||
}
|
}
|
||||||
if st.Ino > virtualInoBase {
|
if st.Ino > inoBaseMin {
|
||||||
tlog.Warn.Printf("virtualFile.GetAttr: parent file inode number %d crosses reserved space, max=%d. Returning EOVERFLOW.",
|
tlog.Warn.Printf("virtualFile.GetAttr: parent file inode number %d crosses reserved space, max=%d. Returning EOVERFLOW.",
|
||||||
st.Ino, virtualInoBase)
|
st.Ino, inoBaseMin)
|
||||||
return fuse.ToStatus(syscall.EOVERFLOW)
|
return fuse.ToStatus(syscall.EOVERFLOW)
|
||||||
}
|
}
|
||||||
st.Ino = st.Ino + virtualInoBase
|
st.Ino = st.Ino + f.inoBase
|
||||||
st.Size = int64(len(f.content))
|
st.Size = int64(len(f.content))
|
||||||
st.Mode = virtualFileMode
|
st.Mode = virtualFileMode
|
||||||
st.Nlink = 1
|
st.Nlink = 1
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue