Sebastian Lackner
927b3ce4cf
syscallcompat: Use O_PATH to open base directory.
...
Also remove some unnecessary flags: When O_PATH is specified in flags, flag
bits other than O_CLOEXEC, O_DIRECTORY, and O_NOFOLLOW are ignored.
2019-01-03 18:24:05 +01:00
Sebastian Lackner
d86f9914ac
fusefrontend: Remove debug code.
...
This code was accidentially added in 4f66d66755da63c78b09201c6c72353009251cf2.
2019-01-03 18:24:05 +01:00
Jakob Unterwurzacher
fcdb4bec09
fusefronted: dirCache: fix bug handling ""
...
Bug looked like this:
$ ls -l .
total 0
drwxrwxr-x. 2 jakob jakob 60 Jan 3 15:42 foo
-rw-rw-r--. 1 jakob jakob 0 Jan 3 15:46 x
$ ls -l .
ls: cannot access '.': No such file or directory
(only happened when "" was in the dirCache)
2019-01-03 15:59:54 +01:00
Jakob Unterwurzacher
4f66d66755
fusefrontend: add dirCache
2019-01-03 15:31:13 +01:00
Jakob Unterwurzacher
f6dad8d0fa
nametransform: simplify WriteDirIV to WriteDirIVAt
...
Un-spaghettify the function and let the callers open
the directory.
2019-01-03 15:31:13 +01:00
Jakob Unterwurzacher
0fd7637624
fusefrontend: use O_RDONLY in the ListXAttr fallback path
...
Copy-paste error.
https://github.com/rfjakob/gocryptfs/issues/308
2019-01-02 22:20:44 +01:00
Jakob Unterwurzacher
352f3147c5
fusefrontend: move openBackingDir into its own file
...
This function is in all fastpaths, will get a cache, and needs
its own file.
renamed: internal/fusefrontend/names.go -> internal/fusefrontend/openbackingdir.go
renamed: internal/fusefrontend/names_test.go -> internal/fusefrontend/openbackingdir_test.go
2019-01-02 21:52:52 +01:00
Jakob Unterwurzacher
2b12bba274
fusefronted: make EncryptPath symlink-safe
...
Finally allows us to delete EncryptPathDirIV.
2019-01-02 21:45:40 +01:00
Jakob Unterwurzacher
b214be5e3f
fusefrontend: xattr: fix operations on files without read permissions
...
* listxattr is fixed via the /proc/self/fd trick
* setxattr,removexattr are fixed by opening the file O_WRONLY
Fixes https://github.com/rfjakob/gocryptfs/issues/308
2019-01-02 20:48:46 +01:00
Jakob Unterwurzacher
bb7f919674
fusefrontend: don't downgrade type needlessly
2019-01-02 20:45:08 +01:00
Jakob Unterwurzacher
f320b76fd1
fusefrontend: use Fsetxattr/Fgetxattr/etc on all platforms
...
Darwin now also has these functions, use them. Simplifies
the code and makes it symlink-safe on Darwin as well.
2019-01-02 16:58:48 +01:00
Jakob Unterwurzacher
7995a8358e
syscallcompat: add Fgetxattr / Fsetxattr wrappers
...
These take care of buffer sizing and parsing.
2019-01-02 16:56:23 +01:00
Jakob Unterwurzacher
5aa1755cbc
fusefrontend: openBackingDir: fix fd leak in error path
...
Reported by @slackner at
932efbd459 (r31813373)
thanks!
2019-01-02 00:14:12 +01:00
Jakob Unterwurzacher
d99a0480f7
nametransform: fix possible incomplete read in ReadLongNameAt
...
Pread() needs retry logic, so instead of implementing it ourselves,
use os.File.
Reported by @slackner at
c09bf1f228 (r31813394)
2019-01-02 00:09:17 +01:00
Jakob Unterwurzacher
cd0ec342b9
fusefrontend: fix fd leak in error path
2019-01-01 20:49:56 +01:00
Jakob Unterwurzacher
77c3df48ef
fusefrontend: fix fd leak in Access()
...
Thanks @slackner!
Fixes https://github.com/rfjakob/gocryptfs/issues/306
2019-01-01 20:10:17 +01:00
Jakob Unterwurzacher
60e7a0ca9f
fusefrontend: xattr: fix hang on FIFOs
...
An Open() a fifo blocks until it is opened for writing.
This meant that xattr operations on FIFOs would block.
Pass O_NONBLOCK to fix that, and add a test.
2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
1d5500c3db
fusefrontend: only compile getBackingPath() on Darwin
...
This function is NOT symlink-safe. Darwin needs it because it lacks
fgetxattr(2) and friends.
2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
c3adf9729d
fusefrontend: make ListXAttr symlink-safe on Linux
...
Uses /proc/self/fd.
2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
d3ae87fa2b
fusefrontend: make RemoveXAttr() symlink-safe
...
Uses /proc/self/fd on Linux.
2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
810d2a8b47
fusefrontend: make SetXAttr() symlink-safe on Linux
...
Uses the /proc/self/fd trick.
2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
2286372603
fusefrontend: make GetXAttr() symlink-safe on Linux
...
Uses the /proc/self/fd trick, which does not work
on Darwin.
2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
a355670ca2
fusefrontend: make Utimens symlink-safe
...
unix.UtimesNanoAt now also exists on Darwin, yay!
2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
abbdaa8ea4
fusefrontend: fix compile failure on Darwin
...
Failure was:
+ GOOS=darwin
+ GOARCH=amd64
+ go build -tags without_openssl
# github.com/rfjakob/gocryptfs/internal/fusefrontend
internal/fusefrontend/fs_dir.go:159:60: cannot use origMode | 448 (type uint16) as type uint32 in argument to syscallcompat.Fchmodat
internal/fusefrontend/fs_dir.go:170:33: cannot use origMode (type uint16) as type uint32 in argument to syscallcompat.Fchmodat
2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
d4b7f42c3b
fusefrontend: mark Truncate, Unlink, Symlink symlink-safe
...
No changes needed.
2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
436f918c21
fusefrontend: make Rmdir symlink-safe
...
Now uses Unlinkat.
2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
2de3851abd
nametransform: rename WriteLongName() -> WriteLongNameAt()
...
And also rename DeleteLongName() -> DeleteLongNameAt(). The
naming follow the names open the openat() etc syscalls.
2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
4fae240153
fusefrontend: make Readlink() symlink-safe
...
Now symlink-safe through Readlinkat().
2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
21f1f858b9
fusefrontend: make OpenDir() symlink-safe
...
Interestingly, little or no performance impact:
$ ./benchmark.bash
Testing gocryptfs at /tmp/benchmark.bash.39W: gocryptfs v1.6-42-g30c2349-dirty; go-fuse v20170619-66-g6df8ddc; 2018-11-04 go1.11
Downloading linux-3.0.tar.gz
/tmp/linux-3.0.tar.gz 100%[=========================================================================>] 92.20M 2.93MB/s in 31s
2018-11-04 21:44:44 URL:https://cdn.kernel.org/pub/linux/kernel/v3.0/linux-3.0.tar.gz [96675825/96675825] -> "/tmp/linux-3.0.tar.gz" [1]
WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 1.1808 s, 222 MB/s
READ: 262144000 bytes (262 MB, 250 MiB) copied, 0.866438 s, 303 MB/s
UNTAR: 24.745
MD5: 12.050
LS: 3.525
RM: 9.544
Note: kernel has been updated:
$ uname -a
Linux brikett 4.18.16-200.fc28.x86_64 #1 SMP Sat Oct 20 23:53:47 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
de3a2c1895
fusefrontend: mark a few more functions as symlink-safe / unsafe
2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
8586a83825
fusefrontend: use openBackingDir in ctlsock interface
...
Instead of calling syscall.Open() ourselves, rely on
openBackingDir().
2019-01-01 16:24:20 +01:00
Jakob Unterwurzacher
0c1ceed1fa
fusefrontend: make GetAttr() symlink-safe
...
Use openBackingDir() and Fstatat().
High performance impact, though part of it should be
mitigated by adding DirIV caching to the new code paths.
$ ./benchmark.bash
Testing gocryptfs at /tmp/benchmark.bash.Eou: gocryptfs v1.6-37-ge3914b3-dirty; go-fuse v20170619-66-g6df8ddc; 2018-10-14 go1.11
WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 1.2289 s, 213 MB/s
READ: 262144000 bytes (262 MB, 250 MiB) copied, 1.02616 s, 255 MB/s
UNTAR: 24.490
MD5: 13.120
LS: 3.368
RM: 9.232
2019-01-01 16:24:09 +01:00
Jakob Unterwurzacher
932efbd459
fusefrontend: make openBackingDir() symlink-safe
...
openBackingDir() used encryptPath(), which is not symlink-safe
itself. Drop encryptPath() and implement our own directory walk.
Adds three seconds to untar and two seconds to rm:
$ ./benchmark.bash
Testing gocryptfs at /tmp/benchmark.bash.MzG: gocryptfs v1.6-36-g8fb3c2f-dirty; go-fuse v20170619-66-g6df8ddc; 2018-10-14 go1.11
WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 1.25078 s, 210 MB/s
READ: 262144000 bytes (262 MB, 250 MiB) copied, 1.0318 s, 254 MB/s
UNTAR: 20.941
MD5: 11.568
LS: 1.638
RM: 5.337
2019-01-01 16:24:09 +01:00
Jakob Unterwurzacher
0e2e7c13cf
fusefrontend: mark symlink-safe FUSE calls
...
Document which FUSE calls are already symlink-safe in
the function comment.
2019-01-01 16:24:09 +01:00
Jakob Unterwurzacher
c09bf1f228
fusefrontend: make DecryptPath() symlink-safe
...
DecryptPath is now symlink-safe through the use of *at()
functions.
2019-01-01 16:24:09 +01:00
Jakob Unterwurzacher
ed6ed513d7
fusefrontend: make Access() symlink-safe.
...
Make Access() symlink-safe through use of faccessat.
2019-01-01 16:24:09 +01:00
Jakob Unterwurzacher
545a03da24
nametransform: comments: directly link to ioutil.WriteFile fix
...
So the reader does not have to read through the whole ticket.
The commit message has a nice summary of the problem.
2019-01-01 16:23:28 +01:00
Sebastian Lackner
5713154468
fusefrontend: Fix debug message in doWrite() method.
2019-01-01 16:12:42 +01:00
Sebastian Lackner
9ed60678e5
fusefrontend: Fix order of arguments in debug message for Read() FUSE call.
2019-01-01 16:12:05 +01:00
Sebastian Lackner
87ced5f95d
nametransform: Delete incomplete longname files on error.
2019-01-01 16:09:57 +01:00
Sebastian Lackner
24594d99bf
configfile: Fix a copy&paste error in validateParams method.
2018-12-28 09:58:46 +01:00
Sebastian Lackner
07c486603c
configfile: Explicitly wipe scrypt derived key after decrypting/encrypting master key.
...
Further raises the bar for recovering keys from memory.
2018-12-27 18:47:14 +01:00
Sebastian Lackner
874eaf9734
Assorted spelling fixes.
...
Mostly detected with the 'codespell' utility, but also includes some
manual grammar fixes.
2018-12-27 15:19:55 +01:00
Sebastian Lackner
4c2ff26457
fusefrontend: Remove unnecessary check in doRead function.
...
The same condition is already checked a few lines above, and 'err' is not
changed inbetween.
2018-12-27 15:18:03 +01:00
Sebastian Lackner
1ced0b192e
fusefrontend: Don't treat Fchownat error as failure in Mkdir.
...
The directory was already created, so return success even if Fchownat fails.
The same error handling is already used if fs.args.PlaintextNames is false.
2018-12-27 15:16:00 +01:00
Sebastian Lackner
5918884926
fusefrontend: Check the correct 'err' variable.
2018-12-27 15:11:23 +01:00
Jakob Unterwurzacher
a55e53c196
tests: fix TestPassfileNewline
...
Due to a copy-paste error, we ran the wrong test in the
subprocess.
Thanks @slackner for noticing at
295d432175 (r31690478)
!
2018-12-16 12:33:25 +01:00
Jakob Unterwurzacher
295d432175
passfile: directly read file instead of invoking cat
...
Allows better error handling, gets rid of the call to an
external program, and fixes https://github.com/rfjakob/gocryptfs/issues/278 .
2018-12-15 17:09:38 +01:00
Jakob Unterwurzacher
e665df7179
syscallcompat: downgrade DT_UNKNOWN message level on XFS
...
Old XFS filesystems always return DT_UNKNOWN. Downgrade the message
to "info" level if we are on XFS.
Using the "warning" level means that users on old XFS filesystems
cannot run the test suite as it intentionally aborts on any
warnings.
Fixes https://github.com/rfjakob/gocryptfs/issues/267
2018-11-17 17:44:21 +01:00
Jakob Unterwurzacher
1ed08c7384
tlog: disable color codes when switching to syslog
...
When gocryptfs was started on a terminal and later
daemonized, the color codes stayed active in the syslog
output.
The codes are not visible in "journalctl -f", which is why
I have not noticed it yet, but they do show up in normal
syslog as the usual "#033[33m" crap.
2018-10-17 22:34:30 +02:00