Jakob Unterwurzacher
5da20da977
-speed: note that XChaCha20 is not selectable
...
This is unclear to users, as seen on
https://github.com/rfjakob/gocryptfs/issues/452#issuecomment-828836651
2021-05-18 09:53:23 +02:00
Jakob Unterwurzacher
c33c7aaf0d
Merge package-source.bash & package-static.bash scripts
2021-05-15 18:50:20 +02:00
Jakob Unterwurzacher
4488b5b93a
Update README for v2.0-beta4
2021-05-15 18:27:41 +02:00
Jakob Unterwurzacher
3374afccc4
go.mod: switch to go-fuse acl branch
...
Until https://review.gerrithub.io/c/hanwen/go-fuse/+/516154
gets merged.
Commands used:
go mod edit -replace github.com/hanwen/go-fuse/v2=github.com/rfjakob/go-fuse/v2@acl
go mod download github.com/hanwen/go-fuse/v2
go mod tidy
2021-05-15 18:01:51 +02:00
Jakob Unterwurzacher
86d8336b43
Add -acl flag to enable ACL enforcement
...
With test to verify that it actually works this
time: Run "make root_test".
Depends-on: https://github.com/rfjakob/gocryptfs/issues/536
Fixes: https://github.com/rfjakob/gocryptfs/issues/536
2021-05-15 17:58:37 +02:00
Jakob Unterwurzacher
a91ad29d36
fusefrontend: fix RENAME_NOREPLACE darwin build failure
...
Error was:
internal/fusefrontend/node.go:371:2: duplicate case syscallcompat.RENAME_NOREPLACE (value 0) in switch
previous case at internal/fusefrontend/node.go:368:7
Rewrite using "if"s instead.
2021-05-15 17:20:43 +02:00
Jakob Unterwurzacher
1ba2e42234
fusefrontend: avoid duplicate const definition
...
RENAME_NOREPLACE is already defined in syscallcompat.
2021-05-08 20:42:42 +02:00
Jakob Unterwurzacher
a267562d29
fusefrontend: reject broken RENAME_EXCHANGE and RENAME_WHITEOUT
...
Discovered by xfstests generic/013: or implementation for
RENAME_EXCHANGE and RENAME_WHITEOUT is incomplete. Reject the
flags so that the caller retries with regular rename.
2021-05-08 15:39:49 +02:00
Jakob Unterwurzacher
7466f12a92
README: fix broken markdown links
2021-05-07 20:58:42 +02:00
Jakob Unterwurzacher
c57fd9adc9
Update README for v2.0-beta3 release
2021-04-24 12:26:54 +02:00
Jakob Unterwurzacher
e678737967
go mod: switch back to mainline go-fuse
...
Change was merged:
a90e1f463c
Done using:
$ go mod edit -dropreplace github.com/hanwen/go-fuse/v2
$ go get github.com/hanwen/go-fuse/v2@master
go: downloading github.com/hanwen/go-fuse/v2 v2.1.1-0.20210423170155-a90e1f463c3f
go get: upgraded github.com/hanwen/go-fuse/v2 v2.0.4-0.20210125162859-8e0bbdb16cb7 => v2.1.1-0.20210423170155-a90e1f463c3f
Related: https://github.com/rfjakob/gocryptfs/issues/549
2021-04-24 12:23:17 +02:00
Jakob Unterwurzacher
5cb1e55714
Doc: update performance.txt
2021-04-07 07:21:20 +02:00
Jakob Unterwurzacher
4a07d6598c
fusefrontend: make dirCache work for "node itself"
...
"node itself" can be converted to node + child by
ascending one level.
Performance gains are spectacular, as will be seen
in the next commit.
2021-04-07 07:18:35 +02:00
Jakob Unterwurzacher
770c4deb71
profiling/ls.bash: add -nosyslog
...
This makes sure we actually see the dirCache stats.
2021-04-05 18:20:59 +02:00
Jakob Unterwurzacher
f73aee72f8
fusefrontend: print dirCache stats after unmount
2021-04-05 18:20:17 +02:00
Jakob Unterwurzacher
043f81dd01
fs: more idiomatic dirCache struct naming
2021-04-04 13:05:47 +02:00
Jakob Unterwurzacher
dc8501f6b2
performance.txt: add dirfd caching results
...
Also, add v2.0-beta2-16-geaca820. I bisected the ls performance
regression to this commit.
2021-04-03 14:09:10 +02:00
Jakob Unterwurzacher
24d5d39300
fs: add initial dirfd caching
...
dirfd caching was temporarily removed when moving
to the v2api. Add it back to gain back some lost speed.
2021-04-03 13:08:28 +02:00
Jakob Unterwurzacher
6aae2aad97
tests: fusefronted: fix TestOpenBackingDir
...
This test only worked accidentially, and would
break once dirfd caching is added.
fs.Mkdir(..., "dir1/dir2", ...) is illegal
(child name cannot contain slashes).
2021-04-03 12:34:18 +02:00
Jakob Unterwurzacher
6b28c0be2c
fusefronted: replace last rn.openBackingDir() calls
...
Use the n.prepareAtSyscall() wrapper instead. Prepares
for adding caching into n.prepareAtSyscall().
2021-04-03 11:19:04 +02:00
Jakob Unterwurzacher
beab7004f2
tests: sharedstorage: wait 100ms longer for cache expiry
...
With 1.0 seconds we see failures on Travis, example:
https://travis-ci.org/github/rfjakob/gocryptfs/builds/765648739
With 1.1 seconds it seems to always work.
2021-04-02 20:22:26 +02:00
Jakob Unterwurzacher
688373c926
profiling: add ls.bash
2021-03-30 16:03:42 +02:00
Jakob Unterwurzacher
1d919d01fd
go.mod: temporarily switch to go-fuse fork
...
Until https://review.gerrithub.io/c/hanwen/go-fuse/+/513646/2
gets merged.
Commands used:
go mod edit -replace github.com/hanwen/go-fuse/v2=github.com/rfjakob/go-fuse/v2@TestStaleHardlinks
go mod download github.com/hanwen/go-fuse/v2
go mod tidy
2021-03-30 15:31:17 +02:00
Jakob Unterwurzacher
a2effaae39
tests: sharedstorage: add TestStaleHardlinks
2021-03-30 15:11:28 +02:00
Jakob Unterwurzacher
e0981ea59b
package-static.bash: add gocryptfs-xray to tarball
...
Requested here https://github.com/rfjakob/gocryptfs/issues/558
and here https://github.com/rfjakob/gocryptfs/issues/496
Closes https://github.com/rfjakob/gocryptfs/issues/496
2021-03-27 15:30:01 +01:00
Jakob Unterwurzacher
db91050f9e
gocrypts-xray: add -version flag
2021-03-27 15:29:46 +01:00
Jakob Unterwurzacher
b86d40de5f
Delete obsolete script package.bash
...
I only use package-static.bash nowadays.
2021-03-27 15:03:27 +01:00
Jakob Unterwurzacher
7e18ee6b86
README: fix compile instructions for Go 1.13+
...
"go get -d" does not download to GOPATH/src anymore:
https://github.com/golang/go/issues/31529
Use explicit "git clone" to the current directory as suggested
in https://github.com/golang/go/issues/31529#issuecomment-484920157 .
Fixes https://github.com/rfjakob/gocryptfs/issues/553
2021-03-26 07:10:05 +01:00
Jakob Unterwurzacher
d7d79aa81c
Add tests/sharedstorage
...
Towards better test coverage of shared backing storage
mounts.
https://github.com/rfjakob/gocryptfs/issues/525
2021-03-21 11:10:18 +01:00
Jakob Unterwurzacher
6da2a69018
test_helpers: VerifySize: don't complain about ino mismatch
...
The inode number is not stable with `-sharedstorage`.
Ignore it.
Failure was like this:
--- FAIL: TestFallocate (0.02s)
helpers.go:229: Stat vs Fstat mismatch:
st= {59 11543 1 33188 1026 1026 0 0 0 4096 8 {1616315569 838232716} {1616315569 838232716} {1616315569 838232716} [0 0 0]}
st2={59 11545 1 33188 1026 1026 0 0 0 4096 8 {1616315569 838232716} {1616315569 838232716} {1616315569 838232716} [0 0 0]}
2021-03-21 10:53:51 +01:00
Jakob Unterwurzacher
3b9a1b628b
fusefronted: move Create() and Open() to new file
...
And deduplicate the code a little.
2021-03-21 09:31:05 +01:00
Jakob Unterwurzacher
47a4d33f24
fusefrontend: -sharedstorage: fix TestRmwRace failure
...
The Open() and Create() paths used different inode numbers,
which broke openfiletable locking against concurred readers.
2021-03-21 09:02:50 +01:00
Jakob Unterwurzacher
692a79461a
tests: matrix: add -sharestorage to test matrix
...
Currently fails like this:
=== RUN TestRmwRace
doRead 0: corrupt block #0 : cipher: message authentication failed
-wpanic turns this warning into a panic: doRead 0: corrupt block #0 : cipher: message authentication failed
panic: -wpanic turns this warning into a panic: doRead 0: corrupt block #0 : cipher: message authentication failed
goroutine 1293 [running]:
log.(*Logger).Panic(0xc00011c230, 0xc0003b17c8, 0x1, 0x1)
log/log.go:224 +0xac
github.com/rfjakob/gocryptfs/internal/tlog.(*toggledLogger).Printf(0xc00007a780, 0x55a821a766a1, 0x20, 0xc0003b19f0, 0x3, 0x3)
github.com/rfjakob/gocryptfs/internal/tlog/log.go:78 +0x1ef
github.com/rfjakob/gocryptfs/internal/fusefrontend.(*File).doRead(0xc0001ff420, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x1, 0xc000880000, 0x1020)
github.com/rfjakob/gocryptfs/internal/fusefrontend/file.go:201 +0x8c9
github.com/rfjakob/gocryptfs/internal/fusefrontend.(*File).doWrite(0xc0001ff420, 0xc000248428, 0x10, 0x30, 0xff0, 0x3, 0x18)
github.com/rfjakob/gocryptfs/internal/fusefrontend/file.go:291 +0xc9e
github.com/rfjakob/gocryptfs/internal/fusefrontend.(*File).Write(0xc0001ff420, 0x55a821b306a0, 0xc000fbde90, 0xc000248428, 0x10, 0x30, 0xff0, 0x7f4a00000000, 0x0)
github.com/rfjakob/gocryptfs/internal/fusefrontend/file.go:378 +0x25e
github.com/hanwen/go-fuse/v2/fs.(*rawBridge).Write(0xc000168140, 0xc000096000, 0xc0002483d8, 0xc000248428, 0x10, 0x30, 0x55a821ad40e0)
github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fs/bridge.go:819 +0x26d
github.com/hanwen/go-fuse/v2/fuse.doWrite(0xc000170160, 0xc000248240)
github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fuse/opcode.go:191 +0x6f
github.com/hanwen/go-fuse/v2/fuse.(*Server).handleRequest(0xc000170160, 0xc000248240, 0xc000000000)
github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fuse/server.go:472 +0x2be
github.com/hanwen/go-fuse/v2/fuse.(*Server).loop(0xc000170160, 0xc000cd4101)
github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fuse/server.go:445 +0x198
created by github.com/hanwen/go-fuse/v2/fuse.(*Server).readRequest
github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fuse/server.go:312 +0x41d
matrix_test.go:354: Write failed
2021-03-20 18:27:34 +01:00
Jakob Unterwurzacher
255a71c917
tests: MountOrFatal creates mnt dir itself
...
Allows to drop a few Mkdir()s.
2021-03-20 10:33:34 +01:00
Jakob Unterwurzacher
f6036c429a
syscallcompat: getdents: link to #483
...
Give a user receiving the Getdents warning some background info.
2021-03-14 14:43:11 +01:00
Jakob Unterwurzacher
952d45ce84
tests: add TestDiskFull
...
Also fix incomplete uid restoration in TestSupplementaryGroups
and replace syscall.Setregid and friends with unix.Setregid and
friends.
This test is added to check if have problems handling a full disk.
The ticket https://github.com/rfjakob/gocryptfs/issues/550 states
that the full disk was not where the backing gocryptfs filesystem
was, but this has no effect on gocryptfs, so we test the harder
case.
2021-03-12 19:25:25 +01:00
Jakob Unterwurzacher
d47bf9976f
Makefile: root_test: don't run test when compile fails
2021-03-12 17:44:13 +01:00
Jakob Unterwurzacher
e2dc52a965
v2api: -sharestorage: disable hard link tracking & add tests
...
Hard link tracking was not correctly disabled
since the migration to the go-fuse v2 api.
Add a test to ensure it stays off.
Fixes https://github.com/rfjakob/gocryptfs/issues/525
2021-03-07 17:22:29 +01:00
Jakob Unterwurzacher
eaca820e87
fusefrontend: do not encrypt ACLs
...
Pass through system.posix_acl_access and system.posix_acl_default
unencrypted to fix "cp -a" problems.
"cp -a" uses "setxattr" even to set normal permissions, see
https://www.spinics.net/lists/linux-nfs/msg63986.html .
Fixes https://github.com/rfjakob/gocryptfs/issues/543
2021-02-07 20:01:16 +01:00
Jakob Unterwurzacher
bb2484f152
tests/xattr: fix acl blob
...
The blob was truncated to 31 bytes.
2021-02-07 20:00:33 +01:00
Jakob Unterwurzacher
4b4a68eb21
README: warn about incomplete ACL support
...
https://github.com/rfjakob/gocryptfs/issues/543
https://github.com/rfjakob/gocryptfs/issues/542
https://github.com/rfjakob/gocryptfs/issues/453
2021-02-07 10:43:40 +01:00
Jakob Unterwurzacher
5d498f3a24
README: mention MacFUSE v4.x support
...
https://github.com/rfjakob/gocryptfs/issues/544
2021-02-06 16:47:27 +01:00
Jakob Unterwurzacher
80a651a194
syscallcompat: MknodatUser: work around changed syscall.Setgroups semantics
...
Since go1.16beta1 (commit d1b1145cace8b968307f9311ff611e4bb810710c ,
https://go-review.googlesource.com/c/go/+/210639 )
syscall.{Setgroups,Setregid,Setreuid} affects all threads, which
is exactly what we not want.
We now use unix.{Setgroups,Setregid,Setreuid} instead.
Workarounds https://github.com/golang/go/issues/1435 .
2021-02-06 11:38:25 +01:00
Jakob Unterwurzacher
3ab1bcf1c5
README: note Trezor removal
...
Adding support for Trezor was listed, but removal was not,
causing confusion.
Closes https://github.com/rfjakob/gocryptfs/pull/534
2021-01-31 09:46:43 +01:00
Jakob Unterwurzacher
ac2e5baa13
go.mod: update go-fuse to latest master
...
We need
09a3c38171
fuse: support the new macFUSE mount protocol
so mounting on MacFuse 4.x works.
Updated using
go get github.com/hanwen/go-fuse/v2@master
.
Fixes https://github.com/rfjakob/gocryptfs/issues/524
2021-01-31 08:36:57 +01:00
Jakob Unterwurzacher
bed60101f4
nametransform: make gocryptfs.diriv
and gocryptfs.xxx.name
files world-readable
...
Make `gocryptfs.diriv` and `gocryptfs.xxx.name` files world-readable to make encrypted backups easier
when mounting via fstab.
Having the files follow chmod/chown of their parent does not seem
to be worth the hassle. The content of the diriv files is not
secret, and both diriv and name files are protected by the
perms of the parent dir.
Fixes https://github.com/rfjakob/gocryptfs/issues/539
2021-01-10 08:07:10 +01:00
Jakob Unterwurzacher
6b492fdcb8
MANPAGE: add sub-headers to EXAMPLES
...
Makes linking to them easier.
2021-01-10 08:01:08 +01:00
Jakob Unterwurzacher
f3394ae286
nametransform: move permission constants to perms.go
...
Prep for https://github.com/rfjakob/gocryptfs/issues/539
2021-01-10 07:27:04 +01:00
Jakob Unterwurzacher
de108d3fc0
-idle: don't lazy-unmount
...
When a process has its working dir inside the mount,
the only way we notice is that we get EBUSY when trying
to unmount.
We used to lazy-unmount in this case, but this means
pulling the rug from under the process.
For example, bash will start throwing
cd: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory
messages.
Fixes https://github.com/rfjakob/gocryptfs/issues/533
2021-01-02 18:19:41 +01:00
gmd20
c20c7992a0
main: add "-kernel_cache" flag
...
This option is similar to fuse(8) kernel_cache
Verified using vmtouch.
Without -kernel_cache:
$ dd if=/dev/zero of=foo bs=1M count=10 ; vmtouch -t foo ; vmtouch foo
10+0 records in
10+0 records out
10485760 bytes (10 MB, 10 MiB) copied, 0,0242321 s, 433 MB/s
Files: 1
Directories: 0
Touched Pages: 2560 (10M)
Elapsed: 0.011159 seconds
Files: 1
Directories: 0
Resident Pages: 0/2560 0/10M 0%
Elapsed: 0.000993 seconds
With -kernel_cache:
$ dd if=/dev/zero of=foo bs=1M count=10 ; vmtouch -t foo ; vmtouch foo
10+0 records in
10+0 records out
10485760 bytes (10 MB, 10 MiB) copied, 0,0244015 s, 430 MB/s
Files: 1
Directories: 0
Touched Pages: 2560 (10M)
Elapsed: 0.011564 seconds
Files: 1
Directories: 0
Resident Pages: 2560/2560 10M/10M 100%
Elapsed: 0.000369 seconds
2020-12-20 09:55:04 +01:00