hardcoresushi/libgocryptfs
1
0
Fork 0
Code Issues Pull Requests Releases Activity
1,382 Commits 2 Branches 0 Tags
Commit Graph

567 Commits

Author SHA1 Message Date
Sebastian Lackner
a1ba4b6576 Omit syscall.O_RDONLY flag when passing O_PATH. 
When O_PATH is specified in flags, flag bits other than O_CLOEXEC, O_DIRECTORY,
and O_NOFOLLOW are ignored.
 2019-01-03 18:24:05 +01:00
Sebastian Lackner
0414ef2572 fusefrontend: Use appropriate flags in decryptPathAt. 2019-01-03 18:24:05 +01:00
Sebastian Lackner
c0640ff3ef fusefrontend: Open directory with syscall.O_DIRECTORY in OpenDir. 2019-01-03 18:24:05 +01:00
Sebastian Lackner
078a431493 fusefrontend: Open directory with syscall.O_DIRECTORY in Rmdir. 2019-01-03 18:24:05 +01:00
Sebastian Lackner
885a341df6 fusefrontend: Do not Clear cache at end of Rmdir function. 
We already do 'defer fs.dirCache.Clear()', so this is no longer required.
 2019-01-03 18:24:05 +01:00
Sebastian Lackner
61241b0588 nametransform: Add implicit syscall.O_RDONLY flag. 2019-01-03 18:24:05 +01:00
Sebastian Lackner
927b3ce4cf syscallcompat: Use O_PATH to open base directory. 
Also remove some unnecessary flags: When O_PATH is specified in flags, flag
bits other than O_CLOEXEC, O_DIRECTORY, and O_NOFOLLOW are ignored.
 2019-01-03 18:24:05 +01:00
Sebastian Lackner
d86f9914ac fusefrontend: Remove debug code. 
This code was accidentially added in 4f66d66755da63c78b09201c6c72353009251cf2.
 2019-01-03 18:24:05 +01:00
Jakob Unterwurzacher
fcdb4bec09 fusefronted: dirCache: fix bug handling "" 
Bug looked like this:

  $ ls -l .
  total 0
  drwxrwxr-x. 2 jakob jakob 60 Jan  3 15:42 foo
  -rw-rw-r--. 1 jakob jakob  0 Jan  3 15:46 x

  $ ls -l .
  ls: cannot access '.': No such file or directory

(only happened when "" was in the dirCache)
 2019-01-03 15:59:54 +01:00
Jakob Unterwurzacher
4f66d66755 fusefrontend: add dirCache 2019-01-03 15:31:13 +01:00
Jakob Unterwurzacher
f6dad8d0fa nametransform: simplify WriteDirIV to WriteDirIVAt 
Un-spaghettify the function and let the callers open
the directory.
 2019-01-03 15:31:13 +01:00
Jakob Unterwurzacher
0fd7637624 fusefrontend: use O_RDONLY in the ListXAttr fallback path 
Copy-paste error.

https://github.com/rfjakob/gocryptfs/issues/308
 2019-01-02 22:20:44 +01:00
Jakob Unterwurzacher
352f3147c5 fusefrontend: move openBackingDir into its own file 
This function is in all fastpaths, will get a cache, and needs
its own file.
renamed:    internal/fusefrontend/names.go -> internal/fusefrontend/openbackingdir.go
renamed:    internal/fusefrontend/names_test.go -> internal/fusefrontend/openbackingdir_test.go
 2019-01-02 21:52:52 +01:00
Jakob Unterwurzacher
2b12bba274 fusefronted: make EncryptPath symlink-safe 
Finally allows us to delete EncryptPathDirIV.
 2019-01-02 21:45:40 +01:00
Jakob Unterwurzacher
b214be5e3f fusefrontend: xattr: fix operations on files without read permissions 
* listxattr is fixed via the /proc/self/fd trick
* setxattr,removexattr are fixed by opening the file O_WRONLY

Fixes https://github.com/rfjakob/gocryptfs/issues/308
 2019-01-02 20:48:46 +01:00
Jakob Unterwurzacher
bb7f919674 fusefrontend: don't downgrade type needlessly 2019-01-02 20:45:08 +01:00
Jakob Unterwurzacher
f320b76fd1 fusefrontend: use Fsetxattr/Fgetxattr/etc on all platforms 
Darwin now also has these functions, use them. Simplifies
the code and makes it symlink-safe on Darwin as well.
 2019-01-02 16:58:48 +01:00
Jakob Unterwurzacher
7995a8358e syscallcompat: add Fgetxattr / Fsetxattr wrappers 
These take care of buffer sizing and parsing.
 2019-01-02 16:56:23 +01:00
Jakob Unterwurzacher
5aa1755cbc fusefrontend: openBackingDir: fix fd leak in error path 
Reported by @slackner at
932efbd459 (r31813373)
thanks!
 2019-01-02 00:14:12 +01:00
Jakob Unterwurzacher
d99a0480f7 nametransform: fix possible incomplete read in ReadLongNameAt 
Pread() needs retry logic, so instead of implementing it ourselves,
use os.File.

Reported by @slackner at
c09bf1f228 (r31813394)
 2019-01-02 00:09:17 +01:00
Jakob Unterwurzacher
cd0ec342b9 fusefrontend: fix fd leak in error path 2019-01-01 20:49:56 +01:00
Jakob Unterwurzacher
77c3df48ef fusefrontend: fix fd leak in Access() 
Thanks @slackner!

Fixes https://github.com/rfjakob/gocryptfs/issues/306
 2019-01-01 20:10:17 +01:00
Jakob Unterwurzacher
60e7a0ca9f fusefrontend: xattr: fix hang on FIFOs 
An Open() a fifo blocks until it is opened for writing.
This meant that xattr operations on FIFOs would block.
Pass O_NONBLOCK to fix that, and add a test.
 2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
1d5500c3db fusefrontend: only compile getBackingPath() on Darwin 
This function is NOT symlink-safe. Darwin needs it because it lacks
fgetxattr(2) and friends.
 2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
c3adf9729d fusefrontend: make ListXAttr symlink-safe on Linux 
Uses /proc/self/fd.
 2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
d3ae87fa2b fusefrontend: make RemoveXAttr() symlink-safe 
Uses /proc/self/fd on Linux.
 2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
810d2a8b47 fusefrontend: make SetXAttr() symlink-safe on Linux 
Uses the /proc/self/fd trick.
 2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
2286372603 fusefrontend: make GetXAttr() symlink-safe on Linux 
Uses the /proc/self/fd trick, which does not work
on Darwin.
 2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
a355670ca2 fusefrontend: make Utimens symlink-safe 
unix.UtimesNanoAt now also exists on Darwin, yay!
 2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
abbdaa8ea4 fusefrontend: fix compile failure on Darwin 
Failure was:

 + GOOS=darwin
 + GOARCH=amd64
 + go build -tags without_openssl
 # github.com/rfjakob/gocryptfs/internal/fusefrontend
 internal/fusefrontend/fs_dir.go:159:60: cannot use origMode | 448 (type uint16) as type uint32 in argument to syscallcompat.Fchmodat
 internal/fusefrontend/fs_dir.go:170:33: cannot use origMode (type uint16) as type uint32 in argument to syscallcompat.Fchmodat
 2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
d4b7f42c3b fusefrontend: mark Truncate, Unlink, Symlink symlink-safe 
No changes needed.
 2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
436f918c21 fusefrontend: make Rmdir symlink-safe 
Now uses Unlinkat.
 2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
2de3851abd nametransform: rename WriteLongName() -> WriteLongNameAt() 
And also rename DeleteLongName() -> DeleteLongNameAt(). The
naming follow the names open the openat() etc syscalls.
 2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
4fae240153 fusefrontend: make Readlink() symlink-safe 
Now symlink-safe through Readlinkat().
 2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
21f1f858b9 fusefrontend: make OpenDir() symlink-safe 
Interestingly, little or no performance impact:

$ ./benchmark.bash
Testing gocryptfs at /tmp/benchmark.bash.39W: gocryptfs v1.6-42-g30c2349-dirty; go-fuse v20170619-66-g6df8ddc; 2018-11-04 go1.11
Downloading linux-3.0.tar.gz
/tmp/linux-3.0.tar.gz                  100%[=========================================================================>]  92.20M  2.93MB/s    in 31s
2018-11-04 21:44:44 URL:https://cdn.kernel.org/pub/linux/kernel/v3.0/linux-3.0.tar.gz [96675825/96675825] -> "/tmp/linux-3.0.tar.gz" [1]
WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 1.1808 s, 222 MB/s
READ:  262144000 bytes (262 MB, 250 MiB) copied, 0.866438 s, 303 MB/s
UNTAR: 24.745
MD5:   12.050
LS:    3.525
RM:    9.544

Note: kernel has been updated:

$ uname -a
Linux brikett 4.18.16-200.fc28.x86_64 #1 SMP Sat Oct 20 23:53:47 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
 2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
de3a2c1895 fusefrontend: mark a few more functions as symlink-safe / unsafe 2019-01-01 16:24:25 +01:00
Jakob Unterwurzacher
8586a83825 fusefrontend: use openBackingDir in ctlsock interface 
Instead of calling syscall.Open() ourselves, rely on
openBackingDir().
 2019-01-01 16:24:20 +01:00
Jakob Unterwurzacher
0c1ceed1fa fusefrontend: make GetAttr() symlink-safe 
Use openBackingDir() and Fstatat().

High performance impact, though part of it should be
mitigated by adding DirIV caching to the new code paths.

$ ./benchmark.bash
Testing gocryptfs at /tmp/benchmark.bash.Eou: gocryptfs v1.6-37-ge3914b3-dirty; go-fuse v20170619-66-g6df8ddc; 2018-10-14 go1.11
WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 1.2289 s, 213 MB/s
READ:  262144000 bytes (262 MB, 250 MiB) copied, 1.02616 s, 255 MB/s
UNTAR: 24.490
MD5:   13.120
LS:    3.368
RM:    9.232
 2019-01-01 16:24:09 +01:00
Jakob Unterwurzacher
932efbd459 fusefrontend: make openBackingDir() symlink-safe 
openBackingDir() used encryptPath(), which is not symlink-safe
itself. Drop encryptPath() and implement our own directory walk.

Adds three seconds to untar and two seconds to rm:

$ ./benchmark.bash
Testing gocryptfs at /tmp/benchmark.bash.MzG: gocryptfs v1.6-36-g8fb3c2f-dirty; go-fuse v20170619-66-g6df8ddc; 2018-10-14 go1.11
WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 1.25078 s, 210 MB/s
READ:  262144000 bytes (262 MB, 250 MiB) copied, 1.0318 s, 254 MB/s
UNTAR: 20.941
MD5:   11.568
LS:    1.638
RM:    5.337
 2019-01-01 16:24:09 +01:00
Jakob Unterwurzacher
0e2e7c13cf fusefrontend: mark symlink-safe FUSE calls 
Document which FUSE calls are already symlink-safe in
the function comment.
 2019-01-01 16:24:09 +01:00
Jakob Unterwurzacher
c09bf1f228 fusefrontend: make DecryptPath() symlink-safe 
DecryptPath is now symlink-safe through the use of *at()
functions.
 2019-01-01 16:24:09 +01:00
Jakob Unterwurzacher
ed6ed513d7 fusefrontend: make Access() symlink-safe. 
Make Access() symlink-safe through use of faccessat.
 2019-01-01 16:24:09 +01:00
Jakob Unterwurzacher
545a03da24 nametransform: comments: directly link to ioutil.WriteFile fix 
So the reader does not have to read through the whole ticket.
The commit message has a nice summary of the problem.
 2019-01-01 16:23:28 +01:00
Sebastian Lackner
5713154468 fusefrontend: Fix debug message in doWrite() method. 2019-01-01 16:12:42 +01:00
Sebastian Lackner
9ed60678e5 fusefrontend: Fix order of arguments in debug message for Read() FUSE call. 2019-01-01 16:12:05 +01:00
Sebastian Lackner
87ced5f95d nametransform: Delete incomplete longname files on error. 2019-01-01 16:09:57 +01:00
Sebastian Lackner
24594d99bf configfile: Fix a copy&paste error in validateParams method. 2018-12-28 09:58:46 +01:00
Sebastian Lackner
07c486603c configfile: Explicitly wipe scrypt derived key after decrypting/encrypting master key. 
Further raises the bar for recovering keys from memory.
 2018-12-27 18:47:14 +01:00
Sebastian Lackner
874eaf9734 Assorted spelling fixes. 
Mostly detected with the 'codespell' utility, but also includes some
manual grammar fixes.
 2018-12-27 15:19:55 +01:00
Sebastian Lackner
4c2ff26457 fusefrontend: Remove unnecessary check in doRead function. 
The same condition is already checked a few lines above, and 'err' is not
changed inbetween.
 2018-12-27 15:18:03 +01:00