Bisecting shows that the performance drop is caused by
this commit:
commit ca9e912a28 (refs/bisect/bad)
Author: Jakob Unterwurzacher <jakobunt@gmail.com>
Date: Sat Feb 29 19:58:08 2020 +0100
fusefrontend: drop xattr user namespace restriction
Feedback received during the recent Go user group. If you haven't
used FUSE before, you don't know how to unmount, and it was not
described in the man page!
As for the options, there are many, and new users are intimidated
by it. State clearly that defaults are fine.
When generating man pages, pandoc marks indented code blocks with the
roff macro '.nf'. That avoids a warning from man related to the long
line about the master key.
This adds support for gitignore-like wildcards and exclude patters in
reverse mode. It (somewhat) fixes#273: no regexp support, but the
syntax should be powerful enough to satisfy most needs.
Also, since adding a lot of --exclude options can be tedious, it adds
the --exclude-from option to read patterns from a file (or files).
This gives users who build from the source tarball, but
do not want to install pandoc, access to the man pages.
Apperently the gocryptfs homebrew package ships without
the man pages at the moment to avoid pandoc.
Requested at
https://github.com/rfjakob/gocryptfs/issues/355
OpenDir and ListXAttr skip over corrupt entries,
readFileID treats files the are too small as empty.
This improves usability in the face of corruption,
but hides the problem in a log message instead of
putting it in the return code.
Create a channel to report these corruptions to fsck
so it can report them to the user.
Also update the manpage and the changelog with the -fsck option.
Closes https://github.com/rfjakob/gocryptfs/issues/191
Allows to use /dev/random for generating the master key instead of the
default Go implementation. When the kernel random generator has been
properly initialized both are considered equally secure, however:
* Versions of Go prior to 1.9 just fall back to /dev/urandom if the
getrandom() syscall would be blocking (Go Bug #19274)
* Kernel versions prior to 3.17 do not support getrandom(), and there
is no check if the random generator has been properly initialized
before reading from /dev/urandom
This is especially useful for embedded hardware with low-entroy. Please
note that generation of the master key might block indefinitely if the
kernel cannot harvest enough entropy.
At the moment, it does two things:
1. Disable stat() caching so changes to the backing storage show up
immediately.
2. Disable hard link tracking, as the inode numbers on the backing
storage are not stable when files are deleted and re-created behind
our back. This would otherwise produce strange "file does not exist"
and other errors.
Mitigates https://github.com/rfjakob/gocryptfs/issues/156
