Commit Graph

650 Commits

Author SHA1 Message Date
Jakob Unterwurzacher
b0342fae5d v2api: fix TestOpenBackingDir 2020-07-11 20:15:47 +02:00
Jakob Unterwurzacher
7de3330d70 v2api: implement Rename 2020-07-11 19:56:45 +02:00
Jakob Unterwurzacher
84344834c4 v2api: remove OpenatUserCtx, MknodatUserCtx helpers
Instead, use the new toFuseCtx() function introduced
in an earlier commit.
2020-07-11 19:44:45 +02:00
Jakob Unterwurzacher
250dbc6436 v2api: implement Symlink 2020-07-11 19:43:07 +02:00
Jakob Unterwurzacher
c35b575d5f v2api: implement Link 2020-07-11 19:32:38 +02:00
Jakob Unterwurzacher
b971c75e67 v2api: implement Mknod 2020-07-11 19:23:04 +02:00
Jakob Unterwurzacher
855b4a95b7 v2api: implement Statfs 2020-07-11 18:59:54 +02:00
Jakob Unterwurzacher
40a31e0c32 v2api: list interfaces to be implemented 2020-07-05 20:22:24 +02:00
Jakob Unterwurzacher
63f68a0fcd v2api: implement Setattr 2020-07-05 20:10:53 +02:00
Jakob Unterwurzacher
c22e78ee41 v2api: implement Opendir 2020-07-05 19:34:30 +02:00
Jakob Unterwurzacher
1f4e554168 v2api: merge openBackingDir into root_node.go 2020-07-04 21:42:04 +02:00
Jakob Unterwurzacher
d2139e18ef v2api: implement Open() 2020-07-04 21:37:44 +02:00
Jakob Unterwurzacher
d73e4b3f7c v2api: add prepareAtSyscall helper 2020-07-04 21:16:20 +02:00
Jakob Unterwurzacher
23180794fe v2api: implement Readlink 2020-07-04 20:32:02 +02:00
Jakob Unterwurzacher
1618fbbac5 v2api: implement Unlink 2020-06-21 14:08:53 +02:00
Jakob Unterwurzacher
cc0b94a3c5 v2api: implement Rmdir 2020-06-21 13:57:04 +02:00
Jakob Unterwurzacher
192a29075a v2api: implement Mkdir 2020-06-21 13:46:08 +02:00
Jakob Unterwurzacher
f6ded09e36 v2api: implement Create 2020-06-21 13:25:12 +02:00
Jakob Unterwurzacher
74a4accf0c v2api: collect RootNode code in root_node.go 2020-06-21 12:44:32 +02:00
Jakob Unterwurzacher
ebdf58b9eb v2api: implement GetAttr and Readdir 2020-06-21 12:42:18 +02:00
Jakob Unterwurzacher
6aa9f5636f v2api: implement Lookup()
Compiles, but untested otherwise. No caching.
2020-06-21 12:01:34 +02:00
Jakob Unterwurzacher
9b8ce55383 inomap: clarify TranslateStat function comment
Also, fix the namespaceMap comment.
2020-06-21 12:01:34 +02:00
Jakob Unterwurzacher
2aad58f9ec v2api (go-fuse v2 api): initial noop implementation
Compiles and mounts but does nothing useful.
2020-06-21 12:01:24 +02:00
Jakob Unterwurzacher
261cf12829 badname: stop trying to decrypt at length 22
At least 16 bytes due to AES --> at least 22 characters in base64
2020-06-06 12:49:45 +02:00
DerDonut
a8230d271f Added auto decryption of invalid file names
Changed invalid file decoding and decryption. Function
DecryptName now shortens the filename until the filename is
decodable and decryptable. Will work with valid **and**
invalid Base64URL delimiter (valid delimiter [0-9a-zA-z_\\-].
If the filename is not decryptable at all, it returns the
original cipher name with flag suffix Changed cli tests to
generate decryptable and undecryptable file names with correct
encrypted content. Replacing #474, extends #393
2020-06-06 12:20:31 +02:00
Jakob Unterwurzacher
71c0481f0e Revert "fusefrontend: don't always clear the dircache in Rename"
As noticed by @slackner in
cb8872577d (commitcomment-39405233) ,
this is not safe.

This reverts commit cb8872577d.
2020-05-24 23:36:11 +02:00
Jakob Unterwurzacher
15ff79bf14 syscallcompat: warn when Getdents truncates data
On CIFS mounts, unix.Getdents can return sudden ENOENT
in the middle of data. This will not be reported as an error
by user space tools, so return EIO instead.

Also log it as a warning.

https://github.com/rfjakob/gocryptfs/issues/483
2020-05-24 23:30:25 +02:00
Jakob Unterwurzacher
cb8872577d fusefrontend: don't always clear the dircache in Rename
When filename encryption is on, we do know when we
overwrite a directory, and can clear only in this case.

sshfs-benchmark.bash:    sshfs  gocryptfs-on-sshfs
git init                  1.74                7.80
rsync                     6.19               11.63
2020-05-24 20:19:27 +02:00
Jakob Unterwurzacher
2a9b99a0ef fusefrontend: don't clear dircache on Mkdir
Mkdir can not cause existing entries in the cache to go
stale. So don't clear it. Benchmark results:

sshfs-benchmark.bash:    sshfs  gocryptfs-on-sshfs
git init                  1.65                8.74
rsync                     6.09               17.54
2020-05-24 15:30:14 +02:00
Jakob Unterwurzacher
25f1727de9 syscallcompat: getdents: retry on EINTR
Fixes: https://github.com/rfjakob/gocryptfs/issues/483
Related: https://github.com/golang/go/issues/38836
2020-05-23 22:54:23 +02:00
Jakob Unterwurzacher
f8ad2ac3e2 dircache: increase cache size & lifetime
Looking at the dircache debug output, we see
that a "git status" workload has a very bad
cache hit rate because the entries expire or
get evicted before they can be reused.

Increase both cache size and lifetime for
a 4x speedup:

Before: 75s
After:  17s

https://github.com/rfjakob/gocryptfs/issues/410
2020-05-17 21:37:36 +02:00
Jakob Unterwurzacher
f6088e5008 dircache: improve debug messages
Before:

Lookup "errno.html/1/2/3/4/5": miss
Store: "errno.html/1/2/3/4/5" fd=26 iv=21be6e083d60dcabfe7368264d5082b7
Lookup "errno.html": hit 25 6d68a16d217978915036a3bd55428ae7
Lookup "errno.html/1": hit 25 932a464c299b3430c5e55c924f98ac4d
Lookup "errno.html/1/2": hit 25 7d53348b1692d537f017bf86b3cf5feb
Lookup "errno.html/1/2/3": hit 25 2aef1c9d1ab2b55b163215053fefe703
Lookup "errno.html/1/2/3/4": hit 25 cb802be53721c46a46247c5e4e0f4ce6
Lookup "errno.html/1/2/3/4": hit 25 cb802be53721c46a46247c5e4e0f4ce6
Lookup "errno.html": hit 25 6d68a16d217978915036a3bd55428ae7

After:

Lookup "earlyoom/.git/refs"                     hit fd=10 dup=17 iv=6ae2cecd269a25e8d946aff6afe9b8b8
Lookup "earlyoom/.git/refs/remotes"             hit fd=19 dup=17 iv=f04c2d2a5bcc33ebdeaca664859c980d
Lookup "earlyoom/.git/refs/remotes/origin"      miss
Store  "earlyoom/.git/refs/remotes/origin"      fd=17 iv=834a64a1697c9f5705455ba6dbed22b5
Lookup "earlyoom"                               hit fd=7 dup=25 iv=2303a892d6e2357c483574a8070b7679
Lookup "earlyoom/.git"                          hit fd=11 dup=25 iv=d43ca4aff23720c57789c9f62f0aee00
Lookup "earlyoom/.git"                          hit fd=11 dup=25 iv=d43ca4aff23720c57789c9f62f0aee00
Lookup "earlyoom/.git/refs"                     hit fd=10 dup=25 iv=6ae2cecd269a25e8d946aff6afe9b8b8
Lookup "earlyoom/.git/refs/heads"               hit fd=13 dup=25 iv=f9245e7c066b9adc768a1a666da9fbc8
2020-05-17 21:26:56 +02:00
Jakob Unterwurzacher
416080203b main: accept multiple -passfile options
Each file will be read and then concatenated
for the effictive password. This can be used as a
kind of multi-factor authenticiton.

Fixes https://github.com/rfjakob/gocryptfs/issues/288
2020-05-17 19:31:04 +02:00
Jakob Unterwurzacher
ec74d1d2f4 Update go-fuse import path to github.com/hanwen/go-fuse/v2
We need
fd7328faf9
to fix a crash reported in https://github.com/rfjakob/gocryptfs/issues/430 :

  2019/10/30 17:14:16 Unknown opcode 2016
  panic: runtime error: invalid memory address or nil pointer dereference
  [signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x508d38]

This patch is only in the v2.x.x branch. Upgrade to v2, as the
old API is also supported there.

Running

  git grep hanwen/go-fuse | grep -v hanwen/go-fuse/v2

to check for forgotten references comes back clean.
2020-05-17 14:23:47 +02:00
Jakob Unterwurzacher
ead7008a08 Fix spelling mistakes found by misspell
https://github.com/client9/misspell
2020-05-10 00:25:49 +02:00
Jakob Unterwurzacher
16221facb9 ctlsock: create exported ctlsock client library
The former interal ctlsock server package is renamed
to ctlsocksrv.
2020-05-09 17:36:41 +02:00
Jakob Unterwurzacher
feaeee90e2 inomap: fix TestSpill bit check
Wrong bit operator was used.
2020-05-03 20:28:26 +02:00
Jakob Unterwurzacher
8c9c68fb72 inomap: fix spillBit not set on 2nd hit
Also add a test for this.

Thanks @slackner for the comment.
2020-05-03 20:21:11 +02:00
Jakob Unterwurzacher
91f5c242a8 inomap: remove leftover debug output
This was committed by accident.
2020-05-03 20:01:12 +02:00
Jakob Unterwurzacher
518771e4e2 fusefrontend_reverse: use inomap for inode number translation
Gets rid of static inode number value limitations.

Fixes https://github.com/rfjakob/gocryptfs/issues/457
2020-05-03 15:22:10 +02:00
Jakob Unterwurzacher
483054efaa inomap: comment constants 2020-04-19 22:09:21 +02:00
Jakob Unterwurzacher
9f9d59ded9 inomap: rework logic to efficiently support flags
Adding flags allows to use inomap in reverse mode,
replacing the clunky inoBaseDirIV/inoBaseNameFile
logic that causes problems with high underlying
inode numbers ( https://github.com/rfjakob/gocryptfs/issues/457 )

Microbenchmarks (values below) show that the "SingleDev"
case is now much slower due to an extra map lookup,
but this has no visible effects in ./test.bash results,
so there was no time spent optimizing the case further.

$ go test -bench=.
goos: linux
goarch: amd64
pkg: github.com/rfjakob/gocryptfs/internal/inomap
BenchmarkTranslateSingleDev-4   	18757510	        61.5 ns/op
BenchmarkTranslateManyDevs-4    	18061515	        64.5 ns/op
PASS
ok  	github.com/rfjakob/gocryptfs/internal/inomap	2.467s
2020-04-19 22:00:56 +02:00
Jakob Unterwurzacher
fcdeb52390 inomap: add benchmark
$ go test -bench=.
goos: linux
goarch: amd64
pkg: github.com/rfjakob/gocryptfs/internal/inomap
BenchmarkTranslateSingleDev-4   	202479382	         5.88 ns/op
BenchmarkTranslateManyDevs-4    	16095795	        71.9 ns/op
PASS
ok  	github.com/rfjakob/gocryptfs/internal/inomap	3.039s
2020-04-19 21:35:06 +02:00
Jakob Unterwurzacher
f6b1c680b3 nametransform: update comment & simplify tests
The comment still mentioned CBC, which has been removed
a long time ago.

The test definition can be rewritten using slice literals,
saving sume stuttering.
2020-04-18 16:14:48 +02:00
Jakob Unterwurzacher
8f5c2a613d Prefer Go stdlib aes-gcm on arm64 with aes instructions
We used to prefer openssl in this situation, which
used to make sense, but now Go gained an optimized
assembly implementation for aes-gcm on arm64 with
aes instructions:

  root@q1:~/go/src/github.com/rfjakob/gocryptfs# ./gocryptfs -speed
  gocryptfs v1.7.1-46-g73436d9; go-fuse v1.0.1-0.20190319092520-161a16484456; 2020-04-13 go1.14.2 linux/arm64
  AES-GCM-256-OpenSSL      212.30 MB/s    (selected in auto mode)
  AES-GCM-256-Go           452.30 MB/s
  AES-SIV-512-Go           100.25 MB/s
  XChaCha20-Poly1305-Go    137.35 MB/s

https://github.com/rfjakob/gocryptfs/issues/452
2020-04-13 22:34:07 +02:00
Jakob Unterwurzacher
488111ce39 inomap: split into separate package
inomap will also be used by fusefrontend_reverse
in the future. Split if off openfiletable to make
it independent.
2020-04-13 14:54:04 +02:00
Jakob Unterwurzacher
194030f18a speed: add XChaCha20-Poly1305-Go
https://github.com/rfjakob/gocryptfs/issues/452
2020-04-13 14:54:04 +02:00
Jakob Unterwurzacher
f82b9caa9c speed: add code comments 2020-02-29 21:26:28 +01:00
Jakob Unterwurzacher
ca9e912a28 fusefrontend: drop xattr user namespace restriction
We used to restrict setting xattrs to the "user."
namespace. I don't see a real reason for this
anymore, and it causes trouble for users who are using
acls.

Tests will be added in the next commit.

https://github.com/rfjakob/gocryptfs/issues/453
2020-02-29 20:12:43 +01:00
orcas
9ec042f2f6 Show undecryptable filenames if they match supplied glob
Resolves https://github.com/rfjakob/gocryptfs/issues/393
2020-02-28 22:17:59 +01:00