04858ddd22
nametransform: check name validity on encryption
...
xfstests generic/523 discovered that we allowed to set
xattrs with "/" in the name, but did not allow to read
them later.
With this change we do not allow to set them in the first
place.
2021-06-02 14:29:48 +02:00
0e37fbe042
tests: TestFileHoleCopy: accept +-4kB
...
Failure looked like this:
--- FAIL: TestFileHoleCopy (3.73s)
--- FAIL: TestFileHoleCopy/k81 (0.04s)
file_holes_test.go:93: size changed: st0.Blocks=88 st2.Blocks=96
file_holes_test.go:147: aborting further subtests
$ findholes TestFileHoleCopy.k81.1
0 data
36864 hole
45056 data
50434 hole
50434 eof
$ findholes TestFileHoleCopy.k81.2
0 data
36864 hole
45056 data
50434 hole
50434 eof
$ filefrag -v TestFileHoleCopy.k81.1
Filesystem type is: ef53
File size of TestFileHoleCopy.k81.1 is 50434 (13 blocks of 4096 bytes)
ext: logical_offset: physical_offset: length: expected: flags:
0: 0.. 2: 23702311.. 23702313: 3:
1: 3.. 8: 20389855.. 20389860: 6: 23702314:
2: 11.. 12: 23702314.. 23702315: 2: 20389863: last,eof
TestFileHoleCopy.k81.1: 3 extents found
$ filefrag -v TestFileHoleCopy.k81.2
Filesystem type is: ef53
File size of TestFileHoleCopy.k81.2 is 50434 (13 blocks of 4096 bytes)
ext: logical_offset: physical_offset: length: expected: flags:
0: 0.. 2: 20389861.. 20389863: 3:
1: 3.. 4: 23702316.. 23702317: 2: 20389864:
2: 5.. 6: 20389864.. 20389865: 2: 23702318:
3: 7.. 8: 23702318.. 23702319: 2: 20389866:
4: 11.. 12: 23702320.. 23702321: 2: last,eof
TestFileHoleCopy.k81.2: 4 extents found
2021-05-29 16:56:20 +02:00
738a9e006a
fusefrontend: rewrite Lseek SEEK_DATA / SEEK_HOLE
...
In response to the discussion of the xfstests mailing list [1],
I looked at the Lseek implementation, which was naive and
did not handle all cases correctly.
The new implementation aligns the returned values to 4096 bytes
as most callers expect.
A lot of tests are added to verify that we handle all
cases correctly now.
[1]: https://www.spinics.net/lists/fstests/msg16554.html
2021-05-29 16:05:36 +02:00
9695f0e524
tests: add TestFileHoleCopy
...
Currently fails.
2021-05-26 13:17:56 +02:00
629d0a5ad7
tests: re-enable TestInoReuseEvil
...
Problem in go-fuse has long been fixed.
2021-05-26 13:17:56 +02:00
7d72baca69
tests: add TestHaveDotdot
...
As discovered by xfstests generic/401 [1], during the move to
the v2 api we seem to have lost the "." and ".." directory
entries.
[1]: 4ef5b032bc/screenlog.0 (L520)
2021-05-26 13:17:56 +02:00
86d8336b43
Add -acl flag to enable ACL enforcement
...
With test to verify that it actually works this
time: Run "make root_test".
Depends-on: https://github.com/rfjakob/gocryptfs/issues/536
Fixes: https://github.com/rfjakob/gocryptfs/issues/536
2021-05-15 17:58:37 +02:00
beab7004f2
tests: sharedstorage: wait 100ms longer for cache expiry
...
With 1.0 seconds we see failures on Travis, example:
https://travis-ci.org/github/rfjakob/gocryptfs/builds/765648739
With 1.1 seconds it seems to always work.
2021-04-02 20:22:26 +02:00
a2effaae39
tests: sharedstorage: add TestStaleHardlinks
2021-03-30 15:11:28 +02:00
d7d79aa81c
Add tests/sharedstorage
...
Towards better test coverage of shared backing storage
mounts.
https://github.com/rfjakob/gocryptfs/issues/525
2021-03-21 11:10:18 +01:00
6da2a69018
test_helpers: VerifySize: don't complain about ino mismatch
...
The inode number is not stable with `-sharedstorage`.
Ignore it.
Failure was like this:
--- FAIL: TestFallocate (0.02s)
helpers.go:229: Stat vs Fstat mismatch:
st= {59 11543 1 33188 1026 1026 0 0 0 4096 8 {1616315569 838232716} {1616315569 838232716} {1616315569 838232716} [0 0 0]}
st2={59 11545 1 33188 1026 1026 0 0 0 4096 8 {1616315569 838232716} {1616315569 838232716} {1616315569 838232716} [0 0 0]}
2021-03-21 10:53:51 +01:00
692a79461a
tests: matrix: add -sharestorage to test matrix
...
Currently fails like this:
=== RUN TestRmwRace
doRead 0: corrupt block #0 : cipher: message authentication failed
-wpanic turns this warning into a panic: doRead 0: corrupt block #0 : cipher: message authentication failed
panic: -wpanic turns this warning into a panic: doRead 0: corrupt block #0 : cipher: message authentication failed
goroutine 1293 [running]:
log.(*Logger).Panic(0xc00011c230, 0xc0003b17c8, 0x1, 0x1)
log/log.go:224 +0xac
github.com/rfjakob/gocryptfs/internal/tlog.(*toggledLogger).Printf(0xc00007a780, 0x55a821a766a1, 0x20, 0xc0003b19f0, 0x3, 0x3)
github.com/rfjakob/gocryptfs/internal/tlog/log.go:78 +0x1ef
github.com/rfjakob/gocryptfs/internal/fusefrontend.(*File).doRead(0xc0001ff420, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x1, 0xc000880000, 0x1020)
github.com/rfjakob/gocryptfs/internal/fusefrontend/file.go:201 +0x8c9
github.com/rfjakob/gocryptfs/internal/fusefrontend.(*File).doWrite(0xc0001ff420, 0xc000248428, 0x10, 0x30, 0xff0, 0x3, 0x18)
github.com/rfjakob/gocryptfs/internal/fusefrontend/file.go:291 +0xc9e
github.com/rfjakob/gocryptfs/internal/fusefrontend.(*File).Write(0xc0001ff420, 0x55a821b306a0, 0xc000fbde90, 0xc000248428, 0x10, 0x30, 0xff0, 0x7f4a00000000, 0x0)
github.com/rfjakob/gocryptfs/internal/fusefrontend/file.go:378 +0x25e
github.com/hanwen/go-fuse/v2/fs.(*rawBridge).Write(0xc000168140, 0xc000096000, 0xc0002483d8, 0xc000248428, 0x10, 0x30, 0x55a821ad40e0)
github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fs/bridge.go:819 +0x26d
github.com/hanwen/go-fuse/v2/fuse.doWrite(0xc000170160, 0xc000248240)
github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fuse/opcode.go:191 +0x6f
github.com/hanwen/go-fuse/v2/fuse.(*Server).handleRequest(0xc000170160, 0xc000248240, 0xc000000000)
github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fuse/server.go:472 +0x2be
github.com/hanwen/go-fuse/v2/fuse.(*Server).loop(0xc000170160, 0xc000cd4101)
github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fuse/server.go:445 +0x198
created by github.com/hanwen/go-fuse/v2/fuse.(*Server).readRequest
github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fuse/server.go:312 +0x41d
matrix_test.go:354: Write failed
2021-03-20 18:27:34 +01:00
255a71c917
tests: MountOrFatal creates mnt dir itself
...
Allows to drop a few Mkdir()s.
2021-03-20 10:33:34 +01:00
952d45ce84
tests: add TestDiskFull
...
Also fix incomplete uid restoration in TestSupplementaryGroups
and replace syscall.Setregid and friends with unix.Setregid and
friends.
This test is added to check if have problems handling a full disk.
The ticket https://github.com/rfjakob/gocryptfs/issues/550 states
that the full disk was not where the backing gocryptfs filesystem
was, but this has no effect on gocryptfs, so we test the harder
case.
2021-03-12 19:25:25 +01:00
e2dc52a965
v2api: -sharestorage: disable hard link tracking & add tests
...
Hard link tracking was not correctly disabled
since the migration to the go-fuse v2 api.
Add a test to ensure it stays off.
Fixes https://github.com/rfjakob/gocryptfs/issues/525
2021-03-07 17:22:29 +01:00
eaca820e87
fusefrontend: do not encrypt ACLs
...
Pass through system.posix_acl_access and system.posix_acl_default
unencrypted to fix "cp -a" problems.
"cp -a" uses "setxattr" even to set normal permissions, see
https://www.spinics.net/lists/linux-nfs/msg63986.html .
Fixes https://github.com/rfjakob/gocryptfs/issues/543
2021-02-07 20:01:16 +01:00
bb2484f152
tests/xattr: fix acl blob
...
The blob was truncated to 31 bytes.
2021-02-07 20:00:33 +01:00
bed60101f4
nametransform: make `gocryptfs.diriv` and `gocryptfs.xxx.name` files world-readable
...
Make `gocryptfs.diriv` and `gocryptfs.xxx.name` files world-readable to make encrypted backups easier
when mounting via fstab.
Having the files follow chmod/chown of their parent does not seem
to be worth the hassle. The content of the diriv files is not
secret, and both diriv and name files are protected by the
perms of the parent dir.
Fixes https://github.com/rfjakob/gocryptfs/issues/539
2021-01-10 08:07:10 +01:00
754c483870
tests: fsstress-gocryptfs.bash: log timestamp for each iteration
2020-10-04 00:12:46 +02:00
66449bf56b
tests: fsstress-gocryptfs.bash: add DEBUG option
...
Also add a wrapper script, fsstress.collect-crashes.sh, to collect
the debug output.
https://github.com/hanwen/go-fuse/issues/372
2020-10-04 00:12:25 +02:00
3c5a80c27b
fsstress-gocryptfs.bash: don't hang if TMPDIR ends in /
...
We would hang like this
./fsstress-loopback.bash
Recompile go-fuse loopback: v2.0.3-7-g0b6cbc5
Waiting for mount: xxxxxxxx^C
if TMPDIR has a trailing /. The reason is that the
paths in /proc/self/mounts are normalized, while
TMPDIR may not be.
2020-10-03 14:23:37 +02:00
27c92f63be
fsstress-gocryptfs.bash: print loopback version & mount path
...
To make the used go-fuse version clear in logs,
print it on startup, similar to what we do with gocryptfs.
2020-09-18 18:31:22 +02:00
af7386713c
stress_tests/fsstress-gocryptfs.bash: use rm -Rf for cleanup
...
Apparently, kernel 5.8 now allows unprivileged "mknod /tmp/x c 0 0":
vfs: allow unprivileged whiteout creation
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.8.9&id=a3c751a50fe6bbe50eb7622a14b18b361804ee0c
which is why rm throws a new prompt:
rm: remove write-protected character special file '...'?
Use rm -Rf to suppress that.
2020-09-13 14:14:23 +02:00
6a9c49e9cf
tests/plaintextnames: add TestInoReuseEvil
2020-09-12 17:55:37 +02:00
db61ec5115
tests: add TestInoReuse
2020-09-09 18:18:37 +02:00
6577f1b146
test_helpers: print warning when not running on ext4
...
ext4 reuses inode numbers, tmpfs does not.
2020-09-09 11:47:17 +02:00
7c0363dee5
test_helpers: mark MountOrFatal as a Helper()
2020-09-09 11:15:54 +02:00
993b19c19c
gocryptfs -init: fix wrong exit code on non-empty dir
...
Fixes https://github.com/rfjakob/gocryptfs/pull/503
2020-09-06 11:35:25 +02:00
3806a8cc93
tests/reverse: implement (skipped) xattr test
...
v1api reverse mode did not have xattr support,
the v2api version may have at some point. Prep the
test already.
2020-08-30 16:36:10 +02:00
d212b246c5
v2api/reverse: implement Lseek
2020-08-16 19:58:47 +02:00
58a2726977
v2api/reverse: implement Statfs
2020-08-16 19:41:00 +02:00
94e8fc12ea
v2api/reverse: finish -exclude
...
Tests pass now.
2020-08-15 17:31:45 +02:00
f270135c16
test_helper: VerifyExistence: don't panic
...
Instead bubble up the error to the testing object.
2020-08-15 15:39:08 +02:00
9e0b07ec99
stress_tests: run pingpong.bash at nice level 19
...
Like extractloop.bash.
2020-07-26 20:01:30 +02:00
4572cd2103
v2api: fix missing size translation in Lookup
2020-07-26 19:49:26 +02:00
9cd24d79a2
v2api: implement Lseek
...
This also fixes the last remaining tests/fsck failure.
2020-07-23 22:55:07 +02:00
8915785acf
v2api: fsck: use a temporary mount
...
Directly accessing the Nodes does not work properly,
as there is no way to attach a newly LOOKUPped Node
to the tree. This means Path() does not work.
Use an actual mount instead and walk the tree.
2020-07-19 23:03:47 +02:00
d7db071528
tests: TestMagicNames: add warmup rounds
...
Chasing a bug that seems to have nothing to do
with magic names, as it already triggers during
warmup:
--- FAIL: TestMagicNames (0.00s)
matrix_test.go:773: Testing n="warmup1"
matrix_test.go:773: Testing n="warmup2"
matrix_test.go:820: no such file or directory
2020-07-12 21:00:52 +02:00
f11432d02a
v2api: Getattr: use file handle if passed
2020-07-12 15:08:17 +02:00
f3a0dbabee
tests: fix TestCpWarnings comment typo
2020-07-12 13:43:34 +02:00
fd0e8aa869
tests: don't crash on empty Flistxattr result
2020-07-12 13:40:21 +02:00
735e2aa65b
v2api: fix Mkdir crash when using plaintextnames
2020-07-12 13:35:37 +02:00
3b61244b72
tests: TestBadname: simplify test by using empty files
...
Simplify the tests by using empty files. Empty
files are valid, and we don't check the content
anyway.
Also adjust comment style a little and add
a missing break statement.
2020-06-06 12:53:45 +02:00
a8230d271f
Added auto decryption of invalid file names
...
Changed invalid file decoding and decryption. Function
DecryptName now shortens the filename until the filename is
decodable and decryptable. Will work with valid **and**
invalid Base64URL delimiter (valid delimiter [0-9a-zA-z_\\-].
If the filename is not decryptable at all, it returns the
original cipher name with flag suffix Changed cli tests to
generate decryptable and undecryptable file names with correct
encrypted content. Replacing #474 , extends #393
2020-06-06 12:20:31 +02:00
a56e7cc5ac
sshfs-benchmark.bash: fix locale trouble and move to tests
...
Locale trouble was
sshfs-benchmark.bash: line 31: printf: 4.71: invalid number
because printf expected "4,71" in the German locale.
Force the C locale.
2020-06-06 12:15:41 +02:00
f8ad2ac3e2
dircache: increase cache size & lifetime
...
Looking at the dircache debug output, we see
that a "git status" workload has a very bad
cache hit rate because the entries expire or
get evicted before they can be reused.
Increase both cache size and lifetime for
a 4x speedup:
Before: 75s
After: 17s
https://github.com/rfjakob/gocryptfs/issues/410
2020-05-17 21:37:36 +02:00
416080203b
main: accept multiple -passfile options
...
Each file will be read and then concatenated
for the effictive password. This can be used as a
kind of multi-factor authenticiton.
Fixes https://github.com/rfjakob/gocryptfs/issues/288
2020-05-17 19:31:04 +02:00
ead7008a08
Fix spelling mistakes found by misspell
...
https://github.com/client9/misspell
2020-05-10 00:25:49 +02:00
a9895b3487
gocryptfs-xray: add -0 flag, add tests
...
The -0 flags works like xargs -0.
2020-05-10 00:04:14 +02:00
171b1eac91
test_helpers: use new ctlsock.CtlSock API
2020-05-09 19:09:33 +02:00
Jakob Unterwurzacher