Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package fscrypt for openSUSE:Factory checked in at 2024-05-10 12:05:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/fscrypt (Old) and /work/SRC/openSUSE:Factory/.fscrypt.new.1880 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "fscrypt" Fri May 10 12:05:25 2024 rev:5 rq:1172978 version:0.3.5 Changes: -------- --- /work/SRC/openSUSE:Factory/fscrypt/fscrypt.changes 2023-03-15 18:56:32.933034855 +0100 +++ /work/SRC/openSUSE:Factory/.fscrypt.new.1880/fscrypt.changes 2024-05-10 12:06:34.192610259 +0200 @@ -1,0 +2,11 @@ +Thu May 9 18:53:43 UTC 2024 - Dirk Müller <[email protected]> + +- update to 0.3.5: + * Upgraded various dependencies, resolving two security alerts + from GitHub. + * `fscrypt` now requires Go 1.18 or later to build. + * `fscrypt` now provides a better error message when it's asked + to operate on a locked regular file. + * Made some improvements to the documentation. + +------------------------------------------------------------------- Old: ---- fscrypt-0.3.4.tar.gz New: ---- fscrypt-0.3.5.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ fscrypt.spec ++++++ --- /var/tmp/diff_new_pack.JXXeKc/_old 2024-05-10 12:06:34.956638099 +0200 +++ /var/tmp/diff_new_pack.JXXeKc/_new 2024-05-10 12:06:34.960638244 +0200 @@ -1,7 +1,7 @@ # # spec file for package fscrypt # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: fscrypt -Version: 0.3.4 +Version: 0.3.5 Release: 0 Summary: Go tool for managing Linux filesystem encryption License: Apache-2.0 @@ -31,7 +31,7 @@ BuildRequires: m4 BuildRequires: pam-devel BuildRequires: pkgconfig -BuildRequires: golang(API) >= 1.16 +BuildRequires: golang(API) >= 1.18 BuildRequires: pkgconfig(bash-completion) Requires: pam-fscrypt = %{version} ++++++ fscrypt-0.3.4.tar.gz -> fscrypt-0.3.5.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/.github/workflows/ci.yml new/fscrypt-0.3.5/.github/workflows/ci.yml --- old/fscrypt-0.3.4/.github/workflows/ci.yml 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/.github/workflows/ci.yml 2024-03-19 23:09:50.000000000 +0100 @@ -27,11 +27,11 @@ build: strategy: matrix: - go: ['1.18', '1.17', '1.16'] + go: ['1.18', '1.19', '1.20'] name: Build (Go ${{ matrix.go }}) runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/setup-go@v2 with: go-version: ${{ matrix.go }} @@ -46,10 +46,10 @@ name: Build (32-bit) runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/setup-go@v2 with: - go-version: '1.18' + go-version: '1.20' - name: Install dependencies run: | sudo dpkg --add-architecture i386 @@ -62,10 +62,10 @@ name: Run integration tests runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/setup-go@v2 with: - go-version: '1.18' + go-version: '1.20' - name: Install dependencies run: | sudo apt-get update @@ -88,7 +88,7 @@ # arch: [armv7, aarch64, ppc64le] # runs-on: ubuntu-latest # steps: - # - uses: actions/checkout@v3 + # - uses: actions/checkout@v4 # - uses: uraimo/[email protected] # with: # arch: ${{ matrix.arch }} @@ -111,10 +111,10 @@ # The cli tests require kernel 5.4 or later, and thus Ubuntu 20.04 or later. runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/setup-go@v2 with: - go-version: '1.18' + go-version: '1.20' - name: Install dependencies run: | sudo apt-get update @@ -126,10 +126,10 @@ name: Generate, format, and lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/setup-go@v2 with: - go-version: '1.18' + go-version: '1.20' - name: Install dependencies run: | sudo apt-get update diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/.gitignore new/fscrypt-0.3.5/.gitignore --- old/fscrypt-0.3.4/.gitignore 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/.gitignore 2024-03-19 23:09:50.000000000 +0100 @@ -1,7 +1,6 @@ bin/fscrypt bin/pam_fscrypt.so bin/protoc -bin/golint bin/protoc-gen-go bin/goimports bin/staticcheck diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/CONTRIBUTING.md new/fscrypt-0.3.5/CONTRIBUTING.md --- old/fscrypt-0.3.4/CONTRIBUTING.md 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/CONTRIBUTING.md 2024-03-19 23:09:50.000000000 +0100 @@ -160,5 +160,4 @@ `make lint` runs: - [`go vet`](https://golang.org/cmd/vet/) - - [`golint`](https://github.com/golang/lint) - [`staticcheck`](https://github.com/dominikh/go-tools/tree/master/cmd/staticcheck) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/Makefile new/fscrypt-0.3.5/Makefile --- old/fscrypt-0.3.4/Makefile 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/Makefile 2024-03-19 23:09:50.000000000 +0100 @@ -16,7 +16,7 @@ # the License. # Update this on each new release, along with the NEWS.md file. -VERSION := v0.3.4 +VERSION := v0.3.5 NAME := fscrypt PAM_NAME := pam_$(NAME) @@ -105,9 +105,8 @@ goimports -w $(GO_NONGEN_FILES) clang-format -i -style=Google $(C_FILES) -lint: $(BIN)/golint $(BIN)/staticcheck $(BIN)/misspell +lint: $(BIN)/staticcheck $(BIN)/misspell go vet ./... - go list ./... | xargs -L1 golint -set_exit_status staticcheck ./... misspell -source=text $(FILES) shellcheck -s bash cmd/fscrypt/fscrypt_bash_completion @@ -197,12 +196,10 @@ endif #### Tool Building Commands #### -TOOLS := $(addprefix $(BIN)/,protoc golint protoc-gen-go goimports staticcheck gocovmerge misspell) +TOOLS := $(addprefix $(BIN)/,protoc protoc-gen-go goimports staticcheck gocovmerge misspell) .PHONY: tools tools: $(TOOLS) -$(BIN)/golint: - go build -o $@ golang.org/x/lint/golint $(BIN)/protoc-gen-go: go build -o $@ google.golang.org/protobuf/cmd/protoc-gen-go $(BIN)/goimports: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/NEWS.md new/fscrypt-0.3.5/NEWS.md --- old/fscrypt-0.3.4/NEWS.md 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/NEWS.md 2024-03-19 23:09:50.000000000 +0100 @@ -1,5 +1,16 @@ # `fscrypt` release notes +## Version 0.3.5 + +* Upgraded various dependencies, resolving two security alerts from GitHub. + +* `fscrypt` now requires Go 1.18 or later to build. + +* `fscrypt` now provides a better error message when it's asked to operate on a + locked regular file. + +* Made some improvements to the documentation. + ## Version 0.3.4 * `fscrypt` now requires Go 1.16 or later to build. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/README.md new/fscrypt-0.3.5/README.md --- old/fscrypt-0.3.4/README.md 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/README.md 2024-03-19 23:09:50.000000000 +0100 @@ -80,6 +80,16 @@ device. dm-crypt/LUKS is usually configured using [cryptsetup](https://gitlab.com/cryptsetup/cryptsetup/-/wikis/home). +* [`systemd-homed`](https://systemd.io/HOME_DIRECTORY/) supports encrypting home + directories using the same Linux native filesystem encryption API that + `fscrypt` uses. Note that while the `systemd-homed` documentation refers to + this as fscrypt support, it does not use the `fscrypt` tool; directories set + up using `systemd-homed` cannot be managed by `fscrypt` and vice versa. + `systemd-homed` has better integration with systemd than `fscrypt` does; + however, `systemd-homed` (as of systemd v255) uses an obsolete version of the + Linux native filesystem encryption API, and users may run into known issues. + Issues with `systemd-homed` should be reported to the systemd developers. + * [**eCryptfs**](https://en.wikipedia.org/wiki/ECryptfs) is an alternative filesystem-level encryption solution. It is a stacked filesystem, which means it sits on top of a real filesystem, rather than being directly integrated @@ -88,10 +98,12 @@ disadvantages. eCryptfs is usually configured using [ecryptfs-utils](https://packages.debian.org/stretch/ecryptfs-utils). -* The [**ZFS**](https://en.wikipedia.org/wiki/ZFS) filesystem supports - encryption in its own way (not compatible with `fscrypt`). ZFS encryption has - some advantages; however, ZFS isn't part of the upstream Linux kernel and is - less common than other filesystems, so this solution usually isn't an option. +* Some Linux filesystems support encryption natively, but not in a way that is + compatible with the common API that `fscrypt` uses. Examples of this are + Bcachefs and ZFS. (Note: ZFS is not part of the upstream kernel.) Bcachefs + encryption is similar to dm-crypt in that it encrypts the full filesystem with + one key. ZFS encryption operates on a per-dataset basis. If you are using + one of these filesystems, refer to the documentation for that filesystem. Which solution to use? Here are our recommendations: @@ -101,9 +113,9 @@ filesystem encryption instead. The largest users of eCryptfs (Ubuntu and Chrome OS) have switched to dm-crypt or Linux native filesystem encryption. -* If you need fine-grained control of encryption within a filesystem, then use - `fscrypt`, or `fscrypt` together with dm-crypt/LUKS. If you don't need this, - then use dm-crypt/LUKS. +* If you need fine-grained control of encryption within a filesystem and you are + using a filesystem that supports `fscrypt`, then use `fscrypt`, or `fscrypt` + together with dm-crypt/LUKS. If you don't need this, then use dm-crypt/LUKS. To understand this recommendation: consider that the main advantage of `fscrypt` is to allow different files on the same filesystem to be encrypted @@ -208,7 +220,7 @@ ## Building and installing `fscrypt` has a minimal set of build dependencies: -* [Go](https://golang.org/doc/install) 1.16 or higher. Older versions may work +* [Go](https://golang.org/doc/install) 1.18 or higher. Older versions may work but they are not tested or supported. * A C compiler (`gcc` or `clang`) * `make` @@ -219,12 +231,12 @@ - Arch: [`pam`](https://www.archlinux.org/packages/core/x86_64/pam/) package (usually installed by default) -Once all the dependencies are installed, you can get the repository by running: +Once all the dependencies are installed, clone the repository by running: ```shell -go get -d github.com/google/fscrypt/... +git clone https://github.com/google/fscrypt ``` -Running `make` in `$GOPATH/src/github.com/google/fscrypt` builds the binary -(`fscrypt`) and PAM module (`pam_fscrypt.so`) in the `bin/` directory. +Running `make` builds the binary (`fscrypt`) and PAM module (`pam_fscrypt.so`) +in the `bin/` directory. Running `sudo make install` installs `fscrypt` into `/usr/local/bin`, `pam_fscrypt.so` into `/usr/local/lib/security`, and `pam_fscrypt/config` into @@ -245,7 +257,7 @@ Alternatively, if you only want to install the `fscrypt` binary to `$GOPATH/bin`, simply run: ```shell -go get github.com/google/fscrypt/cmd/fscrypt +go install github.com/google/fscrypt/cmd/fscrypt@latest ``` See the `Makefile` for instructions on how to further customize the build. @@ -274,6 +286,9 @@ contain `CONFIG_FS_ENCRYPTION=y` (for kernels v5.1+) or `CONFIG_UBIFS_FS_ENCRYPTION=y` (for older kernels). +* CephFS, with upstream kernel v6.6 or later. The kernel configuration must + contain `CONFIG_FS_ENCRYPTION=y`. + * [Lustre](https://www.lustre.org/), with Lustre v2.14.0 or later. For details, see the Lustre documentation. Please note that Lustre is not part of the upstream Linux kernel, and its encryption implementation has not been reviewed @@ -290,10 +305,6 @@ allows the use of v2 encryption policies. v2 policies have several security and usability improvements over v1 policies. -Be careful when using ext4 encryption on removable media, since ext4 filesystems -with the `encrypt` feature cannot be mounted on systems with kernel versions -older than the minimums listed above -- even to access unencrypted files! - If you configure `fscrypt` to use non-default features, other kernel prerequisites may be needed too. See [Configuration file](#configuration-file). diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/actions/context.go new/fscrypt-0.3.5/actions/context.go --- old/fscrypt-0.3.4/actions/context.go 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/actions/context.go 2024-03-19 23:09:50.000000000 +0100 @@ -22,10 +22,10 @@ // All of the actions include a significant amount of logging, so that good // output can be provided for cmd/fscrypt's verbose mode. // The top-level actions currently include: -// - Creating a new config file -// - Creating a context on which to perform actions -// - Creating, unlocking, and modifying Protectors -// - Creating, unlocking, and modifying Policies +// - Creating a new config file +// - Creating a context on which to perform actions +// - Creating, unlocking, and modifying Protectors +// - Creating, unlocking, and modifying Policies package actions import ( diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/cli-tests/t_lock.out new/fscrypt-0.3.5/cli-tests/t_lock.out --- old/fscrypt-0.3.4/cli-tests/t_lock.out 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/cli-tests/t_lock.out 2024-03-19 23:09:50.000000000 +0100 @@ -85,3 +85,18 @@ contents "MNT/dir" is now locked. cat: MNT/dir/file: No such file or directory + +# Try to operate on locked regular file +"MNT/dir" is now locked. +[ERROR] fscrypt status: cannot operate on locked regular file + "MNT/file" + +It is not possible to operate directly on a locked regular file, since the +kernel does not support this. Specify the parent directory instead. (For loose +files, any directory with the file's policy works.) +[ERROR] fscrypt unlock: cannot operate on locked regular file + "MNT/file" + +It is not possible to operate directly on a locked regular file, since the +kernel does not support this. Specify the parent directory instead. (For loose +files, any directory with the file's policy works.) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/cli-tests/t_lock.sh new/fscrypt-0.3.5/cli-tests/t_lock.sh --- old/fscrypt-0.3.4/cli-tests/t_lock.sh 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/cli-tests/t_lock.sh 2024-03-19 23:09:50.000000000 +0100 @@ -52,3 +52,14 @@ cat "$dir/file" fscrypt lock --all-users "$dir" _expect_failure "cat '$dir/file'" + +_print_header "Try to operate on locked regular file" +_reset_filesystems +rm -rf "$dir" +mkdir "$dir" +echo hunter2 | fscrypt encrypt --quiet --name=prot "$dir" +echo contents > "$dir/file" +mv "$dir/file" "$MNT/file" # Make it a loose encrypted file. +fscrypt lock "$dir" +_expect_failure "fscrypt status '$MNT/file'" +_expect_failure "fscrypt unlock '$MNT/file'" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/cmd/fscrypt/errors.go new/fscrypt-0.3.5/cmd/fscrypt/errors.go --- old/fscrypt-0.3.4/cmd/fscrypt/errors.go 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/cmd/fscrypt/errors.go 2024-03-19 23:09:50.000000000 +0100 @@ -230,6 +230,10 @@ if !util.IsKernelVersionAtLeast(4, 10) { return "ubifs encryption requires kernel v4.10 or later." } + case "ceph": + if !util.IsKernelVersionAtLeast(6, 6) { + return "CephFS encryption requires kernel v6.6 or later." + } } return "" case *filesystem.ErrNoCreatePermission: @@ -247,6 +251,11 @@ return `This is usually the result of a bad PAM configuration. Either correct the problem in your PAM stack, enable pam_keyinit.so, or run "keyctl link @u @s".` + case *metadata.ErrLockedRegularFile: + return `It is not possible to operate directly on a locked + regular file, since the kernel does not support this. + Specify the parent directory instead. (For loose files, + any directory with the file's policy works.)` } switch errors.Cause(err) { case crypto.ErrMlockUlimit: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/cmd/fscrypt/format.go new/fscrypt-0.3.5/cmd/fscrypt/format.go --- old/fscrypt-0.3.4/cmd/fscrypt/format.go 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/cmd/fscrypt/format.go 2024-03-19 23:09:50.000000000 +0100 @@ -82,8 +82,10 @@ } // How a flag should appear on the command line. We have two formats: -// --name -// --name=ARG_NAME +// +// --name +// --name=ARG_NAME +// // The ARG_NAME appears if the prettyFlag's GetArgName() method returns a // non-empty string. The returned string from shortDisplay() does not include // any leading or trailing whitespace. @@ -96,13 +98,12 @@ // How our flags should appear when displaying their usage. An example would be: // -// --help Prints help screen for commands and subcommands. +// --help Prints help screen for commands and subcommands. // // If a default is specified, then it is appended to the usage. Example: // -// --time=TIME Calibrate passphrase hashing to take the -// specified amount of TIME (default: 1s) -// +// --time=TIME Calibrate passphrase hashing to take the +// specified amount of TIME (default: 1s) func longDisplay(f prettyFlag, defaultString ...string) string { usage := f.GetUsage() if len(defaultString) > 0 { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/crypto/crypto.go new/fscrypt-0.3.5/crypto/crypto.go --- old/fscrypt-0.3.4/crypto/crypto.go 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/crypto/crypto.go 2024-03-19 23:09:50.000000000 +0100 @@ -18,17 +18,17 @@ */ // Package crypto manages all the cryptography for fscrypt. This includes: -// - Key management (key.go) -// - Securely holding keys in memory -// - Making recovery keys -// - Randomness (rand.go) -// - Cryptographic algorithms (crypto.go) -// - encryption (AES256-CTR) -// - authentication (SHA256-based HMAC) -// - key stretching (SHA256-based HKDF) -// - key wrapping/unwrapping (Encrypt then MAC) -// - passphrase-based key derivation (Argon2id) -// - key descriptor computation (double SHA512, or HKDF-SHA512) +// 1. Key management (key.go) +// - Securely holding keys in memory +// - Making recovery keys +// 2. Randomness (rand.go) +// 3. Cryptographic algorithms (crypto.go) +// - encryption (AES256-CTR) +// - authentication (SHA256-based HMAC) +// - key stretching (SHA256-based HKDF) +// - key wrapping/unwrapping (Encrypt then MAC) +// - passphrase-based key derivation (Argon2id) +// - key descriptor computation (double SHA512, or HKDF-SHA512) package crypto import ( diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/crypto/crypto_test.go new/fscrypt-0.3.5/crypto/crypto_test.go --- old/fscrypt-0.3.4/crypto/crypto_test.go 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/crypto/crypto_test.go 2024-03-19 23:09:50.000000000 +0100 @@ -64,7 +64,9 @@ // Values for test cases pulled from argon2 command line tool. // To generate run: -// echo "password" | argon2 "aaaaaaaaaaaaaaaa" -id -t <t> -m <m> -p <p> -l 32 +// +// echo "password" | argon2 "aaaaaaaaaaaaaaaa" -id -t <t> -m <m> -p <p> -l 32 +// // where costs.Time = <t>, costs.Memory = 2^<m>, and costs.Parallelism = <p>. type hashTestCase struct { costs *metadata.HashingCosts diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/crypto/rand.go new/fscrypt-0.3.5/crypto/rand.go --- old/fscrypt-0.3.4/crypto/rand.go 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/crypto/rand.go 2024-03-19 23:09:50.000000000 +0100 @@ -30,7 +30,8 @@ // the operating system has insufficient randomness, the buffer creation will // fail. This is an improvement over Go's built-in crypto/rand which will still // return bytes if the system has insufficiency entropy. -// See: https://github.com/golang/go/issues/19274 +// +// See: https://github.com/golang/go/issues/19274 // // While this syscall was only introduced in Kernel v3.17, it predates the // introduction of filesystem encryption, so it introduces no additional diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/filesystem/filesystem.go new/fscrypt-0.3.5/filesystem/filesystem.go --- old/fscrypt-0.3.4/filesystem/filesystem.go 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/filesystem/filesystem.go 2024-03-19 23:09:50.000000000 +0100 @@ -21,15 +21,15 @@ // Package filesystem deals with the structure of the files on disk used to // store the metadata for fscrypt. Specifically, this package includes: -// - mountpoint management (mountpoint.go) -// - querying existing mounted filesystems -// - getting filesystems from a UUID -// - finding the filesystem for a specific path -// - metadata organization (filesystem.go) -// - setting up a mounted filesystem for use with fscrypt -// - adding/querying/deleting metadata -// - making links to other filesystems' metadata -// - following links to get data from other filesystems +// 1. mountpoint management (mountpoint.go) +// - querying existing mounted filesystems +// - getting filesystems from a UUID +// - finding the filesystem for a specific path +// 2. metadata organization (filesystem.go) +// - setting up a mounted filesystem for use with fscrypt +// - adding/querying/deleting metadata +// - making links to other filesystems' metadata +// - following links to get data from other filesystems package filesystem import ( @@ -195,6 +195,7 @@ var SortDescriptorsByLastMtime = false // Mount contains information for a specific mounted filesystem. +// // Path - Absolute path where the directory is mounted // FilesystemType - Type of the mounted filesystem, e.g. "ext4" // Device - Device for filesystem (empty string if we cannot find one) @@ -210,8 +211,9 @@ // setup first. Specifically, the directories created look like: // <mountpoint> // âââ .fscrypt -// âââ policies -// âââ protectors +// +// âââ policies +// âââ protectors // // These "policies" and "protectors" directories will contain files that are // the corresponding metadata structures for policies and protectors. The public @@ -723,13 +725,13 @@ // considering that it could be a malicious file created to cause a // denial-of-service. Specifically, the following checks are done: // -// - It must be a regular file, not another type of file like a symlink or FIFO. -// (Symlinks aren't bad by themselves, but given that a malicious user could -// point one to absolutely anywhere, and there is no known use case for the -// metadata files themselves being symlinks, it seems best to disallow them.) -// - It must have a reasonable size (<= maxMetadataFileSize). -// - If trustedUser is non-nil, then the file must be owned by the given user -// or by root. +// - It must be a regular file, not another type of file like a symlink or FIFO. +// (Symlinks aren't bad by themselves, but given that a malicious user could +// point one to absolutely anywhere, and there is no known use case for the +// metadata files themselves being symlinks, it seems best to disallow them.) +// - It must have a reasonable size (<= maxMetadataFileSize). +// - If trustedUser is non-nil, then the file must be owned by the given user +// or by root. // // Take care to avoid TOCTOU (time-of-check-time-of-use) bugs when doing these // tests. Notably, we must open the file before checking the file type, as the diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/filesystem/mountpoint.go new/fscrypt-0.3.5/filesystem/mountpoint.go --- old/fscrypt-0.3.4/filesystem/mountpoint.go 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/filesystem/mountpoint.go 2024-03-19 23:09:50.000000000 +0100 @@ -106,6 +106,7 @@ // Parse one line of /proc/self/mountinfo. // // The line contains the following space-separated fields: +// // [0] mount ID // [1] parent ID // [2] major:minor @@ -184,11 +185,11 @@ // preferably a read-write mount. However, that doesn't work in containers // where the "/" subtree might not be mounted. Here's a real-world example: // -// mnt.Subtree mnt.Path -// ----------- -------- -// /var/lib/lxc/base/rootfs / -// /var/cache/pacman/pkg /var/cache/pacman/pkg -// /srv/repo/x86_64 /srv/http/x86_64 +// mnt.Subtree mnt.Path +// ----------- -------- +// /var/lib/lxc/base/rootfs / +// /var/cache/pacman/pkg /var/cache/pacman/pkg +// /srv/repo/x86_64 /srv/http/x86_64 // // In this case, all mnt.Subtree are independent. To handle this case, we must // choose the Mount whose mnt.Path contains the others, i.e. the first one. @@ -199,10 +200,10 @@ // needed to correctly handle bind mounts. For example, in the following case, // the first Mount should be chosen: // -// mnt.Subtree mnt.Path -// ----------- -------- -// /foo /foo -// /foo/dir /dir +// mnt.Subtree mnt.Path +// ----------- -------- +// /foo /foo +// /foo/dir /dir // // To solve this, we divide the mounts into non-overlapping trees of mnt.Path. // Then, we choose one of these trees which contains (exactly or via path diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/filesystem/mountpoint_test.go new/fscrypt-0.3.5/filesystem/mountpoint_test.go --- old/fscrypt-0.3.4/filesystem/mountpoint_test.go 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/filesystem/mountpoint_test.go 2024-03-19 23:09:50.000000000 +0100 @@ -17,10 +17,9 @@ * the License. */ -// Note: these tests assume the existence of some well-known directories and -// devices: /mnt, /home, /tmp, and /dev/loop0. This is because the mountpoint -// loading code only retains mountpoints on valid directories, and only retains -// device names for valid device nodes. +// Note: these tests assume the existence of some well-known directories: /mnt, +// /home, and /tmp. This is because the mountpoint loading code only retains +// mountpoints on valid directories. package filesystem @@ -100,6 +99,11 @@ // Test that Mount.Device is set to the mountpoint's source device if // applicable, otherwise it is set to the empty string. func TestLoadSourceDevice(t *testing.T) { + // The mountinfo parser ignores devices that don't exist. For the valid + // device, try /dev/loop0. If it doesn't exist, skip the test. + if _, err := os.Stat("/dev/loop0"); err != nil { + t.Skip("/dev/loop0 does not exist, skipping test") + } var mountinfo = ` 15 0 7:0 / / rw shared:1 - foo /dev/loop0 rw,data=ordered 31 15 0:27 / /tmp rw,nosuid,nodev shared:17 - tmpfs tmpfs rw diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/go.mod new/fscrypt-0.3.5/go.mod --- old/fscrypt-0.3.4/go.mod 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/go.mod 2024-03-19 23:09:50.000000000 +0100 @@ -1,17 +1,24 @@ module github.com/google/fscrypt -go 1.16 +go 1.18 require ( github.com/client9/misspell v0.3.4 github.com/pkg/errors v0.9.1 - github.com/urfave/cli v1.22.5 + github.com/urfave/cli v1.22.14 github.com/wadey/gocovmerge v0.0.0-20160331181800-b5bfa59ec0ad - golang.org/x/crypto v0.0.0-20220408190544-5352b0902921 - golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 - golang.org/x/sys v0.0.0-20220408201424-a24fb2fb8a0f - golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 - golang.org/x/tools v0.1.11-0.20220316014157-77aa08bb151a - google.golang.org/protobuf v1.28.0 - honnef.co/go/tools v0.3.0 + golang.org/x/crypto v0.17.0 + golang.org/x/sys v0.15.0 + golang.org/x/term v0.15.0 + golang.org/x/tools v0.13.0 + google.golang.org/protobuf v1.33.0 + honnef.co/go/tools v0.4.5 +) + +require ( + github.com/BurntSushi/toml v1.3.2 // indirect + github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect + github.com/russross/blackfriday/v2 v2.1.0 // indirect + golang.org/x/exp/typeparams v0.0.0-20221208152030-732eee02a75a // indirect + golang.org/x/mod v0.12.0 // indirect ) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/go.sum new/fscrypt-0.3.5/go.sum --- old/fscrypt-0.3.4/go.sum 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/go.sum 2024-03-19 23:09:50.000000000 +0100 @@ -1,74 +1,50 @@ -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/BurntSushi/toml v0.4.1 h1:GaI7EiDXDRfa8VshkTj7Fym7ha+y8/XxIgD2okUIjLw= -github.com/BurntSushi/toml v0.4.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= +github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8= +github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/client9/misspell v0.3.4 h1:ta993UF76GwbvJcIo3Y68y/M3WxlpEHPWIGDkJYwzJI= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d h1:U+s90UTSYgptZMwQh2aRr3LuazLJIa+Pg3Kc1ylSYVY= -github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w= +github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0RK8m9o+Q= -github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo= -github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= -github.com/urfave/cli v1.22.5 h1:lNq9sAHXK2qfdI8W+GRItjCEkI+2oR4d+MEHy1CKXoU= -github.com/urfave/cli v1.22.5/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= +github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= +github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/urfave/cli v1.22.14 h1:ebbhrRiGK2i4naQJr+1Xj92HXZCrK7MsyTS/ob3HnAk= +github.com/urfave/cli v1.22.14/go.mod h1:X0eDS6pD6Exaclxm99NJ3FiCDRED7vIHpx2mDOHLvkA= github.com/wadey/gocovmerge v0.0.0-20160331181800-b5bfa59ec0ad h1:W0LEBv82YCGEtcmPA3uNZBI33/qF//HAAs3MawDjRa0= github.com/wadey/gocovmerge v0.0.0-20160331181800-b5bfa59ec0ad/go.mod h1:Hy8o65+MXnS6EwGElrSRjUzQDLXreJlzYLlWiHtt8hM= -github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20220408190544-5352b0902921 h1:iU7T1X1J6yxDr0rda54sWGkHgOp5XJrqm79gcNlC2VM= -golang.org/x/crypto v0.0.0-20220408190544-5352b0902921/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/exp/typeparams v0.0.0-20220218215828-6cf2b201936e h1:qyrTQ++p1afMkO4DPEeLGq/3oTsdlvdH4vqZUBWzUKM= -golang.org/x/exp/typeparams v0.0.0-20220218215828-6cf2b201936e/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk= -golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 h1:VLliZ0d+/avPrXXH+OakdXhpJuEoBZuwh1m2j7U6Iug= -golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3 h1:kQgndtyPBW/JIYERgdxfwMYh3AVStj88WQTlNDi2a+o= -golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220408201424-a24fb2fb8a0f h1:8w7RhxzTVgUzw/AH/9mUV5q0vMgy40SQRursCcfmkCw= -golang.org/x/sys v0.0.0-20220408201424-a24fb2fb8a0f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.1.11-0.20220316014157-77aa08bb151a h1:ofrrl6c6NG5/IOSx/R1cyiQxxjqlur0h/TvbUhkH0II= -golang.org/x/tools v0.1.11-0.20220316014157-77aa08bb151a/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw= -google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k= +golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= +golang.org/x/exp/typeparams v0.0.0-20221208152030-732eee02a75a h1:Jw5wfR+h9mnIYH+OtGT2im5wV1YGGDora5vTv/aa5bE= +golang.org/x/exp/typeparams v0.0.0-20221208152030-732eee02a75a/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk= +golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc= +golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E= +golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= +golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4= +golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= +golang.org/x/tools v0.13.0 h1:Iey4qkscZuv0VvIt8E0neZjtPVQFSc870HQ448QgEmQ= +golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4= +google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -honnef.co/go/tools v0.3.0 h1:2LdYUZ7CIxnYgskbUZfY7FPggmqnh6shBqfWa8Tn3XU= -honnef.co/go/tools v0.3.0/go.mod h1:vlRD9XErLMGT+mDuofSr0mMMquscM/1nQqtRSsh6m70= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +honnef.co/go/tools v0.4.5 h1:YGD4H+SuIOOqsyoLOpZDWcieM28W47/zRO7f+9V3nvo= +honnef.co/go/tools v0.4.5/go.mod h1:GUV+uIBCLpdf0/v6UhHHG/yzI/z6qPskBeQCjcNB96k= diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/metadata/config.go new/fscrypt-0.3.5/metadata/config.go --- old/fscrypt-0.3.4/metadata/config.go 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/metadata/config.go 2024-03-19 23:09:50.000000000 +0100 @@ -21,9 +21,9 @@ // Package metadata contains all of the on disk structures. // These structures are defined in metadata.proto. The package also // contains functions for manipulating these structures, specifically: -// * Reading and Writing the Config file to disk -// * Getting and Setting Policies for directories -// * Reasonable defaults for a Policy's EncryptionOptions +// - Reading and Writing the Config file to disk +// - Getting and Setting Policies for directories +// - Reasonable defaults for a Policy's EncryptionOptions package metadata import ( diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/metadata/metadata.pb.go new/fscrypt-0.3.5/metadata/metadata.pb.go --- old/fscrypt-0.3.4/metadata/metadata.pb.go 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/metadata/metadata.pb.go 2024-03-19 23:09:50.000000000 +0100 @@ -23,7 +23,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.28.0 +// protoc-gen-go v1.33.0 // protoc v3.6.1 // source: metadata/metadata.proto diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/metadata/policy.go new/fscrypt-0.3.5/metadata/policy.go --- old/fscrypt-0.3.4/metadata/policy.go 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/metadata/policy.go 2024-03-19 23:09:50.000000000 +0100 @@ -28,6 +28,7 @@ "os" "os/user" "strconv" + "syscall" "unsafe" "github.com/pkg/errors" @@ -85,6 +86,15 @@ write access to the directory.`, err.Path, owner) } +// ErrLockedRegularFile indicates that the path is a locked regular file. +type ErrLockedRegularFile struct { + Path string +} + +func (err *ErrLockedRegularFile) Error() string { + return fmt.Sprintf("cannot operate on locked regular file %q", err.Path) +} + // ErrNotEncrypted indicates that the path is not encrypted. type ErrNotEncrypted struct { Path string @@ -164,6 +174,9 @@ func GetPolicy(path string) (*PolicyData, error) { file, err := os.Open(path) if err != nil { + if err.(*os.PathError).Err == syscall.ENOKEY { + return nil, &ErrLockedRegularFile{path} + } return nil, err } defer file.Close() diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/pam/login.go new/fscrypt-0.3.5/pam/login.go --- old/fscrypt-0.3.4/pam/login.go 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/pam/login.go 2024-03-19 23:09:50.000000000 +0100 @@ -51,6 +51,7 @@ // userInput is run when the callback needs some input from the user. We prompt // the user for information and return their answer. A return value of nil // indicates an error occurred. +// //export userInput func userInput(prompt *C.char) *C.char { fmt.Print(C.GoString(prompt)) @@ -65,6 +66,7 @@ // passphraseInput is run when the callback needs a passphrase from the user. We // pass along the tokenToCheck without prompting. A return value of nil // indicates an error occurred. +// //export passphraseInput func passphraseInput(prompt *C.char) *C.char { log.Printf("getting secret data for PAM: %q", C.GoString(prompt)) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/pam_fscrypt/pam_fscrypt.go new/fscrypt-0.3.5/pam_fscrypt/pam_fscrypt.go --- old/fscrypt-0.3.4/pam_fscrypt/pam_fscrypt.go 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/pam_fscrypt/pam_fscrypt.go 2024-03-19 23:09:50.000000000 +0100 @@ -403,6 +403,7 @@ } // pam_sm_setcred needed because we use pam_sm_authenticate. +// //export pam_sm_setcred func pam_sm_setcred(pamh unsafe.Pointer, flags, argc C.int, argv **C.char) C.int { return C.PAM_SUCCESS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/security/privileges.go new/fscrypt-0.3.5/security/privileges.go --- old/fscrypt-0.3.4/security/privileges.go 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/security/privileges.go 2024-03-19 23:09:50.000000000 +0100 @@ -18,8 +18,8 @@ */ // Package security manages: -// - Cache clearing (cache.go) -// - Privilege manipulation (privileges.go) +// - Cache clearing (cache.go) +// - Privilege manipulation (privileges.go) package security // Use the libc versions of setreuid, setregid, and setgroups instead of the diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fscrypt-0.3.4/tools.go new/fscrypt-0.3.5/tools.go --- old/fscrypt-0.3.4/tools.go 2023-01-31 07:59:20.000000000 +0100 +++ new/fscrypt-0.3.5/tools.go 2024-03-19 23:09:50.000000000 +0100 @@ -8,7 +8,6 @@ import ( _ "github.com/client9/misspell/cmd/misspell" _ "github.com/wadey/gocovmerge" - _ "golang.org/x/lint/golint" _ "golang.org/x/tools/cmd/goimports" _ "google.golang.org/protobuf/cmd/protoc-gen-go" _ "honnef.co/go/tools/cmd/staticcheck"
