fscrypt.git, branch v0.1.0 Go tool for managing Linux filesystem encryption Finalize import paths and documentation 2017-06-28T22:15:21+00:00 Joe Richey joerichey@google.com joerichey@google.com 2017-06-28T20:57:55+00:00 2c52eca8727df744d093703bbcbd87fc39d57d30 This commit changes all the internal import paths from `fscrypt/foo` to `github.com/google/fscrypt/foo` so that it can be built once we release externaly. The documentation in README.md is updated accordingly. Also, the README has a note noting that we do not make any guarantees about project stability before 1.0 (when it ships with Ubuntu). Change-Id: I6ba86e442c74057c8a06ba32a42e17f94833e280 
This commit changes all the internal import paths from `fscrypt/foo` to
`github.com/google/fscrypt/foo` so that it can be built once we release
externaly. The documentation in README.md is updated accordingly.

Also, the README has a note noting that we do not make any guarantees
about project stability before 1.0 (when it ships with Ubuntu).

Change-Id: I6ba86e442c74057c8a06ba32a42e17f94833e280
Update Makefile and README 2017-06-28T22:15:21+00:00 Joe Richey joerichey@google.com joerichey@google.com 2017-06-21T19:52:21+00:00 abdd12ff9efa98af245b91517398ad84b42fd90e This commit updates the README and Makefile to get them ready for external release. This includes adding some common pitfalls, including example usage, and allowing for tarball creation. Change-Id: I442338c7aff613a14bae449dbf091bfcaf73ed9d 
This commit updates the README and Makefile to get them ready for
external release. This includes adding some common pitfalls, including
example usage, and allowing for tarball creation.

Change-Id: I442338c7aff613a14bae449dbf091bfcaf73ed9d
cmd/fscrypt: commands to add/remove protectors 2017-06-28T22:15:21+00:00 Joe Richey joerichey@google.com joerichey@google.com 2017-06-21T19:50:11+00:00 6211297a44c81f867ec9ac420672215675bae587 This commit adds in the "fscrypt metadata add-protector-to-policy" and the "fscrypt metadata remove-protector-from-policy" subcommands. These commands allow for the creating of policies protected by multiple protectors. Change-Id: Id7e6c057448d15757c838a82d487a1b9806f585d 
This commit adds in the "fscrypt metadata add-protector-to-policy" and
the "fscrypt metadata remove-protector-from-policy" subcommands. These
commands allow for the creating of policies protected by multiple
protectors.

Change-Id: Id7e6c057448d15757c838a82d487a1b9806f585d
cmd/fscrypt: add metadata command 2017-06-28T22:15:21+00:00 Joe Richey joerichey@google.com joerichey@google.com 2017-06-21T17:27:59+00:00 8392dfe41f76538aec79231855fd9a952963bdf8 This command adds in the "fscrypt metadata" command. This command allows advanced users to manipulate the metadata directly instead of just creating a policy or protector as an option when encrypting a directory. As some of these methods will require certain flags, error handling for this case is also added. As the change passphrase method must indicate when a old vs new password is necessary, additional KeyFuncs are added which add this indicator. Change-Id: Ibc92872088fae078df3c0eebd4f0cfcb7252d781 
This command adds in the "fscrypt metadata" command. This command allows
advanced users to manipulate the metadata directly instead of just
creating a policy or protector as an option when encrypting a directory.

As some of these methods will require certain flags, error handling for
this case is also added. As the change passphrase method must indicate
when a old vs new password is necessary, additional KeyFuncs are added
which add this indicator.

Change-Id: Ibc92872088fae078df3c0eebd4f0cfcb7252d781
cmd/fscrypt: add in status and purge commands 2017-06-28T22:15:21+00:00 Joe Richey joerichey@google.com joerichey@google.com 2017-06-21T17:25:01+00:00 3604132904fcd3ad49945d0930bbf20f1888a00b This commit adds in the status command, which has 2 functions, allowing the user to query the state of the entire system or a specific filesystem. This commit also adds in the purge command to remove all policy keys corresponding to a filesystem. This (along with getting the unlock status for the status commands) uses additional keyctl functionality in the crypto and actions packages. Change-Id: Ic8e097b335c044c0b91973eff19753f363f4525d 
This commit adds in the status command, which has 2 functions, allowing
the user to query the state of the entire system or a specific
filesystem.

This commit also adds in the purge command to remove all policy keys
corresponding to a filesystem. This (along with getting the unlock
status for the status commands) uses additional keyctl functionality in
the crypto and actions packages.

Change-Id: Ic8e097b335c044c0b91973eff19753f363f4525d
cmd/fscrypt: setup, encrypt, unlock commands 2017-06-28T22:15:21+00:00 Joe Richey joerichey@google.com joerichey@google.com 2017-06-21T17:21:21+00:00 37c866e1e16a6d2dded11ba93c2e04af3764a139 This commit adds in the framework for adding commands and subcommands to the fscrypt tool. This commit adds in the "setup", "encrypt", and "unlock" commands. Additional information can be found by running: fscrypt <command> --help. This commit defines how flags are parsed and errors are handled. It also creates an extensible framework for prompting the user for information. Change-Id: I159d7f44ee2b2bbc5e072f0802850e082d9a13ce 
This commit adds in the framework for adding commands and subcommands to
the fscrypt tool. This commit adds in the "setup", "encrypt", and
"unlock" commands. Additional information can be found by running:
    fscrypt <command> --help.

This commit defines how flags are parsed and errors are handled. It also
creates an extensible framework for prompting the user for information.

Change-Id: I159d7f44ee2b2bbc5e072f0802850e082d9a13ce
actions: error handling and API changed 2017-06-28T22:15:15+00:00 Joe Richey joerichey@google.com joerichey@google.com 2017-06-21T17:03:44+00:00 93415b198a3ef427c02893b8fdf036aa75ffe50f This commit changes the error handling for the actions package to use the error handling library github.com/pkg/errors. This means replacing "errors" with "github.com/pkg/errors", reworking some of the error values, and wrapping some errors with additional context. This commit also changes the Protector/Policy API, moving most of the package functionality into Protector or Policy methods. These types are now "locked" when they are queried from the filesystem, and Unlock() must be used to get their corresponding keys. Note that only certain operations will require unlocking the keys. Certain unnecessary functions and methods are also removed. This CL also fixes two bugs reported by Tyler Hicks in CreateConfigFile. CPU time is used instead of wall time, and kiB is used instead of kB. Change-Id: I88f45659e9fe4938d148843e3289e7b6d5b698d8 
This commit changes the error handling for the actions package to use
the error handling library github.com/pkg/errors. This means replacing
"errors" with "github.com/pkg/errors", reworking some of the error
values, and wrapping some errors with additional context.

This commit also changes the Protector/Policy API, moving most of the
package functionality into Protector or Policy methods. These types are
now "locked" when they are queried from the filesystem, and Unlock()
must be used to get their corresponding keys. Note that only certain
operations will require unlocking the keys. Certain unnecessary
functions and methods are also removed.

This CL also fixes two bugs reported by Tyler Hicks in CreateConfigFile.
CPU time is used instead of wall time, and kiB is used instead of kB.

Change-Id: I88f45659e9fe4938d148843e3289e7b6d5b698d8
Change error handling to new package 2017-06-28T21:06:52+00:00 Joe Richey joerichey@google.com joerichey@google.com 2017-06-21T16:52:40+00:00 77b226a90ef70b77ca556830528c013a23b01e57 This commit changes the error handing for the crypto, filesystem, metadata, pam, and util packages to use the error handling library github.com/pkg/errors. This means elimination of the FSError type, an increased use of wrapping errors (as opposed to logging), switching on the Cause() of an error (as opposed to its value), and improving our integration tests involving TEST_FILESYSTEM_ROOT. This commit also fixes a few bugs with the keyring code to ensure that our {Find|Remove|Insert}PolicyKey functions are always operating on the same keyring. The check for filesystem support has been moved from the filesystem package to the metadata package. Finally, the API for the filesystem package has been slightly modified: * filesystem.AllFilesystems() now returns all the filesystems in sorted order * certain path methods are now public O_SYNC is also removed for writing the metadata. We don't get that much from syncing the metadata, as the actual file data could also be corrupted by and IO error. The sync operation is also occasionally very slow (~3 seconds) and can be unfriendly to battery life. Change-Id: I392c2655141714b16dfdbc84ac09780072be2cf0 
This commit changes the error handing for the crypto, filesystem,
metadata, pam, and util packages to use the error handling library
github.com/pkg/errors. This means elimination of the FSError type, an
increased use of wrapping errors (as opposed to logging), switching
on the Cause() of an error (as opposed to its value), and improving our
integration tests involving TEST_FILESYSTEM_ROOT.

This commit also fixes a few bugs with the keyring code to ensure that
our {Find|Remove|Insert}PolicyKey functions are always operating on the
same keyring. The check for filesystem support has been moved from the
filesystem package to the metadata package. Finally, the API for the
filesystem package has been slightly modified:
	* filesystem.AllFilesystems() now returns all the filesystems in
	  sorted order
	* certain path methods are now public

O_SYNC is also removed for writing the metadata. We don't get that much
from syncing the metadata, as the actual file data could also be
corrupted by and IO error. The sync operation is also occasionally very
slow (~3 seconds) and can be unfriendly to battery life.

Change-Id: I392c2655141714b16dfdbc84ac09780072be2cf0
vendor: add in github.com/pkg/errors 2017-06-26T22:40:19+00:00 Joe Richey joerichey@google.com joerichey@google.com 2017-06-16T05:11:50+00:00 07341f3966675e4875f8cad3c8d86ae502de6d4d This commit adds in the github.com/pkg/errors package for handling errors. This allows us to continue to add context to our errors as they move up the call stack, but still be able to switch on their root cause. Change-Id: I6fd55f184318ea1e28c93a84444a2627bff03682 
This commit adds in the github.com/pkg/errors package for handling
errors. This allows us to continue to add context to our errors as they
move up the call stack, but still be able to switch on their root cause.

Change-Id: I6fd55f184318ea1e28c93a84444a2627bff03682
actions: Simplify the callback mechanism 2017-06-26T22:40:08+00:00 Joe Richey joerichey@google.com joerichey@google.com 2017-06-01T00:54:35+00:00 defd27f75df3a6eef84ac33adf89b1ce255e738c This commit makes the callbacks for getting keys easier to understand. Functions which need keys now take a KeyFunc callback. This callback contains a ProtectorInfo parameter (basically a read-only version of metadata.ProtectorData) and a boolean which indicates if the call is being retried. The documentation is also updated to say which functions will retry the KeyFunc. For selecting a protector, there is now an OptionFunc callback which takes a slice of ProtectorOptions. A ProtectorOption is a ProtectorInfo along with additional information about a linked filesystem (if applicable). This commit also adds in methods for getting the protector options for a specific filesystem or policy. It also adds a function for getting the policy descriptor for a specific path. Change-Id: I41e0d94ffd44e7166b0c5cf1b5d18437960bdf90 
This commit makes the callbacks for getting keys easier to understand.
Functions which need keys now take a KeyFunc callback. This callback
contains a ProtectorInfo parameter (basically a read-only version of
metadata.ProtectorData) and a boolean which indicates if the call is
being retried. The documentation is also updated to say which functions
will retry the KeyFunc.

For selecting a protector, there is now an OptionFunc callback which
takes a slice of ProtectorOptions. A ProtectorOption is a ProtectorInfo
along with additional information about a linked filesystem (if
applicable).

This commit also adds in methods for getting the protector options for a
specific filesystem or policy. It also adds a function for getting the
policy descriptor for a specific path.

Change-Id: I41e0d94ffd44e7166b0c5cf1b5d18437960bdf90