fscrypt.git/actions, branch refactorGo tool for managing Linux filesystem encryption
https://git.hodgden.net/cgit.cgi/fscrypt.git/atom?h=refactor2017-10-20T18:24:14Zcrypto: Remove crypto.randReader2017-10-20T18:24:14ZJoseph Richeyjoerichey94@gmail.com2017-10-19T18:34:07Zurn:sha1:6de6b14a09b3695fe797e5fd59a04b3c3834641a
As #19274 is now fixed in Go 1.9, there is no longer any reason to have
a duplicate implementation to the standard library. We can now move
safely to crypto/rand.
util: Add better user lookup functions2017-10-19T10:34:51ZJoseph Richeyjoerichey94@gmail.com2017-10-19T10:15:28Zurn:sha1:b7de8535f899f2b88d61f4f1264fe6a272196536
When looking up users in fscrypt, we often want to proceed even if the
requested uid doesn't appear to be a valid user on the system. This
mainly occurs when a user is deleted, but they still have a login
protector on disk.
Thus, GetUser() with a bad uid creates a fake user with a pretty
placeholder name. The corresponding call sites of util.EffectiveUser are
changed (often simplifying logic). Various documentation is updated and
typos are fixed.
security: Change user keyring lookup algorithm2017-09-01T07:53:07ZJoseph Richeyjoerichey94@gmail.com2017-09-01T07:53:07Zurn:sha1:1ce72a7367967152948dbe332ea8d9834f194c27
Now instead of spawning a seperate thread we alternate between changing
the euid and ruid to both find the keyring and link it to the process
keyring. Note that we also ensure that the user keyring is linked into
the root keyring whenever possible.
actions: context now hold a target user.User2017-08-31T01:00:04ZJoe Richeyjoerichey@google.com2017-08-31T01:00:04Zurn:sha1:dad0a047cefc79cbe664afc07d69db6b8bf123bd
This user is used with policies to interface with the keryings and with
protectors to indicate which user's login passphrase should be used to
protectors of type pam_passphrase.
Various small nits a helper functions for PAM2017-08-22T18:51:31ZJoe Richey joerichey@google.comjoerichey@google.com2017-07-19T22:40:35Zurn:sha1:f3f1d2f98de26e8180c56d87aaad0e4e98fb4e47cmd/fscrypt: purge command now clears cache2017-08-18T05:49:44ZJoe Richey joerichey@google.comjoerichey@google.com2017-08-16T01:11:29Zurn:sha1:151e8965fa3a9c8f65e316430f9df0fa763fb02dcrypto: Switch from session to user keyring2017-08-15T20:16:08ZJoe Richey joerichey@google.comjoerichey@google.com2017-08-15T19:06:11Zurn:sha1:5e8dfc196020693d2a9dc809cf6bc87096ddc09factions: calculate password hash difficulty correctly2017-08-07T17:05:53ZEric Biggersebiggers@google.com2017-08-07T17:05:53Zurn:sha1:297b46e65415c7d032844b39e7504bb862e2ea28
'fscrypt setup' is supposed to calibrate the Argon2 password hashing
difficulty to 1s by default, but actually it was setting it to only 1s /
num_cpus because the hashing is done with all CPUs and it is timed using
the CLOCK_PROCESS_CPUTIME_ID clock, which measures the time spent by all
threads in the process. Fix this by dividing the elapsed time by
HashingCosts.Parallelism, which is used as the number of threads.
tests: Unit tests and Integration tests work2017-07-19T04:08:02ZJoe Richey joerichey@google.comjoerichey@google.com2017-07-19T04:08:02Zurn:sha1:3afdd84a5c0cea217043e9d32ce61e9f6bccf18b
Now the testing functions will skip the integration tests if a testing
filesystem is not specified.
actions: Fixed flaky hashing test2017-07-18T06:29:27ZJoe Richey joerichey@google.comjoerichey@google.com2017-07-18T06:29:27Zurn:sha1:17f7dd867d0fd450377c6862c0782483d39ae408