| Age | Commit message (Collapse) | Author |
|---|
|
file creation
WriteRecoveryInstructions() opens the recovery README with os.OpenFile
using O_WRONLY|O_CREATE without O_NOFOLLOW. When fscrypt encrypt runs
as root, this allows a local attacker to place a symlink at the recovery
file path, causing root to write through the symlink and then fchown the
target file to the attacker. Adding O_EXCL|O_NOFOLLOW aligns with the
existing security pattern in filesystem.go:608 and filesystem.go:747.
|
|
* Add cgroup package
* Refactor procGgroup
* Add testdata generation
* Add v1 testdata generation
* Move scripts around
* Add integration test in CI
* Remove cgroup v1
* Move to cgroup struct
* Remove half-core test as it's redundant
|
|
Bumps the go_modules group with 1 update in the / directory: [golang.org/x/crypto](https://github.com/golang/crypto).
Updates `golang.org/x/crypto` from 0.41.0 to 0.45.0
- [Commits](https://github.com/golang/crypto/compare/v0.41.0...v0.45.0)
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-version: 0.45.0
dependency-type: direct:production
dependency-group: go_modules
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
|
|
Ran the following commands, using Go 1.23.12:
go get github.com/urfave/cli
go mod tidy
|
|
Ran the following commands, using Go 1.23.12:
go get golang.org/x/tools@v0.36.0
go mod tidy
... where v0.36.0 is the latest version that supports Go 1.23.
|
|
Ran the following commands, using Go 1.23.12:
go get honnef.co/go/tools
go mod tidy
|
|
Ran the following commands, using Go 1.23.12:
go get google.golang.org/protobuf
go mod tidy
make gen
|
|
Ran the following commands, using Go 1.23.12:
go get golang.org/x/crypto@v0.41.0
go mod tidy
... where v0.41.0 is the latest version that supports Go 1.23.
|
|
Ran the following commands, using Go 1.23.12:
go get golang.org/x/term@v0.34.0
go mod tidy
... where v0.34.0 is the latest version that supports Go 1.23.
|
|
Ran the following commands, using Go 1.23.12:
go get golang.org/x/sys@v0.35.0
go mod tidy
... where v0.35.0 is the latest version that supports Go 1.23.
|
|
|
|
This hopefully resolves https://github.com/google/fscrypt/issues/382.
|
|
GitHub Actions will drop support for ubuntu-20.04 soon.
|
|
Do not pass a path as the format string argument to errors.Wrapf(), as
this causes it to be misinterpreted as a format string, causing an
unexpected message if the path contains something like '%s'. Instead
use errors.Wrap(). This was diagnosed by Go 1.24.
Fixes https://github.com/google/fscrypt/issues/422
|
|
Bumps the go_modules group with 1 update: [golang.org/x/crypto](https://github.com/golang/crypto).
Updates `golang.org/x/crypto` from 0.17.0 to 0.31.0
- [Commits](https://github.com/golang/crypto/compare/v0.17.0...v0.31.0)
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
dependency-group: go_modules
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
|
|
Document the logic described in makeRawKey.
|
|
This has to be since the mounts are reloaded
each time a mount is added. In case of two
mounts mounting at the same time there will
be a race condition for applying policy.
Signed-off-by: NymanRobin <robin.nyman@est.tech>
|
|
README.md: link to RFE about systemd-homed fscrypt version support
Including a link to the specific report can help a reader recognize
when the warning about systemd-homed is no longer important.
It might also help to drive attention to the right place to improve
systemd-homed.
Co-authored-by: Joe Richey <joerichey@google.com>
Co-authored-by: <dkg@fifthhorseman.net>
|
|
|
|
|
|
This warning is only applicable for systems with kernel versions older
than v4.1, which is now too old to be worth the mention here.
|
|
|
|
This addresses the following warning from GitHub Actions:
Node.js 16 actions are deprecated. Please update the following
actions to use Node.js 20: actions/checkout@v3. For more information
see:
https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
A near-identical warning forced everyone to upgrade to v3 last year, so
this is some pointless churn, but let's just get it over with again...
|
|
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.13.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.13.0...v0.17.0)
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
Since opening an encrypted regular file that is locked fails with
ENOKEY, getting the encryption policy of such a file is not possible.
As a result, 'fscrypt status' and 'fscrypt lock' fail on such files.
Provide a better error message that tries to explain what is going on.
Resolves https://github.com/google/fscrypt/issues/393
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
golint is not supported anymore. See
https://github.com/golang/go/issues/38968.
We already use both 'go vet' and 'staticcheck' which are maintained.
|
|
With the latest version of go, the recommended 'go get' commands fail:
go: go.mod file not found in current directory or any parent directory.
'go get' is no longer supported outside a module.
To build and install a command, use 'go install' with a version,
like 'go install example.com/cmd@latest'
For more information, see https://golang.org/doc/go-get-install-deprecation
or run 'go help get' or 'go help install'.
Replace them with commands that work.
|
|
Probably resolves https://github.com/google/fscrypt/issues/382
|
|
|
|
The latest version of gofmt flattens the nested lists in comments in
crypto.go and filesystem.go. According to
https://go.dev/doc/comment#mistakes, "Go doc comments do not support
nested lists". However, that page also mentions that a workaround is to
use different list markers for each level. Do that.
|
|
|
|
Copy the GitHub release notes into a NEWS.md file so that the release
notes are included in the actual git repo. This way, they aren't hidden
away in GitHub, where they require an internet connection to access and
will be lost if GitHub ever goes away. This also makes the release
notes be properly versioned; GitHub allows past release notes to be
edited, and there doesn't seem to be any record of what changed.
Finally, this allows packages to install the release notes into
/usr/share/doc/$pkgname/, as is the usual convention.
|
|
This avoids the following warning from GitHub Actions:
Node.js 12 actions are deprecated. Please update the following
actions to use Node.js 16: actions/checkout@v2.
|
|
This prevents panics on 256-core systems, and has a 300-core system use
255 CPUs (the max) rather than 44 CPUs (300 casted to a uint8).
Signed-off-by: Joe Richey <joerichey@google.com>
[ebiggers: also set TruncationFixed at the end of getHashingCosts()]
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
|
Signed-off-by: Joe Richey <joerichey@google.com>
[ebiggers: moved the new checks from PassphraseHash to CheckValidity]
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
|
This allows us to fix the bug where Parallelism is inadvertantly
truncated to 8 bits in a backwards compatible way.
Signed-off-by: Joe Richey <joerichey@google.com>
|
|
We now create the `*pb.go` files via the makefile instead of though
`go generate`.
Signed-off-by: Joe Richey <joerichey@google.com>
|
|
Since Go 1.16 (which recently became the minimum supported Go version
for this project), the package io/ioutil is deprecated in favor of
equivalent functionality in the io and os packages. staticcheck warns
about this. Address all the warnings by switching to the non-deprecated
replacement functions.
|
