| Age | Commit message (Collapse) | Author |
|---|
|
|
|
This addresses the following warning from GitHub Actions:
Node.js 16 actions are deprecated. Please update the following
actions to use Node.js 20: actions/checkout@v3. For more information
see:
https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
A near-identical warning forced everyone to upgrade to v3 last year, so
this is some pointless churn, but let's just get it over with again...
|
|
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.13.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.13.0...v0.17.0)
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
Since opening an encrypted regular file that is locked fails with
ENOKEY, getting the encryption policy of such a file is not possible.
As a result, 'fscrypt status' and 'fscrypt lock' fail on such files.
Provide a better error message that tries to explain what is going on.
Resolves https://github.com/google/fscrypt/issues/393
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
golint is not supported anymore. See
https://github.com/golang/go/issues/38968.
We already use both 'go vet' and 'staticcheck' which are maintained.
|
|
With the latest version of go, the recommended 'go get' commands fail:
go: go.mod file not found in current directory or any parent directory.
'go get' is no longer supported outside a module.
To build and install a command, use 'go install' with a version,
like 'go install example.com/cmd@latest'
For more information, see https://golang.org/doc/go-get-install-deprecation
or run 'go help get' or 'go help install'.
Replace them with commands that work.
|
|
Probably resolves https://github.com/google/fscrypt/issues/382
|
|
|
|
The latest version of gofmt flattens the nested lists in comments in
crypto.go and filesystem.go. According to
https://go.dev/doc/comment#mistakes, "Go doc comments do not support
nested lists". However, that page also mentions that a workaround is to
use different list markers for each level. Do that.
|
|
|
|
Copy the GitHub release notes into a NEWS.md file so that the release
notes are included in the actual git repo. This way, they aren't hidden
away in GitHub, where they require an internet connection to access and
will be lost if GitHub ever goes away. This also makes the release
notes be properly versioned; GitHub allows past release notes to be
edited, and there doesn't seem to be any record of what changed.
Finally, this allows packages to install the release notes into
/usr/share/doc/$pkgname/, as is the usual convention.
|
|
This avoids the following warning from GitHub Actions:
Node.js 12 actions are deprecated. Please update the following
actions to use Node.js 16: actions/checkout@v2.
|
|
This prevents panics on 256-core systems, and has a 300-core system use
255 CPUs (the max) rather than 44 CPUs (300 casted to a uint8).
Signed-off-by: Joe Richey <joerichey@google.com>
[ebiggers: also set TruncationFixed at the end of getHashingCosts()]
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
|
Signed-off-by: Joe Richey <joerichey@google.com>
[ebiggers: moved the new checks from PassphraseHash to CheckValidity]
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
|
This allows us to fix the bug where Parallelism is inadvertantly
truncated to 8 bits in a backwards compatible way.
Signed-off-by: Joe Richey <joerichey@google.com>
|
|
We now create the `*pb.go` files via the makefile instead of though
`go generate`.
Signed-off-by: Joe Richey <joerichey@google.com>
|
|
Since Go 1.16 (which recently became the minimum supported Go version
for this project), the package io/ioutil is deprecated in favor of
equivalent functionality in the io and os packages. staticcheck warns
about this. Address all the warnings by switching to the non-deprecated
replacement functions.
|
|
If a session is opened for a user twice and the second doesn't have the
AUTHTOK data, pam_fscrypt prints an error message that says it failed to
unlock a protector because AUTHTOK data is missing. This is misleading
because the protector and its associated policies were already unlocked
by the first session.
To avoid this, move the check for whether the policy is provisioned or
not into policiesUsingProtector(). Also do the same for CloseSession.
|
|
Now that it's been requested by users, bring back the "unlock_only"
option, which was originally proposed as part of
https://github.com/google/fscrypt/pull/281 but was dropped in the final
version of that pull request.
Resolves https://github.com/google/fscrypt/issues/357
|
|
Support for AES_256_HCTR2 filenames encryption was added in kernel
version 6.0. The kernel doesn't yet support AES_256_HCTR2 for contents
encryption.
|
|
Follow up to #362
Protojson randomly inserts whitespace to indicate that the output is
unstable, breaking out tests. To fix this, compact the output before
comparison.
Signed-off-by: Joe Richey <joerichey@google.com>
Signed-off-by: Joe Richey <joerichey@google.com>
|
|
Split policyIoctl into setPolicyIoctl and getPolicyIoctl. Add a
os.Sync() call to setPolicyIoctl.
Policy ioctls are not necessary durable on return. For example, on
ext4 (ref: fs/ext4/crypto.c: ext4_set_context) they are not. This may
lead to a filesystem containing fscrypt metadata (in .fscrypt), but
without the policy applied on an encrypted directory.
Example:
Snapshotting a mounted ext4 filesystem on Ceph RBD right after
setting the policy. While subject to timing, with high probability the
snapshot will not have the policy set. Calling fsync fixes this.
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
|
|
cli-tests: account for protojson whitespace randomization
|
|
Annoyingly, for JSON formatting protojson randomly selects a spacing
method (one space or two spaces) depending on a hash of some sections of
the Go binary, to discourage depending on its output being stable. This
breaks some checks in the CLI tests of the contents of fscrypt.conf and
the output of 'fscrypt status'. As there doesn't appear to be a
straightforward alternative currently, for now just update the tests to
take into consideration the possible extra space.
|
|
Update https://github.com/google/fscrypt/issues/350
|
|
Upgrade dependencies to latest version
|
|
Add lustre to allowed filesystems and update documentation
|
|
|
|
github.com/golang/protobuf/proto has been deprecated in favor of
google.golang.org/protobuf/proto, so migrate to the non-deprecated one.
|
|
|
|
Signed-off-by: Joe Richey <joerichey@google.com>
|
|
Signed-off-by: Joe Richey <joerichey@google.com>
|
|
The version of 'staticcheck' (part of honnef.co/go/tools) we were
pinning is incompatible with Go 1.18, as per
https://github.com/dominikh/go-tools/issues/1165.
To allow 'make lint' to work with Go 1.18 and later, upgrade
honnef.co/go/tools to the latest version.
This requires that several other modules be upgraded too.
|
|
The latest version of 'staticcheck' warns about these.
|
|
Bump up required Go version to 1.16
|
|
Bump up the required Go version to 1.16 so that we can assume that Go
modules are enabled by default. Go 1.16 is the latest end-of-life
release, so this makes it so that we support the latest end-of-life
release (1.16), the current maintainance release (1.17), the current
release (1.18), and future releases. This the same approach we took
when we last bumped up the required Go version.
Also update the ci.yml file to test with these versions.
|
|
|
|
Metadata validation and other security improvements
|
|
pam_fscrypt should never need to do anything for system users, so detect
them early so that we can avoid wasting any resources looking for their
login protector.
|
|
If the error is anything other than ErrNotSetup, it might be helpful to
know what is going on.
|
