cephfs: upgrade fscrypt version to fix concurrency issue

In older versions of fscrypt there is a race condition
when multiple encrypted cephfs instances are deployed
simultaneously.

Signed-off-by: NymanRobin <robin.nyman@est.tech>
(cherry picked from commit 3073409695)
This commit is contained in:
NymanRobin 2024-05-08 12:58:38 +03:00 committed by mergify[bot]
parent 3805bea505
commit ca713945ad
13 changed files with 94 additions and 54 deletions

5
go.mod
View File

@ -14,7 +14,7 @@ require (
github.com/csi-addons/spec v0.2.1-0.20230606140122-d20966d2e444 github.com/csi-addons/spec v0.2.1-0.20230606140122-d20966d2e444
github.com/gemalto/kmip-go v0.0.10 github.com/gemalto/kmip-go v0.0.10
github.com/golang/protobuf v1.5.4 github.com/golang/protobuf v1.5.4
github.com/google/fscrypt v0.3.4 github.com/google/fscrypt v0.3.6-0.20240502174735-068b9f8f5dec
github.com/google/uuid v1.6.0 github.com/google/uuid v1.6.0
github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 github.com/grpc-ecosystem/go-grpc-middleware v1.4.0
github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect
@ -57,6 +57,7 @@ require (
github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1 // indirect github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1 // indirect
github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.0.0 // indirect github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.0.0 // indirect
github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 // indirect github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 // indirect
github.com/BurntSushi/toml v1.3.2 // indirect
github.com/NYTimes/gziphandler v1.1.1 // indirect github.com/NYTimes/gziphandler v1.1.1 // indirect
github.com/ansel1/merry v1.6.2 // indirect github.com/ansel1/merry v1.6.2 // indirect
github.com/ansel1/merry/v2 v2.0.1 // indirect github.com/ansel1/merry/v2 v2.0.1 // indirect
@ -73,6 +74,7 @@ require (
github.com/cenkalti/backoff/v3 v3.2.2 // indirect github.com/cenkalti/backoff/v3 v3.2.2 // indirect
github.com/cenkalti/backoff/v4 v4.2.1 // indirect github.com/cenkalti/backoff/v4 v4.2.1 // indirect
github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect
github.com/client9/misspell v0.3.4 // indirect
github.com/coreos/go-semver v0.3.1 // indirect github.com/coreos/go-semver v0.3.1 // indirect
github.com/coreos/go-systemd/v22 v22.5.0 // indirect github.com/coreos/go-systemd/v22 v22.5.0 // indirect
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
@ -146,6 +148,7 @@ require (
github.com/spf13/cobra v1.7.0 // indirect github.com/spf13/cobra v1.7.0 // indirect
github.com/spf13/pflag v1.0.5 // indirect github.com/spf13/pflag v1.0.5 // indirect
github.com/stoewer/go-strcase v1.2.0 // indirect github.com/stoewer/go-strcase v1.2.0 // indirect
github.com/wadey/gocovmerge v0.0.0-20160331181800-b5bfa59ec0ad // indirect
go.etcd.io/etcd/api/v3 v3.5.10 // indirect go.etcd.io/etcd/api/v3 v3.5.10 // indirect
go.etcd.io/etcd/client/pkg/v3 v3.5.10 // indirect go.etcd.io/etcd/client/pkg/v3 v3.5.10 // indirect
go.etcd.io/etcd/client/v3 v3.5.10 // indirect go.etcd.io/etcd/client/v3 v3.5.10 // indirect

11
go.sum
View File

@ -785,6 +785,8 @@ github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 h1:DzHpqpoJVaC
github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
github.com/BurntSushi/toml v0.4.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/BurntSushi/toml v0.4.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8=
github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
github.com/IBM/keyprotect-go-client v0.5.1/go.mod h1:5TwDM/4FRJq1ZOlwQL1xFahLWQ3TveR88VmL1u3njyI= github.com/IBM/keyprotect-go-client v0.5.1/go.mod h1:5TwDM/4FRJq1ZOlwQL1xFahLWQ3TveR88VmL1u3njyI=
github.com/IBM/keyprotect-go-client v0.12.2 h1:Cjxcqin9Pl0xz3MnxdiVd4v/eIa79xL3hQpSbwOr/DQ= github.com/IBM/keyprotect-go-client v0.12.2 h1:Cjxcqin9Pl0xz3MnxdiVd4v/eIa79xL3hQpSbwOr/DQ=
@ -880,6 +882,7 @@ github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XL
github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
github.com/client9/misspell v0.3.4 h1:ta993UF76GwbvJcIo3Y68y/M3WxlpEHPWIGDkJYwzJI=
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
@ -1122,6 +1125,8 @@ github.com/google/cel-go v0.17.7/go.mod h1:HXZKzB0LXqer5lHHgfWAnlYwJaQBDKMjxjulN
github.com/google/flatbuffers v2.0.8+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8= github.com/google/flatbuffers v2.0.8+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8=
github.com/google/fscrypt v0.3.4 h1:XGSVMIsQFooj82aRRfYn3JpgU/4fOTnzXPnjhxC8uH8= github.com/google/fscrypt v0.3.4 h1:XGSVMIsQFooj82aRRfYn3JpgU/4fOTnzXPnjhxC8uH8=
github.com/google/fscrypt v0.3.4/go.mod h1:BRpw7vaeDitXGRvXa281i/ivQszAdBIiUYDWHjVTkcs= github.com/google/fscrypt v0.3.4/go.mod h1:BRpw7vaeDitXGRvXa281i/ivQszAdBIiUYDWHjVTkcs=
github.com/google/fscrypt v0.3.6-0.20240502174735-068b9f8f5dec h1:bXRTgu+1I882EvvYVEUwehBVahYfqeX9Qqb9eUyPs/g=
github.com/google/fscrypt v0.3.6-0.20240502174735-068b9f8f5dec/go.mod h1:HyY8Z/kUPrnIKAwuhjrn2tSTM5/s9zfRRTqRMG0mHks=
github.com/google/gnostic v0.5.7-v3refs/go.mod h1:73MKFl6jIHelAJNaBGFzt3SPtZULs9dYrGFt8OiIsHQ= github.com/google/gnostic v0.5.7-v3refs/go.mod h1:73MKFl6jIHelAJNaBGFzt3SPtZULs9dYrGFt8OiIsHQ=
github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I=
github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U=
@ -1632,6 +1637,7 @@ github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1
github.com/tmc/grpc-websocket-proxy v0.0.0-20220101234140-673ab2c3ae75 h1:6fotK7otjonDflCTK0BCfls4SPy3NcCVb5dqqmbRknE= github.com/tmc/grpc-websocket-proxy v0.0.0-20220101234140-673ab2c3ae75 h1:6fotK7otjonDflCTK0BCfls4SPy3NcCVb5dqqmbRknE=
github.com/tmc/grpc-websocket-proxy v0.0.0-20220101234140-673ab2c3ae75/go.mod h1:KO6IkyS8Y3j8OdNO85qEYBsRPuteD+YciPomcXdrMnk= github.com/tmc/grpc-websocket-proxy v0.0.0-20220101234140-673ab2c3ae75/go.mod h1:KO6IkyS8Y3j8OdNO85qEYBsRPuteD+YciPomcXdrMnk=
github.com/urfave/cli v1.22.5/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/urfave/cli v1.22.5/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
github.com/wadey/gocovmerge v0.0.0-20160331181800-b5bfa59ec0ad h1:W0LEBv82YCGEtcmPA3uNZBI33/qF//HAAs3MawDjRa0=
github.com/wadey/gocovmerge v0.0.0-20160331181800-b5bfa59ec0ad/go.mod h1:Hy8o65+MXnS6EwGElrSRjUzQDLXreJlzYLlWiHtt8hM= github.com/wadey/gocovmerge v0.0.0-20160331181800-b5bfa59ec0ad/go.mod h1:Hy8o65+MXnS6EwGElrSRjUzQDLXreJlzYLlWiHtt8hM=
github.com/xhit/go-str2duration v1.2.0/go.mod h1:3cPSlfZlUHVlneIVfePFWcJZsuwf+P1v2SRTV4cUmp4= github.com/xhit/go-str2duration v1.2.0/go.mod h1:3cPSlfZlUHVlneIVfePFWcJZsuwf+P1v2SRTV4cUmp4=
github.com/xhit/go-str2duration/v2 v2.1.0/go.mod h1:ohY8p+0f07DiV6Em5LKB0s2YpLtXVyJfNt1+BlmyAsU= github.com/xhit/go-str2duration/v2 v2.1.0/go.mod h1:ohY8p+0f07DiV6Em5LKB0s2YpLtXVyJfNt1+BlmyAsU=
@ -1781,6 +1787,8 @@ golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e/go.mod h1:Kr81I6Kryrl9sr8s2F
golang.org/x/exp v0.0.0-20220827204233-334a2380cb91 h1:tnebWN09GYg9OLPss1KXj8txwZc6X6uMr6VFdcGNbHw= golang.org/x/exp v0.0.0-20220827204233-334a2380cb91 h1:tnebWN09GYg9OLPss1KXj8txwZc6X6uMr6VFdcGNbHw=
golang.org/x/exp v0.0.0-20220827204233-334a2380cb91/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE= golang.org/x/exp v0.0.0-20220827204233-334a2380cb91/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE=
golang.org/x/exp/typeparams v0.0.0-20220218215828-6cf2b201936e/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk= golang.org/x/exp/typeparams v0.0.0-20220218215828-6cf2b201936e/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk=
golang.org/x/exp/typeparams v0.0.0-20221208152030-732eee02a75a h1:Jw5wfR+h9mnIYH+OtGT2im5wV1YGGDora5vTv/aa5bE=
golang.org/x/exp/typeparams v0.0.0-20221208152030-732eee02a75a/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk=
golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs= golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs=
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
@ -1828,6 +1836,7 @@ golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.11.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.11.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0=
golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@ -2592,6 +2601,8 @@ honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9
honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
honnef.co/go/tools v0.1.3/go.mod h1:NgwopIslSNH47DimFoV78dnkksY2EFtX0ajyb3K/las= honnef.co/go/tools v0.1.3/go.mod h1:NgwopIslSNH47DimFoV78dnkksY2EFtX0ajyb3K/las=
honnef.co/go/tools v0.3.0/go.mod h1:vlRD9XErLMGT+mDuofSr0mMMquscM/1nQqtRSsh6m70= honnef.co/go/tools v0.3.0/go.mod h1:vlRD9XErLMGT+mDuofSr0mMMquscM/1nQqtRSsh6m70=
honnef.co/go/tools v0.4.5 h1:YGD4H+SuIOOqsyoLOpZDWcieM28W47/zRO7f+9V3nvo=
honnef.co/go/tools v0.4.5/go.mod h1:GUV+uIBCLpdf0/v6UhHHG/yzI/z6qPskBeQCjcNB96k=
k8s.io/api v0.29.3 h1:2ORfZ7+bGC3YJqGpV0KSDDEVf8hdGQ6A03/50vj8pmw= k8s.io/api v0.29.3 h1:2ORfZ7+bGC3YJqGpV0KSDDEVf8hdGQ6A03/50vj8pmw=
k8s.io/api v0.29.3/go.mod h1:y2yg2NTyHUUkIoTC+phinTnEa3KFM6RZ3szxt014a80= k8s.io/api v0.29.3/go.mod h1:y2yg2NTyHUUkIoTC+phinTnEa3KFM6RZ3szxt014a80=
k8s.io/apiextensions-apiserver v0.29.3 h1:9HF+EtZaVpFjStakF4yVufnXGPRppWFEQ87qnO91YeI= k8s.io/apiextensions-apiserver v0.29.3 h1:9HF+EtZaVpFjStakF4yVufnXGPRppWFEQ87qnO91YeI=

View File

@ -22,10 +22,10 @@
// All of the actions include a significant amount of logging, so that good // All of the actions include a significant amount of logging, so that good
// output can be provided for cmd/fscrypt's verbose mode. // output can be provided for cmd/fscrypt's verbose mode.
// The top-level actions currently include: // The top-level actions currently include:
// - Creating a new config file // - Creating a new config file
// - Creating a context on which to perform actions // - Creating a context on which to perform actions
// - Creating, unlocking, and modifying Protectors // - Creating, unlocking, and modifying Protectors
// - Creating, unlocking, and modifying Policies // - Creating, unlocking, and modifying Policies
package actions package actions
import ( import (

View File

@ -24,6 +24,7 @@ import (
"log" "log"
"os" "os"
"os/user" "os/user"
"reflect"
"github.com/pkg/errors" "github.com/pkg/errors"
"google.golang.org/protobuf/proto" "google.golang.org/protobuf/proto"
@ -452,7 +453,7 @@ func (policy *Policy) AddProtector(protector *Protector) error {
// If the protector is on a different filesystem, we need to add a link // If the protector is on a different filesystem, we need to add a link
// to it on the policy's filesystem. // to it on the policy's filesystem.
if policy.Context.Mount != protector.Context.Mount { if !reflect.DeepEqual(policy.Context.Mount, protector.Context.Mount) {
log.Printf("policy on %s\n protector on %s\n", policy.Context.Mount, protector.Context.Mount) log.Printf("policy on %s\n protector on %s\n", policy.Context.Mount, protector.Context.Mount)
ownerIfCreating, err := getOwnerOfMetadataForProtector(protector) ownerIfCreating, err := getOwnerOfMetadataForProtector(protector)
if err != nil { if err != nil {
@ -525,7 +526,7 @@ func (policy *Policy) RemoveProtector(protectorDescriptor string) error {
func (policy *Policy) Apply(path string) error { func (policy *Policy) Apply(path string) error {
if pathMount, err := filesystem.FindMount(path); err != nil { if pathMount, err := filesystem.FindMount(path); err != nil {
return err return err
} else if pathMount != policy.Context.Mount { } else if !reflect.DeepEqual(pathMount, policy.Context.Mount) {
return &ErrDifferentFilesystem{policy.Context.Mount, pathMount} return &ErrDifferentFilesystem{policy.Context.Mount, pathMount}
} }

View File

@ -18,17 +18,17 @@
*/ */
// Package crypto manages all the cryptography for fscrypt. This includes: // Package crypto manages all the cryptography for fscrypt. This includes:
// - Key management (key.go) // 1. Key management (key.go)
// - Securely holding keys in memory // - Securely holding keys in memory
// - Making recovery keys // - Making recovery keys
// - Randomness (rand.go) // 2. Randomness (rand.go)
// - Cryptographic algorithms (crypto.go) // 3. Cryptographic algorithms (crypto.go)
// - encryption (AES256-CTR) // - encryption (AES256-CTR)
// - authentication (SHA256-based HMAC) // - authentication (SHA256-based HMAC)
// - key stretching (SHA256-based HKDF) // - key stretching (SHA256-based HKDF)
// - key wrapping/unwrapping (Encrypt then MAC) // - key wrapping/unwrapping (Encrypt then MAC)
// - passphrase-based key derivation (Argon2id) // - passphrase-based key derivation (Argon2id)
// - key descriptor computation (double SHA512, or HKDF-SHA512) // - key descriptor computation (double SHA512, or HKDF-SHA512)
package crypto package crypto
import ( import (

View File

@ -30,7 +30,8 @@ import (
// the operating system has insufficient randomness, the buffer creation will // the operating system has insufficient randomness, the buffer creation will
// fail. This is an improvement over Go's built-in crypto/rand which will still // fail. This is an improvement over Go's built-in crypto/rand which will still
// return bytes if the system has insufficiency entropy. // return bytes if the system has insufficiency entropy.
// See: https://github.com/golang/go/issues/19274 //
// See: https://github.com/golang/go/issues/19274
// //
// While this syscall was only introduced in Kernel v3.17, it predates the // While this syscall was only introduced in Kernel v3.17, it predates the
// introduction of filesystem encryption, so it introduces no additional // introduction of filesystem encryption, so it introduces no additional

View File

@ -21,15 +21,15 @@
// Package filesystem deals with the structure of the files on disk used to // Package filesystem deals with the structure of the files on disk used to
// store the metadata for fscrypt. Specifically, this package includes: // store the metadata for fscrypt. Specifically, this package includes:
// - mountpoint management (mountpoint.go) // 1. mountpoint management (mountpoint.go)
// - querying existing mounted filesystems // - querying existing mounted filesystems
// - getting filesystems from a UUID // - getting filesystems from a UUID
// - finding the filesystem for a specific path // - finding the filesystem for a specific path
// - metadata organization (filesystem.go) // 2. metadata organization (filesystem.go)
// - setting up a mounted filesystem for use with fscrypt // - setting up a mounted filesystem for use with fscrypt
// - adding/querying/deleting metadata // - adding/querying/deleting metadata
// - making links to other filesystems' metadata // - making links to other filesystems' metadata
// - following links to get data from other filesystems // - following links to get data from other filesystems
package filesystem package filesystem
import ( import (
@ -195,6 +195,7 @@ func (err *ErrProtectorNotFound) Error() string {
var SortDescriptorsByLastMtime = false var SortDescriptorsByLastMtime = false
// Mount contains information for a specific mounted filesystem. // Mount contains information for a specific mounted filesystem.
//
// Path - Absolute path where the directory is mounted // Path - Absolute path where the directory is mounted
// FilesystemType - Type of the mounted filesystem, e.g. "ext4" // FilesystemType - Type of the mounted filesystem, e.g. "ext4"
// Device - Device for filesystem (empty string if we cannot find one) // Device - Device for filesystem (empty string if we cannot find one)
@ -210,8 +211,9 @@ var SortDescriptorsByLastMtime = false
// setup first. Specifically, the directories created look like: // setup first. Specifically, the directories created look like:
// <mountpoint> // <mountpoint>
// └── .fscrypt // └── .fscrypt
// ├── policies //
// └── protectors // ├── policies
// └── protectors
// //
// These "policies" and "protectors" directories will contain files that are // These "policies" and "protectors" directories will contain files that are
// the corresponding metadata structures for policies and protectors. The public // the corresponding metadata structures for policies and protectors. The public
@ -723,13 +725,13 @@ func (m *Mount) addMetadata(path string, md metadata.Metadata, owner *user.User)
// considering that it could be a malicious file created to cause a // considering that it could be a malicious file created to cause a
// denial-of-service. Specifically, the following checks are done: // denial-of-service. Specifically, the following checks are done:
// //
// - It must be a regular file, not another type of file like a symlink or FIFO. // - It must be a regular file, not another type of file like a symlink or FIFO.
// (Symlinks aren't bad by themselves, but given that a malicious user could // (Symlinks aren't bad by themselves, but given that a malicious user could
// point one to absolutely anywhere, and there is no known use case for the // point one to absolutely anywhere, and there is no known use case for the
// metadata files themselves being symlinks, it seems best to disallow them.) // metadata files themselves being symlinks, it seems best to disallow them.)
// - It must have a reasonable size (<= maxMetadataFileSize). // - It must have a reasonable size (<= maxMetadataFileSize).
// - If trustedUser is non-nil, then the file must be owned by the given user // - If trustedUser is non-nil, then the file must be owned by the given user
// or by root. // or by root.
// //
// Take care to avoid TOCTOU (time-of-check-time-of-use) bugs when doing these // Take care to avoid TOCTOU (time-of-check-time-of-use) bugs when doing these
// tests. Notably, we must open the file before checking the file type, as the // tests. Notably, we must open the file before checking the file type, as the

View File

@ -106,6 +106,7 @@ func getDeviceName(num DeviceNumber) string {
// Parse one line of /proc/self/mountinfo. // Parse one line of /proc/self/mountinfo.
// //
// The line contains the following space-separated fields: // The line contains the following space-separated fields:
//
// [0] mount ID // [0] mount ID
// [1] parent ID // [1] parent ID
// [2] major:minor // [2] major:minor
@ -184,11 +185,11 @@ func addUncontainedSubtreesRecursive(dst map[string]bool,
// preferably a read-write mount. However, that doesn't work in containers // preferably a read-write mount. However, that doesn't work in containers
// where the "/" subtree might not be mounted. Here's a real-world example: // where the "/" subtree might not be mounted. Here's a real-world example:
// //
// mnt.Subtree mnt.Path // mnt.Subtree mnt.Path
// ----------- -------- // ----------- --------
// /var/lib/lxc/base/rootfs / // /var/lib/lxc/base/rootfs /
// /var/cache/pacman/pkg /var/cache/pacman/pkg // /var/cache/pacman/pkg /var/cache/pacman/pkg
// /srv/repo/x86_64 /srv/http/x86_64 // /srv/repo/x86_64 /srv/http/x86_64
// //
// In this case, all mnt.Subtree are independent. To handle this case, we must // In this case, all mnt.Subtree are independent. To handle this case, we must
// choose the Mount whose mnt.Path contains the others, i.e. the first one. // choose the Mount whose mnt.Path contains the others, i.e. the first one.
@ -199,10 +200,10 @@ func addUncontainedSubtreesRecursive(dst map[string]bool,
// needed to correctly handle bind mounts. For example, in the following case, // needed to correctly handle bind mounts. For example, in the following case,
// the first Mount should be chosen: // the first Mount should be chosen:
// //
// mnt.Subtree mnt.Path // mnt.Subtree mnt.Path
// ----------- -------- // ----------- --------
// /foo /foo // /foo /foo
// /foo/dir /dir // /foo/dir /dir
// //
// To solve this, we divide the mounts into non-overlapping trees of mnt.Path. // To solve this, we divide the mounts into non-overlapping trees of mnt.Path.
// Then, we choose one of these trees which contains (exactly or via path // Then, we choose one of these trees which contains (exactly or via path

View File

@ -21,9 +21,9 @@
// Package metadata contains all of the on disk structures. // Package metadata contains all of the on disk structures.
// These structures are defined in metadata.proto. The package also // These structures are defined in metadata.proto. The package also
// contains functions for manipulating these structures, specifically: // contains functions for manipulating these structures, specifically:
// * Reading and Writing the Config file to disk // - Reading and Writing the Config file to disk
// * Getting and Setting Policies for directories // - Getting and Setting Policies for directories
// * Reasonable defaults for a Policy's EncryptionOptions // - Reasonable defaults for a Policy's EncryptionOptions
package metadata package metadata
import ( import (

View File

@ -23,7 +23,7 @@
// Code generated by protoc-gen-go. DO NOT EDIT. // Code generated by protoc-gen-go. DO NOT EDIT.
// versions: // versions:
// protoc-gen-go v1.28.0 // protoc-gen-go v1.33.0
// protoc v3.6.1 // protoc v3.6.1
// source: metadata/metadata.proto // source: metadata/metadata.proto

View File

@ -28,6 +28,7 @@ import (
"os" "os"
"os/user" "os/user"
"strconv" "strconv"
"syscall"
"unsafe" "unsafe"
"github.com/pkg/errors" "github.com/pkg/errors"
@ -85,6 +86,15 @@ func (err *ErrDirectoryNotOwned) Error() string {
write access to the directory.`, err.Path, owner) write access to the directory.`, err.Path, owner)
} }
// ErrLockedRegularFile indicates that the path is a locked regular file.
type ErrLockedRegularFile struct {
Path string
}
func (err *ErrLockedRegularFile) Error() string {
return fmt.Sprintf("cannot operate on locked regular file %q", err.Path)
}
// ErrNotEncrypted indicates that the path is not encrypted. // ErrNotEncrypted indicates that the path is not encrypted.
type ErrNotEncrypted struct { type ErrNotEncrypted struct {
Path string Path string
@ -164,6 +174,9 @@ func buildV2PolicyData(policy *unix.FscryptPolicyV2) *PolicyData {
func GetPolicy(path string) (*PolicyData, error) { func GetPolicy(path string) (*PolicyData, error) {
file, err := os.Open(path) file, err := os.Open(path)
if err != nil { if err != nil {
if err.(*os.PathError).Err == syscall.ENOKEY {
return nil, &ErrLockedRegularFile{path}
}
return nil, err return nil, err
} }
defer file.Close() defer file.Close()

View File

@ -18,8 +18,8 @@
*/ */
// Package security manages: // Package security manages:
// - Cache clearing (cache.go) // - Cache clearing (cache.go)
// - Privilege manipulation (privileges.go) // - Privilege manipulation (privileges.go)
package security package security
// Use the libc versions of setreuid, setregid, and setgroups instead of the // Use the libc versions of setreuid, setregid, and setgroups instead of the

12
vendor/modules.txt vendored
View File

@ -62,6 +62,8 @@ github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/options
github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/shared github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/shared
github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/version github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/version
github.com/AzureAD/microsoft-authentication-library-for-go/apps/public github.com/AzureAD/microsoft-authentication-library-for-go/apps/public
# github.com/BurntSushi/toml v1.3.2
## explicit; go 1.16
# github.com/IBM/keyprotect-go-client v0.12.2 # github.com/IBM/keyprotect-go-client v0.12.2
## explicit; go 1.15 ## explicit; go 1.15
github.com/IBM/keyprotect-go-client github.com/IBM/keyprotect-go-client
@ -224,6 +226,8 @@ github.com/ceph/go-ceph/rbd/admin
# github.com/cespare/xxhash/v2 v2.2.0 # github.com/cespare/xxhash/v2 v2.2.0
## explicit; go 1.11 ## explicit; go 1.11
github.com/cespare/xxhash/v2 github.com/cespare/xxhash/v2
# github.com/client9/misspell v0.3.4
## explicit
# github.com/container-storage-interface/spec v1.9.0 # github.com/container-storage-interface/spec v1.9.0
## explicit; go 1.18 ## explicit; go 1.18
github.com/container-storage-interface/spec/lib/go/csi github.com/container-storage-interface/spec/lib/go/csi
@ -347,8 +351,8 @@ github.com/google/cel-go/interpreter
github.com/google/cel-go/interpreter/functions github.com/google/cel-go/interpreter/functions
github.com/google/cel-go/parser github.com/google/cel-go/parser
github.com/google/cel-go/parser/gen github.com/google/cel-go/parser/gen
# github.com/google/fscrypt v0.3.4 # github.com/google/fscrypt v0.3.6-0.20240502174735-068b9f8f5dec
## explicit; go 1.16 ## explicit; go 1.18
github.com/google/fscrypt/actions github.com/google/fscrypt/actions
github.com/google/fscrypt/crypto github.com/google/fscrypt/crypto
github.com/google/fscrypt/filesystem github.com/google/fscrypt/filesystem
@ -617,6 +621,8 @@ github.com/stoewer/go-strcase
## explicit; go 1.17 ## explicit; go 1.17
github.com/stretchr/testify/assert github.com/stretchr/testify/assert
github.com/stretchr/testify/require github.com/stretchr/testify/require
# github.com/wadey/gocovmerge v0.0.0-20160331181800-b5bfa59ec0ad
## explicit
# go.etcd.io/etcd/api/v3 v3.5.10 # go.etcd.io/etcd/api/v3 v3.5.10
## explicit; go 1.20 ## explicit; go 1.20
go.etcd.io/etcd/api/v3/authpb go.etcd.io/etcd/api/v3/authpb
@ -942,6 +948,8 @@ gopkg.in/yaml.v2
# gopkg.in/yaml.v3 v3.0.1 # gopkg.in/yaml.v3 v3.0.1
## explicit ## explicit
gopkg.in/yaml.v3 gopkg.in/yaml.v3
# honnef.co/go/tools v0.4.5
## explicit; go 1.19
# k8s.io/api v0.29.3 => k8s.io/api v0.29.3 # k8s.io/api v0.29.3 => k8s.io/api v0.29.3
## explicit; go 1.21 ## explicit; go 1.21
k8s.io/api/admission/v1 k8s.io/api/admission/v1