rebase: bump github.com/google/fscrypt from 0.3.3 to 0.3.4

Bumps [github.com/google/fscrypt](https://github.com/google/fscrypt) from 0.3.3 to 0.3.4. - [Release notes](https://github.com/google/fscrypt/releases) - [Changelog](https://github.com/google/fscrypt/blob/master/NEWS.md) - [Commits](https://github.com/google/fscrypt/compare/v0.3.3...v0.3.4) --- updated-dependencies: - dependency-name: github.com/google/fscrypt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
2025-06-13 10:33:35 +00:00 · 2023-02-20 14:30:55 +00:00
parent 991c21f7fd
commit f84d43c6d1
13 changed files with 852 additions and 441 deletions
--- a/vendor/github.com/google/fscrypt/metadata/checks.go
+++ b/vendor/github.com/google/fscrypt/metadata/checks.go
@ -20,8 +20,11 @@
 package metadata

 import (
-	"github.com/golang/protobuf/proto"
+	"log"
+	"math"
+
 	"github.com/pkg/errors"
+	"google.golang.org/protobuf/proto"

 	"github.com/google/fscrypt/util"
 )
@ -57,20 +60,37 @@ func (s SourceType) CheckValidity() error {
 	return nil
 }

+// MaxParallelism is the maximum allowed value for HashingCosts.Parallelism.
+const MaxParallelism = math.MaxUint8
+
 // CheckValidity ensures the hash costs will be accepted by Argon2.
 func (h *HashingCosts) CheckValidity() error {
 	if h == nil {
 		return errNotInitialized
 	}
-	if h.Time <= 0 {
-		return errors.Errorf("time=%d is not positive", h.Time)
+
+	minP := int64(1)
+	p := uint8(h.Parallelism)
+	if h.Parallelism < minP || h.Parallelism > MaxParallelism {
+		if h.TruncationFixed || p == 0 {
+			return errors.Errorf("parallelism cost %d is not in range [%d, %d]",
+				h.Parallelism, minP, MaxParallelism)
+		}
+		// Previously we unconditionally casted costs.Parallelism to a uint8,
+		// so we replicate this behavior for backwards compatibility.
+		log.Printf("WARNING: Truncating parallelism cost of %d to %d", h.Parallelism, p)
 	}
-	if h.Parallelism <= 0 {
-		return errors.Errorf("parallelism=%d is not positive", h.Parallelism)
+
+	minT := int64(1)
+	maxT := int64(math.MaxUint32)
+	if h.Time < minT || h.Time > maxT {
+		return errors.Errorf("time cost %d is not in range [%d, %d]", h.Time, minT, maxT)
 	}
-	minMemory := 8 * h.Parallelism
-	if h.Memory < minMemory {
-		return errors.Errorf("memory=%d is less than minimum (%d)", h.Memory, minMemory)
+
+	minM := 8 * int64(p)
+	maxM := int64(math.MaxUint32)
+	if h.Memory < minM || h.Memory > maxM {
+		return errors.Errorf("memory cost %d KiB is not in range [%d, %d]", h.Memory, minM, maxM)
 	}
 	return nil
 }
--- a/vendor/github.com/google/fscrypt/metadata/config.go
+++ b/vendor/github.com/google/fscrypt/metadata/config.go
@ -29,31 +29,39 @@ package metadata
 import (
 	"io"

-	"github.com/golang/protobuf/jsonpb"
+	"google.golang.org/protobuf/encoding/protojson"
 )

 // WriteConfig outputs the Config data as nicely formatted JSON
 func WriteConfig(config *Config, out io.Writer) error {
-	m := jsonpb.Marshaler{
-		EmitDefaults: true,
-		EnumsAsInts:  false,
-		Indent:       "\t",
-		OrigName:     true,
+	m := protojson.MarshalOptions{
+		Multiline:       true,
+		Indent:          "\t",
+		UseProtoNames:   true,
+		UseEnumNumbers:  false,
+		EmitUnpopulated: true,
 	}
-	if err := m.Marshal(out, config); err != nil {
+	bytes, err := m.Marshal(config)
+	if err != nil {
 		return err
 	}
-
-	_, err := out.Write([]byte{'\n'})
+	if _, err = out.Write(bytes); err != nil {
+		return err
+	}
+	_, err = out.Write([]byte{'\n'})
 	return err
 }

 // ReadConfig writes the JSON data into the config structure
 func ReadConfig(in io.Reader) (*Config, error) {
-	config := new(Config)
-	// Allow (and ignore) unknown fields for forwards compatibility.
-	u := jsonpb.Unmarshaler{
-		AllowUnknownFields: true,
+	bytes, err := io.ReadAll(in)
+	if err != nil {
+		return nil, err
 	}
-	return config, u.Unmarshal(in, config)
+	config := new(Config)
+	// Discard unknown fields for forwards compatibility.
+	u := protojson.UnmarshalOptions{
+		DiscardUnknown: true,
+	}
+	return config, u.Unmarshal(bytes, config)
 }
--- a/vendor/github.com/google/fscrypt/metadata/metadata.pb.go
+++ b/vendor/github.com/google/fscrypt/metadata/metadata.pb.go
--- a/vendor/github.com/google/fscrypt/metadata/metadata.proto
+++ b/vendor/github.com/google/fscrypt/metadata/metadata.proto
@ -19,15 +19,20 @@
 * the License.
 */

-// If you modify this file, be sure to run "go generate" on this package.
+// If the *.proto file is modified, be sure to run "make gen" (at the project
+// root) to recreate the *.pb.go file.
 syntax = "proto3";
 package metadata;

+option go_package = "github.com/google/fscrypt/metadata";
+
 // Cost parameters to be used in our hashing functions.
 message HashingCosts {
  int64 time = 2;
  int64 memory = 3;
  int64 parallelism = 4;
+  // If true, parallelism should no longer be truncated to 8 bits.
+  bool truncation_fixed = 5;
 }

 // This structure is used for our authenticated wrapping/unwrapping of keys.
@ -73,6 +78,7 @@ message EncryptionOptions {
    AES_128_CBC = 5;
    AES_128_CTS = 6;
    Adiantum = 9;
+    AES_256_HCTR2 = 10;
  }

  Mode contents = 2;
--- a/vendor/github.com/google/fscrypt/metadata/policy.go
+++ b/vendor/github.com/google/fscrypt/metadata/policy.go
@ -94,7 +94,7 @@ func (err *ErrNotEncrypted) Error() string {
 	return fmt.Sprintf("file or directory %q is not encrypted", err.Path)
 }

-func policyIoctl(file *os.File, request uintptr, arg unsafe.Pointer) error {
+func getPolicyIoctl(file *os.File, request uintptr, arg unsafe.Pointer) error {
 	_, _, errno := unix.Syscall(unix.SYS_IOCTL, file.Fd(), request, uintptr(arg))
 	if errno == 0 {
 		return nil
@ -102,6 +102,19 @@ func policyIoctl(file *os.File, request uintptr, arg unsafe.Pointer) error {
 	return errno
 }

+func setPolicy(file *os.File, arg unsafe.Pointer) error {
+	_, _, errno := unix.Syscall(unix.SYS_IOCTL, file.Fd(), unix.FS_IOC_SET_ENCRYPTION_POLICY, uintptr(arg))
+	if errno != 0 {
+		return errno
+	}
+
+	if err := file.Sync(); err != nil {
+		return err
+	}
+
+	return nil
+}
+
 // Maps EncryptionOptions.Padding <-> FSCRYPT_POLICY_FLAGS
 var (
 	paddingArray = []int64{4, 8, 16, 32}
@ -159,10 +172,10 @@ func GetPolicy(path string) (*PolicyData, error) {
 	var arg unix.FscryptGetPolicyExArg
 	arg.Size = uint64(unsafe.Sizeof(arg.Policy))
 	policyPtr := util.Ptr(arg.Policy[:])
-	err = policyIoctl(file, unix.FS_IOC_GET_ENCRYPTION_POLICY_EX, unsafe.Pointer(&arg))
+	err = getPolicyIoctl(file, unix.FS_IOC_GET_ENCRYPTION_POLICY_EX, unsafe.Pointer(&arg))
 	if err == unix.ENOTTY {
 		// Fall back to the old version of the ioctl. This works for v1 policies only.
-		err = policyIoctl(file, unix.FS_IOC_GET_ENCRYPTION_POLICY, policyPtr)
+		err = getPolicyIoctl(file, unix.FS_IOC_GET_ENCRYPTION_POLICY, policyPtr)
 		arg.Size = uint64(unsafe.Sizeof(unix.FscryptPolicyV1{}))
 	}
 	switch err {
@ -235,7 +248,7 @@ func setV1Policy(file *os.File, options *EncryptionOptions, descriptorBytes []by
 	}
 	copy(policy.Master_key_descriptor[:], descriptorBytes)

-	return policyIoctl(file, unix.FS_IOC_SET_ENCRYPTION_POLICY, unsafe.Pointer(&policy))
+	return setPolicy(file, unsafe.Pointer(&policy))
 }

 func setV2Policy(file *os.File, options *EncryptionOptions, descriptorBytes []byte) error {
@ -252,7 +265,7 @@ func setV2Policy(file *os.File, options *EncryptionOptions, descriptorBytes []by
 	}
 	copy(policy.Master_key_identifier[:], descriptorBytes)

-	return policyIoctl(file, unix.FS_IOC_SET_ENCRYPTION_POLICY, unsafe.Pointer(&policy))
+	return setPolicy(file, unsafe.Pointer(&policy))
 }

 // SetPolicy sets up the specified directory to be encrypted with the specified
@ -332,7 +345,7 @@ func CheckSupport(path string) error {
 		Flags:                     math.MaxUint8,
 	}

-	err = policyIoctl(file, unix.FS_IOC_SET_ENCRYPTION_POLICY, unsafe.Pointer(&badPolicy))
+	err = setPolicy(file, unsafe.Pointer(&badPolicy))
 	switch err {
 	case nil:
 		log.Panicf(`FS_IOC_SET_ENCRYPTION_POLICY succeeded when it should have failed.