FreeBSD support

Documentation/MANPAGE-render.bash

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/usr/bin/env bash
 
 set -eu
 cd "$(dirname "$0")"

benchmark-reverse.bash

@@ -1,7 +1,9 @@
-#!/bin/bash -eu
+#!/usr/bin/env bash
 
 # Benchmark gocryptfs' reverse mode
 
+set -eu
+
 cd "$(dirname "$0")"
 MYNAME=$(basename "$0")
 source tests/fuse-unmount.bash

benchmark.bash

@@ -1,8 +1,10 @@
-#!/bin/bash -eu
+#!/usr/bin/env bash
 
 # Run the set of "canonical" benchmarks that are shown on
 # https://nuetzlich.net/gocryptfs/comparison/
 
+set -eu
+
 cd "$(dirname "$0")"
 MYNAME=$(basename "$0")
 source tests/fuse-unmount.bash

build-without-openssl.bash

@@ -1,4 +1,6 @@
-#!/bin/bash -eu
+#!/usr/bin/env bash
+
+set -eu
 
 cd "$(dirname "$0")"
 

build.bash

@@ -1,4 +1,4 @@
-#!/bin/bash -eu
+#!/usr/bin/env bash
 #
 # Compile gocryptfs and bake the git version string of itself and the go-fuse
 # library into the binary.
@@ -10,6 +10,8 @@
 #  SOURCE_DATE_EPOCH=1544192417 ./build.bash
 # .
 
+set -eu
+
 cd "$(dirname "$0")"
 
 # $0 does not work because we may have been sourced

contrib/gocryptfs-maybe.bash

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/usr/bin/env bash
 #
 # Conditionally try to mount a gocryptfs filesystem. If either
 # * CIPHERDIR/gocryptfs.conf does not exist OR

contrib/maxlen.bash

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/usr/bin/env bash
 #
 # Find out the maximum supported filename length and print it.
 #

crossbuild.bash

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/usr/bin/env bash
 #
 # Build on all supported architectures & operating systems
 
@@ -31,3 +31,7 @@ time GOOS=darwin GOARCH=amd64 compile_tests
 
 # MacOS on Apple Silicon M1.
 GOOS=darwin GOARCH=arm64 build
+
+# FreeBSD
+GOOS=freebsd GOARCH=amd64 build
+

internal/fusefrontend/node_xattr_freebsd.go

@@ -0,0 +1,33 @@
+package fusefrontend
+
+import (
+	"golang.org/x/sys/unix"
+
+	"github.com/hanwen/go-fuse/v2/fuse"
+)
+
+const noSuchAttributeError = unix.ENOATTR
+
+func filterXattrSetFlags(flags int) int {
+	return flags
+}
+
+func (n *Node) getXAttr(cAttr string) (out []byte, errno unix.Errno) {
+	// TODO
+	return nil, unix.EOPNOTSUPP
+}
+
+func (n *Node) setXAttr(context *fuse.Context, cAttr string, cData []byte, flags uint32) (errno unix.Errno) {
+	// TODO
+	return unix.EOPNOTSUPP
+}
+
+func (n *Node) removeXAttr(cAttr string) (errno unix.Errno) {
+	// TODO
+	return unix.EOPNOTSUPP
+}
+
+func (n *Node) listXAttr() (out []string, errno unix.Errno) {
+	// TODO
+	return nil, unix.EOPNOTSUPP
+}

internal/fusefrontend_reverse/node_xattr_freebsd.go

@@ -0,0 +1,43 @@
+package fusefrontend_reverse
+
+import (
+	"fmt"
+
+	"golang.org/x/sys/unix"
+
+	"github.com/hanwen/go-fuse/v2/fs"
+
+	"github.com/rfjakob/gocryptfs/v2/internal/syscallcompat"
+)
+
+const noSuchAttributeError = unix.ENOATTR
+
+func (n *Node) getXAttr(cAttr string) (out []byte, errno unix.Errno) {
+	d, errno := n.prepareAtSyscall("")
+	if errno != 0 {
+		return
+	}
+	defer unix.Close(d.dirfd)
+
+	procPath := fmt.Sprintf("/proc/self/fd/%d/%s", d.dirfd, d.pName)
+	pData, err := syscallcompat.Lgetxattr(procPath, cAttr)
+	if err != nil {
+		return nil, fs.ToErrno(err)
+	}
+	return pData, 0
+}
+
+func (n *Node) listXAttr() (out []string, errno unix.Errno) {
+	d, errno := n.prepareAtSyscall("")
+	if errno != 0 {
+		return
+	}
+	defer unix.Close(d.dirfd)
+
+	procPath := fmt.Sprintf("/proc/self/fd/%d/%s", d.dirfd, d.pName)
+	pNames, err := syscallcompat.Llistxattr(procPath)
+	if err != nil {
+		return nil, fs.ToErrno(err)
+	}
+	return pNames, 0
+}

internal/siv_aead/benchmark.bash

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/usr/bin/env bash
 
 set -eu
 

internal/speed/benchmark.bash

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/usr/bin/env bash
 
 set -eu
 

internal/stupidgcm/benchmark.bash

@@ -1,3 +1,3 @@
-#!/bin/bash
+#!/usr/bin/env bash
 
 exec ../speed/benchmark.bash

internal/syscallcompat/asuser_freebsd.go

@@ -0,0 +1,16 @@
+package syscallcompat
+
+import (
+	"github.com/hanwen/go-fuse/v2/fuse"
+)
+
+// asUser runs `f()` under the effective uid, gid, groups specified
+// in `context`.
+//
+// If `context` is nil, `f()` is executed directly without switching user id.
+//
+// WARNING this function is not complete, and always runs f() as if context is nil.
+// FreeBSD does not support changing uid/gid per thread.
+func asUser(f func() (int, error), context *fuse.Context) (int, error) {
+	return f()
+}

internal/syscallcompat/emulate.go

@@ -1,3 +1,5 @@
+//go:build darwin
+
 package syscallcompat
 
 import (

internal/syscallcompat/emulate_test.go

@@ -1,3 +1,4 @@
+//go:build darwin
 package syscallcompat
 
 import (

internal/syscallcompat/quirks_freebsd.go

@@ -0,0 +1,22 @@
+package syscallcompat
+
+import (
+	"golang.org/x/sys/unix"
+
+	"github.com/rfjakob/gocryptfs/v2/internal/tlog"
+)
+
+// DetectQuirks decides if there are known quirks on the backing filesystem
+// that need to be workarounded.
+//
+// Tested by tests/root_test.TestBtrfsQuirks
+func DetectQuirks(cipherdir string) (q uint64) {
+	var st unix.Statfs_t
+	err := unix.Statfs(cipherdir, &st)
+	if err != nil {
+		tlog.Warn.Printf("DetectQuirks: Statfs on %q failed: %v", cipherdir, err)
+		return 0
+	}
+
+	return q
+}

internal/syscallcompat/sys_common.go

@@ -138,7 +138,7 @@ func getxattrSmartBuf(fn func(buf []byte) (int, error)) ([]byte, error) {
 	buf := make([]byte, GETXATTR_BUFSZ_SMALL)
 	sz, err := fn(buf)
 	// Non-existing xattr
-	if err == unix.ENODATA {
+	if err == ENODATA {
 		return nil, err
 	}
 	// Underlying fs does not support security.capabilities (example: tmpfs)

internal/syscallcompat/sys_darwin.go

@@ -24,6 +24,8 @@ const (
 	RENAME_NOREPLACE = unix.RENAME_EXCL
 	RENAME_EXCHANGE  = unix.RENAME_SWAP
 
+	ENODATA = unix.ENODATA
+
 	// Only exists on Linux. Define here to fix build failure, even though
 	// we will never see this flag.
 	RENAME_WHITEOUT = 1 << 30