mountpoint_test: skip TestLoadSourceDevice if loop0 doesn't exist

actions/context.go

@@ -22,10 +22,10 @@
 // All of the actions include a significant amount of logging, so that good
 // output can be provided for cmd/fscrypt's verbose mode.
 // The top-level actions currently include:
-//	- Creating a new config file
-//	- Creating a context on which to perform actions
-//	- Creating, unlocking, and modifying Protectors
-//	- Creating, unlocking, and modifying Policies
+//   - Creating a new config file
+//   - Creating a context on which to perform actions
+//   - Creating, unlocking, and modifying Protectors
+//   - Creating, unlocking, and modifying Policies
 package actions
 
 import (

cmd/fscrypt/format.go

@@ -82,8 +82,10 @@ type prettyFlag interface {
 }
 
 // How a flag should appear on the command line. We have two formats:
-//  --name
-//  --name=ARG_NAME
+//
+//	--name
+//	--name=ARG_NAME
+//
 // The ARG_NAME appears if the prettyFlag's GetArgName() method returns a
 // non-empty string. The returned string from shortDisplay() does not include
 // any leading or trailing whitespace.
@@ -96,13 +98,12 @@ func shortDisplay(f prettyFlag) string {
 
 // How our flags should appear when displaying their usage. An example would be:
 //
-//  --help                     Prints help screen for commands and subcommands.
+//	--help                     Prints help screen for commands and subcommands.
 //
 // If a default is specified, then it is appended to the usage. Example:
 //
-//  --time=TIME                Calibrate passphrase hashing to take the
-//                             specified amount of TIME (default: 1s)
-//
+//	--time=TIME                Calibrate passphrase hashing to take the
+//	                           specified amount of TIME (default: 1s)
 func longDisplay(f prettyFlag, defaultString ...string) string {
 	usage := f.GetUsage()
 	if len(defaultString) > 0 {

crypto/crypto.go

@@ -18,17 +18,17 @@
  */
 
 // Package crypto manages all the cryptography for fscrypt. This includes:
-//	- Key management (key.go)
-//		- Securely holding keys in memory
-//		- Making recovery keys
-//	- Randomness (rand.go)
-//	- Cryptographic algorithms (crypto.go)
-//		- encryption (AES256-CTR)
-//		- authentication (SHA256-based HMAC)
-//		- key stretching (SHA256-based HKDF)
-//		- key wrapping/unwrapping (Encrypt then MAC)
-//		- passphrase-based key derivation (Argon2id)
-//		- key descriptor computation (double SHA512, or HKDF-SHA512)
+//  1. Key management (key.go)
+//     - Securely holding keys in memory
+//     - Making recovery keys
+//  2. Randomness (rand.go)
+//  3. Cryptographic algorithms (crypto.go)
+//     - encryption (AES256-CTR)
+//     - authentication (SHA256-based HMAC)
+//     - key stretching (SHA256-based HKDF)
+//     - key wrapping/unwrapping (Encrypt then MAC)
+//     - passphrase-based key derivation (Argon2id)
+//     - key descriptor computation (double SHA512, or HKDF-SHA512)
 package crypto
 
 import (

crypto/crypto_test.go

@@ -64,7 +64,9 @@ func fakePassphraseKey() (*Key, error) {
 
 // Values for test cases pulled from argon2 command line tool.
 // To generate run:
-//    echo "password" | argon2 "aaaaaaaaaaaaaaaa" -id -t <t> -m <m> -p <p> -l 32
+//
+//	echo "password" | argon2 "aaaaaaaaaaaaaaaa" -id -t <t> -m <m> -p <p> -l 32
+//
 // where costs.Time = <t>, costs.Memory = 2^<m>, and costs.Parallelism = <p>.
 type hashTestCase struct {
 	costs   *metadata.HashingCosts

crypto/rand.go

@@ -30,7 +30,8 @@ import (
 // the operating system has insufficient randomness, the buffer creation will
 // fail. This is an improvement over Go's built-in crypto/rand which will still
 // return bytes if the system has insufficiency entropy.
-// 	See: https://github.com/golang/go/issues/19274
+//
+//	See: https://github.com/golang/go/issues/19274
 //
 // While this syscall was only introduced in Kernel v3.17, it predates the
 // introduction of filesystem encryption, so it introduces no additional

filesystem/filesystem.go

@@ -21,15 +21,15 @@
 
 // Package filesystem deals with the structure of the files on disk used to
 // store the metadata for fscrypt. Specifically, this package includes:
-//	- mountpoint management (mountpoint.go)
-//		- querying existing mounted filesystems
-//		- getting filesystems from a UUID
-//		- finding the filesystem for a specific path
-//	- metadata organization (filesystem.go)
-//		- setting up a mounted filesystem for use with fscrypt
-//		- adding/querying/deleting metadata
-//		- making links to other filesystems' metadata
-//		- following links to get data from other filesystems
+//  1. mountpoint management (mountpoint.go)
+//     - querying existing mounted filesystems
+//     - getting filesystems from a UUID
+//     - finding the filesystem for a specific path
+//  2. metadata organization (filesystem.go)
+//     - setting up a mounted filesystem for use with fscrypt
+//     - adding/querying/deleting metadata
+//     - making links to other filesystems' metadata
+//     - following links to get data from other filesystems
 package filesystem
 
 import (
@@ -195,6 +195,7 @@ func (err *ErrProtectorNotFound) Error() string {
 var SortDescriptorsByLastMtime = false
 
 // Mount contains information for a specific mounted filesystem.
+//
 //	Path           - Absolute path where the directory is mounted
 //	FilesystemType - Type of the mounted filesystem, e.g. "ext4"
 //	Device         - Device for filesystem (empty string if we cannot find one)
@@ -210,8 +211,9 @@ var SortDescriptorsByLastMtime = false
 // setup first. Specifically, the directories created look like:
 // <mountpoint>
 // └── .fscrypt
-//     ├── policies
-//     └── protectors
+//
+//	├── policies
+//	└── protectors
 //
 // These "policies" and "protectors" directories will contain files that are
 // the corresponding metadata structures for policies and protectors. The public
@@ -723,13 +725,13 @@ func (m *Mount) addMetadata(path string, md metadata.Metadata, owner *user.User)
 // considering that it could be a malicious file created to cause a
 // denial-of-service.  Specifically, the following checks are done:
 //
-// - It must be a regular file, not another type of file like a symlink or FIFO.
-//   (Symlinks aren't bad by themselves, but given that a malicious user could
-//   point one to absolutely anywhere, and there is no known use case for the
-//   metadata files themselves being symlinks, it seems best to disallow them.)
-// - It must have a reasonable size (<= maxMetadataFileSize).
-// - If trustedUser is non-nil, then the file must be owned by the given user
-//   or by root.
+//   - It must be a regular file, not another type of file like a symlink or FIFO.
+//     (Symlinks aren't bad by themselves, but given that a malicious user could
+//     point one to absolutely anywhere, and there is no known use case for the
+//     metadata files themselves being symlinks, it seems best to disallow them.)
+//   - It must have a reasonable size (<= maxMetadataFileSize).
+//   - If trustedUser is non-nil, then the file must be owned by the given user
+//     or by root.
 //
 // Take care to avoid TOCTOU (time-of-check-time-of-use) bugs when doing these
 // tests.  Notably, we must open the file before checking the file type, as the

filesystem/mountpoint.go

@@ -106,6 +106,7 @@ func getDeviceName(num DeviceNumber) string {
 // Parse one line of /proc/self/mountinfo.
 //
 // The line contains the following space-separated fields:
+//
 //	[0] mount ID
 //	[1] parent ID
 //	[2] major:minor
@@ -184,11 +185,11 @@ func addUncontainedSubtreesRecursive(dst map[string]bool,
 // preferably a read-write mount.  However, that doesn't work in containers
 // where the "/" subtree might not be mounted.  Here's a real-world example:
 //
-//              mnt.Subtree               mnt.Path
-//              -----------               --------
-//              /var/lib/lxc/base/rootfs  /
-//              /var/cache/pacman/pkg     /var/cache/pacman/pkg
-//              /srv/repo/x86_64          /srv/http/x86_64
+//	mnt.Subtree               mnt.Path
+//	-----------               --------
+//	/var/lib/lxc/base/rootfs  /
+//	/var/cache/pacman/pkg     /var/cache/pacman/pkg
+//	/srv/repo/x86_64          /srv/http/x86_64
 //
 // In this case, all mnt.Subtree are independent.  To handle this case, we must
 // choose the Mount whose mnt.Path contains the others, i.e. the first one.
@@ -199,10 +200,10 @@ func addUncontainedSubtreesRecursive(dst map[string]bool,
 // needed to correctly handle bind mounts.  For example, in the following case,
 // the first Mount should be chosen:
 //
-//              mnt.Subtree               mnt.Path
-//              -----------               --------
-//              /foo                      /foo
-//              /foo/dir                  /dir
+//	mnt.Subtree               mnt.Path
+//	-----------               --------
+//	/foo                      /foo
+//	/foo/dir                  /dir
 //
 // To solve this, we divide the mounts into non-overlapping trees of mnt.Path.
 // Then, we choose one of these trees which contains (exactly or via path

filesystem/mountpoint_test.go

@@ -17,10 +17,9 @@
  * the License.
  */
 
-// Note: these tests assume the existence of some well-known directories and
-// devices: /mnt, /home, /tmp, and /dev/loop0.  This is because the mountpoint
-// loading code only retains mountpoints on valid directories, and only retains
-// device names for valid device nodes.
+// Note: these tests assume the existence of some well-known directories: /mnt,
+// /home, and /tmp.  This is because the mountpoint loading code only retains
+// mountpoints on valid directories.
 
 package filesystem
 
@@ -100,6 +99,11 @@ func TestLoadMountInfoBasic(t *testing.T) {
 // Test that Mount.Device is set to the mountpoint's source device if
 // applicable, otherwise it is set to the empty string.
 func TestLoadSourceDevice(t *testing.T) {
+	// The mountinfo parser ignores devices that don't exist.  For the valid
+	// device, try /dev/loop0.  If it doesn't exist, skip the test.
+	if _, err := os.Stat("/dev/loop0"); err != nil {
+		t.Skip("/dev/loop0 does not exist, skipping test")
+	}
 	var mountinfo = `
 15 0 7:0 / / rw shared:1 - foo /dev/loop0 rw,data=ordered
 31 15 0:27 / /tmp rw,nosuid,nodev shared:17 - tmpfs tmpfs rw

metadata/config.go

@@ -21,9 +21,9 @@
 // Package metadata contains all of the on disk structures.
 // These structures are defined in metadata.proto. The package also
 // contains functions for manipulating these structures, specifically:
-//    * Reading and Writing the Config file to disk
-//    * Getting and Setting Policies for directories
-//    * Reasonable defaults for a Policy's EncryptionOptions
+//   - Reading and Writing the Config file to disk
+//   - Getting and Setting Policies for directories
+//   - Reasonable defaults for a Policy's EncryptionOptions
 package metadata
 
 import (

pam/login.go

@@ -51,6 +51,7 @@ var (
 // userInput is run when the callback needs some input from the user. We prompt
 // the user for information and return their answer. A return value of nil
 // indicates an error occurred.
+//
 //export userInput
 func userInput(prompt *C.char) *C.char {
 	fmt.Print(C.GoString(prompt))
@@ -65,6 +66,7 @@ func userInput(prompt *C.char) *C.char {
 // passphraseInput is run when the callback needs a passphrase from the user. We
 // pass along the tokenToCheck without prompting. A return value of nil
 // indicates an error occurred.
+//
 //export passphraseInput
 func passphraseInput(prompt *C.char) *C.char {
 	log.Printf("getting secret data for PAM: %q", C.GoString(prompt))

pam_fscrypt/pam_fscrypt.go

@@ -403,6 +403,7 @@ func pam_sm_authenticate(pamh unsafe.Pointer, flags, argc C.int, argv **C.char)
 }
 
 // pam_sm_setcred needed because we use pam_sm_authenticate.
+//
 //export pam_sm_setcred
 func pam_sm_setcred(pamh unsafe.Pointer, flags, argc C.int, argv **C.char) C.int {
 	return C.PAM_SUCCESS

security/privileges.go

@@ -18,8 +18,8 @@
  */
 
 // Package security manages:
-//  - Cache clearing (cache.go)
-//  - Privilege manipulation (privileges.go)
+//   - Cache clearing (cache.go)
+//   - Privilege manipulation (privileges.go)
 package security
 
 // Use the libc versions of setreuid, setregid, and setgroups instead of the