diff options
| author | Roberto Sassu <roberto.sassu@polito.it> | 2011-03-21 11:00:53 -0400 |
|---|---|---|
| committer | Tyler Hicks <tyhicks@linux.vnet.ibm.com> | 2011-03-28 02:49:41 -0400 |
| commit | 0e1fc5ef470cc1d157005c437a434868d59fead4 (patch) | |
| tree | a15889a237ad7db00ef695d4338286e663127ee0 /fs/ecryptfs/ecryptfs_kernel.h | |
| parent | 7762e230fd31fcc1abc03ba32ee957fadc8eafb4 (diff) | |
eCryptfs: verify authentication tokens before their use
Authentication tokens content may change if another requestor calls the
update() method of the corresponding key. The new function
ecryptfs_verify_auth_tok_from_key() retrieves the authentication token from
the provided key and verifies if it is still valid before being used to
encrypt or decrypt an eCryptfs file.
Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
[tyhicks: Minor formatting changes]
Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
Diffstat (limited to 'fs/ecryptfs/ecryptfs_kernel.h')
| -rw-r--r-- | fs/ecryptfs/ecryptfs_kernel.h | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h index 40c93fe41cc3..bd3cafd0949d 100644 --- a/fs/ecryptfs/ecryptfs_kernel.h +++ b/fs/ecryptfs/ecryptfs_kernel.h | |||
| @@ -331,7 +331,6 @@ struct ecryptfs_global_auth_tok { | |||
| 331 | u32 flags; | 331 | u32 flags; |
| 332 | struct list_head mount_crypt_stat_list; | 332 | struct list_head mount_crypt_stat_list; |
| 333 | struct key *global_auth_tok_key; | 333 | struct key *global_auth_tok_key; |
| 334 | struct ecryptfs_auth_tok *global_auth_tok; | ||
| 335 | unsigned char sig[ECRYPTFS_SIG_SIZE_HEX + 1]; | 334 | unsigned char sig[ECRYPTFS_SIG_SIZE_HEX + 1]; |
| 336 | }; | 335 | }; |
| 337 | 336 | ||