eCryptfs: verify authentication tokens before their use

Authentication tokens content may change if another requestor calls the
update() method of the corresponding key. The new function
ecryptfs_verify_auth_tok_from_key() retrieves the authentication token from
the provided key and verifies if it is still valid before being used to
encrypt or decrypt an eCryptfs file.

Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
[tyhicks: Minor formatting changes]
Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>

1 files changed, 2 insertions, 2 deletions

diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c
index 63e412cf0fa1..520d05f5ad01 100644
--- a/fs/ecryptfs/main.c
+++ b/fs/ecryptfs/main.c
@@ -239,14 +239,14 @@ static int ecryptfs_init_global_auth_toks(
         struct ecryptfs_mount_crypt_stat *mount_crypt_stat)
 {
         struct ecryptfs_global_auth_tok *global_auth_tok;
+        struct ecryptfs_auth_tok *auth_tok;
         int rc = 0;
 
         list_for_each_entry(global_auth_tok,
                             &mount_crypt_stat->global_auth_tok_list,
                             mount_crypt_stat_list) {
                 rc = ecryptfs_keyring_auth_tok_for_sig(
-                        &global_auth_tok->global_auth_tok_key,
-                        &global_auth_tok->global_auth_tok,
+                        &global_auth_tok->global_auth_tok_key, &auth_tok,
                         global_auth_tok->sig);
                 if (rc) {
                         printk(KERN_ERR "Could not find valid key in user "