diff options
Diffstat (limited to 'fs/ecryptfs')
| -rw-r--r-- | fs/ecryptfs/crypto.c | 51 | ||||
| -rw-r--r-- | fs/ecryptfs/ecryptfs_kernel.h | 4 | ||||
| -rw-r--r-- | fs/ecryptfs/inode.c | 32 | ||||
| -rw-r--r-- | fs/ecryptfs/keystore.c | 3 | ||||
| -rw-r--r-- | fs/ecryptfs/main.c | 5 |
5 files changed, 53 insertions, 42 deletions
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c index f6caeb1d1106..8b65f289ee00 100644 --- a/fs/ecryptfs/crypto.c +++ b/fs/ecryptfs/crypto.c | |||
| @@ -946,6 +946,8 @@ static int ecryptfs_copy_mount_wide_sigs_to_inode_sigs( | |||
| 946 | list_for_each_entry(global_auth_tok, | 946 | list_for_each_entry(global_auth_tok, |
| 947 | &mount_crypt_stat->global_auth_tok_list, | 947 | &mount_crypt_stat->global_auth_tok_list, |
| 948 | mount_crypt_stat_list) { | 948 | mount_crypt_stat_list) { |
| 949 | if (global_auth_tok->flags & ECRYPTFS_AUTH_TOK_FNEK) | ||
| 950 | continue; | ||
| 949 | rc = ecryptfs_add_keysig(crypt_stat, global_auth_tok->sig); | 951 | rc = ecryptfs_add_keysig(crypt_stat, global_auth_tok->sig); |
| 950 | if (rc) { | 952 | if (rc) { |
| 951 | printk(KERN_ERR "Error adding keysig; rc = [%d]\n", rc); | 953 | printk(KERN_ERR "Error adding keysig; rc = [%d]\n", rc); |
| @@ -1322,14 +1324,13 @@ static int ecryptfs_write_headers_virt(char *page_virt, size_t max, | |||
| 1322 | } | 1324 | } |
| 1323 | 1325 | ||
| 1324 | static int | 1326 | static int |
| 1325 | ecryptfs_write_metadata_to_contents(struct ecryptfs_crypt_stat *crypt_stat, | 1327 | ecryptfs_write_metadata_to_contents(struct dentry *ecryptfs_dentry, |
| 1326 | struct dentry *ecryptfs_dentry, | 1328 | char *virt, size_t virt_len) |
| 1327 | char *virt) | ||
| 1328 | { | 1329 | { |
| 1329 | int rc; | 1330 | int rc; |
| 1330 | 1331 | ||
| 1331 | rc = ecryptfs_write_lower(ecryptfs_dentry->d_inode, virt, | 1332 | rc = ecryptfs_write_lower(ecryptfs_dentry->d_inode, virt, |
| 1332 | 0, crypt_stat->num_header_bytes_at_front); | 1333 | 0, virt_len); |
| 1333 | if (rc) | 1334 | if (rc) |
| 1334 | printk(KERN_ERR "%s: Error attempting to write header " | 1335 | printk(KERN_ERR "%s: Error attempting to write header " |
| 1335 | "information to lower file; rc = [%d]\n", __func__, | 1336 | "information to lower file; rc = [%d]\n", __func__, |
| @@ -1339,7 +1340,6 @@ ecryptfs_write_metadata_to_contents(struct ecryptfs_crypt_stat *crypt_stat, | |||
| 1339 | 1340 | ||
| 1340 | static int | 1341 | static int |
| 1341 | ecryptfs_write_metadata_to_xattr(struct dentry *ecryptfs_dentry, | 1342 | ecryptfs_write_metadata_to_xattr(struct dentry *ecryptfs_dentry, |
| 1342 | struct ecryptfs_crypt_stat *crypt_stat, | ||
| 1343 | char *page_virt, size_t size) | 1343 | char *page_virt, size_t size) |
| 1344 | { | 1344 | { |
| 1345 | int rc; | 1345 | int rc; |
| @@ -1349,6 +1349,17 @@ ecryptfs_write_metadata_to_xattr(struct dentry *ecryptfs_dentry, | |||
| 1349 | return rc; | 1349 | return rc; |
| 1350 | } | 1350 | } |
| 1351 | 1351 | ||
| 1352 | static unsigned long ecryptfs_get_zeroed_pages(gfp_t gfp_mask, | ||
| 1353 | unsigned int order) | ||
| 1354 | { | ||
| 1355 | struct page *page; | ||
| 1356 | |||
| 1357 | page = alloc_pages(gfp_mask | __GFP_ZERO, order); | ||
| 1358 | if (page) | ||
| 1359 | return (unsigned long) page_address(page); | ||
| 1360 | return 0; | ||
| 1361 | } | ||
| 1362 | |||
| 1352 | /** | 1363 | /** |
| 1353 | * ecryptfs_write_metadata | 1364 | * ecryptfs_write_metadata |
| 1354 | * @ecryptfs_dentry: The eCryptfs dentry | 1365 | * @ecryptfs_dentry: The eCryptfs dentry |
| @@ -1365,7 +1376,9 @@ int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry) | |||
| 1365 | { | 1376 | { |
| 1366 | struct ecryptfs_crypt_stat *crypt_stat = | 1377 | struct ecryptfs_crypt_stat *crypt_stat = |
| 1367 | &ecryptfs_inode_to_private(ecryptfs_dentry->d_inode)->crypt_stat; | 1378 | &ecryptfs_inode_to_private(ecryptfs_dentry->d_inode)->crypt_stat; |
| 1379 | unsigned int order; | ||
| 1368 | char *virt; | 1380 | char *virt; |
| 1381 | size_t virt_len; | ||
| 1369 | size_t size = 0; | 1382 | size_t size = 0; |
| 1370 | int rc = 0; | 1383 | int rc = 0; |
| 1371 | 1384 | ||
| @@ -1381,33 +1394,35 @@ int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry) | |||
| 1381 | rc = -EINVAL; | 1394 | rc = -EINVAL; |
| 1382 | goto out; | 1395 | goto out; |
| 1383 | } | 1396 | } |
| 1397 | virt_len = crypt_stat->num_header_bytes_at_front; | ||
| 1398 | order = get_order(virt_len); | ||
| 1384 | /* Released in this function */ | 1399 | /* Released in this function */ |
| 1385 | virt = (char *)get_zeroed_page(GFP_KERNEL); | 1400 | virt = (char *)ecryptfs_get_zeroed_pages(GFP_KERNEL, order); |
| 1386 | if (!virt) { | 1401 | if (!virt) { |
| 1387 | printk(KERN_ERR "%s: Out of memory\n", __func__); | 1402 | printk(KERN_ERR "%s: Out of memory\n", __func__); |
| 1388 | rc = -ENOMEM; | 1403 | rc = -ENOMEM; |
| 1389 | goto out; | 1404 | goto out; |
| 1390 | } | 1405 | } |
| 1391 | rc = ecryptfs_write_headers_virt(virt, PAGE_CACHE_SIZE, &size, | 1406 | rc = ecryptfs_write_headers_virt(virt, virt_len, &size, crypt_stat, |
| 1392 | crypt_stat, ecryptfs_dentry); | 1407 | ecryptfs_dentry); |
| 1393 | if (unlikely(rc)) { | 1408 | if (unlikely(rc)) { |
| 1394 | printk(KERN_ERR "%s: Error whilst writing headers; rc = [%d]\n", | 1409 | printk(KERN_ERR "%s: Error whilst writing headers; rc = [%d]\n", |
| 1395 | __func__, rc); | 1410 | __func__, rc); |
| 1396 | goto out_free; | 1411 | goto out_free; |
| 1397 | } | 1412 | } |
| 1398 | if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) | 1413 | if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) |
| 1399 | rc = ecryptfs_write_metadata_to_xattr(ecryptfs_dentry, | 1414 | rc = ecryptfs_write_metadata_to_xattr(ecryptfs_dentry, virt, |
| 1400 | crypt_stat, virt, size); | 1415 | size); |
| 1401 | else | 1416 | else |
| 1402 | rc = ecryptfs_write_metadata_to_contents(crypt_stat, | 1417 | rc = ecryptfs_write_metadata_to_contents(ecryptfs_dentry, virt, |
| 1403 | ecryptfs_dentry, virt); | 1418 | virt_len); |
| 1404 | if (rc) { | 1419 | if (rc) { |
| 1405 | printk(KERN_ERR "%s: Error writing metadata out to lower file; " | 1420 | printk(KERN_ERR "%s: Error writing metadata out to lower file; " |
| 1406 | "rc = [%d]\n", __func__, rc); | 1421 | "rc = [%d]\n", __func__, rc); |
| 1407 | goto out_free; | 1422 | goto out_free; |
| 1408 | } | 1423 | } |
| 1409 | out_free: | 1424 | out_free: |
| 1410 | free_page((unsigned long)virt); | 1425 | free_pages((unsigned long)virt, order); |
| 1411 | out: | 1426 | out: |
| 1412 | return rc; | 1427 | return rc; |
| 1413 | } | 1428 | } |
| @@ -2206,17 +2221,19 @@ int ecryptfs_decode_and_decrypt_filename(char **plaintext_name, | |||
| 2206 | struct dentry *ecryptfs_dir_dentry, | 2221 | struct dentry *ecryptfs_dir_dentry, |
| 2207 | const char *name, size_t name_size) | 2222 | const char *name, size_t name_size) |
| 2208 | { | 2223 | { |
| 2224 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat = | ||
| 2225 | &ecryptfs_superblock_to_private( | ||
| 2226 | ecryptfs_dir_dentry->d_sb)->mount_crypt_stat; | ||
| 2209 | char *decoded_name; | 2227 | char *decoded_name; |
| 2210 | size_t decoded_name_size; | 2228 | size_t decoded_name_size; |
| 2211 | size_t packet_size; | 2229 | size_t packet_size; |
| 2212 | int rc = 0; | 2230 | int rc = 0; |
| 2213 | 2231 | ||
| 2214 | if ((name_size > ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE) | 2232 | if ((mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES) |
| 2233 | && !(mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED) | ||
| 2234 | && (name_size > ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE) | ||
| 2215 | && (strncmp(name, ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX, | 2235 | && (strncmp(name, ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX, |
| 2216 | ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE) == 0)) { | 2236 | ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE) == 0)) { |
| 2217 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat = | ||
| 2218 | &ecryptfs_superblock_to_private( | ||
| 2219 | ecryptfs_dir_dentry->d_sb)->mount_crypt_stat; | ||
| 2220 | const char *orig_name = name; | 2237 | const char *orig_name = name; |
| 2221 | size_t orig_name_size = name_size; | 2238 | size_t orig_name_size = name_size; |
| 2222 | 2239 | ||
diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h index c11fc95714ab..ac749d4d644f 100644 --- a/fs/ecryptfs/ecryptfs_kernel.h +++ b/fs/ecryptfs/ecryptfs_kernel.h | |||
| @@ -328,6 +328,7 @@ struct ecryptfs_dentry_info { | |||
| 328 | */ | 328 | */ |
| 329 | struct ecryptfs_global_auth_tok { | 329 | struct ecryptfs_global_auth_tok { |
| 330 | #define ECRYPTFS_AUTH_TOK_INVALID 0x00000001 | 330 | #define ECRYPTFS_AUTH_TOK_INVALID 0x00000001 |
| 331 | #define ECRYPTFS_AUTH_TOK_FNEK 0x00000002 | ||
| 331 | u32 flags; | 332 | u32 flags; |
| 332 | struct list_head mount_crypt_stat_list; | 333 | struct list_head mount_crypt_stat_list; |
| 333 | struct key *global_auth_tok_key; | 334 | struct key *global_auth_tok_key; |
| @@ -619,7 +620,6 @@ int ecryptfs_interpose(struct dentry *hidden_dentry, | |||
| 619 | u32 flags); | 620 | u32 flags); |
| 620 | int ecryptfs_lookup_and_interpose_lower(struct dentry *ecryptfs_dentry, | 621 | int ecryptfs_lookup_and_interpose_lower(struct dentry *ecryptfs_dentry, |
| 621 | struct dentry *lower_dentry, | 622 | struct dentry *lower_dentry, |
| 622 | struct ecryptfs_crypt_stat *crypt_stat, | ||
| 623 | struct inode *ecryptfs_dir_inode, | 623 | struct inode *ecryptfs_dir_inode, |
| 624 | struct nameidata *ecryptfs_nd); | 624 | struct nameidata *ecryptfs_nd); |
| 625 | int ecryptfs_decode_and_decrypt_filename(char **decrypted_name, | 625 | int ecryptfs_decode_and_decrypt_filename(char **decrypted_name, |
| @@ -696,7 +696,7 @@ ecryptfs_write_header_metadata(char *virt, | |||
| 696 | int ecryptfs_add_keysig(struct ecryptfs_crypt_stat *crypt_stat, char *sig); | 696 | int ecryptfs_add_keysig(struct ecryptfs_crypt_stat *crypt_stat, char *sig); |
| 697 | int | 697 | int |
| 698 | ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat, | 698 | ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat, |
| 699 | char *sig); | 699 | char *sig, u32 global_auth_tok_flags); |
| 700 | int ecryptfs_get_global_auth_tok_for_sig( | 700 | int ecryptfs_get_global_auth_tok_for_sig( |
| 701 | struct ecryptfs_global_auth_tok **global_auth_tok, | 701 | struct ecryptfs_global_auth_tok **global_auth_tok, |
| 702 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat, char *sig); | 702 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat, char *sig); |
diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c index 5697899a168d..55b3145b8072 100644 --- a/fs/ecryptfs/inode.c +++ b/fs/ecryptfs/inode.c | |||
| @@ -246,7 +246,6 @@ out: | |||
| 246 | */ | 246 | */ |
| 247 | int ecryptfs_lookup_and_interpose_lower(struct dentry *ecryptfs_dentry, | 247 | int ecryptfs_lookup_and_interpose_lower(struct dentry *ecryptfs_dentry, |
| 248 | struct dentry *lower_dentry, | 248 | struct dentry *lower_dentry, |
| 249 | struct ecryptfs_crypt_stat *crypt_stat, | ||
| 250 | struct inode *ecryptfs_dir_inode, | 249 | struct inode *ecryptfs_dir_inode, |
| 251 | struct nameidata *ecryptfs_nd) | 250 | struct nameidata *ecryptfs_nd) |
| 252 | { | 251 | { |
| @@ -254,6 +253,7 @@ int ecryptfs_lookup_and_interpose_lower(struct dentry *ecryptfs_dentry, | |||
| 254 | struct vfsmount *lower_mnt; | 253 | struct vfsmount *lower_mnt; |
| 255 | struct inode *lower_inode; | 254 | struct inode *lower_inode; |
| 256 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat; | 255 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat; |
| 256 | struct ecryptfs_crypt_stat *crypt_stat; | ||
| 257 | char *page_virt = NULL; | 257 | char *page_virt = NULL; |
| 258 | u64 file_size; | 258 | u64 file_size; |
| 259 | int rc = 0; | 259 | int rc = 0; |
| @@ -314,6 +314,11 @@ int ecryptfs_lookup_and_interpose_lower(struct dentry *ecryptfs_dentry, | |||
| 314 | goto out_free_kmem; | 314 | goto out_free_kmem; |
| 315 | } | 315 | } |
| 316 | } | 316 | } |
| 317 | crypt_stat = &ecryptfs_inode_to_private( | ||
| 318 | ecryptfs_dentry->d_inode)->crypt_stat; | ||
| 319 | /* TODO: lock for crypt_stat comparison */ | ||
| 320 | if (!(crypt_stat->flags & ECRYPTFS_POLICY_APPLIED)) | ||
| 321 | ecryptfs_set_default_sizes(crypt_stat); | ||
| 317 | rc = ecryptfs_read_and_validate_header_region(page_virt, | 322 | rc = ecryptfs_read_and_validate_header_region(page_virt, |
| 318 | ecryptfs_dentry->d_inode); | 323 | ecryptfs_dentry->d_inode); |
| 319 | if (rc) { | 324 | if (rc) { |
| @@ -362,9 +367,7 @@ static struct dentry *ecryptfs_lookup(struct inode *ecryptfs_dir_inode, | |||
| 362 | { | 367 | { |
| 363 | char *encrypted_and_encoded_name = NULL; | 368 | char *encrypted_and_encoded_name = NULL; |
| 364 | size_t encrypted_and_encoded_name_size; | 369 | size_t encrypted_and_encoded_name_size; |
| 365 | struct ecryptfs_crypt_stat *crypt_stat = NULL; | ||
| 366 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat = NULL; | 370 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat = NULL; |
| 367 | struct ecryptfs_inode_info *inode_info; | ||
| 368 | struct dentry *lower_dir_dentry, *lower_dentry; | 371 | struct dentry *lower_dir_dentry, *lower_dentry; |
| 369 | int rc = 0; | 372 | int rc = 0; |
| 370 | 373 | ||
| @@ -388,26 +391,15 @@ static struct dentry *ecryptfs_lookup(struct inode *ecryptfs_dir_inode, | |||
| 388 | } | 391 | } |
| 389 | if (lower_dentry->d_inode) | 392 | if (lower_dentry->d_inode) |
| 390 | goto lookup_and_interpose; | 393 | goto lookup_and_interpose; |
| 391 | inode_info = ecryptfs_inode_to_private(ecryptfs_dentry->d_inode); | 394 | mount_crypt_stat = &ecryptfs_superblock_to_private( |
| 392 | if (inode_info) { | 395 | ecryptfs_dentry->d_sb)->mount_crypt_stat; |
| 393 | crypt_stat = &inode_info->crypt_stat; | 396 | if (!(mount_crypt_stat |
| 394 | /* TODO: lock for crypt_stat comparison */ | 397 | && (mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES))) |
| 395 | if (!(crypt_stat->flags & ECRYPTFS_POLICY_APPLIED)) | ||
| 396 | ecryptfs_set_default_sizes(crypt_stat); | ||
| 397 | } | ||
| 398 | if (crypt_stat) | ||
| 399 | mount_crypt_stat = crypt_stat->mount_crypt_stat; | ||
| 400 | else | ||
| 401 | mount_crypt_stat = &ecryptfs_superblock_to_private( | ||
| 402 | ecryptfs_dentry->d_sb)->mount_crypt_stat; | ||
| 403 | if (!(crypt_stat && (crypt_stat->flags & ECRYPTFS_ENCRYPT_FILENAMES)) | ||
| 404 | && !(mount_crypt_stat && (mount_crypt_stat->flags | ||
| 405 | & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES))) | ||
| 406 | goto lookup_and_interpose; | 398 | goto lookup_and_interpose; |
| 407 | dput(lower_dentry); | 399 | dput(lower_dentry); |
| 408 | rc = ecryptfs_encrypt_and_encode_filename( | 400 | rc = ecryptfs_encrypt_and_encode_filename( |
| 409 | &encrypted_and_encoded_name, &encrypted_and_encoded_name_size, | 401 | &encrypted_and_encoded_name, &encrypted_and_encoded_name_size, |
| 410 | crypt_stat, mount_crypt_stat, ecryptfs_dentry->d_name.name, | 402 | NULL, mount_crypt_stat, ecryptfs_dentry->d_name.name, |
| 411 | ecryptfs_dentry->d_name.len); | 403 | ecryptfs_dentry->d_name.len); |
| 412 | if (rc) { | 404 | if (rc) { |
| 413 | printk(KERN_ERR "%s: Error attempting to encrypt and encode " | 405 | printk(KERN_ERR "%s: Error attempting to encrypt and encode " |
| @@ -426,7 +418,7 @@ static struct dentry *ecryptfs_lookup(struct inode *ecryptfs_dir_inode, | |||
| 426 | } | 418 | } |
| 427 | lookup_and_interpose: | 419 | lookup_and_interpose: |
| 428 | rc = ecryptfs_lookup_and_interpose_lower(ecryptfs_dentry, lower_dentry, | 420 | rc = ecryptfs_lookup_and_interpose_lower(ecryptfs_dentry, lower_dentry, |
| 429 | crypt_stat, ecryptfs_dir_inode, | 421 | ecryptfs_dir_inode, |
| 430 | ecryptfs_nd); | 422 | ecryptfs_nd); |
| 431 | goto out; | 423 | goto out; |
| 432 | out_d_drop: | 424 | out_d_drop: |
diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c index ff539420cc6f..e4a6223c3145 100644 --- a/fs/ecryptfs/keystore.c +++ b/fs/ecryptfs/keystore.c | |||
| @@ -2375,7 +2375,7 @@ struct kmem_cache *ecryptfs_global_auth_tok_cache; | |||
| 2375 | 2375 | ||
| 2376 | int | 2376 | int |
| 2377 | ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat, | 2377 | ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat, |
| 2378 | char *sig) | 2378 | char *sig, u32 global_auth_tok_flags) |
| 2379 | { | 2379 | { |
| 2380 | struct ecryptfs_global_auth_tok *new_auth_tok; | 2380 | struct ecryptfs_global_auth_tok *new_auth_tok; |
| 2381 | int rc = 0; | 2381 | int rc = 0; |
| @@ -2389,6 +2389,7 @@ ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat, | |||
| 2389 | goto out; | 2389 | goto out; |
| 2390 | } | 2390 | } |
| 2391 | memcpy(new_auth_tok->sig, sig, ECRYPTFS_SIG_SIZE_HEX); | 2391 | memcpy(new_auth_tok->sig, sig, ECRYPTFS_SIG_SIZE_HEX); |
| 2392 | new_auth_tok->flags = global_auth_tok_flags; | ||
| 2392 | new_auth_tok->sig[ECRYPTFS_SIG_SIZE_HEX] = '\0'; | 2393 | new_auth_tok->sig[ECRYPTFS_SIG_SIZE_HEX] = '\0'; |
| 2393 | mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex); | 2394 | mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex); |
| 2394 | list_add(&new_auth_tok->mount_crypt_stat_list, | 2395 | list_add(&new_auth_tok->mount_crypt_stat_list, |
diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c index 789cf2e1be1e..aed56c25539b 100644 --- a/fs/ecryptfs/main.c +++ b/fs/ecryptfs/main.c | |||
| @@ -319,7 +319,7 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options) | |||
| 319 | case ecryptfs_opt_ecryptfs_sig: | 319 | case ecryptfs_opt_ecryptfs_sig: |
| 320 | sig_src = args[0].from; | 320 | sig_src = args[0].from; |
| 321 | rc = ecryptfs_add_global_auth_tok(mount_crypt_stat, | 321 | rc = ecryptfs_add_global_auth_tok(mount_crypt_stat, |
| 322 | sig_src); | 322 | sig_src, 0); |
| 323 | if (rc) { | 323 | if (rc) { |
| 324 | printk(KERN_ERR "Error attempting to register " | 324 | printk(KERN_ERR "Error attempting to register " |
| 325 | "global sig; rc = [%d]\n", rc); | 325 | "global sig; rc = [%d]\n", rc); |
| @@ -370,7 +370,8 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options) | |||
| 370 | ECRYPTFS_SIG_SIZE_HEX] = '\0'; | 370 | ECRYPTFS_SIG_SIZE_HEX] = '\0'; |
| 371 | rc = ecryptfs_add_global_auth_tok( | 371 | rc = ecryptfs_add_global_auth_tok( |
| 372 | mount_crypt_stat, | 372 | mount_crypt_stat, |
| 373 | mount_crypt_stat->global_default_fnek_sig); | 373 | mount_crypt_stat->global_default_fnek_sig, |
| 374 | ECRYPTFS_AUTH_TOK_FNEK); | ||
| 374 | if (rc) { | 375 | if (rc) { |
| 375 | printk(KERN_ERR "Error attempting to register " | 376 | printk(KERN_ERR "Error attempting to register " |
| 376 | "global fnek sig [%s]; rc = [%d]\n", | 377 | "global fnek sig [%s]; rc = [%d]\n", |