* [PATCH 2/3] ecryptfs: checking return code of ecryptfs_find_auth_tok_for_sig()
@ 2010-10-06 16:31 Roberto Sassu
2010-10-08 19:10 ` Tyler Hicks
0 siblings, 1 reply; 2+ messages in thread
From: Roberto Sassu @ 2010-10-06 16:31 UTC (permalink / raw)
To: tyhicks, kirkland, jmorris, akpm, linux-fsdevel, linux-kernel,
linux-security-module
[-- Attachment #1: Type: Text/Plain, Size: 1012 bytes --]
This patch replaces the check of the 'matching_auth_tok' pointer with
the exit status of ecryptfs_find_auth_tok_for_sig().
This avoids to use authentication tokens obtained through the function
ecryptfs_keyring_auth_tok_for_sig which are not valid.
Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
---
fs/ecryptfs/keystore.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
index 77580db..643d011 100644
--- a/fs/ecryptfs/keystore.c
+++ b/fs/ecryptfs/keystore.c
@@ -1819,11 +1819,11 @@ find_next_matching_auth_tok:
rc = -EINVAL;
goto out_wipe_list;
}
- ecryptfs_find_auth_tok_for_sig(&auth_tok_key,
+ rc = ecryptfs_find_auth_tok_for_sig(&auth_tok_key,
&matching_auth_tok,
crypt_stat->mount_crypt_stat,
candidate_auth_tok_sig);
- if (matching_auth_tok) {
+ if (!rc) {
found_auth_tok = 1;
goto found_matching_auth_tok;
}
--
1.7.2.3
[-- Attachment #2: smime.p7s --]
[-- Type: application/pkcs7-signature, Size: 4707 bytes --]
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH 2/3] ecryptfs: checking return code of ecryptfs_find_auth_tok_for_sig()
2010-10-06 16:31 [PATCH 2/3] ecryptfs: checking return code of ecryptfs_find_auth_tok_for_sig() Roberto Sassu
@ 2010-10-08 19:10 ` Tyler Hicks
0 siblings, 0 replies; 2+ messages in thread
From: Tyler Hicks @ 2010-10-08 19:10 UTC (permalink / raw)
To: Roberto Sassu
Cc: kirkland, jmorris, akpm, linux-fsdevel, linux-kernel,
linux-security-module
On Wed Oct 06, 2010 at 06:31:15PM +0200, Roberto Sassu <roberto.sassu@polito.it> wrote:
> This patch replaces the check of the 'matching_auth_tok' pointer with
> the exit status of ecryptfs_find_auth_tok_for_sig().
> This avoids to use authentication tokens obtained through the function
> ecryptfs_keyring_auth_tok_for_sig which are not valid.
>
>
> Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
> ---
Nice catch - applied to
git://git.kernel.org/pub/scm/linux/kernel/git/ecryptfs/ecryptfs-2.6.git#next
Thanks!
> fs/ecryptfs/keystore.c | 4 ++--
> 1 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
> index 77580db..643d011 100644
> --- a/fs/ecryptfs/keystore.c
> +++ b/fs/ecryptfs/keystore.c
> @@ -1819,11 +1819,11 @@ find_next_matching_auth_tok:
> rc = -EINVAL;
> goto out_wipe_list;
> }
> - ecryptfs_find_auth_tok_for_sig(&auth_tok_key,
> + rc = ecryptfs_find_auth_tok_for_sig(&auth_tok_key,
> &matching_auth_tok,
> crypt_stat->mount_crypt_stat,
> candidate_auth_tok_sig);
> - if (matching_auth_tok) {
> + if (!rc) {
> found_auth_tok = 1;
> goto found_matching_auth_tok;
> }
> --
> 1.7.2.3
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2010-10-08 19:10 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-10-06 16:31 [PATCH 2/3] ecryptfs: checking return code of ecryptfs_find_auth_tok_for_sig() Roberto Sassu
2010-10-08 19:10 ` Tyler Hicks
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).