On Thu, 28 Sep 2017, Eric Biggers wrote: > From: Eric Biggers <ebiggers@xxxxxxxxxx> > > As experience has shown, accessing the 'struct key' payload is very > error-prone, since we need to hold the key semaphore and properly > validate everything. Fortunately eCryptfs only does it from one place, > in ecryptfs_verify_auth_tok_from_key() in keystore.c. Therefore, move > the payload accessor functions like ecryptfs_get_key_payload_data() out > of ecryptfs_kernel.h and into keystore.c so that people might be less > tempted to use them directly. > > Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx> > --- > fs/ecryptfs/ecryptfs_kernel.h | 60 ------------------------------------------- > fs/ecryptfs/keystore.c | 60 +++++++++++++++++++++++++++++++++++++++++++ > 2 files changed, 60 insertions(+), 60 deletions(-) Ok, I should have started at this patch :) Reviewed-by: James Morris <james.l.morris@xxxxxxxxxx> -- James Morris <jmorris@xxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe linux-fscrypt" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
|