Roberto Sassu <roberto.sassu@xxxxxxxxx> wrote:
> security/keys/keys_ecryptfs.c | 81 ++++++++++++++++++++++++++++++
> security/keys/keys_ecryptfs.h | 30 +++++++++++
Can you rename these files please? The 'keys' prefix is redundant. They're
obviously about keys, or they shouldn't be in this directory. I'd suggest
something like 'ecryptfs_format.[ch]'.
You might want to make a subdir here specifically for the trusted and
encrypted keys and all their formats and move those files into it if you're
going to have lots of formats.
> /*
> + * valid_ecryptfs_desc - verify the description of a new/loaded encrypted key
> + *
> + * The description of a encrypted key with format 'ecryptfs' must contain
> + * exactly 16 hexadecimal characters.
> + *
> + */
> +static int valid_ecryptfs_desc(const char *ecryptfs_desc)
> +{
I think we need an additional key type operation - one that allows you to pass
judgement on the description to be given for a key in key_alloc(). On the
other hand, this doesn't help here as you can't do a full check on the key
description without the payload.
David
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
