Roberto Sassu <roberto.sassu@xxxxxxxxx> wrote: > security/keys/keys_ecryptfs.c | 81 ++++++++++++++++++++++++++++++ > security/keys/keys_ecryptfs.h | 30 +++++++++++ Can you rename these files please? The 'keys' prefix is redundant. They're obviously about keys, or they shouldn't be in this directory. I'd suggest something like 'ecryptfs_format.[ch]'. You might want to make a subdir here specifically for the trusted and encrypted keys and all their formats and move those files into it if you're going to have lots of formats. > /* > + * valid_ecryptfs_desc - verify the description of a new/loaded encrypted key > + * > + * The description of a encrypted key with format 'ecryptfs' must contain > + * exactly 16 hexadecimal characters. > + * > + */ > +static int valid_ecryptfs_desc(const char *ecryptfs_desc) > +{ I think we need an additional key type operation - one that allows you to pass judgement on the description to be given for a key in key_alloc(). On the other hand, this doesn't help here as you can't do a full check on the key description without the payload. David -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html