| commit | 0e1fc5ef470cc1d157005c437a434868d59fead4 | |
| author | Roberto Sassu <roberto.sassu@polito.it> | |
| Mon, 21 Mar 2011 15:00:53 +0000 (21 16:00 +0100) | ||
| committer | Tyler Hicks <tyhicks@linux.vnet.ibm.com> | |
| Mon, 28 Mar 2011 06:49:41 +0000 (28 01:49 -0500) | ||
| tree | a15889a237ad7db00ef695d4338286e663127ee0 | treesnapshot (tar.gz zip) |
| parent | 7762e230fd31fcc1abc03ba32ee957fadc8eafb4 | commitdiff |
eCryptfs: verify authentication tokens before their use
Authentication tokens content may change if another requestor calls the
update() method of the corresponding key. The new function
ecryptfs_verify_auth_tok_from_key() retrieves the authentication token from
the provided key and verifies if it is still valid before being used to
encrypt or decrypt an eCryptfs file.
Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
[tyhicks: Minor formatting changes]
Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
Authentication tokens content may change if another requestor calls the
update() method of the corresponding key. The new function
ecryptfs_verify_auth_tok_from_key() retrieves the authentication token from
the provided key and verifies if it is still valid before being used to
encrypt or decrypt an eCryptfs file.
Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
[tyhicks: Minor formatting changes]
Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
| fs/ecryptfs/ecryptfs_kernel.h | diffblobblamehistory | |
| fs/ecryptfs/keystore.c | diffblobblamehistory | |
| fs/ecryptfs/main.c | diffblobblamehistory |