ecryptfs: checking return code of ecryptfs_find_auth_tok_for_sig() This patch replaces the check of the 'matching_auth_tok' pointer with the exit status of ecryptfs_find_auth_tok_for_sig(). This avoids to use authentication tokens obtained through the function ecryptfs_keyring_auth_tok_for_sig which are not valid. Signed-off-by: Roberto Sassu <roberto.sassu@polito.it> Cc: Dustin Kirkland <kirkland@canonical.com> Cc: James Morris <jmorris@namei.org> Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>

commit: 39fac853a758306285404368fbe392408057b136 [log] [tgz]
author: Roberto Sassu <roberto.sassu@polito.it> Wed Oct 06 18:31:15 2010 +0200
committer: Tyler Hicks <tyhicks@linux.vnet.ibm.com> Fri Oct 29 10:31:36 2010 -0500
tree: 920cc8e2ed51b568c6c63d15dfa98931f5926d04
parent: aee683b9e77e17237b0e146025c3d363c9203634 [diff] [blame]
diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
index b85c6a7..e7f029f 100644
--- a/fs/ecryptfs/keystore.c
+++ b/fs/ecryptfs/keystore.c

@@ -1819,11 +1819,11 @@
 			rc = -EINVAL;
 			goto out_wipe_list;
 		}
-		ecryptfs_find_auth_tok_for_sig(&auth_tok_key,
+		rc = ecryptfs_find_auth_tok_for_sig(&auth_tok_key,
 					       &matching_auth_tok,
 					       crypt_stat->mount_crypt_stat,
 					       candidate_auth_tok_sig);
-		if (matching_auth_tok) {
+		if (!rc) {
 			found_auth_tok = 1;
 			goto found_matching_auth_tok;
 		}
commit	39fac853a758306285404368fbe392408057b136	[log] [tgz]
author	Roberto Sassu <roberto.sassu@polito.it>	Wed Oct 06 18:31:15 2010 +0200
committer	Tyler Hicks <tyhicks@linux.vnet.ibm.com>	Fri Oct 29 10:31:36 2010 -0500
tree	920cc8e2ed51b568c6c63d15dfa98931f5926d04
parent	aee683b9e77e17237b0e146025c3d363c9203634 [diff] [blame]