590f497d08
Refactor the confusingly-named function 'validate_user_key()' into a new function 'find_and_derive_key()' which first finds the keyring key, then does the key derivation. Among other benefits this avoids the strange behavior we had previously where if key derivation failed for some reason, then we would fall back to the alternate key prefix. Now, we'll only fall back to the alternate key prefix if a valid key isn't found. This patch also improves the warning messages that are logged when the keyring key's payload is invalid. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu> |
||
---|---|---|
.. | ||
bio.c | ||
crypto.c | ||
fname.c | ||
fscrypt_private.h | ||
hooks.c | ||
Kconfig | ||
keyinfo.c | ||
Makefile | ||
policy.c |