summaryrefslogtreecommitdiff
path: root/fs/ecryptfs/keystore.c
diff options
context:
space:
mode:
authorKees Cook <keescook@chromium.org>2013-02-28 00:39:37 -0800
committerTyler Hicks <tyhicks@canonical.com>2013-03-03 23:59:59 -0800
commit290502bee239062499297916bb7d21d205e99d62 (patch)
treea9ec1729138c7f71c1c4e3e09ce12cf40db767e3 /fs/ecryptfs/keystore.c
parent1111eae90fb64a9d9ed133e410712f1e34fdce4a (diff)
downloadlwn-290502bee239062499297916bb7d21d205e99d62.tar.gz
lwn-290502bee239062499297916bb7d21d205e99d62.zip
eCryptfs: allow userspace messaging to be disabled
When the userspace messaging (for the less common case of userspace key wrap/unwrap via ecryptfsd) is not needed, allow eCryptfs to build with it removed. This saves on kernel code size and reduces potential attack surface by removing the /dev/ecryptfs node. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Diffstat (limited to 'fs/ecryptfs/keystore.c')
-rw-r--r--fs/ecryptfs/keystore.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
index 5aceff202dc0..7d52806c2119 100644
--- a/fs/ecryptfs/keystore.c
+++ b/fs/ecryptfs/keystore.c
@@ -1168,7 +1168,7 @@ decrypt_pki_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok,
rc = ecryptfs_send_message(payload, payload_len, &msg_ctx);
if (rc) {
ecryptfs_printk(KERN_ERR, "Error sending message to "
- "ecryptfsd\n");
+ "ecryptfsd: %d\n", rc);
goto out;
}
rc = ecryptfs_wait_for_response(msg_ctx, &msg);
@@ -1988,7 +1988,7 @@ pki_encrypt_session_key(struct key *auth_tok_key,
rc = ecryptfs_send_message(payload, payload_len, &msg_ctx);
if (rc) {
ecryptfs_printk(KERN_ERR, "Error sending message to "
- "ecryptfsd\n");
+ "ecryptfsd: %d\n", rc);
goto out;
}
rc = ecryptfs_wait_for_response(msg_ctx, &msg);