eCryptfs 101

[ Eric Lammerts ]
  * src/libecryptfs/sysfs.c: LP: #1007880
    - Handle NULL mnt pointer when sysfs is not mounted

  [ Tyler Hicks ]
  * src/utils/ecryptfs-migrate-home: LP: #1026180
    - Correct minor misspelling
  * src/utils/ecryptfs-recover-private: LP: #1004082
    - Fix option parsing when --rw is specified
  * src/utils/ecryptfs-recover-private: LP: #1028923
    - Simplify success message to prevent incorrectly reporting that a
      read-only mount was performed when the --rw option is specified
  * tests/lib/etl_func.sh:
    - Add test library function to return a lower path from an upper path,
      based on inode numbers
  * tests/kernel/mmap-close.sh, tests/kernel/mmap-close/test.c:
    - Add regression test for open->mmap()->close()->dirty memory->munmap()
      pattern
  * tests/kernel/lp-561129.sh:
    - Add test for checking that a pre-existing target inode is properly
      evicted after a rename
  * tests/README:
    - Add documentation on the steps to take when adding new test cases

  [ Colin King ]
  * tests/kernel/lp-911507.sh:
    - Add test case for initializing empty lower files during open()
  * tests/kernel/lp-872905.sh:
    - Add test case to check for proper unlinking of lower files when
      lower file initialization fails
  * src/key_mod/ecryptfs_key_mod_openssl.c,
    src/key_mod/ecryptfs_key_mod_pkcs11_helper.c,
    src/libecryptfs/key_management.c,
    src/utils/mount.ecryptfs_private.c, src/utils/umount.ecryptfs.c:
    - address some issues raised by smatch static analysis
    - fix some memory leaks with frees
    - fix some pointer refs and derefs
    - fix some comment typos

  [ Dustin Kirkland ]
  * src/libecryptfs/key_management.c:
    - silence pam error message when errno == EACCES
      + "Error attempting to parse .ecryptfsrc file; rc = [-13]"
  * src/utils/mount.ecryptfs_private.c: LP: #1052038
    - fix race condition, which typically manifests itself with a user
      saying that their home directory is not accessible, or that their
      filenames are not decrypted
    - the root of the problem is that we were reading the signature file,
      ~/.ecryptfs/Private.sig, twice; in some cases, the first one succeeds,
      so the file encryption signature is read and key is loaded, but then
      some other process (usually from PAM, perhaps a cron job or a
      subsequent login) mounts the home directory before the filename
      encryption key is loaded; thus, $HOME is mounted but filenames are
      not decrypted, so the second read of ~/.ecryptfs/Private.sig fails
      as that file is not found
    - the solution is to rework the internal fetch_sig() function and read
      one or both signatures within a single open/read/close operation of
      the file
    - free memory used by char **sig on failure
  * debian/copyright:
    - fix lintian warning