Dustin, I realize those patches are not in finished form, but it looks like the changes to ecryptfs_add_auth_tok_to_keyring() will cause a regression in the case of non-pam initiated eCryptfs mounts. I don't think we want auth toks for those types of mounts to be specific to any session. Also, the keyring variable should technically be of type key_serial_t.
Do you know what is going on in ecryptfs_validate_keyring() when KEY_SPEC_SESSION_KEYRING is being linked to KEY_SPEC_USER_KEYRING? Isn't that essentially the same thing as what your patch is doing with the first call to add_key() in ecryptfs_add_auth_tok_to_keyring()?
Dustin, I realize those patches are not in finished form, but it looks like the changes to ecryptfs_ add_auth_ tok_to_ keyring( ) will cause a regression in the case of non-pam initiated eCryptfs mounts. I don't think we want auth toks for those types of mounts to be specific to any session. Also, the keyring variable should technically be of type key_serial_t.
Do you know what is going on in ecryptfs_ validate_ keyring( ) when KEY_SPEC_ SESSION_ KEYRING is being linked to KEY_SPEC_ USER_KEYRING? Isn't that essentially the same thing as what your patch is doing with the first call to add_key() in ecryptfs_ add_auth_ tok_to_ keyring( )?