Comment 18 for bug 313812

Dustin, I realize those patches are not in finished form, but it looks like the changes to ecryptfs_add_auth_tok_to_keyring() will cause a regression in the case of non-pam initiated eCryptfs mounts. I don't think we want auth toks for those types of mounts to be specific to any session. Also, the keyring variable should technically be of type key_serial_t.

Do you know what is going on in ecryptfs_validate_keyring() when KEY_SPEC_SESSION_KEYRING is being linked to KEY_SPEC_USER_KEYRING? Isn't that essentially the same thing as what your patch is doing with the first call to add_key() in ecryptfs_add_auth_tok_to_keyring()?