diff options
author | Andrew Zaborowski <andrew.zaborowski@intel.com> | 2021-01-04 17:40:48 +0100 |
---|---|---|
committer | Jarkko Sakkinen <jarkko@kernel.org> | 2021-02-16 10:40:27 +0200 |
commit | 40d32b59e37346fe89d27f83279ad81cd7dcc4a5 (patch) | |
tree | 3827ed56513a2e1f2cdda25b21ab1968bb966757 | |
parent | 724eaba40ef623194196323c05baa6a0b4bd0210 (diff) |
keys: Update comment for restrict_link_by_key_or_keyring_chain
Add the bit of information that makes
restrict_link_by_key_or_keyring_chain different from
restrict_link_by_key_or_keyring to the inline docs comment.
Signed-off-by: Andrew Zaborowski <andrew.zaborowski@intel.com>
Acked-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
-rw-r--r-- | crypto/asymmetric_keys/restrict.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/crypto/asymmetric_keys/restrict.c b/crypto/asymmetric_keys/restrict.c index 77ebebada29c..84cefe3b3585 100644 --- a/crypto/asymmetric_keys/restrict.c +++ b/crypto/asymmetric_keys/restrict.c @@ -244,9 +244,10 @@ int restrict_link_by_key_or_keyring(struct key *dest_keyring, * @payload: The payload of the new key. * @trusted: A key or ring of keys that can be used to vouch for the new cert. * - * Check the new certificate only against the key or keys passed in the data - * parameter. If one of those is the signing key and validates the new - * certificate, then mark the new certificate as being ok to link. + * Check the new certificate against the key or keys passed in the data + * parameter and against the keys already linked to the destination keyring. If + * one of those is the signing key and validates the new certificate, then mark + * the new certificate as being ok to link. * * Returns 0 if the new certificate was accepted, -ENOKEY if we * couldn't find a matching parent certificate in the trusted list, |