Commit 40d32b59 authored by Andrew Zaborowski's avatar Andrew Zaborowski Committed by Jarkko Sakkinen
Browse files

keys: Update comment for restrict_link_by_key_or_keyring_chain 



Add the bit of information that makes
restrict_link_by_key_or_keyring_chain different from
restrict_link_by_key_or_keyring to the inline docs comment.

Signed-off-by: default avatarAndrew Zaborowski <andrew.zaborowski@intel.com>
Acked-by: default avatarJarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: default avatarJarkko Sakkinen <jarkko@kernel.org>
parent 724eaba4

crypto/asymmetric_keys/restrict.c

+4 −3
Original line number Diff line number Diff line
@@ -244,9 +244,10 @@ int restrict_link_by_key_or_keyring(struct key *dest_keyring, 
 * @payload: The payload of the new key.

 * @trusted: A key or ring of keys that can be used to vouch for the new cert.

 *

 * Check the new certificate only against the key or keys passed in the data

 * parameter. If one of those is the signing key and validates the new

 * certificate, then mark the new certificate as being ok to link.

 * Check the new certificate against the key or keys passed in the data

 * parameter and against the keys already linked to the destination keyring. If

 * one of those is the signing key and validates the new certificate, then mark

 * the new certificate as being ok to link.

 *

 * Returns 0 if the new certificate was accepted, -ENOKEY if we

 * couldn't find a matching parent certificate in the trusted list,