keys: Update comment for restrict_link_by_key_or_keyring_chain

Add the bit of information that makes restrict_link_by_key_or_keyring_chain different from restrict_link_by_key_or_keyring to the inline docs comment. Signed-off-by: Andrew Zaborowski <andrew.zaborowski@intel.com> Acked-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>

keys: Update comment for restrict_link_by_key_or_keyring_chain
Add the bit of information that makes restrict_link_by_key_or_keyring_chain different from restrict_link_by_key_or_keyring to the inline docs comment. Signed-off-by: Andrew Zaborowski <andrew.zaborowski@intel.com> Acked-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
40d32b59 · Andrew Zaborowski · Jarkko Sakkinen · 724eaba4 · 40d32b59
Commit 40d32b59 authored Jan 04, 2021 by Andrew Zaborowski Committed by Jarkko Sakkinen Feb 16, 2021
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 3 deletions

crypto/asymmetric_keys/restrict.c crypto/asymmetric_keys/restrict.c +4 -3

No files found.
--- a/crypto/asymmetric_keys/restrict.c
+++ b/crypto/asymmetric_keys/restrict.c
@@ -244,9 +244,10 @@ int restrict_link_by_key_or_keyring(struct key *dest_keyring,
 * @payload: The payload of the new key.
 * @trusted: A key or ring of keys that can be used to vouch for the new cert.
 *
- * Check the new certificate only against the key or keys passed in the data
- * parameter. If one of those is the signing key and validates the new
- * certificate, then mark the new certificate as being ok to link.
+ * Check the new certificate against the key or keys passed in the data
+ * parameter and against the keys already linked to the destination keyring. If
+ * one of those is the signing key and validates the new certificate, then mark
+ * the new certificate as being ok to link.
 *
 * Returns 0 if the new certificate was accepted, -ENOKEY if we
 * couldn't find a matching parent certificate in the trusted list,