Message ID | 20221207171238.2945307-3-eric.snowberg@oracle.com (mailing list archive) |
---|---|
State | Handled Elsewhere |
Headers | show |
Series | Add CA enforcement keyring restrictions | expand |
Hi Eric, > Compiling with 'W=1' results in warnings that 'Function parameter or member > not described' > Add the missing parameters for > restrict_link_by_builtin_and_secondary_trusted and > restrict_link_to_builtin_trusted. > Use /* instead of /** for get_builtin_and_secondary_restriction, since > it is a static function. > Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com> > --- > certs/system_keyring.c | 12 ++++++++++-- > 1 file changed, 10 insertions(+), 2 deletions(-) > diff --git a/certs/system_keyring.c b/certs/system_keyring.c > index 5042cc54fa5e..250148298690 100644 > --- a/certs/system_keyring.c > +++ b/certs/system_keyring.c > @@ -33,7 +33,11 @@ extern __initconst const unsigned long system_certificate_list_size; > extern __initconst const unsigned long module_cert_size; > /** > - * restrict_link_to_builtin_trusted - Restrict keyring addition by built in CA > + * restrict_link_by_builtin_trusted - Restrict keyring addition by built in CA Hm, wrong function name restrict_link_to_builtin_trusted brought by: d3bfe84129f6 ("certs: Add a secondary system keyring that can be added to dynamically") > + * @dest_keyring: Keyring being linked to. > + * @type: The type of key being added. > + * @payload: The payload of the new key. > + * @restriction_key: A ring of keys that can be used to vouch for the new cert. > * > * Restrict the addition of keys into a keyring based on the key-to-be-added > * being vouched for by a key in the built in system keyring. > @@ -51,6 +55,10 @@ int restrict_link_by_builtin_trusted(struct key *dest_keyring, > /** > * restrict_link_by_builtin_and_secondary_trusted - Restrict keyring > * addition by both builtin and secondary keyrings nit: missing dot at the end of the sentence (maybe can be fixed before merge). Obviously correct. Reviewed-by: Petr Vorel <pvorel@suse.cz> Kind regards, Petr > + * @dest_keyring: Keyring being linked to. > + * @type: The type of key being added. > + * @payload: The payload of the new key. > + * @restrict_key: A ring of keys that can be used to vouch for the new cert. > * > * Restrict the addition of keys into a keyring based on the key-to-be-added > * being vouched for by a key in either the built-in or the secondary system > @@ -75,7 +83,7 @@ int restrict_link_by_builtin_and_secondary_trusted( > secondary_trusted_keys); > } > -/** > +/* > * Allocate a struct key_restriction for the "builtin and secondary trust" > * keyring. Only for use in system_trusted_keyring_init(). > */
diff --git a/certs/system_keyring.c b/certs/system_keyring.c index 5042cc54fa5e..250148298690 100644 --- a/certs/system_keyring.c +++ b/certs/system_keyring.c @@ -33,7 +33,11 @@ extern __initconst const unsigned long system_certificate_list_size; extern __initconst const unsigned long module_cert_size; /** - * restrict_link_to_builtin_trusted - Restrict keyring addition by built in CA + * restrict_link_by_builtin_trusted - Restrict keyring addition by built in CA + * @dest_keyring: Keyring being linked to. + * @type: The type of key being added. + * @payload: The payload of the new key. + * @restriction_key: A ring of keys that can be used to vouch for the new cert. * * Restrict the addition of keys into a keyring based on the key-to-be-added * being vouched for by a key in the built in system keyring. @@ -51,6 +55,10 @@ int restrict_link_by_builtin_trusted(struct key *dest_keyring, /** * restrict_link_by_builtin_and_secondary_trusted - Restrict keyring * addition by both builtin and secondary keyrings + * @dest_keyring: Keyring being linked to. + * @type: The type of key being added. + * @payload: The payload of the new key. + * @restrict_key: A ring of keys that can be used to vouch for the new cert. * * Restrict the addition of keys into a keyring based on the key-to-be-added * being vouched for by a key in either the built-in or the secondary system @@ -75,7 +83,7 @@ int restrict_link_by_builtin_and_secondary_trusted( secondary_trusted_keys); } -/** +/* * Allocate a struct key_restriction for the "builtin and secondary trust" * keyring. Only for use in system_trusted_keyring_init(). */
Compiling with 'W=1' results in warnings that 'Function parameter or member not described' Add the missing parameters for restrict_link_by_builtin_and_secondary_trusted and restrict_link_to_builtin_trusted. Use /* instead of /** for get_builtin_and_secondary_restriction, since it is a static function. Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com> --- certs/system_keyring.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-)