@@ -112,8 +112,8 @@ struct keyring_search_context {
const struct cred *cred;
struct key_match_data match_data;
unsigned flags;
-#define KEYRING_SEARCH_NO_STATE_CHECK 0x0001 /* Skip state checks */
-#define KEYRING_SEARCH_DO_STATE_CHECK 0x0002 /* Override NO_STATE_CHECK */
+#define KEYRING_SEARCH_NO_STATE_CHECK 0x0001 /* Skip state checks (overrides DO_STATE_CHECK) */
+#define KEYRING_SEARCH_DO_STATE_CHECK 0x0002 /* Request state checks */
#define KEYRING_SEARCH_NO_UPDATE_TIME 0x0004 /* Don't update times */
#define KEYRING_SEARCH_NO_CHECK_PERM 0x0008 /* Don't check permissions */
#define KEYRING_SEARCH_DETECT_TOO_DEEP 0x0010 /* Give an error on excessive depth */
KEYRING_SEARCH_NO_STATE_CHECK overrides KEYRING_SEARCH_DO_STATE_CHECK because it's needed for special operations like keyring cycle detection and possession detection. Fix the header comment to this effect. Signed-off-by: David Howells <dhowells@redhat.com> --- security/keys/internal.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html