To improve clarity, rename get_builtin_and_secondary_restriction to
get_secondary_restriction.
Suggested-by: Mimi Zohar <[email protected]>
Signed-off-by: Eric Snowberg <[email protected]>
---
v6: Initial version
v7: Unmodified from v7
---
certs/system_keyring.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/certs/system_keyring.c b/certs/system_keyring.c
index 692365dee2bd..8f1f87579819 100644
--- a/certs/system_keyring.c
+++ b/certs/system_keyring.c
@@ -77,7 +77,7 @@ int restrict_link_by_builtin_and_secondary_trusted(
* Allocate a struct key_restriction for the "builtin and secondary trust"
* keyring. Only for use in system_trusted_keyring_init().
*/
-static __init struct key_restriction *get_builtin_and_secondary_restriction(void)
+static __init struct key_restriction *get_secondary_restriction(void)
{
struct key_restriction *restriction;
@@ -117,7 +117,7 @@ static __init int system_trusted_keyring_init(void)
KEY_USR_VIEW | KEY_USR_READ | KEY_USR_SEARCH |
KEY_USR_WRITE),
KEY_ALLOC_NOT_IN_QUOTA,
- get_builtin_and_secondary_restriction(),
+ get_secondary_restriction(),
NULL);
if (IS_ERR(secondary_trusted_keys))
panic("Can't allocate secondary trusted keyring\n");
--
2.18.4
Hi Eric,
On Mon, 2021-11-15 at 19:15 -0500, Eric Snowberg wrote:
> To improve clarity, rename get_builtin_and_secondary_restriction to
> get_secondary_restriction.
The existing name clarity is fine. Perhaps instead prefix the above
sentence with "In preparation for returning either the existing
restrict_link_by_builtin_and_secondary_trusted or the new restriction
that includes the trusted builtin, secondary and machine keys, ..."
>
> Suggested-by: Mimi Zohar <[email protected]>
> Signed-off-by: Eric Snowberg <[email protected]>
Otherwise,
Reviewed-by: Mimi Zohar <[email protected]>