Commit 0fc24a65 authored by Eric Biggers's avatar Eric Biggers

fscrypt: update comment for do_remove_key()

Adjust a comment that was missed during commit 15baf554
("fscrypt: track master key presence separately from secret").

Link: https://lore.kernel.org/r/20231206002127.14790-1-ebiggers@kernel.orgSigned-off-by: default avatarEric Biggers <ebiggers@google.com>
parent 33318c0e
......@@ -1002,9 +1002,9 @@ static int try_to_lock_encrypted_files(struct super_block *sb,
* FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS (all_users=true) always removes the
* key itself.
*
* To "remove the key itself", first we wipe the actual master key secret, so
* that no more inodes can be unlocked with it. Then we try to evict all cached
* inodes that had been unlocked with the key.
* To "remove the key itself", first we transition the key to the "incompletely
* removed" state, so that no more inodes can be unlocked with it. Then we try
* to evict all cached inodes that had been unlocked with the key.
*
* If all inodes were evicted, then we unlink the fscrypt_master_key from the
* keyring. Otherwise it remains in the keyring in the "incompletely removed"
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment