1 files changed, 17 insertions, 16 deletions
diff --git a/security/keys/permission.c b/security/keys/permission.c
index 28645502cd0d..c35b5229e3cd 100644
--- a/security/keys/permission.c
+++ b/security/keys/permission.c
@@ -1,4 +1,4 @@
-/* permission.c: key permission determination
+/* Key permission checking
 *
 * Copyright (C) 2005 Red Hat, Inc. All Rights Reserved.
 * Written by David Howells (dhowells@redhat.com)
@@ -13,18 +13,19 @@
 #include <linux/security.h>
 #include "internal.h"
-/*****************************************************************************/
 /**
 * key_task_permission - Check a key can be used
- * @key_ref: The key to check
+ * @key_ref: The key to check.
- * @cred: The credentials to use
+ * @cred: The credentials to use.
- * @perm: The permissions to check for
+ * @perm: The permissions to check for.
 *
 * Check to see whether permission is granted to use a key in the desired way,
 * but permit the security modules to override.
 *
- * The caller must hold either a ref on cred or must hold the RCU readlock or a
+ * The caller must hold either a ref on cred or must hold the RCU readlock.
- * spinlock.
+ *
+ * Returns 0 if successful, -EACCES if access is denied based on the
+ * permissions bits or the LSM check.
 */
 int key_task_permission(const key_ref_t key_ref, const struct cred *cred,
                        key_perm_t perm)
@@ -79,14 +80,16 @@ use_these_perms:
        /* let LSM be the final arbiter */
        return security_key_permission(key_ref, cred, perm);
+}
-} /* end key_task_permission() */
 EXPORT_SYMBOL(key_task_permission);
-/*****************************************************************************/
+/**
-/*
+ * key_validate - Validate a key.
- * validate a key
+ * @key: The key to be validated.
+ *
+ * Check that a key is valid, returning 0 if the key is okay, -EKEYREVOKED if
+ * the key's type has been removed or if the key has been revoked or
+ * -EKEYEXPIRED if the key has expired.
 */
 int key_validate(struct key *key)
 {
@@ -111,7 +114,5 @@ int key_validate(struct key *key)
 error:
        return ret;
+}
-} /* end key_validate() */
 EXPORT_SYMBOL(key_validate);

diff --git a/security/keys/permission.c b/security/keys/permission.c index 28645502cd0d..c35b5229e3cd 100644 --- a/security/keys/permission.c +++ b/security/keys/permission.c
@@ -1,4 +1,4 @@
1	/* permission.c: key permission determination	1	/* Key permission checking
2	*	2	*
3	* Copyright (C) 2005 Red Hat, Inc. All Rights Reserved.	3	* Copyright (C) 2005 Red Hat, Inc. All Rights Reserved.
4	* Written by David Howells (dhowells@redhat.com)	4	* Written by David Howells (dhowells@redhat.com)
@@ -13,18 +13,19 @@
13	#include <linux/security.h>	13	#include <linux/security.h>
14	#include "internal.h"	14	#include "internal.h"
15		15
16	/*****************************************************************************/
17	/**	16	/**
18	* key_task_permission - Check a key can be used	17	* key_task_permission - Check a key can be used
19	* @key_ref: The key to check	18	* @key_ref: The key to check.
20	* @cred: The credentials to use	19	* @cred: The credentials to use.
21	* @perm: The permissions to check for	20	* @perm: The permissions to check for.
22	*	21	*
23	* Check to see whether permission is granted to use a key in the desired way,	22	* Check to see whether permission is granted to use a key in the desired way,
24	* but permit the security modules to override.	23	* but permit the security modules to override.
25	*	24	*
26	* The caller must hold either a ref on cred or must hold the RCU readlock or a	25	* The caller must hold either a ref on cred or must hold the RCU readlock.
27	* spinlock.	26	*
		27	* Returns 0 if successful, -EACCES if access is denied based on the
		28	* permissions bits or the LSM check.
28	*/	29	*/
29	int key_task_permission(const key_ref_t key_ref, const struct cred *cred,	30	int key_task_permission(const key_ref_t key_ref, const struct cred *cred,
30	key_perm_t perm)	31	key_perm_t perm)
@@ -79,14 +80,16 @@ use_these_perms:
79		80
80	/* let LSM be the final arbiter */	81	/* let LSM be the final arbiter */
81	return security_key_permission(key_ref, cred, perm);	82	return security_key_permission(key_ref, cred, perm);
82		83	}
83	} /* end key_task_permission() */
84
85	EXPORT_SYMBOL(key_task_permission);	84	EXPORT_SYMBOL(key_task_permission);
86		85
87	/*****************************************************************************/	86	/**
88	/*	87	* key_validate - Validate a key.
89	* validate a key	88	* @key: The key to be validated.
		89	*
		90	* Check that a key is valid, returning 0 if the key is okay, -EKEYREVOKED if
		91	* the key's type has been removed or if the key has been revoked or
		92	* -EKEYEXPIRED if the key has expired.
90	*/	93	*/
91	int key_validate(struct key *key)	94	int key_validate(struct key *key)
92	{	95	{
@@ -111,7 +114,5 @@ int key_validate(struct key *key)
111		114
112	error:	115	error:
113	return ret;	116	return ret;
114		117	}
115	} /* end key_validate() */
116
117	EXPORT_SYMBOL(key_validate);	118	EXPORT_SYMBOL(key_validate);