@@ -207,10 +207,11 @@ static int allocate_filesystem_keyring(struct super_block *sb)
207
207
* Release all encryption keys that have been added to the filesystem, along
208
208
* with the keyring that contains them.
209
209
*
210
- * This is called at unmount time. The filesystem's underlying block device(s)
211
- * are still available at this time; this is important because after user file
212
- * accesses have been allowed, this function may need to evict keys from the
213
- * keyslots of an inline crypto engine, which requires the block device(s).
210
+ * This is called at unmount time, after all potentially-encrypted inodes have
211
+ * been evicted. The filesystem's underlying block device(s) are still
212
+ * available at this time; this is important because after user file accesses
213
+ * have been allowed, this function may need to evict keys from the keyslots of
214
+ * an inline crypto engine, which requires the block device(s).
214
215
*/
215
216
void fscrypt_destroy_keyring (struct super_block * sb )
216
217
{
@@ -227,12 +228,12 @@ void fscrypt_destroy_keyring(struct super_block *sb)
227
228
228
229
hlist_for_each_entry_safe (mk , tmp , bucket , mk_node ) {
229
230
/*
230
- * Since all inodes were already evicted, every key
231
- * remaining in the keyring should have an empty inode
232
- * list, and should only still be in the keyring due to
233
- * the single active ref associated with ->mk_secret.
234
- * There should be no structural refs beyond the one
235
- * associated with the active ref.
231
+ * Since all potentially-encrypted inodes were already
232
+ * evicted, every key remaining in the keyring should
233
+ * have an empty inode list, and should only still be in
234
+ * the keyring due to the single active ref associated
235
+ * with ->mk_secret. There should be no structural refs
236
+ * beyond the one associated with the active ref.
236
237
*/
237
238
WARN_ON (refcount_read (& mk -> mk_active_refs ) != 1 );
238
239
WARN_ON (refcount_read (& mk -> mk_struct_refs ) != 1 );
0 commit comments