@@ -207,10 +207,11 @@ static int allocate_filesystem_keyring(struct super_block *sb)
207207 * Release all encryption keys that have been added to the filesystem, along
208208 * with the keyring that contains them.
209209 *
210- * This is called at unmount time. The filesystem's underlying block device(s)
211- * are still available at this time; this is important because after user file
212- * accesses have been allowed, this function may need to evict keys from the
213- * keyslots of an inline crypto engine, which requires the block device(s).
210+ * This is called at unmount time, after all potentially-encrypted inodes have
211+ * been evicted. The filesystem's underlying block device(s) are still
212+ * available at this time; this is important because after user file accesses
213+ * have been allowed, this function may need to evict keys from the keyslots of
214+ * an inline crypto engine, which requires the block device(s).
214215 */
215216void fscrypt_destroy_keyring (struct super_block * sb )
216217{
@@ -227,12 +228,12 @@ void fscrypt_destroy_keyring(struct super_block *sb)
227228
228229 hlist_for_each_entry_safe (mk , tmp , bucket , mk_node ) {
229230 /*
230- * Since all inodes were already evicted, every key
231- * remaining in the keyring should have an empty inode
232- * list, and should only still be in the keyring due to
233- * the single active ref associated with ->mk_secret.
234- * There should be no structural refs beyond the one
235- * associated with the active ref.
231+ * Since all potentially-encrypted inodes were already
232+ * evicted, every key remaining in the keyring should
233+ * have an empty inode list, and should only still be in
234+ * the keyring due to the single active ref associated
235+ * with ->mk_secret. There should be no structural refs
236+ * beyond the one associated with the active ref.
236237 */
237238 WARN_ON (refcount_read (& mk -> mk_active_refs ) != 1 );
238239 WARN_ON (refcount_read (& mk -> mk_struct_refs ) != 1 );
0 commit comments