Hi Eric, On Mon, 29 Jul 2019 20:47:04 -0700 Eric Biggers wrote: > > On Tue, Jul 30, 2019 at 12:30:42PM +1000, Stephen Rothwell wrote: > > +static struct key_acl fsverity_acl = { > > + .usage = REFCOUNT_INIT(1), > > + .possessor_viewable = true, > > I don't think .possessor_viewable should be set here, since there's no > KEY_POSSESSOR_ACE(KEY_ACE_VIEW) in the ACL. David, this bool is supposed to > mean such an entry is present, right? Is it really necessary, since it's > redundant with the ACL itself? OK, I can take that out of the patch for tomorrow. > Otherwise this looks good, thanks Stephen. I'll want to remove a few of these > permissions in a separate patch later, but for now we can just keep it > equivalent to the original code as you've done. Thanks for the review. > We'll have the same problem in fs/crypto/ in a week or two if/when I apply > another patch series. For that one I'll send you a merge resolution so you > don't have to do it yourself... That will be great, thanks. -- Cheers, Stephen Rothwell