security: Fix invalid rcu assumptions in comments

1) held spinlocks are not equivalent to rcu_read_lock

2) access to current_cred() is safe as only current can modify its
   own credentials.

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: James Morris <jmorris@namei.org>
Cc: linux-security-module@vger.kernel.org

2 files changed, 1 insertions, 4 deletions

diff --git a/security/keys/permission.c b/security/keys/permission.c
index 0ed802c9e698..5d16a1891031 100644
--- a/security/keys/permission.c
+++ b/security/keys/permission.c
@@ -23,8 +23,7 @@
  * Check to see whether permission is granted to use a key in the desired way,
  * but permit the security modules to override.
  *
- * The caller must hold either a ref on cred or must hold the RCU readlock or a
- * spinlock.
+ * The caller must hold either a ref on cred or must hold the RCU readlock.
  */
 int key_task_permission(const key_ref_t key_ref, const struct cred *cred,
 			key_perm_t perm)
diff --git a/security/keys/proc.c b/security/keys/proc.c
index 769f9bdfd2b3..5007ca424fde 100644
--- a/security/keys/proc.c
+++ b/security/keys/proc.c
@@ -159,8 +159,6 @@ static int proc_keys_show(struct seq_file *m, void *v)
 
 	/* check whether the current task is allowed to view the key (assuming
 	 * non-possession)
-	 * - the caller holds a spinlock, and thus the RCU read lock, making our
-	 *   access to __current_cred() safe
 	 */
 	rc = key_task_permission(make_key_ref(key, 0), current_cred(),
 				 KEY_VIEW);