[PATCH 10/12] nvmet: Implement basic In-Band Authentication
Sagi Grimberg
sagi at grimberg.me
Mon Nov 22 06:31:13 PST 2021
>>>>> + if (data->auth_type == NVME_AUTH_COMMON_MESSAGES) {
>>>>> + if (data->auth_id == NVME_AUTH_DHCHAP_MESSAGE_NEGOTIATE) {
>>>>> + /* Restart negotiation */
>>>>> + pr_debug("%s: ctrl %d qid %d reset negotiation\n",
>>>>> __func__,
>>>>> + ctrl->cntlid, req->sq->qid);
>>>>> + if (!req->sq->qid) {
>>>>> + status = nvmet_setup_auth(ctrl);
>>>>
>>>> Aren't you leaking memory here?
>>>
>>> I've checked, and I _think_ everything is in order.
>>> Any particular concerns?
>>> ( 'd' is free at 'done_kfree', and we never exit without going through
>>> it AFAICS).
>>> Have I missed something?
>>
>> You are calling nvmet_setup_auth for re-authentication, who is calling
>> nvmet_destroy_auth to free the controller auth stuff?
>>
>> Don't you need something like:
>> --
>> if (!req->sq->qid) {
>> nvmet_destroy_auth(ctrl);
>> status = nvmet_setup_auth(ctrl);
>> ...
>> }
>> --
>
> nvme_setup_auth() should be re-entrant, ie it'll free old and reallocate
> new keys as required. Hence no need to call nvmet_destroy_auth().
> At least that's the plan.
OK, I see.
> Always possible that I messed up things somewhere.
Worth checking with kmemleak but it looks ok to me.
More information about the Linux-nvme
mailing list