[PATCH 07/12] nvme: Implement In-Band authentication

Sagi Grimberg sagi at grimberg.me
Sun Sep 26 15:04:45 PDT 2021


> +/* Assumes that the controller is in state RESETTING */
> +static void nvme_dhchap_auth_work(struct work_struct *work)
> +{
> +	struct nvme_ctrl *ctrl =
> +		container_of(work, struct nvme_ctrl, dhchap_auth_work);
> +	int ret, q;
> +
> +	nvme_stop_queues(ctrl);

	blk_mq_quiesce_queue(ctrl->admin_q);

> +	/* Authenticate admin queue first */
> +	ret = nvme_auth_negotiate(ctrl, NVME_QID_ANY);
> +	if (ret) {
> +		dev_warn(ctrl->device,
> +			 "qid 0: error %d setting up authentication\n", ret);
> +		goto out;
> +	}
> +	ret = nvme_auth_wait(ctrl, NVME_QID_ANY);
> +	if (ret) {
> +		dev_warn(ctrl->device,
> +			 "qid 0: authentication failed\n");
> +		goto out;
> +	}
> +	dev_info(ctrl->device, "qid 0: authenticated\n");
> +
> +	for (q = 1; q < ctrl->queue_count; q++) {
> +		ret = nvme_auth_negotiate(ctrl, q);
> +		if (ret) {
> +			dev_warn(ctrl->device,
> +				 "qid %d: error %d setting up authentication\n",
> +				 q, ret);
> +			goto out;
> +		}
> +	}
> +out:
> +	/*
> +	 * Failure is a soft-state; credentials remain valid until
> +	 * the controller terminates the connection.
> +	 */
> +	if (nvme_change_ctrl_state(ctrl, NVME_CTRL_LIVE))
> +		nvme_start_queues(ctrl);
		blk_mq_unquiesce_queue(ctrl->admin_q);

> +}



More information about the Linux-nvme mailing list