[PATCH 07/12] nvme: Implement In-Band authentication
Sagi Grimberg
sagi at grimberg.me
Sun Sep 26 15:04:45 PDT 2021
> +/* Assumes that the controller is in state RESETTING */
> +static void nvme_dhchap_auth_work(struct work_struct *work)
> +{
> + struct nvme_ctrl *ctrl =
> + container_of(work, struct nvme_ctrl, dhchap_auth_work);
> + int ret, q;
> +
> + nvme_stop_queues(ctrl);
blk_mq_quiesce_queue(ctrl->admin_q);
> + /* Authenticate admin queue first */
> + ret = nvme_auth_negotiate(ctrl, NVME_QID_ANY);
> + if (ret) {
> + dev_warn(ctrl->device,
> + "qid 0: error %d setting up authentication\n", ret);
> + goto out;
> + }
> + ret = nvme_auth_wait(ctrl, NVME_QID_ANY);
> + if (ret) {
> + dev_warn(ctrl->device,
> + "qid 0: authentication failed\n");
> + goto out;
> + }
> + dev_info(ctrl->device, "qid 0: authenticated\n");
> +
> + for (q = 1; q < ctrl->queue_count; q++) {
> + ret = nvme_auth_negotiate(ctrl, q);
> + if (ret) {
> + dev_warn(ctrl->device,
> + "qid %d: error %d setting up authentication\n",
> + q, ret);
> + goto out;
> + }
> + }
> +out:
> + /*
> + * Failure is a soft-state; credentials remain valid until
> + * the controller terminates the connection.
> + */
> + if (nvme_change_ctrl_state(ctrl, NVME_CTRL_LIVE))
> + nvme_start_queues(ctrl);
blk_mq_unquiesce_queue(ctrl->admin_q);
> +}
More information about the Linux-nvme
mailing list