[PATCHv13 0/9] nvme: In-band authentication support

[Chaitanya Kulkarni]

On 5/27/22 01:04, Hannes Reinecke wrote:
> Hi all,
> 
> recent updates to the NVMe spec have added definitions for in-band
> authentication, and seeing that it provides some real benefit
> especially for NVMe-TCP here's an attempt to implement it.
> 
> Thanks to Nicolai Stange the crypto DH framework has been upgraded
> to provide us with a FFDHE implementation; I've updated the patchset
> to use the ephemeral key generation provided there.
> 
> Note that this is just for in-band authentication. Secure
> concatenation (ie starting TLS with the negotiated parameters)
> requires a TLS handshake, which the in-kernel TLS implementation
> does not provide. This is being worked on with a different patchset
> which is still WIP.
> 
> The nvme-cli support has already been merged; please use the latest
> nvme-cli git repository to build the most recent version.
> 
> A copy of this patchset can be found at
> git://git.kernel.org/pub/scm/linux/kernel/git/hare/scsi-devel
> branch auth.v13
> 
> The patchset is being cut against v5.18.
> 

After compiling the code I tried to disconnect the subsystem
which doesn't exists "nvme disconnect -n testnqn" :-

# nvme --version
nvme version 2.0 (git 2.0-96-g0b286b1)
libnvme version 1.0 (git 1.0-62-gaacaeea)


<1>[  195.267678] BUG: kernel NULL pointer dereference, address: 
0000000000000068
<1>[  195.269867] #PF: supervisor read access in kernel mode
<1>[  195.271369] #PF: error_code(0x0000) - not-present page
<6>[  195.272865] PGD 10387c067 P4D 10387c067 PUD 103a8b067 PMD 0
<4>[  195.274522] Oops: 0000 [#1] PREEMPT SMP NOPTI
<4>[  195.275795] CPU: 38 PID: 2376 Comm: nvme Not tainted 
5.18.0-rc3nvme+ #79
<4>[  195.278258] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), 
BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
<4>[  195.281560] RIP: 0010:nvme_ctrl_dhchap_ctrl_secret_show+0x16/0x40 
[nvme_core]

<4>[  195.289027] RSP: 0018:ffffc900054d7db8 EFLAGS: 00010282
<4>[  195.290545] RAX: 0000000000000000 RBX: ffffffffc015f1e0 RCX: 
0000000000000000
<4>[  195.293140] RDX: ffff888178d01000 RSI: ffffffffc015f1e0 RDI: 
ffff888178d01000
<4>[  195.295208] RBP: ffffffff822f7380 R08: ffff888103d782b8 R09: 
ffff8881036918b0
<4>[  195.297272] R10: 0000000000020000 R11: 0000000000000000 R12: 
ffffc900054d7e80
<4>[  195.299335] R13: ffffc900054d7e58 R14: ffff888104de1d48 R15: 
0000000000000001
<4>[  195.301401] FS:  00007f8fdba6dbc0(0000) GS:ffff888fffb80000(0000) 
knlGS:0000000000000000
<4>[  195.303729] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
<4>[  195.305396] CR2: 0000000000000068 CR3: 000000010e286000 CR4: 
0000000000350ee0
<4>[  195.307455] Call Trace:
<4>[  195.308693]  <TASK>
<4>[  195.309324]  dev_attr_show+0x19/0x40
<4>[  195.310389]  sysfs_kf_seq_show+0xa8/0xe0
<4>[  195.311534]  seq_read_iter+0x11c/0x4b0
<4>[  195.312631]  new_sync_read+0x106/0x180
<4>[  195.313726]  vfs_read+0x138/0x190
<4>[  195.314697]  ksys_read+0x5f/0xe0
<4>[  195.315645]  do_syscall_64+0x3b/0x90
<4>[  195.316694]  entry_SYSCALL_64_after_hwframe+0x44/0xae
<4>[  195.318162] RIP: 0033:0x7f8fdbe71702

<4>[  195.324685] RSP: 002b:00007ffc70f31bd8 EFLAGS: 00000246 ORIG_RAX: 
0000000000000000
<4>[  195.326406] RAX: ffffffffffffffda RBX: 0000000000d10970 RCX: 
00007f8fdbe71702
<4>[  195.327864] RDX: 0000000000000fff RSI: 00007ffc70f31be0 RDI: 
0000000000000003
<4>[  195.329503] RBP: 00007ffc70f31be0 R08: 0000000000d10830 R09: 
00007f8fdbf074e0
<4>[  195.331139] R10: 0000000000000000 R11: 0000000000000246 R12: 
0000000000000003
<4>[  195.332770] R13: 00007f8fdba6daf0 R14: 0000000000d185a3 R15: 
0000000000d104c0
<4>[  195.334404]  </TASK>

[38]kdb> bt
Stack traceback for pid 2376
0xffff8881249c0000     2376     2157  1   38   R  0xffff8881249c23c0 *nvme
CPU: 38 PID: 2376 Comm: nvme Not tainted 5.18.0-rc3nvme+ #79
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 
rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
Call Trace:
  <TASK>
  dump_stack_lvl+0x45/0x5a
  kdb_show_stack+0x75/0x80
  kdb_bt1+0xb7/0x130
  kdb_bt+0x343/0x3b0
  kdb_parse+0x2b7/0x6f0
  kdb_main_loop+0x47e/0x8f0
  kdb_stub+0x224/0x400
  kgdb_cpu_enter+0x32d/0x5c0
  kgdb_handle_exception+0xb6/0x100
  __kgdb_notify+0x30/0x80
  kgdb_notify+0x1d/0x30
  notify_die+0x6f/0xb0
  __die_body+0x7d/0x90
  page_fault_oops+0xae/0x270
  ? kernfs_fop_open+0x2a9/0x3c0
  ? do_user_addr_fault+0x65/0x690
  exc_page_fault+0x71/0x170
  asm_exc_page_fault+0x1e/0x30
RIP: 0010:nvme_ctrl_dhchap_ctrl_secret_show+0x16/0x40 [nvme_core]
Code: c6 78 61 15 c0 e8 5a ed 2e c1 48 98 c3 0f 1f 80 00 00 00 00 0f 1f 
44 00 00 49 89 f8 48 89 d7 49 8b 40 78 48 8b 80 98 0b 00 00 <48> 8b 50 
68 48 85 d2 74 0f 48 c7 c6 46 60 15 c0 e8 25 ed 2e c1 48
RSP: 0018:ffffc900054d7db8 EFLAGS: 00010282
RAX: 0000000000000000 RBX: ffffffffc015f1e0 RCX: 0000000000000000
RDX: ffff888178d01000 RSI: ffffffffc015f1e0 RDI: ffff888178d01000
RBP: ffffffff822f7380 R08: ffff888103d782b8 R09: ffff8881036918b0
R10: 0000000000020000 R11: 0000000000000000 R12: ffffc900054d7e80
R13: ffffc900054d7e58 R14: ffff888104de1d48 R15: 0000000000000001
  ? nvme_subsys_show_type+0x50/0x50 [nvme_core]
  dev_attr_show+0x19/0x40
  sysfs_kf_seq_show+0xa8/0xe0
  seq_read_iter+0x11c/0x4b0
  new_sync_read+0x106/0x180
  vfs_read+0x138/0x190
  ksys_read+0x5f/0xe0
  do_syscall_64+0x3b/0x90
  entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f8fdbe71702
Code: c0 e9 b2 fe ff ff 50 48 8d 3d ca 2a 0a 00 e8 b5 e8 01 00 0f 1f 44 
00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 <48> 3d 00 
f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 ec 28 48 89 54 24
RSP: 002b:00007ffc70f31bd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
RAX: ffffffffffffffda RBX: 0000000000d10970 RCX: 00007f8fdbe71702
RDX: 0000000000000fff RSI: 00007ffc70f31be0 RDI: 0000000000000003
RBP: 00007ffc70f31be0 R08: 0000000000d10830 R09: 00007f8fdbf074e0
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
R13: 00007f8fdba6daf0 R14: 0000000000d185a3 R15: 0000000000d104c0
  </TASK>