[PATCH 06/11] nvme: Implement In-Band authentication

Hannes Reinecke hare at suse.de
Sun Jun 19 23:50:26 PDT 2022 

On 6/13/22 20:12, Christoph Hellwig wrote:
> On Wed, Jun 08, 2022 at 04:45:13PM +0200, Hannes Reinecke wrote:
>> Implement NVMe-oF In-Band authentication according to NVMe TPAR 8006.
>> This patch adds two new fabric options 'dhchap_secret' to specify the
>> pre-shared key (in ASCII respresentation according to NVMe 2.0 section
>> 8.13.5.8 'Secret representation') and 'dhchap_ctrl_secret' to specify
>> the pre-shared controller key for bi-directional authentication of both
>> the host and the controller.
>> Re-authentication can be triggered by writing the PSK into the new
>> controller sysfs attribute 'dhchap_secret' or 'dhchap_ctrl_secret'.
> 
> The Kconfig doesn't apply due to the new nvme-apple driver.
> 
> Also when I fix it up manually Kconfig and sparse are both not
> happy:
> 
> WARNING: unmet direct dependencies detected for CRYPTO_DH_RFC7919_GROUPS
>    Depends on [n]: CRYPTO [=y] && CRYPTO_DH [=n]
>    Selected by [y]:
>    - NVME_AUTH [=y] && NVME_CORE [=y]
> 
> i.e. when you select something you also need to select its dependencies
> 
> sparse also isn't exactly happy with the series:
> 
> rivers/nvme/host/core.c:3667:1: warning: symbol 'dev_attr_dhchap_secret' was not declared. Should it be static?
> drivers/nvme/host/core.c:3717:1: warning: symbol 'dev_attr_dhchap_ctrl_secret' was not declared. Should it be static?
> 
> drivers/nvme/target/fabrics-cmd-auth.c:33:30: warning: invalid assignment: |=
> drivers/nvme/target/fabrics-cmd-auth.c:33:30:    left side has type restricted __le32
> drivers/nvme/target/fabrics-cmd-auth.c:33:30:    right side has type int
> drivers/nvme/target/fabrics-cmd-auth.c:118:22: warning: cast to restricted __le32
> drivers/nvme/target/fabrics-cmd-auth.c:118:22: warning: cast from restricted __le16
> drivers/nvme/target/fabrics-cmd-auth.c:389:30: warning: incorrect type in assignment (different base types)
> drivers/nvme/target/fabrics-cmd-auth.c:389:30:    expected restricted __le16 [usertype] dhvlen
> drivers/nvme/target/fabrics-cmd-auth.c:389:30:    got restricted __le32 [usertype]

Right. Will be fixing it up.

Cheers,

Hannes
-- 
Dr. Hannes Reinecke                Kernel Storage Architect
hare at suse.de                              +49 911 74053 688
SUSE Software Solutions GmbH, Maxfeldstr. 5, 90409 Nürnberg
HRB 36809 (AG Nürnberg), Geschäftsführer: Ivo Totev, Andrew
Myers, Andrew McDonald, Martje Boudien Moerman

More information about the Linux-nvme mailing list