[PATCH 06/11] nvme: Implement In-Band authentication

Wed Jun 22 10:43:27 PDT 2022

> @@ -552,6 +586,8 @@ static const match_table_t opt_tokens = {
>   	{ NVMF_OPT_TOS,			"tos=%d"		},
>   	{ NVMF_OPT_FAIL_FAST_TMO,	"fast_io_fail_tmo=%d"	},
>   	{ NVMF_OPT_DISCOVERY,		"discovery"		},
> +	{ NVMF_OPT_DHCHAP_SECRET,	"dhchap_secret=%s"	},
> +	{ NVMF_OPT_DHCHAP_CTRL_SECRET,	"dhchap_ctrl_secret=%s"	},
>   	{ NVMF_OPT_ERR,			NULL			}
>   };
>   
> @@ -833,6 +869,34 @@ static int nvmf_parse_options(struct nvmf_ctrl_options *opts,
>   		case NVMF_OPT_DISCOVERY:
>   			opts->discovery_nqn = true;
>   			break;
> +		case NVMF_OPT_DHCHAP_SECRET:
> +			p = match_strdup(args);
> +			if (!p) {
> +				ret = -ENOMEM;
> +				goto out;
> +			}
> +			if (strlen(p) < 11 || strncmp(p, "DHHC-1:", 7)) {
> +				pr_err("Invalid DH-CHAP secret %s\n", p);
> +				ret = -EINVAL;
> +				goto out;
> +			}
> +			kfree(opts->dhchap_secret);
> +			opts->dhchap_secret = p;
> +			break;
> +		case NVMF_OPT_DHCHAP_CTRL_SECRET:
> +			p = match_strdup(args);
> +			if (!p) {
> +				ret = -ENOMEM;
> +				goto out;
> +			}
> +			if (strlen(p) < 11 || strncmp(p, "DHHC-1:", 7)) {
> +				pr_err("Invalid DH-CHAP secret %s\n", p);
> +				ret = -EINVAL;
> +				goto out;
> +			}
> +			kfree(opts->dhchap_ctrl_secret);
> +			opts->dhchap_ctrl_secret = p;
> +			break;
>   		default:
>   			pr_warn("unknown parameter or missing value '%s' in ctrl creation request\n",
>   				p);
> @@ -951,6 +1015,7 @@ void nvmf_free_options(struct nvmf_ctrl_options *opts)
>   	kfree(opts->subsysnqn);
>   	kfree(opts->host_traddr);
>   	kfree(opts->host_iface);
> +	kfree(opts->dhchap_secret);

I think you need to free ctrl_dhchap_secret as well.

I see kmemleak complaits:
--
unreferenced object 0xffff9797b529f140 (size 64):
   comm "nvme", pid 7070, jiffies 4362827766 (age 27851.164s)
   hex dump (first 32 bytes):
     44 48 48 43 2d 31 3a 30 30 3a 6a 63 2f 4d 79 31  DHHC-1:00:jc/My1
     6f 30 71 74 4c 43 57 52 70 2b 73 48 68 41 56 4e  o0qtLCWRp+sHhAVN
   backtrace:
     [<00000000a8aa18e4>] kmemdup_nul+0x22/0x50
     [<000000009798b50f>] nvmf_parse_options+0x208/0x790 [nvme_fabrics]
     [<0000000049fd6c0a>] nvmf_create_ctrl+0x3e/0x230 [nvme_fabrics]
     [<000000000a5ab7b3>] nvmf_dev_write+0x7d/0xe0 [nvme_fabrics]
     [<000000006c0feca3>] vfs_write+0xb5/0x290
     [<00000000868859e4>] ksys_write+0x5f/0xe0
     [<00000000d670ec58>] do_syscall_64+0x3b/0x90
     [<00000000a2feb9a4>] entry_SYSCALL_64_after_hwframe+0x46/0xb0
--