[PATCH 10/17] nvme-fabrics: parse options 'keyring' and 'tls_key'
Sagi Grimberg
sagi at grimberg.me
Sun Aug 13 06:53:40 PDT 2023
> @@ -928,6 +933,46 @@ static int nvmf_parse_options(struct nvmf_ctrl_options *opts,
> }
> opts->tos = token;
> break;
> + case NVMF_OPT_KEYRING:
> + if (!IS_ENABLED(CONFIG_NVME_TCP_TLS)) {
> + pr_err("TLS is not supported\n");
> + ret = -EINVAL;
> + goto out;
> + }
> + if (match_int(args, &key_id) || key_id <= 0) {
> + ret = -EINVAL;
> + goto out;
> + }
> + key = key_lookup(key_id);
> + if (IS_ERR(key)) {
> + pr_err("Keyring %08x not found\n", key_id);
> + ret = PTR_ERR(key);
> + goto out;
> + }
> + pr_debug("Using keyring %08x\n", key_serial(key));
> + key_put(opts->keyring);
> + opts->keyring = key;
> + break;
> + case NVMF_OPT_TLS_KEY:
> + if (!IS_ENABLED(CONFIG_NVME_TCP_TLS)) {
> + pr_err("TLS is not supported\n");
> + ret = -EINVAL;
> + goto out;
> + }
> + if (match_int(args, &key_id) || key_id <= 0) {
> + ret = -EINVAL;
> + goto out;
> + }
> + key = key_lookup(key_id);
> + if (IS_ERR(key)) {
> + pr_err("Key %08x not found\n", key_id);
> + ret = PTR_ERR(key);
> + goto out;
> + }
> + pr_debug("Using key %08x\n", key_serial(key));
> + key_put(opts->tls_key);
> + opts->tls_key = key;
> + break;
Didn't we agree that we will share the code and simply return the key?
Maybe I missed further discussion on this?
More information about the Linux-nvme
mailing list