[PATCH 01/18] nvme-keyring: register '.nvme' keyring
Hannes Reinecke
hare at suse.de
Tue Mar 21 07:11:20 PDT 2023
On 3/21/23 14:50, Sagi Grimberg wrote:
>
>
> On 3/21/23 14:43, Hannes Reinecke wrote:
>> Register a '.nvme' keyring to hold keys for TLS and DH-HMAC-CHAP.
>> We need a separate keyring as for NVMe the might not be a userspace
>> process attached (eg during reconnect), and so the use of a session
>> keyring or any other process-related keyrings might not be possible.
>
> So the keys will be stored in the ring such that on any reconnect
> userspace will have access to these keys? How does this affect
> dh-hmac-chap keys?
>
Correct.
And it does not affect dh-hmac-chap handling as that implementation
doesn't use keyrings (yet). That's another patchset which is in the works.
Cheers,
Hannes
--
Dr. Hannes Reinecke Kernel Storage Architect
hare at suse.de +49 911 74053 688
SUSE Software Solutions Germany GmbH, Frankenstr. 146, 90461 Nürnberg
Managing Directors: I. Totev, A. Myers, A. McDonald, M. B. Moerman
(HRB 36809, AG Nürnberg)
More information about the Linux-nvme
mailing list