[PATCH 4/8] nvme: parse dhchap keys during option parsing
Hannes Reinecke
hare at suse.de
Mon Apr 6 23:20:55 PDT 2026
On 4/1/26 20:43, Chris Leech wrote:
> On Tue, Mar 17, 2026 at 02:00:59PM +0100, Hannes Reinecke wrote:
>> We really should parse the dhchap keys during option parsing to avoid
>> having to pass around the plain dhchap secret. During options parsing
>> we will create a 'dhchap' key with a random UUID as description, and
>> store the key serial in the 'opts' structure.
>> This simplifies key handling as on every access the key needs to be
>> looked up and checked for validity before accessing the key data.
>>
>> Signed-off-by: Hannes Reinecke <hare at kernel.org>
>> ---
>> drivers/nvme/host/auth.c | 118 +++++++++++++++--------
>> drivers/nvme/host/fabrics.c | 82 +++++++++++-----
>> drivers/nvme/host/fabrics.h | 8 +-
>> drivers/nvme/host/sysfs.c | 185 ++++++++++++++++++++++++++----------
>> 4 files changed, 275 insertions(+), 118 deletions(-)
>>
> ...
>> @@ -1290,8 +1314,18 @@ void nvmf_free_options(struct nvmf_ctrl_options *opts)
>> kfree(opts->subsysnqn);
>> kfree(opts->host_traddr);
>> kfree(opts->host_iface);
>> - kfree(opts->dhchap_secret);
>> - kfree(opts->dhchap_ctrl_secret);
>> + if (opts->dhchap_key) {
>> + pr_debug("revoke dhchap host key %08x\n",
>> + key_serial(opts->dhchap_key));
>> + key_revoke(opts->dhchap_key);
>> + key_put(opts->dhchap_key);
>> + }
>> + if (opts->dhchap_ctrl_key) {
>> + pr_debug("revoke dhchap ctrl key %08x\n",
>> + key_serial(opts->dhchap_ctrl_key));
>> + key_revoke(opts->dhchap_key);
>
> This is revoking the wrong key, it should be dhchap_ctrl_key.
>
Indeed. Will fix it up.
Cheers,
Hannes
--
Dr. Hannes Reinecke Kernel Storage Architect
hare at suse.de +49 911 74053 688
SUSE Software Solutions GmbH, Frankenstr. 146, 90461 Nürnberg
HRB 36809 (AG Nürnberg), GF: I. Totev, A. McDonald, W. Knoblich
More information about the Linux-nvme
mailing list