[PATCH] nvme-auth: Avoid C=1 warning in nvme_auth_derive_tls_psk()
Eric Biggers
ebiggers at kernel.org
Thu Jun 25 10:59:11 PDT 2026
The following works fine with gcc and clang, but sparse warns about
label_len not being an actual constant expression:
const size_t label_len = sizeof(label) - 1;
...
static_assert(label_len <= 255);
Avoid this by giving label an explicit length and using sizeof(label)
instead of label_len.
Reported-by: John Garry <john.g.garry at oracle.com>
Closes: https://lore.kernel.org/linux-nvme/965a37dd-f698-46b6-9623-1099a13f7e60@oracle.com
Fixes: d126cbaa7d9a ("nvme-auth: common: use crypto library in nvme_auth_derive_tls_psk()")
Signed-off-by: Eric Biggers <ebiggers at kernel.org>
---
drivers/nvme/common/auth.c | 13 ++++++-------
1 file changed, 6 insertions(+), 7 deletions(-)
diff --git a/drivers/nvme/common/auth.c b/drivers/nvme/common/auth.c
index 77f1d22512f8..e2e0c736540a 100644
--- a/drivers/nvme/common/auth.c
+++ b/drivers/nvme/common/auth.c
@@ -690,12 +690,11 @@ EXPORT_SYMBOL_GPL(nvme_auth_generate_digest);
*/
int nvme_auth_derive_tls_psk(int hmac_id, const u8 *psk, size_t psk_len,
const char *psk_digest, u8 **ret_psk)
{
static const u8 default_salt[NVME_AUTH_MAX_DIGEST_SIZE];
- static const char label[] = "tls13 nvme-tls-psk";
- const size_t label_len = sizeof(label) - 1;
+ static const char label[18] = "tls13 nvme-tls-psk";
u8 prk[NVME_AUTH_MAX_DIGEST_SIZE];
size_t hash_len, ctx_len;
u8 *hmac_data = NULL, *tls_key;
size_t i;
int ret;
@@ -727,11 +726,11 @@ int nvme_auth_derive_tls_psk(int hmac_id, const u8 *psk, size_t psk_len,
* HKDF-Expand-Label (RFC 8446 section 7.1), with output length equal to
* the hash length (so only a single HMAC operation is needed)
*/
hmac_data = kmalloc(/* output length */ 2 +
- /* label */ 1 + label_len +
+ /* label */ 1 + sizeof(label) +
/* context (max) */ 1 + 3 + 1 + strlen(psk_digest) +
/* counter */ 1,
GFP_KERNEL);
if (!hmac_data) {
ret = -ENOMEM;
@@ -741,14 +740,14 @@ int nvme_auth_derive_tls_psk(int hmac_id, const u8 *psk, size_t psk_len,
i = 0;
hmac_data[i++] = hash_len >> 8;
hmac_data[i++] = hash_len;
/* label */
- static_assert(label_len <= 255);
- hmac_data[i] = label_len;
- memcpy(&hmac_data[i + 1], label, label_len);
- i += 1 + label_len;
+ static_assert(sizeof(label) <= 255);
+ hmac_data[i] = sizeof(label);
+ memcpy(&hmac_data[i + 1], label, sizeof(label));
+ i += 1 + sizeof(label);
/* context */
ctx_len = sprintf(&hmac_data[i + 1], "%02d %s", hmac_id, psk_digest);
if (ctx_len > 255) {
ret = -EINVAL;
base-commit: a142da0b2d32b68a6d1b183343bbe43de8c222f9
--
2.54.0
More information about the Linux-nvme
mailing list