[PATCH] nvme/tcp: handle rejected keys for secure concatnation

Damien Le Moal dlemoal at kernel.org
Mon May 11 16:12:08 PDT 2026 

On 5/11/26 09:54, Wilfred Mallawa wrote:
> From: Wilfred Mallawa <wilfred.mallawa at wdc.com>
> 

In the title: s/concatnation/concatenation

> The NVMe-TCP specification [1] states that if the PSK retained or
> generated is not available on the subsystem, the TLS 1.3 handshake shall
> be aborted with an unknown_psk_identity alert and the connection be
> closed.
> 
> Currently, when an unknown_psk_identity alert is sent from an endpoint,
> tlshd returns EACCES as the TLS error. On subsequent reconnection
> attempts, we fail with the same error because we keep attempting to
> connect with a stale key. This may occur if the endpoint experienced a
> full reset and lost its PSK.
> 
> With support in tlshd to return -EKEYREJECTED when an unknown_psk_identity
> alert is received, the kernel can now detect this condition and revoke the
> current tls_key. This allows the subsequent reconnect to perform
> re-authentication via DHCHAP to generate a fresh PSK.
> 
> [1] https://nvmexpress.org/wp-content/uploads/NVM-Express-TCP-Transport-Specification-Revision-1.1-2024.08.05-Ratified.pdf
> 
> Signed-off-by: Wilfred Mallawa <wilfred.mallawa at wdc.com>
> ---
>  drivers/nvme/host/tcp.c | 11 +++++++++++
>  1 file changed, 11 insertions(+)
> 
> diff --git a/drivers/nvme/host/tcp.c b/drivers/nvme/host/tcp.c
> index 15d36d6a728e..eff68eb7a5fe 100644
> --- a/drivers/nvme/host/tcp.c
> +++ b/drivers/nvme/host/tcp.c
> @@ -1767,6 +1767,17 @@ static int nvme_tcp_start_tls(struct nvme_ctrl *nctrl,
>  			dev_err(nctrl->device,
>  				"queue %d: TLS handshake complete, error %d\n",
>  				qid, queue->tls_err);
> +
> +			/*
> +			 * Key maybe stale, revoke it such that on a subsequent

			 * If the key is stale, revoke it...

> +			 * reconnect, we will generate a new PSK.
> +			 */
> +			if (queue->tls_err == EKEYREJECTED && qid == 0 &&
> +			    nctrl->opts->concat && nctrl->opts->tls_key) {
> +				nvme_auth_revoke_tls_key(nctrl);
> +				dev_warn(nctrl->device,
> +					 "qid 0: revoking stale key\n");
> +			}
>  		} else {
>  			dev_dbg(nctrl->device,
>  				"queue %d: TLS handshake complete\n", qid);


-- 
Damien Le Moal
Western Digital Research

More information about the Linux-nvme mailing list