[PATCH 10/11] nvmet-auth: implement support for augmented challenge
Hannes Reinecke
hare at suse.de
Sun Jul 18 05:25:57 PDT 2021
On 7/17/21 6:49 PM, Stephan Müller wrote:
> Am Freitag, 16. Juli 2021, 13:04:27 CEST schrieb Hannes Reinecke:
>
> Hi Hannes,
>
>> Implement support for augmented challenge with FFDHE groups.
>> This patch adds a new configfs attribute 'dhchap_dhgroup' to
>> select the DH group to use.
>>
>> Signed-off-by: Hannes Reinecke <hare at suse.de>
>> ---
>> drivers/nvme/target/auth.c | 241 ++++++++++++++++++++++++-
>> drivers/nvme/target/configfs.c | 31 ++++
>> drivers/nvme/target/fabrics-cmd-auth.c | 14 +-
>> 3 files changed, 281 insertions(+), 5 deletions(-)
>>
>> diff --git a/drivers/nvme/target/auth.c b/drivers/nvme/target/auth.c
>> index 00c7d051dfb1..cc7f12a7c8bf 100644
>> --- a/drivers/nvme/target/auth.c
>> +++ b/drivers/nvme/target/auth.c
>> @@ -58,11 +58,56 @@ int nvmet_auth_set_host_key(struct nvmet_host *host,
>> const char *secret)
>>
>> int nvmet_setup_dhgroup(struct nvmet_ctrl *ctrl, int dhgroup_id)
>> {
>> + struct nvmet_host_link *p;
>> + struct nvmet_host *host = NULL;
>> + const char *dhgroup_kpp;
>> int ret = -ENOTSUPP;
>>
>> if (dhgroup_id == NVME_AUTH_DHCHAP_DHGROUP_NULL)
>> return 0;
>>
>> + down_read(&nvmet_config_sem);
>> + if (ctrl->subsys->type == NVME_NQN_DISC)
>> + goto out_unlock;
>> +
>> + list_for_each_entry(p, &ctrl->subsys->hosts, entry) {
>> + if (strcmp(nvmet_host_name(p->host), ctrl->hostnqn))
>> + continue;
>> + host = p->host;
>> + break;
>> + }
>> + if (!host) {
>> + pr_debug("host %s not found\n", ctrl->hostnqn);
>> + ret = -ENXIO;
>> + goto out_unlock;
>> + }
>> +
>> + if (host->dhchap_dhgroup_id != dhgroup_id) {
>> + ret = -EINVAL;
>> + goto out_unlock;
>> + }
>> + dhgroup_kpp = nvme_auth_dhgroup_kpp(dhgroup_id);
>> + if (!dhgroup_kpp) {
>> + ret = -EINVAL;
>> + goto out_unlock;
>> + }
>> + ctrl->dh_tfm = crypto_alloc_kpp(dhgroup_kpp, 0, 0);
>> + if (IS_ERR(ctrl->dh_tfm)) {
>> + pr_debug("failed to setup DH group %d, err %ld\n",
>> + dhgroup_id, PTR_ERR(ctrl->dh_tfm));
>> + ret = PTR_ERR(ctrl->dh_tfm);
>> + ctrl->dh_tfm = NULL;
>> + } else {
>> + ctrl->dh_gid = dhgroup_id;
>> + ctrl->dh_keysize = nvme_auth_dhgroup_pubkey_size(dhgroup_id);
>> + pr_debug("select DH group %d keysize %d\n",
>> + ctrl->dh_gid, ctrl->dh_keysize);
>> + ret = 0;
>> + }
>> +
>> +out_unlock:
>> + up_read(&nvmet_config_sem);
>> +
>> return ret;
>> }
>>
>> @@ -192,6 +237,101 @@ bool nvmet_check_auth_status(struct nvmet_req *req)
>> return true;
>> }
>>
>> +static int nvmet_auth_hash_sesskey(struct nvmet_req *req, u8 *hashed_key)
>> +{
>> + struct nvmet_ctrl *ctrl = req->sq->ctrl;
>> + const char *hmac_name, *digest_name;
>> + struct crypto_shash *tfm;
>> + int hmac_id, ret;
>> +
>> + if (!ctrl->shash_tfm) {
>> + pr_debug("%s: hash alg not set\n", __func__);
>> + return -EINVAL;
>> + }
>> + hmac_name = crypto_shash_alg_name(ctrl->shash_tfm);
>> + hmac_id = nvme_auth_hmac_id(hmac_name);
>> + if (hmac_id < 0) {
>> + pr_debug("%s: unsupported hmac %s\n", __func__,
>> + hmac_name);
>> + return -EINVAL;
>> + }
>> + digest_name = nvme_auth_digest_name(hmac_id);
>> + if (!digest_name) {
>> + pr_debug("%s: failed to get digest for %s\n", __func__,
>> + hmac_name);
>> + return -EINVAL;
>> + }
>> + tfm = crypto_alloc_shash(digest_name, 0, 0);
>> + if (IS_ERR(tfm))
>> + return -ENOMEM;
>> +
>> + ret = crypto_shash_tfm_digest(tfm, req->sq->dhchap_skey,
>> + req->sq->dhchap_skey_len, hashed_key);
>> + if (ret < 0)
>> + pr_debug("%s: Failed to hash digest len %d\n", __func__,
>> + req->sq->dhchap_skey_len);
>> +
>> + crypto_free_shash(tfm);
>> + return ret;
>> +}
>> +
>> +static int nvmet_auth_augmented_challenge(struct nvmet_req *req,
>> + u8 *challenge, u8 *aug)
>> +{
>> + struct nvmet_ctrl *ctrl = req->sq->ctrl;
>> + struct crypto_shash *tfm;
>> + struct shash_desc *desc;
>> + u8 *hashed_key;
>> + const char *hash_name;
>> + int hash_len = req->sq->dhchap_hash_len;
>> + int ret;
>> +
>> + hashed_key = kmalloc(hash_len, GFP_KERNEL);
>> + if (!hashed_key)
>> + return -ENOMEM;
>> +
>> + ret = nvmet_auth_hash_sesskey(req, hashed_key);
>> + if (ret < 0) {
>> + pr_debug("failed to hash session key, err %d\n", ret);
>> + kfree(hashed_key);
>> + return ret;
>> + }
>> + hash_name = crypto_shash_alg_name(ctrl->shash_tfm);
>> + if (!hash_name) {
>> + pr_debug("Invalid hash algoritm\n");
>> + return -EINVAL;
>> + }
>> + tfm = crypto_alloc_shash(hash_name, 0, 0);
>> + if (IS_ERR(tfm)) {
>> + ret = PTR_ERR(tfm);
>> + goto out_free_key;
>> + }
>> + desc = kmalloc(sizeof(struct shash_desc) + crypto_shash_descsize(tfm),
>> + GFP_KERNEL);
>> + if (!desc) {
>> + ret = -ENOMEM;
>> + goto out_free_hash;
>> + }
>> + desc->tfm = tfm;
>> +
>> + ret = crypto_shash_setkey(tfm, hashed_key, hash_len);
>> + if (ret)
>> + goto out_free_desc;
>> + ret = crypto_shash_init(desc);
>> + if (ret)
>> + goto out_free_desc;
>> + crypto_shash_update(desc, challenge, hash_len);
>> + crypto_shash_final(desc, aug);
>> +
>> +out_free_desc:
>> + kfree_sensitive(desc);
>> +out_free_hash:
>> + crypto_free_shash(tfm);
>> +out_free_key:
>> + kfree(hashed_key);
>> + return ret;
>> +}
>> +
>> int nvmet_auth_host_hash(struct nvmet_req *req, u8 *response,
>> unsigned int shash_len)
>> {
>> @@ -202,8 +342,15 @@ int nvmet_auth_host_hash(struct nvmet_req *req, u8
>> *response, int ret;
>>
>> if (ctrl->dh_gid != NVME_AUTH_DHCHAP_DHGROUP_NULL) {
>> - ret = -ENOTSUPP;
>> - goto out;
>> + challenge = kmalloc(shash_len, GFP_KERNEL);
>
> Alignment?
>
With what?
And why?
>> + if (!challenge) {
>> + ret = -ENOMEM;
>> + goto out;
>> + }
>> + ret = nvmet_auth_augmented_challenge(req, req->sq->dhchap_c1,
>> + challenge);
>> + if (ret)
>> + goto out;
>> }
>>
>> shash->tfm = ctrl->shash_tfm;
>> @@ -264,8 +411,15 @@ int nvmet_auth_ctrl_hash(struct nvmet_req *req, u8
>> *response, ctrl->cntlid, ctrl->hostnqn);
>>
>> if (ctrl->dh_gid != NVME_AUTH_DHCHAP_DHGROUP_NULL) {
>> - ret = -ENOTSUPP;
>> - goto out;
>> + challenge = kmalloc(shash_len, GFP_KERNEL);
>
> dto.
dto.
>> + if (!challenge) {
>> + ret = -ENOMEM;
>> + goto out;
>> + }
>> + ret = nvmet_auth_augmented_challenge(req, req->sq->dhchap_c2,
>> + challenge);
>> + if (ret)
>> + goto out;
>> }
>>
>> shash->tfm = ctrl->shash_tfm;
>> @@ -307,6 +461,85 @@ int nvmet_auth_ctrl_hash(struct nvmet_req *req, u8
>> *response, return 0;
>> }
>>
>> +int nvmet_auth_ctrl_exponential(struct nvmet_req *req,
>> + u8 *buf, int buf_size)
>> +{
>> + struct nvmet_ctrl *ctrl = req->sq->ctrl;
>> + struct kpp_request *kpp_req;
>> + struct crypto_wait wait;
>> + char *pkey;
>> + struct scatterlist dst;
>> + int ret, pkey_len;
>> +
>> + if (ctrl->dh_gid == NVME_AUTH_DHCHAP_DHGROUP_2048 ||
>> + ctrl->dh_gid == NVME_AUTH_DHCHAP_DHGROUP_3072 ||
>> + ctrl->dh_gid == NVME_AUTH_DHCHAP_DHGROUP_4096 ||
>> + ctrl->dh_gid == NVME_AUTH_DHCHAP_DHGROUP_6144 ||
>> + ctrl->dh_gid == NVME_AUTH_DHCHAP_DHGROUP_8192) {
>> + struct dh p = {0};
>> + int bits = nvme_auth_dhgroup_pubkey_size(ctrl->dh_gid) << 3;
>> +
>> + ret = crypto_ffdhe_params(&p, bits);
>> + if (ret)
>> + return ret;
>> +
>> + p.key = ctrl->dhchap_key;
>> + p.key_size = ctrl->dhchap_key_len;
>> +
>> + pkey_len = crypto_dh_key_len(&p);
>> + pkey = kmalloc(pkey_len, GFP_KERNEL);
>> + if (!pkey)
>> + return -ENOMEM;
>> +
>> + get_random_bytes(pkey, pkey_len);
>> + ret = crypto_dh_encode_key(pkey, pkey_len, &p);
>> + if (ret) {
>> + pr_debug("failed to encode private key, error %d\n",
>> + ret);
>> + goto out;
>> + }
>> + } else {
>> + pr_warn("invalid dh group %d\n", ctrl->dh_gid);
>> + return -EINVAL;
>> + }
>> + ret = crypto_kpp_set_secret(ctrl->dh_tfm, pkey, pkey_len);
>> + if (ret) {
>> + pr_debug("failed to set private key, error %d\n", ret);
>> + goto out;
>> + }
>> +
>> + kpp_req = kpp_request_alloc(ctrl->dh_tfm, GFP_KERNEL);
>> + if (!kpp_req) {
>> + pr_debug("cannot allocate kpp request\n");
>> + ret = -ENOMEM;
>> + goto out;
>> + }
>> +
>> + crypto_init_wait(&wait);
>> + kpp_request_set_input(kpp_req, NULL, 0);
>> + sg_init_one(&dst, buf, buf_size);
>> + kpp_request_set_output(kpp_req, &dst, buf_size);
>> + kpp_request_set_callback(kpp_req, CRYPTO_TFM_REQ_MAY_BACKLOG,
>> + crypto_req_done, &wait);
>> +
>> + ret = crypto_wait_req(crypto_kpp_generate_public_key(kpp_req), &wait);
>> + kpp_request_free(kpp_req);
>> + if (ret == -EOVERFLOW) {
>> + pr_debug("public key buffer too small, need %d is %d\n",
>> + crypto_kpp_maxsize(ctrl->dh_tfm), buf_size);
>> + ret = -ENOKEY;
>> + } else if (ret) {
>> + pr_debug("failed to generate public key, err %d\n", ret);
>> + ret = -ENOKEY;
>> + } else
>> + pr_debug("%s: ctrl public key %*ph\n", __func__,
>> + (int)buf_size, buf);
>> +
>> +out:
>> + kfree_sensitive(pkey);
>> + return ret;
>> +}
>
> In general: the target/host authentication code looks very similar. Is there
> no way to have a common code base?
That is the plan, but I would need to rework the parameter passing for
the target code to also use a 'dhchap' authentication block like the
host code does.
But Sagi is not entirely happy with it, so I'll rework the code once we
have consensus there.
Cheers,
Hannes
--
Dr. Hannes Reinecke Kernel Storage Architect
hare at suse.de +49 911 74053 688
SUSE Software Solutions GmbH, Maxfeldstr. 5, 90409 Nürnberg
HRB 36809 (AG Nürnberg), Geschäftsführer: Felix Imendörffer
More information about the Linux-nvme
mailing list