[PATCH 5/6] nvmeof-tcp/005: test bi-directional authentication
Hannes Reinecke
hare at suse.de
Fri Nov 19 03:29:43 PST 2021
On 11/17/21 10:50 PM, Sagi Grimberg wrote:
> Hannes,
>
> Should we add negative test cases for each of these tests?
> Currently for some reason I'm able to connect even though
> I provide the host a different dhchap_ctrl_key.
>
> Controller:
> --
> # grep -r ''
> /sys/kernel/config/nvmet/hosts/nqn.2014-08.org.nvmexpress:uuid:b73ff014-2723-4114-aa8d-2f784ecba4f4
>
> /sys/kernel/config/nvmet/hosts/nqn.2014-08.org.nvmexpress:uuid:b73ff014-2723-4114-aa8d-2f784ecba4f4/dhchap_dhgroup:null
>
> /sys/kernel/config/nvmet/hosts/nqn.2014-08.org.nvmexpress:uuid:b73ff014-2723-4114-aa8d-2f784ecba4f4/dhchap_hash:hmac(sha512)
>
> /sys/kernel/config/nvmet/hosts/nqn.2014-08.org.nvmexpress:uuid:b73ff014-2723-4114-aa8d-2f784ecba4f4/dhchap_ctrl_key:DHHC-1:03:M4ik+B5zPy9vqzH0Ef9sLWXLL7HQ1JEqx0IkhMWwNPc0tq8ZLkTQstMl1A9wkMFzzo52hJwQ0wP9GELWmUwUgFisuGw=:
>
> /sys/kernel/config/nvmet/hosts/nqn.2014-08.org.nvmexpress:uuid:b73ff014-2723-4114-aa8d-2f784ecba4f4/dhchap_key:DHHC-1:03:ynOWXFT8AC/OlvuIkpQ1RQlDAuHz2axeP43zmws90yRhPHNP5HyDQSI3m+WCBKcUfl7gRraflcb7nHAHR5mTh9t22Js=:
>
> --
>
> Host (use same key for -S and -C):
> --
> # ./nvme connect -t tcp -a 192.168.123.1 -n testnqn1 -s 8009 -S
> "DHHC-1:03:ynOWXFT8AC/OlvuIkpQ1RQlDAuHz2axeP43zmws90yRhPHNP5HyDQSI3m+WCBKcUfl7gRraflcb7nHAHR5mTh9t22Js=:"
> -C
> "DHHC-1:03:ynOWXFT8AC/OlvuIkpQ1RQlDAuHz2axeP43zmws90yRhPHNP5HyDQSI3m+WCBKcUfl7gRraflcb7nHAHR5mTh9t22Js=:"
>
> # nvme list
> Node SN Model Namespace
> Usage Format FW Rev
> --------------------- --------------------
> ---------------------------------------- ---------
> -------------------------- ---------------- --------
> /dev/nvme0n1 c7ebe13b94f6ad3885c7 Linux 1
> 268.44 GB / 268.44 GB 512 B + 0 B 5.15.0-r
> --
>
> Am I doing something wrong?
>
D'oh. Fix is:
diff --git a/drivers/nvme/host/auth.c b/drivers/nvme/host/auth.c
index 4dafa04aee8c..68f195dd245a 100644
--- a/drivers/nvme/host/auth.c
+++ b/drivers/nvme/host/auth.c
@@ -1351,7 +1351,7 @@ static void __nvme_auth_work(struct work_struct *work)
}
ret = nvme_auth_process_dhchap_success1(ctrl, chap);
- if (ret < 0) {
+ if (ret) {
/* Controller authentication failed */
goto fail2;
}
I'll fold it into the next version.
Cheers,
Hannes
--
Dr. Hannes Reinecke Kernel Storage Architect
hare at suse.de +49 911 74053 688
SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nürnberg
HRB 36809 (AG Nürnberg), GF: Felix Imendörffer
More information about the Linux-nvme
mailing list