[PATCH 07/12] nvme: Implement In-Band authentication
Hannes Reinecke
hare at suse.de
Mon Nov 22 01:15:18 PST 2021
On 11/22/21 9:12 AM, Sagi Grimberg wrote:
>
>> +int nvme_auth_generate_key(struct nvme_ctrl *ctrl, u8 *secret, bool
>> set_ctrl)
>
> Maybe instead of set_ctrl introduct struct dhchap_key and pass a pointer
> into that?
>
>> +{
>> + u8 *key;
>> + size_t key_len;
>> + u8 key_hash;
>> +
>> + if (!secret)
>> + return 0;
>> +
>> + if (sscanf(secret, "DHHC-1:%hhd:%*s:", &key_hash) != 1)
>> + return -EINVAL;
>> +
>> + /* Pass in the secret without the 'DHHC-1:XX:' prefix */
>> + key = nvme_auth_extract_secret(secret + 10, key_hash,
>> + &key_len);
>> + if (IS_ERR(key)) {
>> + dev_dbg(ctrl->device, "failed to extract key, error %ld\n",
>> + PTR_ERR(key));
>> + return PTR_ERR(key);
>> + }
>> +
>> + if (set_ctrl) {
>> + ctrl->dhchap_ctrl_key = key;
>> + ctrl->dhchap_ctrl_key_len = key_len;
>> + ctrl->dhchap_ctrl_key_hash = key_hash;
>> + } else {
>> + ctrl->dhchap_key = key;
>> + ctrl->dhchap_key_len = key_len;
>> + ctrl->dhchap_key_hash = key_hash;
>> + }
>
> Then it becomes:
> dhchap_key->key = key;
> dhchap_key->len = key_len;
> dhchap_key->hash = key_hash;
Good point.
Will be folding it in.
Cheers,
Hannes
--
Dr. Hannes Reinecke Kernel Storage Architect
hare at suse.de +49 911 74053 688
SUSE Software Solutions Germany GmbH, 90409 Nürnberg
GF: F. Imendörffer, HRB 36809 (AG Nürnberg)
More information about the Linux-nvme
mailing list