[PATCH 5/6] nvme-auth: set DNR bit on non-retryable errors
Hannes Reinecke
hare at suse.de
Wed Nov 2 00:52:23 PDT 2022
If the negotiation fails due to protocol errors or unsupported
hash algorithms we need to set the DNR bit on the final status
to avoid retries.
Signed-off-by: Hannes Reinecke <hare at suse.de>
---
drivers/nvme/host/auth.c | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/drivers/nvme/host/auth.c b/drivers/nvme/host/auth.c
index b4af8661c988..6ca0c2bb06c0 100644
--- a/drivers/nvme/host/auth.c
+++ b/drivers/nvme/host/auth.c
@@ -151,7 +151,7 @@ static int nvme_auth_process_dhchap_challenge(struct nvme_ctrl *ctrl,
if (chap->buf_size < size) {
chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;
- return NVME_SC_INVALID_FIELD;
+ return NVME_SC_DNR | NVME_SC_INVALID_FIELD;
}
hmac_name = nvme_auth_hmac_name(data->hashid);
@@ -160,7 +160,7 @@ static int nvme_auth_process_dhchap_challenge(struct nvme_ctrl *ctrl,
"qid %d: invalid HASH ID %d\n",
chap->qid, data->hashid);
chap->status = NVME_AUTH_DHCHAP_FAILURE_HASH_UNUSABLE;
- return NVME_SC_INVALID_FIELD;
+ return NVME_SC_DNR | NVME_SC_INVALID_FIELD;
}
if (chap->hash_id == data->hashid && chap->shash_tfm &&
@@ -198,7 +198,7 @@ static int nvme_auth_process_dhchap_challenge(struct nvme_ctrl *ctrl,
crypto_free_shash(chap->shash_tfm);
chap->shash_tfm = NULL;
chap->status = NVME_AUTH_DHCHAP_FAILURE_HASH_UNUSABLE;
- return NVME_SC_AUTH_REQUIRED;
+ return NVME_SC_DNR | NVME_SC_AUTH_REQUIRED;
}
/* Reset host response if the hash had been changed */
@@ -220,7 +220,7 @@ static int nvme_auth_process_dhchap_challenge(struct nvme_ctrl *ctrl,
chap->qid, data->dhgid);
chap->status = NVME_AUTH_DHCHAP_FAILURE_DHGROUP_UNUSABLE;
/* Leave previous dh_tfm intact */
- return NVME_SC_AUTH_REQUIRED;
+ return NVME_SC_DNR | NVME_SC_AUTH_REQUIRED;
}
/* Clear host and controller key to avoid accidental reuse */
@@ -251,7 +251,7 @@ static int nvme_auth_process_dhchap_challenge(struct nvme_ctrl *ctrl,
"qid %d: empty DH value\n",
chap->qid);
chap->status = NVME_AUTH_DHCHAP_FAILURE_DHGROUP_UNUSABLE;
- return NVME_SC_INVALID_FIELD;
+ return NVME_SC_DNR | NVME_SC_INVALID_FIELD;
}
chap->dh_tfm = crypto_alloc_kpp(kpp_name, 0, 0);
@@ -272,7 +272,7 @@ static int nvme_auth_process_dhchap_challenge(struct nvme_ctrl *ctrl,
"qid %d: invalid DH value for NULL DH\n",
chap->qid);
chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;
- return NVME_SC_INVALID_FIELD;
+ return NVME_SC_DNR | NVME_SC_INVALID_FIELD;
}
chap->dhgroup_id = data->dhgid;
@@ -353,7 +353,7 @@ static int nvme_auth_process_dhchap_success1(struct nvme_ctrl *ctrl,
if (chap->buf_size < size) {
chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;
- return NVME_SC_INVALID_FIELD;
+ return NVME_SC_DNR | NVME_SC_INVALID_FIELD;
}
if (data->hl != chap->hash_len) {
@@ -361,7 +361,7 @@ static int nvme_auth_process_dhchap_success1(struct nvme_ctrl *ctrl,
"qid %d: invalid hash length %u\n",
chap->qid, data->hl);
chap->status = NVME_AUTH_DHCHAP_FAILURE_HASH_UNUSABLE;
- return NVME_SC_INVALID_FIELD;
+ return NVME_SC_DNR | NVME_SC_INVALID_FIELD;
}
/* Just print out information for the admin queue */
@@ -385,7 +385,7 @@ static int nvme_auth_process_dhchap_success1(struct nvme_ctrl *ctrl,
"qid %d: controller authentication failed\n",
chap->qid);
chap->status = NVME_AUTH_DHCHAP_FAILURE_FAILED;
- return NVME_SC_AUTH_REQUIRED;
+ return NVME_SC_DNR | NVME_SC_AUTH_REQUIRED;
}
/* Just print out information for the admin queue */
@@ -753,7 +753,7 @@ static void __nvme_auth_work(struct work_struct *work)
NVME_AUTH_DHCHAP_MESSAGE_CHALLENGE);
if (ret) {
chap->status = ret;
- chap->error = NVME_SC_AUTH_REQUIRED;
+ chap->error = NVME_SC_DNR | NVME_SC_AUTH_REQUIRED;
goto out_free;
}
@@ -817,7 +817,7 @@ static void __nvme_auth_work(struct work_struct *work)
NVME_AUTH_DHCHAP_MESSAGE_SUCCESS1);
if (ret) {
chap->status = ret;
- chap->error = NVME_SC_AUTH_REQUIRED;
+ chap->error = NVME_SC_DNR | NVME_SC_AUTH_REQUIRED;
goto out_free;
}
--
2.35.3
More information about the Linux-nvme
mailing list