[PATCH v2 00/20] nvme: fixes, cleanups and enhancements to the dhchap-auth host code

[Sagi Grimberg]

Currently the authentication code is fairly fragile with respect to
mutual locking between secrets sysfs override, re-authentication, and
controller resets.

This patch set attempts to resolve these issues by:
1. freeing queue chap context as soon as authentication completes
   - including making the chap 4k buffer short-lived (added a mempool
     to overcome memory pressure situations).
2. allocate a simple vector for queue chap contexts so there is
no list/tree traversal to resolve queue chap context. queue chap
contexts are 1x1 mapped to queues, which are stored in a vector as
well.
3. flush chap auth_work from the ctrl dhchap work, this simplifies
how we flush inflight authentication sequence
4. use ctrl dhchap_auth_mutex to protect only the resources that are
accessed and modified via sysfs and the authentication flow (i.e. ctrl
host_key and ctrl_key)
5. move drivers (rdma/tcp) nvme_auth_stop later in the error recovery
flow to expedite failover and not block on I/O.

Feedback is welcome.

Changes from v1:
- split some of list->array conversion patch to make it simpler to review
  still it involves the locking changes in it so no regression is introduced.
- removed dhchap array macro foreach and accessor as the dhchap queue context
  is now typed in nvme_ctrl.
- Added mempool for chap buffers to overcome memory pressure situations
- removed redundant chap->buf_size
- renamed __nvme_auth_work to nvme_queue_auth_work (also nvme_dhchap_auth_work
  to nvme_ctrl_auth_work)
- converted macro to static inline function (ctrl_max_dhchaps)

Sagi Grimberg (20):
  nvme-auth: rename __nvme_auth_[reset|free] to
    nvme_auth[reset|free]_dhchap
  nvme-auth: rename authentication work elements
  nvme-auth: remove symbol export from nvme_auth_reset
  nvme-auth: don't re-authenticate if the controller is not LIVE
  nvme-auth: remove redundant buffer deallocations
  nvme-auth: don't ignore key generation failures when initializing ctrl
    keys
  nvme-auth: don't override ctrl keys before validation
  nvme-auth: remove redundant if statement
  nvme-auth: don't keep long lived 4k dhchap buffer
  nvme-auth: guarantee dhchap buffers under memory pressure
  nvme-auth: clear sensitive info right after authentication completes
  nvme-auth: remove redundant deallocations
  nvme-auth: no need to reset chap contexts on re-authentication
  nvme-auth: check chap ctrl_key once constructed
  nvme: move nvme_dhchap_queue_context declaration to nvme.h header
  nvme-auth: convert dhchap_auth_list to an array
  nvme-auth: remove redundant auth_work flush
  nvme-auth: have dhchap_auth_work wait for queues auth to complete
  nvme-tcp: stop auth work after tearing down queues in error recovery
  nvme-rdma: stop auth work after tearing down queues in error recovery

 drivers/nvme/host/auth.c | 282 ++++++++++++++++++---------------------
 drivers/nvme/host/core.c |  32 ++++-
 drivers/nvme/host/nvme.h |  43 +++++-
 drivers/nvme/host/rdma.c |   2 +-
 drivers/nvme/host/tcp.c  |   2 +-
 5 files changed, 200 insertions(+), 161 deletions(-)

-- 
2.34.1