[PATCH 3/6] nvme-auth: don't re-authenticate if the controller is not LIVE
Sagi Grimberg
sagi at grimberg.me
Tue Oct 25 13:22:16 PDT 2022
On 10/25/22 20:22, Hannes Reinecke wrote:
> On 10/25/22 15:43, Sagi Grimberg wrote:
>> The connect sequence will re-authenticate.
>>
>> Signed-off-by: Sagi Grimberg <sagi at grimberg.me>
>> ---
>> drivers/nvme/host/auth.c | 7 +++++++
>> 1 file changed, 7 insertions(+)
>>
>> diff --git a/drivers/nvme/host/auth.c b/drivers/nvme/host/auth.c
>> index 734928282d3e..93c0fc71bc7c 100644
>> --- a/drivers/nvme/host/auth.c
>> +++ b/drivers/nvme/host/auth.c
>> @@ -939,6 +939,13 @@ static void nvme_dhchap_auth_work(struct
>> work_struct *work)
>> container_of(work, struct nvme_ctrl, dhchap_auth_work);
>> int ret, q;
>> + /*
>> + * If the ctrl is no connected, bail as reconnect will handle
>> + * authentication.
>> + */
>> + if (ctrl->state != NVME_CTRL_LIVE)
>> + return;
>> +
>> /* Authenticate admin queue first */
>> ret = nvme_auth_negotiate(ctrl, 0);
>> if (ret) {
>
> Hmm. That is only part of the story; the controller can be reset at any
> time during the workqueue function.
Won't controller reset flush/cancel all the pending auth works?
> Doing so will invalidate the digest hash, but we only find out about
> queue being invalid once we _send_ data. So we crash in
> skb_copy_datagram_iter().
> I got a patch here somewhere (which is still under testing, hence I
> didn't send it off), but can do so now if requested.
It would be good if you can share. I think we need some more work on
the whole re-authentication piece.
More information about the Linux-nvme
mailing list