[PATCH 11/18] nvme-tcp: enable TLS handshake upcall
Hannes Reinecke
hare at suse.de
Mon Apr 17 08:36:44 PDT 2023
On 4/17/23 17:31, Sagi Grimberg wrote:
>
>>>> static int nvme_tcp_alloc_admin_queue(struct nvme_ctrl *ctrl)
>>>> {
>>>> int ret;
>>>> + key_serial_t psk_id = 0;
>>>> +
>>>> + if (ctrl->opts->tls) {
>>>> + psk_id = nvme_tls_psk_default(NULL,
>>>> + ctrl->opts->host->nqn,
>>>> + ctrl->opts->subsysnqn);
>>>> + if (!psk_id) {
>>>> + dev_err(ctrl->device, "no valid PSK found\n");
>>>> + ret = -ENOKEY;
>>>> + goto out_free_queue;
>>>> + }
>>>> + }
>>>> - ret = nvme_tcp_alloc_queue(ctrl, 0);
>>>> + ret = nvme_tcp_alloc_queue(ctrl, 0, psk_id);
>>>> if (ret)
>>>> - return ret;
>>>> + goto out_free_queue;
>>>> ret = nvme_tcp_alloc_async_req(to_tcp_ctrl(ctrl));
>>>> if (ret)
>>>> @@ -1778,9 +1887,15 @@ static int nvme_tcp_alloc_admin_queue(struct
>>>> nvme_ctrl *ctrl)
>>>> static int __nvme_tcp_alloc_io_queues(struct nvme_ctrl *ctrl)
>>>> {
>>>> int i, ret;
>>>> + key_serial_t psk_id;
>>>> + if (!ctrl->tls_key) {
>>>> + dev_err(ctrl->device, "no PSK negotiated\n");
>>>> + return -ENOKEY;
>>>> + }
>>>
>>> is ctrl->tls_key always set? Looks like this is the expectation.
>>>
>>
>> It needs to be set when TLS is enabled for the admin queue.
>> Otherwise no.
>
> Then aren't you missing also and statement with (ctrl->opts->tls) ?
>
Indeed, I do. Will be fixing it up.
Cheers,
Hannes
--
Dr. Hannes Reinecke Kernel Storage Architect
hare at suse.de +49 911 74053 688
SUSE Software Solutions GmbH, Maxfeldstr. 5, 90409 Nürnberg
HRB 36809 (AG Nürnberg), Geschäftsführer: Ivo Totev, Andrew
Myers, Andrew McDonald, Martje Boudien Moerman
More information about the Linux-nvme
mailing list