[PATCH 3/9] nvme-tcp: check for invalidated or revoked key
Hannes Reinecke
hare at suse.de
Mon Aug 12 07:09:01 PDT 2024
On 8/12/24 08:25, Hannes Reinecke wrote:
> On 7/31/24 11:45, Sagi Grimberg wrote:
>>
>>>> static void nvme_tls_psk_describe(const struct key *key, struct
>>>> seq_file *m)
>>>> {
>>>> seq_puts(m, key->description);
>>>> diff --git a/drivers/nvme/host/fabrics.c b/drivers/nvme/host/fabrics.c
>>>> index f5f545fa0103..432efcbf9e2f 100644
>>>> --- a/drivers/nvme/host/fabrics.c
>>>> +++ b/drivers/nvme/host/fabrics.c
>>>> @@ -665,7 +665,7 @@ static struct key *nvmf_parse_key(int key_id)
>>>> return ERR_PTR(-EINVAL);
>>>> }
>>>> - key = key_lookup(key_id);
>>>> + key = nvme_tls_key_lookup(key_id);
>>> We've had some fallout before with nvme modules vs built-in, so I test
>>> for this now. Here's the relevant parts of my config:
>>>
>>> CONFIG_NVME_KEYRING=m
>>> ...
>>> CONFIG_NVME_FABRICS=y
>>> ...
>>> CONFIG_NVME_TCP=m
>>>
>>> And that gets this error:
>>>
>>> vmlinux.o: in function `nvmf_parse_key':
>>> /home/kbusch/src/linux/drivers/nvme/host/fabrics.c:668: undefined
>>> reference to `nvme_tls_key_lookup'
>>
>> Hannes, can you take look.
>>
> Just back from vacation, but yeah, I'll take a look.
>
Should be fixed with:
diff --git a/drivers/nvme/host/Kconfig b/drivers/nvme/host/Kconfig
index a3caef75aa0a..883aaab2d83e 100644
--- a/drivers/nvme/host/Kconfig
+++ b/drivers/nvme/host/Kconfig
@@ -109,6 +109,7 @@ config NVME_HOST_AUTH
bool "NVMe over Fabrics In-Band Authentication in host side"
depends on NVME_CORE
select NVME_AUTH
+ select NVME_KEYRING if NVME_TCP_TLS
help
This provides support for NVMe over Fabrics In-Band
Authentication in
host side.
Will send an updated series.
Cheers,
Hannes
--
Dr. Hannes Reinecke Kernel Storage Architect
hare at suse.de +49 911 74053 688
SUSE Software Solutions GmbH, Frankenstr. 146, 90461 Nürnberg
HRB 36809 (AG Nürnberg), GF: I. Totev, A. McDonald, W. Knoblich
More information about the Linux-nvme
mailing list