[PATCH 05/16] nvme-sysfs: add 'tls_configured_key' sysfs attribute
Hannes Reinecke
hare at suse.de
Thu Jul 18 00:13:37 PDT 2024
On 7/17/24 23:58, Sagi Grimberg wrote:
>
>
> On 17/07/2024 12:10, Hannes Reinecke wrote:
>> There is a difference between the negotiated TLS key (which is
>> always present for a TLS encrypted connection) and the configured
>> TLS key (which is specified with the --tls_key command line option).
>> To differentate between these two add a new sysfs attribute
>> 'tls_configured_key' to hold the specified on the command line.
>>
>> Signed-off-by: Hannes Reinecke <hare at kernel.org>
>> ---
>> drivers/nvme/host/sysfs.c | 17 +++++++++++++++++
>> 1 file changed, 17 insertions(+)
>>
>> diff --git a/drivers/nvme/host/sysfs.c b/drivers/nvme/host/sysfs.c
>> index be36206cb594..e5cd738660b1 100644
>> --- a/drivers/nvme/host/sysfs.c
>> +++ b/drivers/nvme/host/sysfs.c
>> @@ -676,6 +676,19 @@ static ssize_t tls_key_show(struct device *dev,
>> return sysfs_emit(buf, "%08x\n", ctrl->tls_pskid);
>> }
>> static DEVICE_ATTR_RO(tls_key);
>> +
>> +static ssize_t tls_configured_key_show(struct device *dev,
>> + struct device_attribute *attr, char *buf)
>> +{
>> + struct nvme_ctrl *ctrl = dev_get_drvdata(dev);
>> + struct key *key = ctrl->opts->tls_key;
>> +
>> + if (!key)
>> + return 0;
>
> Shouldn't this check move to the are_visible part so it isn't visible if
> tls_key is not provided?
Guess you are right. I thought we could not as the tls_key might change
with secure concatenation, but that doesn't affect the configured key.
Will be updating the patch.
Cheers,
Hannes
--
Dr. Hannes Reinecke Kernel Storage Architect
hare at suse.de +49 911 74053 688
SUSE Software Solutions GmbH, Frankenstr. 146, 90461 Nürnberg
HRB 36809 (AG Nürnberg), GF: I. Totev, A. McDonald, W. Knoblich
More information about the Linux-nvme
mailing list