[PATCH] nvmet-auth: fix dhgroup negotiation
Konrad Sztyber
konrad.sztyber at intel.com
Thu Mar 7 04:23:42 PST 2024
There were a couple of things wrong with dhgroup negotiation. Firstly,
the condition comparing host's dhgroups against configured dhgroup was
inverted. Secondly, once fallback dhgroup was selected, only dhg_id was
updated, without proper dhgroup setup (e.g. generating the key).
Signed-off-by: Konrad Sztyber <konrad.sztyber at intel.com>
---
drivers/nvme/target/fabrics-cmd-auth.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/drivers/nvme/target/fabrics-cmd-auth.c b/drivers/nvme/target/fabrics-cmd-auth.c
index eb7785be0ca7..40038a6624ff 100644
--- a/drivers/nvme/target/fabrics-cmd-auth.c
+++ b/drivers/nvme/target/fabrics-cmd-auth.c
@@ -81,7 +81,7 @@ static u16 nvmet_auth_negotiate(struct nvmet_req *req, void *d)
for (i = 0; i < data->auth_protocol[0].dhchap.dhlen; i++) {
int tmp_dhgid = data->auth_protocol[0].dhchap.idlist[i + 30];
- if (tmp_dhgid != ctrl->dh_gid) {
+ if (tmp_dhgid == ctrl->dh_gid) {
dhgid = tmp_dhgid;
break;
}
@@ -101,7 +101,9 @@ static u16 nvmet_auth_negotiate(struct nvmet_req *req, void *d)
pr_debug("%s: ctrl %d qid %d: configured DH group %s not found\n",
__func__, ctrl->cntlid, req->sq->qid,
nvme_auth_dhgroup_name(fallback_dhgid));
- ctrl->dh_gid = fallback_dhgid;
+
+ if (nvmet_setup_dhgroup(ctrl, fallback_dhgid) < 0)
+ return NVME_AUTH_DHCHAP_FAILURE_DHGROUP_UNUSABLE;
}
pr_debug("%s: ctrl %d qid %d: selected DH group %s (%d)\n",
__func__, ctrl->cntlid, req->sq->qid,
--
2.43.0
More information about the Linux-nvme
mailing list