[PATCH 6/9] nvme-tcp: request secure channel concatenation
Hannes Reinecke
hare at suse.de
Thu Oct 17 08:37:06 PDT 2024
On 10/16/24 00:30, Mark O'Donovan wrote:
>> + tls_key = nvme_tls_psk_refresh(ctrl->opts->keyring, ctrl-
>>> opts->host->nqn,
>> + ctrl->opts->subsysnqn, chap-
>>> hash_id,
>> + tls_psk, psk_len, digest);
>> + if (IS_ERR(tls_key)) {
>> + ret = PTR_ERR(tls_key);
>> + dev_warn(ctrl->device,
>> + "%s: qid %d failed to insert generated key,
>> error %d\n",
>> + __func__, chap->qid, ret);
>> + tls_key = NULL;
>> + kfree_sensitive(tls_psk);
>> + }
>
> Should tls_psk be freed in the successful case also?
>
> That is what happens in a similar situation in integrity_load_x509()
You are correct; tls_psk needs to be freed in all cases.
Cheers,
Hannes
--
Dr. Hannes Reinecke Kernel Storage Architect
hare at suse.de +49 911 74053 688
SUSE Software Solutions GmbH, Frankenstr. 146, 90461 Nürnberg
HRB 36809 (AG Nürnberg), GF: I. Totev, A. McDonald, W. Knoblich
More information about the Linux-nvme
mailing list