[PATCH] nvmet-auth: always free derived key data

Sat Apr 26 22:31:45 PDT 2025

On Fri, Apr 25, 2025 at 5:40 PM Hannes Reinecke <hare at kernel.org> wrote:
>
> After calling nvme_auth_derive_tls_psk() we need to free the resulting
> psk data, as either TLS is disable (and we don't need the data anyway)
> or the psk data is copied into the resulting key (and can be free, too).
>
> Fixes: fa2e0f8bbc68 ("nvmet-tcp: support secure channel concatenation")
> Reported-by: Yi Zhang <yi.zhang at redhat.com>
> Suggested-by: Maurizio Lombardi <mlombard at bsdbackstore.eu>
> Signed-off-by: Hannes Reinecke <hare at kernel.org>

Thanks for the fix:

Tested-by: Yi Zhang <yi.zhang at redhat.com>

> ---
>  drivers/nvme/target/auth.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/drivers/nvme/target/auth.c b/drivers/nvme/target/auth.c
> index 3f9fad732350..8f67fc21149c 100644
> --- a/drivers/nvme/target/auth.c
> +++ b/drivers/nvme/target/auth.c
> @@ -656,13 +656,12 @@ void nvmet_auth_insert_psk(struct nvmet_sq *sq)
>                 pr_warn("%s: ctrl %d qid %d failed to refresh key, error %ld\n",
>                         __func__, sq->ctrl->cntlid, sq->qid, PTR_ERR(tls_key));
>                 tls_key = NULL;
> -               kfree_sensitive(tls_psk);
>         }
>         if (sq->ctrl->tls_key)
>                 key_put(sq->ctrl->tls_key);
>         sq->ctrl->tls_key = tls_key;
>  #endif
> -
> +       kfree_sensitive(tls_psk);
>  out_free_digest:
>         kfree_sensitive(digest);
>  out_free_psk:
> --
> 2.35.3
>

-- 
Best Regards,
  Yi Zhang