[PATCH 8/9] nvme-fabrics: allow to pass in keyring by name
Hannes Reinecke
hare at kernel.org
Wed May 28 07:05:16 PDT 2025
The JSON configuration should be system independent, so we cannot
list any key serial numbers. So this patch allows to specify the TLS keyring
by name and not only by key serial number.
Signed-off-by: Hannes Reinecke <hare at kernel.org>
---
drivers/nvme/host/fabrics.c | 25 ++++++++++++++++++-------
1 file changed, 18 insertions(+), 7 deletions(-)
diff --git a/drivers/nvme/host/fabrics.c b/drivers/nvme/host/fabrics.c
index 6ec94c4f6075..d0f8c40cebb8 100644
--- a/drivers/nvme/host/fabrics.c
+++ b/drivers/nvme/host/fabrics.c
@@ -14,6 +14,7 @@
#include "fabrics.h"
#include <linux/nvme-auth.h>
#include <linux/nvme-keyring.h>
+#include <linux/key-type.h>
static LIST_HEAD(nvmf_transports);
static DECLARE_RWSEM(nvmf_transports_rwsem);
@@ -999,13 +1000,23 @@ static int nvmf_parse_options(struct nvmf_ctrl_options *opts,
break;
case NVMF_OPT_KEYRING:
if (match_int(args, &key_id) || key_id <= 0) {
- ret = -EINVAL;
- goto out;
- }
- key = nvmf_parse_key(key_id);
- if (IS_ERR(key)) {
- ret = PTR_ERR(key);
- goto out;
+ p = match_strdup(args);
+ if (!p) {
+ ret = -ENOMEM;
+ goto out;
+ }
+ key = request_key(&key_type_keyring, p, NULL);
+ kfree(p);
+ if (IS_ERR(key)) {
+ ret = PTR_ERR(key);
+ goto out;
+ }
+ } else {
+ key = nvmf_parse_key(key_id);
+ if (IS_ERR(key)) {
+ ret = PTR_ERR(key);
+ goto out;
+ }
}
key_put(opts->keyring);
opts->keyring = key;
--
2.35.3
More information about the Linux-nvme
mailing list