[PATCH v2 3/4] nvme: Expose the tls_configured sysfs for secure concat connections
Alistair Francis
alistair23 at gmail.com
Wed Nov 12 18:08:14 PST 2025
On Wed, Nov 12, 2025 at 5:08 PM Hannes Reinecke <hare at suse.de> wrote:
>
> On 11/12/25 00:45, alistair23 at gmail.com wrote:
> > From: Alistair Francis <alistair.francis at wdc.com>
> >
> > Signed-off-by: Alistair Francis <alistair.francis at wdc.com>
> > ---
> > v2:
> > - New patch
> >
> > drivers/nvme/host/sysfs.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/drivers/nvme/host/sysfs.c b/drivers/nvme/host/sysfs.c
> > index 29430949ce2f..6d10e12136d0 100644
> > --- a/drivers/nvme/host/sysfs.c
> > +++ b/drivers/nvme/host/sysfs.c
> > @@ -838,7 +838,7 @@ static umode_t nvme_tls_attrs_are_visible(struct kobject *kobj,
> > !ctrl->opts->tls && !ctrl->opts->concat)
> > return 0;
> > if (a == &dev_attr_tls_configured_key.attr &&
> > - (!ctrl->opts->tls_key || ctrl->opts->concat))
> > + !ctrl->opts->concat)
> > return 0;
> > if (a == &dev_attr_tls_keyring.attr &&
> > !ctrl->opts->keyring)
>
> ??
>
> How can you have a configured TLS Key for secure concatenation?
I'm not sure I follow
`ctrl->opts->tls_key` is directly set at the end of the
`nvme_auth_secure_concat()` function, so it will be set for secure
concatenation.
> We generate the keys from the DH-CHAP key material, don't we?
I haven't checked that closely, but the key seems to be generated from
the CHAP hash id
Alistair
>
> Cheers,
>
> Hannes
> --
> Dr. Hannes Reinecke Kernel Storage Architect
> hare at suse.de +49 911 74053 688
> SUSE Software Solutions GmbH, Frankenstr. 146, 90461 Nürnberg
> HRB 36809 (AG Nürnberg), GF: I. Totev, A. McDonald, W. Knoblich
More information about the Linux-nvme
mailing list