[PATCH v2] nvmet: auth: validate dhchap id list lengths
Christoph Hellwig
hch at lst.de
Tue Mar 17 07:51:37 PDT 2026
On Fri, Mar 13, 2026 at 02:24:09PM +0900, YunJe Shin wrote:
> + /*
> + * idlist[0..29]: hash IDs
> + * idlist[30..59]: DH group IDs
> + */
> + if (data->auth_protocol[0].dhchap.halen > NVME_AUTH_DHCHAP_MAX_HASH_IDS ||
> + data->auth_protocol[0].dhchap.dhlen > NVME_AUTH_DHCHAP_MAX_DH_IDS)
Overly lone lines. A local variable for data->auth_protocol[0].dhchap
would really help with readability here.
> diff --git a/include/linux/nvme.h b/include/linux/nvme.h
> index b09dcaf5bcbc..ea0393ab16fc 100644
> --- a/include/linux/nvme.h
> +++ b/include/linux/nvme.h
> @@ -1824,6 +1824,8 @@ struct nvmf_auth_dhchap_protocol_descriptor {
> __u8 dhlen;
> __u8 idlist[60];
> };
> +#define NVME_AUTH_DHCHAP_MAX_HASH_IDS 30
> +#define NVME_AUTH_DHCHAP_MAX_DH_IDS 30
Tabs before the values. Bonus points for a reference to the relevant
spec.
More information about the Linux-nvme
mailing list