From nobody Wed Dec 17 18:59:45 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1649CC27C40 for ; Wed, 22 Nov 2023 22:47:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231392AbjKVWre (ORCPT ); Wed, 22 Nov 2023 17:47:34 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46896 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231952AbjKVWrc (ORCPT ); Wed, 22 Nov 2023 17:47:32 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4397712A for ; Wed, 22 Nov 2023 14:47:29 -0800 (PST) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0B1FDC433C7; Wed, 22 Nov 2023 22:47:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1700693248; bh=zAaMHwAz6fQIMNy0cpFdvF6MYVuva8LCFObd/51W7U4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=o9ASBCAxjepYSLCKpUhXqOTcz8HeeVQG9sJv//XEYxWgYrMZO5tnjra4JeXJZ6+xu a/gXdFIsEm9KLJvYS4P2s9yLX4eBX0GTq18NjC/79OAuUSjXqihSeEsuz/jXu/7l+O 0tFo1EYPYxovDTaRaXJ5hNqWdN9ds0cEd0FFzGRuRPtuAormWPk2aUDiRE2EGCl/Zv KEd0NI+TOy59khYiULMv+fT2nLAqhqlNI+YMNS1J3lavvcMwH2/GuitmY6F/VIXS1/ J3HBYsTuW+ZXE/jrw1uyIqBcwjGyv+xEpr8IQ6kAa2z7+F2dvfpcMIezbJtI5h8GWb /h1X7fs6VAVUw== From: Arnd Bergmann To: linux-nvme@lists.infradead.org Cc: Arnd Bergmann , Keith Busch , Jens Axboe , Christoph Hellwig , Sagi Grimberg , Chaitanya Kulkarni , linux-kernel@vger.kernel.org Subject: [PATCH v3 1/3] nvme: target: fix nvme_keyring_id() references Date: Wed, 22 Nov 2023 23:47:17 +0100 Message-Id: <20231122224719.4042108-2-arnd@kernel.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20231122224719.4042108-1-arnd@kernel.org> References: <20231122224719.4042108-1-arnd@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Arnd Bergmann In configurations without CONFIG_NVME_TARGET_TCP_TLS, the keyring code might not be available, or using it will result in a runtime failure: x86_64-linux-ld: vmlinux.o: in function `nvmet_ports_make': configfs.c:(.text+0x100a211): undefined reference to `nvme_keyring_id' Add a check to ensure we only check the keyring if there is a chance of it being used, which avoids both the runtime and link-time problems. Signed-off-by: Arnd Bergmann Acked-by: Keith Busch --- drivers/nvme/target/configfs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/nvme/target/configfs.c b/drivers/nvme/target/configfs.c index 9eed6e6765ea..e307a044b1a1 100644 --- a/drivers/nvme/target/configfs.c +++ b/drivers/nvme/target/configfs.c @@ -1893,7 +1893,7 @@ static struct config_group *nvmet_ports_make(struct c= onfig_group *group, return ERR_PTR(-ENOMEM); } =20 - if (nvme_keyring_id()) { + if (IS_ENABLED(CONFIG_NVME_TARGET_TCP_TLS) && nvme_keyring_id()) { port->keyring =3D key_lookup(nvme_keyring_id()); if (IS_ERR(port->keyring)) { pr_warn("NVMe keyring not available, disabling TLS\n"); --=20 2.39.2 From nobody Wed Dec 17 18:59:45 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 69D75C27C40 for ; Wed, 22 Nov 2023 22:47:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344536AbjKVWrg (ORCPT ); Wed, 22 Nov 2023 17:47:36 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46926 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235132AbjKVWre (ORCPT ); Wed, 22 Nov 2023 17:47:34 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8C43592 for ; Wed, 22 Nov 2023 14:47:31 -0800 (PST) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 5ADF4C433CA; Wed, 22 Nov 2023 22:47:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1700693251; bh=9ZYZZkr3I5hnymOVMd0KFdtSw5PNdjLQfrciVWD6egI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=g0Ll4JW9tS/EGX5GtWauX3N3e0xBMe2+rvzFXjJizYae6g08d5AOtIUQdHAYH4r3j miRPhXbgooUsZmqDaFwTIzizmKrjwCvSL6EsAjpWFXVaB1JOMlqq+Id82oY9eJWD79 MiyaP8PV6qFHRPchKcdC0wxoXcbOutpDU85RFFRiHVckcMqOZaR93oQj4+/8yGlhP/ HDiEzsRWpQZ3suv0Ed6pqdU8CJ6tn0lcmC5PBh3DKwbln5NrzA5wnGi0csKYTIHb9o AouSbelHAd+ju3CJkgO7Tld8h5ecegxq5WwoxE/x5v3xY0Hfw3QAobcADR+4LearDf Zy7uciJ+6VNwg== From: Arnd Bergmann To: linux-nvme@lists.infradead.org Cc: Arnd Bergmann , Keith Busch , Jens Axboe , Christoph Hellwig , Sagi Grimberg , Chaitanya Kulkarni , linux-kernel@vger.kernel.org Subject: [PATCH v3 2/3] nvme: target: fix Kconfig select statements Date: Wed, 22 Nov 2023 23:47:18 +0100 Message-Id: <20231122224719.4042108-3-arnd@kernel.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20231122224719.4042108-1-arnd@kernel.org> References: <20231122224719.4042108-1-arnd@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Arnd Bergmann When the NVME target code is built-in but its TCP frontend is a loadable module, enabling keyring support causes a link failure: x86_64-linux-ld: vmlinux.o: in function `nvmet_ports_make': configfs.c:(.text+0x100a211): undefined reference to `nvme_keyring_id' The problem is that CONFIG_NVME_TARGET_TCP_TLS is a 'bool' symbol that depends on the tristate CONFIG_NVME_TARGET_TCP, so any 'select' from it inherits the state of the tristate symbol rather than the intended CONFIG_NVME_TARGET one that contains the actual call. The same thing is true for CONFIG_KEYS, which itself is required for NVME_KEYRING. Signed-off-by: Arnd Bergmann Acked-by: Keith Busch --- drivers/nvme/target/Kconfig | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/nvme/target/Kconfig b/drivers/nvme/target/Kconfig index 31633da9427c..e1ebc73f3e5e 100644 --- a/drivers/nvme/target/Kconfig +++ b/drivers/nvme/target/Kconfig @@ -4,6 +4,8 @@ config NVME_TARGET tristate "NVMe Target support" depends on BLOCK depends on CONFIGFS_FS + select NVME_KEYRING if NVME_TARGET_TCP_TLS + select KEYS if NVME_TARGET_TCP_TLS select BLK_DEV_INTEGRITY_T10 if BLK_DEV_INTEGRITY select SGL_ALLOC help @@ -87,9 +89,7 @@ config NVME_TARGET_TCP config NVME_TARGET_TCP_TLS bool "NVMe over Fabrics TCP target TLS encryption support" depends on NVME_TARGET_TCP - select NVME_KEYRING select NET_HANDSHAKE - select KEYS help Enables TLS encryption for the NVMe TCP target using the netlink handsh= ake API. =20 --=20 2.39.2 From nobody Wed Dec 17 18:59:45 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 56B92C61D97 for ; Wed, 22 Nov 2023 22:47:43 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344615AbjKVWro (ORCPT ); Wed, 22 Nov 2023 17:47:44 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47014 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1344572AbjKVWri (ORCPT ); Wed, 22 Nov 2023 17:47:38 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D90C9D40 for ; Wed, 22 Nov 2023 14:47:33 -0800 (PST) Received: by smtp.kernel.org (Postfix) with ESMTPSA id A8338C433C8; Wed, 22 Nov 2023 22:47:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1700693253; bh=tirI9jsS9I0Ud4YA2mWLBGFR/GeO4TdPnDgDvqDAWOM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=dHYYuw2Wf0mGECKQiIvqxUVhZPskvK0mCYfcFhSgc0GheH7K4LDEEx/OLTMgXZC6b dQRfBZQJEAiyh7mObHD9Z+6o+FgJuRXhzWT3+yzlzJOdlG+0oPL27TzHtMwsNifDXh FHRzr/VHPAErPKMr0Rn9jSrdRrTswxZyTyzUtrXDEMtuGcYKROKjBJlhE5SnI8W8ID Co8i1z550dK8PYv1WvnvxqTjIx274e0N4gL/9e5vz6si9j7+WlZy/Z4djJmXpl/H0D wCPmwHkR/mj/Ty3H36D5p3FunNWHvVlgf+icJrtHBlreSQJHpm3EVMyOiXlKzMU5tU VdoGWdkEuzk1Q== From: Arnd Bergmann To: linux-nvme@lists.infradead.org Cc: Arnd Bergmann , Keith Busch , Jens Axboe , Christoph Hellwig , Sagi Grimberg , Chaitanya Kulkarni , linux-kernel@vger.kernel.org Subject: [PATCH v3 3/3] nvme: tcp: fix compile-time checks for TLS mode Date: Wed, 22 Nov 2023 23:47:19 +0100 Message-Id: <20231122224719.4042108-4-arnd@kernel.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20231122224719.4042108-1-arnd@kernel.org> References: <20231122224719.4042108-1-arnd@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Arnd Bergmann When CONFIG_NVME_KEYRING is enabled as a loadable module, but the TCP host code is built-in, it fails to link: arm-linux-gnueabi-ld: drivers/nvme/host/tcp.o: in function `nvme_tcp_setup_= ctrl': tcp.c:(.text+0x1940): undefined reference to `nvme_tls_psk_default' The problem is that the compile-time conditionals are inconsistent here, using a mix of #ifdef CONFIG_NVME_TCP_TLS, IS_ENABLED(CONFIG_NVME_TCP_TLS) and IS_ENABLED(CONFIG_NVME_KEYRING) checks, with CONFIG_NVME_KEYRING controlling whether the implementation is actually built. Change it to use IS_ENABLED(CONFIG_NVME_KEYRING) checks consistently, which should help readability and make it less error-prone. Combining it with the check for the ctrl->opts->tls flag lets the compiler drop all the TLS code in configurations without this feature, which also helps runtime behavior in addition to avoiding the link failure. To make it possible for the compiler to build the dead code, both the tls_handshake_timeout variable and the TLS specific members of nvme_tcp_queue need to be moved out of the #ifdef block as well, but at least the former of these gets optimized out again. Signed-off-by: Arnd Bergmann Acked-by: Keith Busch --- drivers/nvme/host/tcp.c | 31 ++++++++++++++----------------- 1 file changed, 14 insertions(+), 17 deletions(-) diff --git a/drivers/nvme/host/tcp.c b/drivers/nvme/host/tcp.c index 89661a9cf850..ee7aa8478cfb 100644 --- a/drivers/nvme/host/tcp.c +++ b/drivers/nvme/host/tcp.c @@ -36,11 +36,11 @@ static int so_priority; module_param(so_priority, int, 0644); MODULE_PARM_DESC(so_priority, "nvme tcp socket optimize priority"); =20 -#ifdef CONFIG_NVME_TCP_TLS /* * TLS handshake timeout */ static int tls_handshake_timeout =3D 10; +#ifdef CONFIG_NVME_TCP_TLS module_param(tls_handshake_timeout, int, 0644); MODULE_PARM_DESC(tls_handshake_timeout, "nvme TLS handshake timeout in seconds (default 10)"); @@ -161,10 +161,8 @@ struct nvme_tcp_queue { struct ahash_request *snd_hash; __le32 exp_ddgst; __le32 recv_ddgst; -#ifdef CONFIG_NVME_TCP_TLS struct completion tls_complete; int tls_err; -#endif struct page_frag_cache pf_cache; =20 void (*state_change)(struct sock *); @@ -207,6 +205,14 @@ static inline int nvme_tcp_queue_id(struct nvme_tcp_qu= eue *queue) return queue - queue->ctrl->queues; } =20 +static inline bool nvme_tcp_tls(struct nvme_ctrl *ctrl) +{ + if (!IS_ENABLED(CONFIG_NVME_TCP_TLS)) + return 0; + + return ctrl->opts->tls; +} + static inline struct blk_mq_tags *nvme_tcp_tagset(struct nvme_tcp_queue *q= ueue) { u32 queue_idx =3D nvme_tcp_queue_id(queue); @@ -1412,7 +1418,7 @@ static int nvme_tcp_init_connection(struct nvme_tcp_q= ueue *queue) memset(&msg, 0, sizeof(msg)); iov.iov_base =3D icresp; iov.iov_len =3D sizeof(*icresp); - if (queue->ctrl->ctrl.opts->tls) { + if (nvme_tcp_tls(&queue->ctrl->ctrl)) { msg.msg_control =3D cbuf; msg.msg_controllen =3D sizeof(cbuf); } @@ -1424,7 +1430,7 @@ static int nvme_tcp_init_connection(struct nvme_tcp_q= ueue *queue) goto free_icresp; } ret =3D -ENOTCONN; - if (queue->ctrl->ctrl.opts->tls) { + if (nvme_tcp_tls(&queue->ctrl->ctrl)) { ctype =3D tls_get_record_type(queue->sock->sk, (struct cmsghdr *)cbuf); if (ctype !=3D TLS_RECORD_TYPE_DATA) { @@ -1548,7 +1554,6 @@ static void nvme_tcp_set_queue_io_cpu(struct nvme_tcp= _queue *queue) queue->io_cpu =3D cpumask_next_wrap(n - 1, cpu_online_mask, -1, false); } =20 -#ifdef CONFIG_NVME_TCP_TLS static void nvme_tcp_tls_done(void *data, int status, key_serial_t pskid) { struct nvme_tcp_queue *queue =3D data; @@ -1625,14 +1630,6 @@ static int nvme_tcp_start_tls(struct nvme_ctrl *nctr= l, } return ret; } -#else -static int nvme_tcp_start_tls(struct nvme_ctrl *nctrl, - struct nvme_tcp_queue *queue, - key_serial_t pskid) -{ - return -EPROTONOSUPPORT; -} -#endif =20 static int nvme_tcp_alloc_queue(struct nvme_ctrl *nctrl, int qid, key_serial_t pskid) @@ -1759,7 +1756,7 @@ static int nvme_tcp_alloc_queue(struct nvme_ctrl *nct= rl, int qid, } =20 /* If PSKs are configured try to start TLS */ - if (pskid) { + if (IS_ENABLED(CONFIG_NVME_TCP_TLS) && pskid) { ret =3D nvme_tcp_start_tls(nctrl, queue, pskid); if (ret) goto err_init_connect; @@ -1916,7 +1913,7 @@ static int nvme_tcp_alloc_admin_queue(struct nvme_ctr= l *ctrl) int ret; key_serial_t pskid =3D 0; =20 - if (ctrl->opts->tls) { + if (nvme_tcp_tls(ctrl)) { if (ctrl->opts->tls_key) pskid =3D key_serial(ctrl->opts->tls_key); else @@ -1949,7 +1946,7 @@ static int __nvme_tcp_alloc_io_queues(struct nvme_ctr= l *ctrl) { int i, ret; =20 - if (ctrl->opts->tls && !ctrl->tls_key) { + if (nvme_tcp_tls(ctrl) && !ctrl->tls_key) { dev_err(ctrl->device, "no PSK negotiated\n"); return -ENOKEY; } --=20 2.39.2