From nobody Sun Dec 14 05:53:23 2025 Received: from mail-pl1-f172.google.com (mail-pl1-f172.google.com [209.85.214.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2DC62243376 for ; Thu, 30 Oct 2025 03:51:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.172 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761796292; cv=none; b=I8qA42vCoCricCwlvW+LFBNgo4By0vy1+lVEe2BDPsc25opeO43bvTqNOhB1moNaK8X8pgtI4iaiElDyzBmryl6p+swcjzxJ6Iyyb5j/6SUC2HZib8YV/BwYMyKIc7emBQe1MZ+TfLa3tgnszGaF/l7s7thSdzZKIeseQriyiQY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761796292; c=relaxed/simple; bh=pBeeBWRYeKafQMod5bIA+zGCastuNewJmZBzcV88qr8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=AV+f2EwNFRlMWcE6IvMFSBXvJXQr9nyeoey1/KzN6nXAshhS0kXoTR3pSOkQLrsSfHHkNz0jSTAxNEz1HAXWKxcrL2gXI1zFboGMb3ygmsr7pc3/VA+qeRVwTq5FNdpyhApjtgy784ua6Az2D3DZ3OJ3ZBf+dxj+5YCMCYgRorc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=ZOCZ9BxT; arc=none smtp.client-ip=209.85.214.172 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="ZOCZ9BxT" Received: by mail-pl1-f172.google.com with SMTP id d9443c01a7336-292fd52d527so5430705ad.2 for ; Wed, 29 Oct 2025 20:51:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1761796290; x=1762401090; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=yV4KJ/itlJFLRca3pmyjvPn6JyCSXSOLPe2auNiZSzY=; b=ZOCZ9BxTpiznMXLHAKsI7TMLdtdrs6ishH7KzubxOBRJoYP0s2B78O0ErgJ6iGlXgz N6VvlndPY1FJPO2hPuoMZwZV3keEh7GFpJFEuMHWrUz96+wdiKEMgQIaohtTUzpYETjz w44/YbGG46M8snPKpLIPPuv5nWhoewKjO7CSyyKuH3RYOx9ZDfQAykEVEdqnMJiUO26X l20dO8IePKmvHbGiKS8QjGZThmy4tDCTq32CU4xTSHTL4diZTubsxOPxIF5NbT0MMxQt 9TXnPeGaaw4CuBporcAzJowOOfn0aB+e66JJa4YxHCcOEzUprjupPBzi6cXnwubWrf1U SXXw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1761796290; x=1762401090; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=yV4KJ/itlJFLRca3pmyjvPn6JyCSXSOLPe2auNiZSzY=; b=Uxv4JzgZm1jPcgFJxUnP6iwB0FcoS6M/Ru+O/8ViL4nKBxckJCOv3ha/RzNc4GhCDb CHCUkivQHX3vq4mV7kU7eGQSed9D7YklzJ4++6yLeZEU8aZVuTzpyH7jIUo0/GFIG6J0 OBTwXTGWiyvzuPjx4w2dxd/4b3p0oBZPCLc8NzKd7hVtEq3q/2XbjS4Y5I7DFBU4V+MI B4cYCXTOzvrUR5J5jmWAYnDp6T4wW9c/+esAborjZ+6f2uZkAMAGZ6FLv66Cvx5TyUzQ y7AL/SSgREVhF+Y4QEKm797EBx6Z2Ih7pPVgeq/CNXzjhhI/02bIaaBAlzlUC0RM2XeQ 19pw== X-Gm-Message-State: AOJu0YzxeIhW4CzQDuG2WK/RtwodCxEfs2gatA70PbTUqBg59dwYwgzg L5zRuJmZCF5vJNF+AxZLf4qk8rfutftykrqWg005fhD6kFN/GnmIbv69 X-Gm-Gg: ASbGnctal2LXjL9+2gntgupin5TdsRWj0uHLIfWGAXGei2ilrGzRU4gWU0mAZ4N5Fb3 t3w4PXsOOsM/FVug5TIvKDyKnswqWyVKpmKLIFHq+w/4aluzNWxXkVBfrsPeUcXyXJXgJ+yBwA+ RoGxnCb6Cy1wf96RYFN3VXy0gOB9+If9g4mqiaE8EWuiQNnfC8MiG4ZDPxnNogHnGQDp78hX9x4 AtdNuQfc2yCvDZk0eptqZ+naE+BpNfXx6Pc/NBtADQUg82VlVICFJbKKd18wG8pdsABeVFWx3MM Fk1nugRAPK2qp1Gj7PCaOZ2n5ffIHL+B3QL6b4k+7ts8OdbcfrOiYVpPSwt9SKQgHJwjoSyZ/1N Yx4GhIdkG8scE2UijJViwL4+y2vl6DvSRvzOufbBSnThA25JtPA9lDx82EkrkRcUhyBGhXRlk7k Y5yg99G0Hy79tsZ0y1AuZD+T8iz5SyByaG4CJ7Ys2An+xa4VJqSEOUixKJ8zmeGuuuNmJPjkhK0 UisCL624GLf9u2qDnff X-Google-Smtp-Source: AGHT+IFPBdMt0Uqk3RC4Q5N98p917B/ethKWmCVg0XTxRxMZNghvClcvOMeLv6v7oMLApmWNNYOqWw== X-Received: by 2002:a17:902:f68a:b0:294:fc1d:9d0 with SMTP id d9443c01a7336-294fc1d0db8mr8265645ad.40.1761796290208; Wed, 29 Oct 2025 20:51:30 -0700 (PDT) Received: from toolbx.alistair23.me (2403-580b-97e8-0-82ce-f179-8a79-69f4.ip6.aussiebb.net. [2403:580b:97e8:0:82ce:f179:8a79:69f4]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-29498cf3381sm167953225ad.16.2025.10.29.20.51.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 29 Oct 2025 20:51:29 -0700 (PDT) From: alistair23@gmail.com X-Google-Original-From: alistair.francis@wdc.com To: kbusch@kernel.org, axboe@kernel.dk, hch@lst.de, sagi@grimberg.me, hare@suse.de, kch@nvidia.com, linux-nvme@lists.infradead.org Cc: linux-kernel@vger.kernel.org, alistair23@gmail.com, Alistair Francis Subject: [PATCH 1/3] nvmet-tcp: Don't error if TLS is enabed on a reset Date: Thu, 30 Oct 2025 13:51:12 +1000 Message-ID: <20251030035114.16840-2-alistair.francis@wdc.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251030035114.16840-1-alistair.francis@wdc.com> References: <20251030035114.16840-1-alistair.francis@wdc.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Alistair Francis If the host sends a AUTH_Negotiate Message on the admin queue with REPLACETLSPSK set then we expect and require a TLS connection and shouldn't report an error if TLS is enabled. This change only enforces the nvmet_queue_tls_keyid() check if we aren't resetting the negotiation. Signed-off-by: Alistair Francis --- drivers/nvme/target/auth.c | 4 ++-- drivers/nvme/target/core.c | 2 +- drivers/nvme/target/fabrics-cmd-auth.c | 2 +- drivers/nvme/target/nvmet.h | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/drivers/nvme/target/auth.c b/drivers/nvme/target/auth.c index f3cf7236e080..3e7024899608 100644 --- a/drivers/nvme/target/auth.c +++ b/drivers/nvme/target/auth.c @@ -140,7 +140,7 @@ int nvmet_setup_dhgroup(struct nvmet_ctrl *ctrl, u8 dhg= roup_id) return ret; } =20 -u8 nvmet_setup_auth(struct nvmet_ctrl *ctrl, struct nvmet_sq *sq) +u8 nvmet_setup_auth(struct nvmet_ctrl *ctrl, struct nvmet_sq *sq, bool res= et) { int ret =3D 0; struct nvmet_host_link *p; @@ -166,7 +166,7 @@ u8 nvmet_setup_auth(struct nvmet_ctrl *ctrl, struct nvm= et_sq *sq) goto out_unlock; } =20 - if (nvmet_queue_tls_keyid(sq)) { + if (!reset && nvmet_queue_tls_keyid(sq)) { pr_debug("host %s tls enabled\n", ctrl->hostnqn); goto out_unlock; } diff --git a/drivers/nvme/target/core.c b/drivers/nvme/target/core.c index 5d7d483bfbe3..bd9746715ffc 100644 --- a/drivers/nvme/target/core.c +++ b/drivers/nvme/target/core.c @@ -1689,7 +1689,7 @@ struct nvmet_ctrl *nvmet_alloc_ctrl(struct nvmet_allo= c_ctrl_args *args) if (args->hostid) uuid_copy(&ctrl->hostid, args->hostid); =20 - dhchap_status =3D nvmet_setup_auth(ctrl, args->sq); + dhchap_status =3D nvmet_setup_auth(ctrl, args->sq, false); if (dhchap_status) { pr_err("Failed to setup authentication, dhchap status %u\n", dhchap_status); diff --git a/drivers/nvme/target/fabrics-cmd-auth.c b/drivers/nvme/target/f= abrics-cmd-auth.c index 50639e6e31eb..f71456a94b66 100644 --- a/drivers/nvme/target/fabrics-cmd-auth.c +++ b/drivers/nvme/target/fabrics-cmd-auth.c @@ -293,7 +293,7 @@ void nvmet_execute_auth_send(struct nvmet_req *req) pr_debug("%s: ctrl %d qid %d reset negotiation\n", __func__, ctrl->cntlid, req->sq->qid); if (!req->sq->qid) { - dhchap_status =3D nvmet_setup_auth(ctrl, req->sq); + dhchap_status =3D nvmet_setup_auth(ctrl, req->sq, true); if (dhchap_status) { pr_err("ctrl %d qid 0 failed to setup re-authentication\n", ctrl->cntlid); diff --git a/drivers/nvme/target/nvmet.h b/drivers/nvme/target/nvmet.h index f3b09f4099f0..20be2fe43307 100644 --- a/drivers/nvme/target/nvmet.h +++ b/drivers/nvme/target/nvmet.h @@ -896,7 +896,7 @@ void nvmet_execute_auth_receive(struct nvmet_req *req); int nvmet_auth_set_key(struct nvmet_host *host, const char *secret, bool set_ctrl); int nvmet_auth_set_host_hash(struct nvmet_host *host, const char *hash); -u8 nvmet_setup_auth(struct nvmet_ctrl *ctrl, struct nvmet_sq *sq); +u8 nvmet_setup_auth(struct nvmet_ctrl *ctrl, struct nvmet_sq *sq, bool res= et); void nvmet_auth_sq_init(struct nvmet_sq *sq); void nvmet_destroy_auth(struct nvmet_ctrl *ctrl); void nvmet_auth_sq_free(struct nvmet_sq *sq); @@ -917,7 +917,7 @@ int nvmet_auth_ctrl_sesskey(struct nvmet_req *req, void nvmet_auth_insert_psk(struct nvmet_sq *sq); #else static inline u8 nvmet_setup_auth(struct nvmet_ctrl *ctrl, - struct nvmet_sq *sq) + struct nvmet_sq *sq, bool reset) { return 0; } --=20 2.51.0 From nobody Sun Dec 14 05:53:23 2025 Received: from mail-pl1-f179.google.com (mail-pl1-f179.google.com [209.85.214.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5095429B8F8 for ; Thu, 30 Oct 2025 03:51:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.179 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761796296; cv=none; b=D/kjAxOkbZoJp4pzM0daZDjrY9zp1QLiOzU0fCMsJ44y8vKj0dnRq8qkstFcL10J4qpWUQODDmVWvCLbunnaO0xvwx7G7awim7i5CBDyU35lNNtRlvB1mq0Ds7/qUd8lbPxCoeyILdw11n1P/ybADD81HnkXd2R/QDTOfYghnXA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761796296; c=relaxed/simple; bh=IsJxZQkO57xF953K5xHhWXR0z2NymjzNWHGtiMrLTDg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=TJh2KuPgs8SNpzJHv8C6T19WViyoTCVvLljFLosqKweHhGhkmAcQAeVcAofvh/qdel3yKzVjkOj8pdUqemgT9hw9I8s0jtEp0RqMThbZnGiLIAH2uCYi+26G+Ep7CUo7ZhFb6RFZHTEOjTbpqDyVZ6XmJOa2l9F5H6rNGK8ouPo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=ii33pclx; arc=none smtp.client-ip=209.85.214.179 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="ii33pclx" Received: by mail-pl1-f179.google.com with SMTP id d9443c01a7336-294fb21b160so1428345ad.1 for ; Wed, 29 Oct 2025 20:51:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1761796295; x=1762401095; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=MN0fRpH/PCnIiX5ASSuQg4IoluSNnvJUR3iBGHC2JFI=; b=ii33pclxTNLvQFHHngkm6pLnwD37UPg1AGKSMvHVGhkisZD+rIDHKhhTpZS5qrEOZ6 5i9bTFP1UhviHFfJLewzkWt+Kc2Xd7IRtyuhIFog8UKJk/QV0W93CMN6Y9SeRSmD1YNd AKVri7L0QXDipGrAnEA+He0+C/pLh7bxprdIA3QwZrRHha4+QmqKG8lHw+Rg8Hkrh0yK Kd+DluB2ClC2ZO3+frJl/wXV4pdRTR3OOJO3x9kDl94ckHVuY9HBNh7NryZUVhKPLkm8 m2p2GEwzlUQm+fv24ic8ouV0Q2kk7kraomYwxRnRsZmIvk/kxtbe+SelEWREW1kkl1ej O99Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1761796295; x=1762401095; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MN0fRpH/PCnIiX5ASSuQg4IoluSNnvJUR3iBGHC2JFI=; b=Rv1nKUuHTSM6o+cj6KHEnyJ6UUKKR67jBSTWs7nuqMNcK3sBa9boHsB9ahrPd5SIpL oJtyFWuNxXBAvrlYjXLxmSJljUFMun2N1XPL33qi7kIy8o/1D3KGaqy0d//mMUobCNdd 4L43f1oHeg+X+9wf6+DtwEPkLAfKWwOmG1yoN3wxRNYUetn9AMS/5ZkEr9TgZxRHTz9y IT4pMiILBdiouLYkGERpsdn/bkGdbw9znE3r62hcAgDPG2IkSF1RqSOzgg+uP4yaPUE3 Nhpe7RJB3dnEUyV3K1KVHS86nUp0qNHgifviXAfXchfR9Uppy64gXxDU4a6fH1l4J9wU H01Q== X-Gm-Message-State: AOJu0YzdjZM1+unMxLxK3j6sbLoiF8nSt9elH/BabTeO1nIh+0uaQz7d C/H046rYaXMxhICCpW3Lo01q1PV/MkfsZIKda1JUVbcrUUBQ8/qzSg5T X-Gm-Gg: ASbGncsAi1bgIm8Ot+1QPOnRxPdvyz+DB2m2TsXZVRBVGMyfkJbpRQP+812P0U0v3fF eVarnEAdv5sN/ioeqArMZG/ZsGPQcVvb7vvt7bab+nh1Y/9SUyw6NBNCpY/mvTctLMKIqxd0hlc +h/+v++M/MfSWEE7OMCjslxmtFXY/wM9TDgGuFWNehFBMxpr/3YwXqEGjRyVIkvYAWamEGHNr6e M4/+cjrnMU0iyf0ztDSJaiLq037q3Visx1s3NM9zNMrCTwohS98ux6DAERYtHXfTmlq5/I4n/eC /oNmqjstUamKyy53FS9qPn6V+FFQ7++43aOkKVmK5HUH5mMB87GMEWjXBv2abL2asAIzCZ6U8GO DAXlcrwRUrzcq8twPgzCGR/hmLrFl63uPAO9i+uQIQVWwIJidhdV2lM/yQu0FGrCUXGzxWLUelt iH5Jlo9lYXDWiQfSDaLjgwVuCLmLODGEdVvyeXAv21SoFQO8bCGwDzVfQ7T9tFSHRKkL8DWLrvk IZu3ikZwA== X-Google-Smtp-Source: AGHT+IFDmCt6OxS1lG5usvyxQO/ayx75zbEn+wDdcRO8migbMEW884MG+r2fTQz9vUZXdmTRBF86sg== X-Received: by 2002:a17:903:2344:b0:24c:d0b3:3b20 with SMTP id d9443c01a7336-294ede8b3d5mr19471615ad.37.1761796294581; Wed, 29 Oct 2025 20:51:34 -0700 (PDT) Received: from toolbx.alistair23.me (2403-580b-97e8-0-82ce-f179-8a79-69f4.ip6.aussiebb.net. [2403:580b:97e8:0:82ce:f179:8a79:69f4]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-29498cf3381sm167953225ad.16.2025.10.29.20.51.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 29 Oct 2025 20:51:34 -0700 (PDT) From: alistair23@gmail.com X-Google-Original-From: alistair.francis@wdc.com To: kbusch@kernel.org, axboe@kernel.dk, hch@lst.de, sagi@grimberg.me, hare@suse.de, kch@nvidia.com, linux-nvme@lists.infradead.org Cc: linux-kernel@vger.kernel.org, alistair23@gmail.com, Alistair Francis Subject: [PATCH 2/3] nvmet-tcp: Don't free SQ on authentication success Date: Thu, 30 Oct 2025 13:51:13 +1000 Message-ID: <20251030035114.16840-3-alistair.francis@wdc.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251030035114.16840-1-alistair.francis@wdc.com> References: <20251030035114.16840-1-alistair.francis@wdc.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Alistair Francis Curently after the host sends a REPLACETLSPSK we free the TLS keys as part of calling nvmet_auth_sq_free() on success. This means when the host sends a follow up REPLACETLSPSK we return CONCAT_MISMATCH as the check for !nvmet_queue_tls_keyid(req->sq) fails. This patch ensures we don't free the TLS key on success as we might need it again in the future. Signed-off-by: Alistair Francis --- drivers/nvme/target/fabrics-cmd-auth.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/drivers/nvme/target/fabrics-cmd-auth.c b/drivers/nvme/target/f= abrics-cmd-auth.c index f71456a94b66..5cb857d21dfd 100644 --- a/drivers/nvme/target/fabrics-cmd-auth.c +++ b/drivers/nvme/target/fabrics-cmd-auth.c @@ -574,9 +574,7 @@ void nvmet_execute_auth_receive(struct nvmet_req *req) status =3D nvmet_copy_to_sgl(req, 0, d, al); kfree(d); done: - if (req->sq->dhchap_step =3D=3D NVME_AUTH_DHCHAP_MESSAGE_SUCCESS2) - nvmet_auth_sq_free(req->sq); - else if (req->sq->dhchap_step =3D=3D NVME_AUTH_DHCHAP_MESSAGE_FAILURE1) { + if (req->sq->dhchap_step =3D=3D NVME_AUTH_DHCHAP_MESSAGE_FAILURE1) { nvmet_auth_sq_free(req->sq); nvmet_ctrl_fatal_error(ctrl); } --=20 2.51.0 From nobody Sun Dec 14 05:53:23 2025 Received: from mail-pg1-f172.google.com (mail-pg1-f172.google.com [209.85.215.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D79E8248F4D for ; Thu, 30 Oct 2025 03:51:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.172 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761796301; cv=none; b=h9bYHiWnlvWR8aghmiANuHcVw7c3XA1TGr9MVRl0fuqUdNkjmczNsbx1sY53BKqjU9oKla+L69GeLJELctE8GdJs8IhwzYmCsl1qNL3kmodbbRA0z/+/kxLPj0hicyc/ykBhBuHa0OLb643d+TRM2N59vVsw2e2OgXc0w8UkxA0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761796301; c=relaxed/simple; bh=RiFvMaVv/sJhCAnOCv6KXAlMvQC9pAvjdW7FnhsUUv4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=scMnFsqiDfdiAla0m8Ggtd3bJl/o71ACQP5tSH7B7Fdh+cIJHY3Uvlh+W5+SBLaHvQamdzosS0D9jG7z2qm5CH7MolbrR1OrKs59FQZXBsz6HM4ZkkEiAr6CUmiHG8CTx6XMjFfR9nmKnfR61ySUQsX6rWjJL1gK4K93/oux1H8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=DOKaaXU3; arc=none smtp.client-ip=209.85.215.172 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="DOKaaXU3" Received: by mail-pg1-f172.google.com with SMTP id 41be03b00d2f7-b5579235200so354672a12.3 for ; Wed, 29 Oct 2025 20:51:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1761796299; x=1762401099; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Gg57DbX152h+KFFdXgeP517P3SWQLEL3rJ/w0rVMxsg=; b=DOKaaXU3YXnSGtA4HvMwDaTjSAPxp/IkqhvOQnu97ybZ/9eOZBlNtCHpxR2SkkKnig kd7jCSXHq09i0dAU5Dh3015YBO4A5wI+jHGJIIGLY1DFmaMrfEpp+EnVHnf0YRju31oL cQuGV8YXzHS/7k52Wzf8OdiYPxFlIxBLJTwDAqG3ZSYYwlk0fUIUpQeb+ydozkTdhirf V0v/kgYMzNlQ9kzLu7iyQqpqhzI+7xVmBRRKY9ZDRk31rwuQWMhY2VD9aeJt+IwtOCIw bX2gUvqR1N2rhvYGSmH1uBwrViaihb4i6c5u2cya8SVF4f5Yl/zg64MQhBKyDZ5No250 eJxw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1761796299; x=1762401099; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Gg57DbX152h+KFFdXgeP517P3SWQLEL3rJ/w0rVMxsg=; b=NZi9TjyBuHuX66Qy8T1d/Pvqh3aPL6IFszt6VUzXcFNG/pF9GWaeUBk5RZiAnn7aky IwA1YH2tRwXSiwNDodikCHc3Y/i/ztTbzQSkPzbMIyqfckSK44GPfuTRp+YLFR5zL9cY QmAULE8gXuFbKLPz+zbRf01QmmlpwqCQO8f1URepCLHdhLOk1qUThClPNKpsxzNeyatx akW3yMiOa9tg9K21UjyrcyJnSxLCEAn46VOs/eZcQfKXS1KE2M4kRmPFyT0qIIWxCFan 5jT5HtTLaiFwG8bCidlwEpZDl+zM73BBPzQmKXwtFeWMbseYDJulSosL7ZnTPQX35RZk HIKQ== X-Gm-Message-State: AOJu0YxTdhrLbO5dBrakihGEtHNBv8I2QF8If/+n//coQEvrecdkohcB ve1Yxff4jtdm91sa8uiIT09MqY9F9pR5M1A3Ty7xl1HhMDkoJrPKQxZu X-Gm-Gg: ASbGnct/fQLQ1715rb8HHtDaO4KQ9Zw7qCm6M6ofFe3FXKp0j0ddyUPs0+yIARLk83i u7Hgge1xmQO+n+dfrYHFyXUK0SUdn/Re5AvcNxAOEx4VdFpv+CtZ4fKaLfR4I/BDcV9wubzjUjR A7sHdqdkwogyikSCyHVktcwgITUbfmPPZzYMuaCTEYGzAuro3/9esCmOmfzi5puGv0Z+OH0S1QH 2dywhXWeUsdS4Xi0z6rxovDdK0xAR+zz4qlx01lQnNlZMQIoMaOIWDqctvvlNE23HJSSc3fbeMb RTfZkNLFEj6K2R2g14h86+4sdr9wRNbgGQPDKMWtsrdY5cxNz9LLkJm1Xgg3ZzaYbxbLdLJNoOK nMfSYp86hcZr76z+DT5ovAgu8FZfgSWa0rY4M1+SeIuopIXLk0vnBoXy/eWRPnrB7SzfRn6sa0S fwFJcpDI5qxI/cdsJvDWtgqZ9qc4gOjTt0KhWll6ajrdMNTDtlIn/GPYY6sfx5UZi0iMOnkxIFW XAlyByBIb5rzi/v1pOQ X-Google-Smtp-Source: AGHT+IECB4TP3ESqGiKQRZGuWO+zfnfT3ZOQklY1c2ma3P3YZVJziVDmG63qsEJkvCKs8lpqrnfA3w== X-Received: by 2002:a17:903:2284:b0:294:90cf:699c with SMTP id d9443c01a7336-294dee209f0mr60182985ad.16.1761796299023; Wed, 29 Oct 2025 20:51:39 -0700 (PDT) Received: from toolbx.alistair23.me (2403-580b-97e8-0-82ce-f179-8a79-69f4.ip6.aussiebb.net. [2403:580b:97e8:0:82ce:f179:8a79:69f4]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-29498cf3381sm167953225ad.16.2025.10.29.20.51.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 29 Oct 2025 20:51:38 -0700 (PDT) From: alistair23@gmail.com X-Google-Original-From: alistair.francis@wdc.com To: kbusch@kernel.org, axboe@kernel.dk, hch@lst.de, sagi@grimberg.me, hare@suse.de, kch@nvidia.com, linux-nvme@lists.infradead.org Cc: linux-kernel@vger.kernel.org, alistair23@gmail.com, Alistair Francis Subject: [PATCH 3/3] nvme: Allow reauth from sysfs Date: Thu, 30 Oct 2025 13:51:14 +1000 Message-ID: <20251030035114.16840-4-alistair.francis@wdc.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251030035114.16840-1-alistair.francis@wdc.com> References: <20251030035114.16840-1-alistair.francis@wdc.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Alistair Francis Allow userspace to trigger a reauth (REPLACETLSPSK) from sysfs. This can be done by writing the queue ID to te sysfs file. echo 0 > /sys/devices/virtual/nvme-fabrics/ctl/nvme0/replace_psk Note that only QID 0 (admin queue) is supported. Signed-off-by: Alistair Francis --- drivers/nvme/host/sysfs.c | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/drivers/nvme/host/sysfs.c b/drivers/nvme/host/sysfs.c index 29430949ce2f..f6994f35324f 100644 --- a/drivers/nvme/host/sysfs.c +++ b/drivers/nvme/host/sysfs.c @@ -246,6 +246,32 @@ static ssize_t nuse_show(struct device *dev, struct de= vice_attribute *attr, } static DEVICE_ATTR_RO(nuse); =20 +static ssize_t nvme_sysfs_replace_psk(struct device *dev, + struct device_attribute *attr, const char *buf, + size_t count) +{ + struct nvme_ctrl *ctrl =3D dev_get_drvdata(dev); + int qid, rc; + + rc =3D kstrtoint(buf, 10, &qid); + if (rc) + return rc; + + if (qid >=3D ctrl->queue_count) + return -EINVAL; + + rc =3D nvme_auth_negotiate(ctrl, qid); + if (rc < 0) + return rc; + + rc =3D nvme_auth_wait(ctrl, qid); + if (rc < 0) + return rc; + + return count; +} +static DEVICE_ATTR(replace_psk, S_IWUSR, NULL, nvme_sysfs_replace_psk); + static struct attribute *nvme_ns_attrs[] =3D { &dev_attr_wwid.attr, &dev_attr_uuid.attr, @@ -747,6 +773,7 @@ static struct attribute *nvme_dev_attrs[] =3D { &dev_attr_dhchap_ctrl_secret.attr, #endif &dev_attr_adm_passthru_err_log_enabled.attr, + &dev_attr_replace_psk.attr, NULL }; =20 @@ -776,6 +803,10 @@ static umode_t nvme_dev_attrs_are_visible(struct kobje= ct *kobj, if (a =3D=3D &dev_attr_dhchap_ctrl_secret.attr && !ctrl->opts) return 0; #endif + if (a =3D=3D &dev_attr_replace_psk.attr) { + if (!ctrl->opts || !ctrl->opts->concat) + return 0; + } =20 return a->mode; } --=20 2.51.0