Lines Matching full:ctrl
23 struct nvme_ctrl *ctrl; member
52 #define nvme_auth_queue_from_qid(ctrl, qid) \ argument
53 (qid == 0) ? (ctrl)->fabrics_q : (ctrl)->connect_q
55 static inline int ctrl_max_dhchaps(struct nvme_ctrl *ctrl) in ctrl_max_dhchaps() argument
57 return ctrl->opts->nr_io_queues + ctrl->opts->nr_write_queues + in ctrl_max_dhchaps()
58 ctrl->opts->nr_poll_queues + 1; in ctrl_max_dhchaps()
61 static int nvme_auth_submit(struct nvme_ctrl *ctrl, int qid, in nvme_auth_submit() argument
66 struct request_queue *q = nvme_auth_queue_from_qid(ctrl, qid); in nvme_auth_submit()
85 dev_warn(ctrl->device, in nvme_auth_submit()
88 dev_err(ctrl->device, in nvme_auth_submit()
93 static int nvme_auth_receive_validate(struct nvme_ctrl *ctrl, int qid, in nvme_auth_receive_validate() argument
97 dev_dbg(ctrl->device, "%s: qid %d auth_type %d auth_id %x\n", in nvme_auth_receive_validate()
106 dev_warn(ctrl->device, in nvme_auth_receive_validate()
112 dev_warn(ctrl->device, in nvme_auth_receive_validate()
120 static int nvme_auth_set_dhchap_negotiate_data(struct nvme_ctrl *ctrl, in nvme_auth_set_dhchap_negotiate_data() argument
152 static int nvme_auth_process_dhchap_challenge(struct nvme_ctrl *ctrl, in nvme_auth_process_dhchap_challenge() argument
168 dev_warn(ctrl->device, in nvme_auth_process_dhchap_challenge()
178 dev_dbg(ctrl->device, in nvme_auth_process_dhchap_challenge()
193 dev_warn(ctrl->device, in nvme_auth_process_dhchap_challenge()
202 dev_warn(ctrl->device, in nvme_auth_process_dhchap_challenge()
213 dev_dbg(ctrl->device, "qid %d: selected hash %s\n", in nvme_auth_process_dhchap_challenge()
219 dev_warn(ctrl->device, in nvme_auth_process_dhchap_challenge()
229 dev_dbg(ctrl->device, in nvme_auth_process_dhchap_challenge()
243 dev_warn(ctrl->device, in nvme_auth_process_dhchap_challenge()
254 dev_warn(ctrl->device, in nvme_auth_process_dhchap_challenge()
261 dev_dbg(ctrl->device, "qid %d: selected DH group %s\n", in nvme_auth_process_dhchap_challenge()
264 dev_warn(ctrl->device, in nvme_auth_process_dhchap_challenge()
284 dev_dbg(ctrl->device, "ctrl public key %*ph\n", in nvme_auth_process_dhchap_challenge()
291 static int nvme_auth_set_dhchap_reply_data(struct nvme_ctrl *ctrl, in nvme_auth_set_dhchap_reply_data() argument
314 if (ctrl->ctrl_key) { in nvme_auth_set_dhchap_reply_data()
320 dev_dbg(ctrl->device, "%s: qid %d ctrl challenge %*ph\n", in nvme_auth_set_dhchap_reply_data()
328 dev_dbg(ctrl->device, "%s: qid %d host public key %*ph\n", in nvme_auth_set_dhchap_reply_data()
338 static int nvme_auth_process_dhchap_success1(struct nvme_ctrl *ctrl, in nvme_auth_process_dhchap_success1() argument
353 dev_warn(ctrl->device, in nvme_auth_process_dhchap_success1()
362 dev_info(ctrl->device, in nvme_auth_process_dhchap_success1()
372 dev_dbg(ctrl->device, "%s: qid %d ctrl response %*ph\n", in nvme_auth_process_dhchap_success1()
374 dev_dbg(ctrl->device, "%s: qid %d host response %*ph\n", in nvme_auth_process_dhchap_success1()
377 dev_warn(ctrl->device, in nvme_auth_process_dhchap_success1()
386 dev_info(ctrl->device, in nvme_auth_process_dhchap_success1()
391 static int nvme_auth_set_dhchap_success2_data(struct nvme_ctrl *ctrl, in nvme_auth_set_dhchap_success2_data() argument
405 static int nvme_auth_set_dhchap_failure2_data(struct nvme_ctrl *ctrl, in nvme_auth_set_dhchap_failure2_data() argument
421 static int nvme_auth_dhchap_setup_host_response(struct nvme_ctrl *ctrl, in nvme_auth_dhchap_setup_host_response() argument
428 dev_dbg(ctrl->device, "%s: qid %d host response seq %u transaction %d\n", in nvme_auth_dhchap_setup_host_response()
432 chap->host_response = nvme_auth_transform_key(ctrl->host_key, in nvme_auth_dhchap_setup_host_response()
433 ctrl->opts->host->nqn); in nvme_auth_dhchap_setup_host_response()
440 dev_dbg(ctrl->device, "%s: qid %d re-using host response\n", in nvme_auth_dhchap_setup_host_response()
445 chap->host_response, ctrl->host_key->len); in nvme_auth_dhchap_setup_host_response()
447 dev_warn(ctrl->device, "qid %d: failed to set key, error %d\n", in nvme_auth_dhchap_setup_host_response()
489 ret = crypto_shash_update(shash, ctrl->opts->host->nqn, in nvme_auth_dhchap_setup_host_response()
490 strlen(ctrl->opts->host->nqn)); in nvme_auth_dhchap_setup_host_response()
496 ret = crypto_shash_update(shash, ctrl->opts->subsysnqn, in nvme_auth_dhchap_setup_host_response()
497 strlen(ctrl->opts->subsysnqn)); in nvme_auth_dhchap_setup_host_response()
507 static int nvme_auth_dhchap_setup_ctrl_response(struct nvme_ctrl *ctrl, in nvme_auth_dhchap_setup_ctrl_response() argument
515 ctrl_response = nvme_auth_transform_key(ctrl->ctrl_key, in nvme_auth_dhchap_setup_ctrl_response()
516 ctrl->opts->subsysnqn); in nvme_auth_dhchap_setup_ctrl_response()
523 ctrl_response, ctrl->ctrl_key->len); in nvme_auth_dhchap_setup_ctrl_response()
525 dev_warn(ctrl->device, "qid %d: failed to set key, error %d\n", in nvme_auth_dhchap_setup_ctrl_response()
544 dev_dbg(ctrl->device, "%s: qid %d ctrl response seq %u transaction %d\n", in nvme_auth_dhchap_setup_ctrl_response()
546 dev_dbg(ctrl->device, "%s: qid %d challenge %*ph\n", in nvme_auth_dhchap_setup_ctrl_response()
548 dev_dbg(ctrl->device, "%s: qid %d subsysnqn %s\n", in nvme_auth_dhchap_setup_ctrl_response()
549 __func__, chap->qid, ctrl->opts->subsysnqn); in nvme_auth_dhchap_setup_ctrl_response()
550 dev_dbg(ctrl->device, "%s: qid %d hostnqn %s\n", in nvme_auth_dhchap_setup_ctrl_response()
551 __func__, chap->qid, ctrl->opts->host->nqn); in nvme_auth_dhchap_setup_ctrl_response()
574 ret = crypto_shash_update(shash, ctrl->opts->subsysnqn, in nvme_auth_dhchap_setup_ctrl_response()
575 strlen(ctrl->opts->subsysnqn)); in nvme_auth_dhchap_setup_ctrl_response()
581 ret = crypto_shash_update(shash, ctrl->opts->host->nqn, in nvme_auth_dhchap_setup_ctrl_response()
582 strlen(ctrl->opts->host->nqn)); in nvme_auth_dhchap_setup_ctrl_response()
593 static int nvme_auth_dhchap_exponential(struct nvme_ctrl *ctrl, in nvme_auth_dhchap_exponential() argument
599 dev_dbg(ctrl->device, in nvme_auth_dhchap_exponential()
620 dev_dbg(ctrl->device, in nvme_auth_dhchap_exponential()
639 dev_dbg(ctrl->device, in nvme_auth_dhchap_exponential()
644 dev_dbg(ctrl->device, "shared secret %*ph\n", in nvme_auth_dhchap_exponential()
686 struct nvme_ctrl *ctrl = chap->ctrl; in nvme_queue_auth_work() local
700 chap->transaction = ctrl->transaction++; in nvme_queue_auth_work()
703 dev_dbg(ctrl->device, "%s: qid %d send negotiate\n", in nvme_queue_auth_work()
705 ret = nvme_auth_set_dhchap_negotiate_data(ctrl, chap); in nvme_queue_auth_work()
711 ret = nvme_auth_submit(ctrl, chap->qid, chap->buf, tl, true); in nvme_queue_auth_work()
718 dev_dbg(ctrl->device, "%s: qid %d receive challenge\n", in nvme_queue_auth_work()
722 ret = nvme_auth_submit(ctrl, chap->qid, chap->buf, CHAP_BUF_SIZE, in nvme_queue_auth_work()
725 dev_warn(ctrl->device, in nvme_queue_auth_work()
731 ret = nvme_auth_receive_validate(ctrl, chap->qid, chap->buf, chap->transaction, in nvme_queue_auth_work()
739 ret = nvme_auth_process_dhchap_challenge(ctrl, chap); in nvme_queue_auth_work()
747 dev_dbg(ctrl->device, in nvme_queue_auth_work()
750 ret = nvme_auth_dhchap_exponential(ctrl, chap); in nvme_queue_auth_work()
757 dev_dbg(ctrl->device, "%s: qid %d host response\n", in nvme_queue_auth_work()
759 mutex_lock(&ctrl->dhchap_auth_mutex); in nvme_queue_auth_work()
760 ret = nvme_auth_dhchap_setup_host_response(ctrl, chap); in nvme_queue_auth_work()
762 mutex_unlock(&ctrl->dhchap_auth_mutex); in nvme_queue_auth_work()
766 mutex_unlock(&ctrl->dhchap_auth_mutex); in nvme_queue_auth_work()
769 dev_dbg(ctrl->device, "%s: qid %d send reply\n", in nvme_queue_auth_work()
771 ret = nvme_auth_set_dhchap_reply_data(ctrl, chap); in nvme_queue_auth_work()
778 ret = nvme_auth_submit(ctrl, chap->qid, chap->buf, tl, true); in nvme_queue_auth_work()
785 dev_dbg(ctrl->device, "%s: qid %d receive success1\n", in nvme_queue_auth_work()
789 ret = nvme_auth_submit(ctrl, chap->qid, chap->buf, CHAP_BUF_SIZE, in nvme_queue_auth_work()
792 dev_warn(ctrl->device, in nvme_queue_auth_work()
798 ret = nvme_auth_receive_validate(ctrl, chap->qid, in nvme_queue_auth_work()
807 mutex_lock(&ctrl->dhchap_auth_mutex); in nvme_queue_auth_work()
808 if (ctrl->ctrl_key) { in nvme_queue_auth_work()
809 dev_dbg(ctrl->device, in nvme_queue_auth_work()
812 ret = nvme_auth_dhchap_setup_ctrl_response(ctrl, chap); in nvme_queue_auth_work()
814 mutex_unlock(&ctrl->dhchap_auth_mutex); in nvme_queue_auth_work()
819 mutex_unlock(&ctrl->dhchap_auth_mutex); in nvme_queue_auth_work()
821 ret = nvme_auth_process_dhchap_success1(ctrl, chap); in nvme_queue_auth_work()
830 dev_dbg(ctrl->device, "%s: qid %d send success2\n", in nvme_queue_auth_work()
832 tl = nvme_auth_set_dhchap_success2_data(ctrl, chap); in nvme_queue_auth_work()
833 ret = nvme_auth_submit(ctrl, chap->qid, chap->buf, tl, true); in nvme_queue_auth_work()
845 dev_dbg(ctrl->device, "%s: qid %d send failure2, status %x\n", in nvme_queue_auth_work()
847 tl = nvme_auth_set_dhchap_failure2_data(ctrl, chap); in nvme_queue_auth_work()
848 ret = nvme_auth_submit(ctrl, chap->qid, chap->buf, tl, true); in nvme_queue_auth_work()
857 int nvme_auth_negotiate(struct nvme_ctrl *ctrl, int qid) in nvme_auth_negotiate() argument
861 if (!ctrl->host_key) { in nvme_auth_negotiate()
862 dev_warn(ctrl->device, "qid %d: no key\n", qid); in nvme_auth_negotiate()
866 if (ctrl->opts->dhchap_ctrl_secret && !ctrl->ctrl_key) { in nvme_auth_negotiate()
867 dev_warn(ctrl->device, "qid %d: invalid ctrl key\n", qid); in nvme_auth_negotiate()
871 chap = &ctrl->dhchap_ctxs[qid]; in nvme_auth_negotiate()
878 int nvme_auth_wait(struct nvme_ctrl *ctrl, int qid) in nvme_auth_wait() argument
883 chap = &ctrl->dhchap_ctxs[qid]; in nvme_auth_wait()
894 struct nvme_ctrl *ctrl = in nvme_ctrl_auth_work() local
899 * If the ctrl is no connected, bail as reconnect will handle in nvme_ctrl_auth_work()
902 if (ctrl->state != NVME_CTRL_LIVE) in nvme_ctrl_auth_work()
906 ret = nvme_auth_negotiate(ctrl, 0); in nvme_ctrl_auth_work()
908 dev_warn(ctrl->device, in nvme_ctrl_auth_work()
912 ret = nvme_auth_wait(ctrl, 0); in nvme_ctrl_auth_work()
914 dev_warn(ctrl->device, in nvme_ctrl_auth_work()
919 for (q = 1; q < ctrl->queue_count; q++) { in nvme_ctrl_auth_work()
920 ret = nvme_auth_negotiate(ctrl, q); in nvme_ctrl_auth_work()
922 dev_warn(ctrl->device, in nvme_ctrl_auth_work()
933 for (q = 1; q < ctrl->queue_count; q++) { in nvme_ctrl_auth_work()
934 ret = nvme_auth_wait(ctrl, q); in nvme_ctrl_auth_work()
936 dev_warn(ctrl->device, in nvme_ctrl_auth_work()
941 int nvme_auth_init_ctrl(struct nvme_ctrl *ctrl) in nvme_auth_init_ctrl() argument
946 mutex_init(&ctrl->dhchap_auth_mutex); in nvme_auth_init_ctrl()
947 INIT_WORK(&ctrl->dhchap_auth_work, nvme_ctrl_auth_work); in nvme_auth_init_ctrl()
948 if (!ctrl->opts) in nvme_auth_init_ctrl()
950 ret = nvme_auth_generate_key(ctrl->opts->dhchap_secret, in nvme_auth_init_ctrl()
951 &ctrl->host_key); in nvme_auth_init_ctrl()
954 ret = nvme_auth_generate_key(ctrl->opts->dhchap_ctrl_secret, in nvme_auth_init_ctrl()
955 &ctrl->ctrl_key); in nvme_auth_init_ctrl()
959 if (!ctrl->opts->dhchap_secret && !ctrl->opts->dhchap_ctrl_secret) in nvme_auth_init_ctrl()
962 ctrl->dhchap_ctxs = kvcalloc(ctrl_max_dhchaps(ctrl), in nvme_auth_init_ctrl()
964 if (!ctrl->dhchap_ctxs) { in nvme_auth_init_ctrl()
969 for (i = 0; i < ctrl_max_dhchaps(ctrl); i++) { in nvme_auth_init_ctrl()
970 chap = &ctrl->dhchap_ctxs[i]; in nvme_auth_init_ctrl()
972 chap->ctrl = ctrl; in nvme_auth_init_ctrl()
978 nvme_auth_free_key(ctrl->ctrl_key); in nvme_auth_init_ctrl()
979 ctrl->ctrl_key = NULL; in nvme_auth_init_ctrl()
981 nvme_auth_free_key(ctrl->host_key); in nvme_auth_init_ctrl()
982 ctrl->host_key = NULL; in nvme_auth_init_ctrl()
987 void nvme_auth_stop(struct nvme_ctrl *ctrl) in nvme_auth_stop() argument
989 cancel_work_sync(&ctrl->dhchap_auth_work); in nvme_auth_stop()
993 void nvme_auth_free(struct nvme_ctrl *ctrl) in nvme_auth_free() argument
997 if (ctrl->dhchap_ctxs) { in nvme_auth_free()
998 for (i = 0; i < ctrl_max_dhchaps(ctrl); i++) in nvme_auth_free()
999 nvme_auth_free_dhchap(&ctrl->dhchap_ctxs[i]); in nvme_auth_free()
1000 kfree(ctrl->dhchap_ctxs); in nvme_auth_free()
1002 if (ctrl->host_key) { in nvme_auth_free()
1003 nvme_auth_free_key(ctrl->host_key); in nvme_auth_free()
1004 ctrl->host_key = NULL; in nvme_auth_free()
1006 if (ctrl->ctrl_key) { in nvme_auth_free()
1007 nvme_auth_free_key(ctrl->ctrl_key); in nvme_auth_free()
1008 ctrl->ctrl_key = NULL; in nvme_auth_free()