From: kernel test robot <lkp@intel.com>
To: kbuild-all@lists.01.org
Subject: Re: [PATCH 11/12] nvmet-auth: Diffie-Hellman key exchange support
Date: Sun, 12 Sep 2021 07:47:12 +0800 [thread overview]
Message-ID: <202109120742.4R2a7UQU-lkp@intel.com> (raw)
In-Reply-To: <20210910064322.67705-12-hare@suse.de>
[-- Attachment #1: Type: text/plain, Size: 8976 bytes --]
Hi Hannes,
I love your patch! Perhaps something to improve:
[auto build test WARNING on linus/master]
[also build test WARNING on v5.14 next-20210910]
[cannot apply to cryptodev/master crypto/master linux-nvme/for-next]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/Hannes-Reinecke/nvme-In-band-authentication-support/20210910-144627
base: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git bf9f243f23e6623f310ba03fbb14e10ec3a61290
config: powerpc-randconfig-s032-20210911 (attached as .config)
compiler: powerpc64-linux-gcc (GCC) 11.2.0
reproduce:
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# apt-get install sparse
# sparse version: v0.6.4-dirty
# https://github.com/0day-ci/linux/commit/3439accdd50a505d2d15d42f298b5e2d727a5607
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Hannes-Reinecke/nvme-In-band-authentication-support/20210910-144627
git checkout 3439accdd50a505d2d15d42f298b5e2d727a5607
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-11.2.0 make.cross C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' ARCH=powerpc
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
sparse warnings: (new ones prefixed by >>)
drivers/nvme/target/fabrics-cmd-auth.c:20:30: sparse: sparse: invalid assignment: |=
drivers/nvme/target/fabrics-cmd-auth.c:20:30: sparse: left side has type restricted __le32
drivers/nvme/target/fabrics-cmd-auth.c:20:30: sparse: right side has type int
>> drivers/nvme/target/fabrics-cmd-auth.c:108:49: sparse: sparse: incorrect type in argument 3 (different base types) @@ expected int buf_size @@ got restricted __le16 [usertype] dhvlen @@
drivers/nvme/target/fabrics-cmd-auth.c:108:49: sparse: expected int buf_size
drivers/nvme/target/fabrics-cmd-auth.c:108:49: sparse: got restricted __le16 [usertype] dhvlen
>> drivers/nvme/target/fabrics-cmd-auth.c:344:30: sparse: sparse: incorrect type in assignment (different base types) @@ expected restricted __le16 [usertype] dhvlen @@ got unsigned int [usertype] dh_keysize @@
drivers/nvme/target/fabrics-cmd-auth.c:344:30: sparse: expected restricted __le16 [usertype] dhvlen
drivers/nvme/target/fabrics-cmd-auth.c:344:30: sparse: got unsigned int [usertype] dh_keysize
drivers/nvme/target/fabrics-cmd-auth.c:346:55: sparse: sparse: incorrect type in argument 3 (different base types) @@ expected int buf_size @@ got restricted __le16 [usertype] dhvlen @@
drivers/nvme/target/fabrics-cmd-auth.c:346:55: sparse: expected int buf_size
drivers/nvme/target/fabrics-cmd-auth.c:346:55: sparse: got restricted __le16 [usertype] dhvlen
drivers/nvme/target/fabrics-cmd-auth.c:383:20: sparse: sparse: incorrect type in assignment (different base types) @@ expected restricted __le16 [usertype] t_id @@ got restricted __le32 [usertype] @@
drivers/nvme/target/fabrics-cmd-auth.c:383:20: sparse: expected restricted __le16 [usertype] t_id
drivers/nvme/target/fabrics-cmd-auth.c:383:20: sparse: got restricted __le32 [usertype]
vim +108 drivers/nvme/target/fabrics-cmd-auth.c
14
15 void nvmet_init_auth(struct nvmet_ctrl *ctrl, struct nvmet_req *req)
16 {
17 /* Initialize in-band authentication */
18 req->sq->authenticated = false;
19 req->sq->dhchap_step = NVME_AUTH_DHCHAP_MESSAGE_NEGOTIATE;
> 20 req->cqe->result.u32 |= 0x2 << 16;
21 }
22
23 static u16 nvmet_auth_negotiate(struct nvmet_req *req, void *d)
24 {
25 struct nvmet_ctrl *ctrl = req->sq->ctrl;
26 struct nvmf_auth_dhchap_negotiate_data *data = d;
27 int i, hash_id, null_dh = -1;
28
29 pr_debug("%s: ctrl %d qid %d: data sc_d %d napd %d authid %d halen %d dhlen %d\n",
30 __func__, ctrl->cntlid, req->sq->qid,
31 data->sc_c, data->napd, data->auth_protocol[0].dhchap.authid,
32 data->auth_protocol[0].dhchap.halen,
33 data->auth_protocol[0].dhchap.dhlen);
34 req->sq->dhchap_tid = le16_to_cpu(data->t_id);
35 if (data->sc_c)
36 return NVME_AUTH_DHCHAP_FAILURE_CONCAT_MISMATCH;
37
38 if (data->napd != 1)
39 return NVME_AUTH_DHCHAP_FAILURE_HASH_UNUSABLE;
40
41 if (data->auth_protocol[0].dhchap.authid !=
42 NVME_AUTH_DHCHAP_AUTH_ID)
43 return NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;
44
45 hash_id = 0;
46 for (i = 0; i < data->auth_protocol[0].dhchap.halen; i++) {
47 if (ctrl->shash_id != data->auth_protocol[0].dhchap.idlist[i])
48 continue;
49 hash_id = ctrl->shash_id;
50 break;
51 }
52 if (hash_id == 0) {
53 pr_debug("%s: ctrl %d qid %d: no usable hash found\n",
54 __func__, ctrl->cntlid, req->sq->qid);
55 return NVME_AUTH_DHCHAP_FAILURE_HASH_UNUSABLE;
56 }
57
58 for (i = data->auth_protocol[0].dhchap.halen;
59 i < data->auth_protocol[0].dhchap.halen +
60 data->auth_protocol[0].dhchap.dhlen; i++) {
61 int dhgid = data->auth_protocol[0].dhchap.idlist[i];
62
63 if (dhgid == NVME_AUTH_DHCHAP_DHGROUP_NULL) {
64 null_dh = dhgid;
65 continue;
66 }
67 if (ctrl->dh_tfm && ctrl->dh_gid == dhgid) {
68 pr_debug("%s: ctrl %d qid %d: reusing existing DH group %d\n",
69 __func__, ctrl->cntlid, req->sq->qid, dhgid);
70 break;
71 }
72 if (nvmet_setup_dhgroup(ctrl, dhgid) < 0)
73 continue;
74 if (nvme_auth_gen_privkey(ctrl->dh_tfm, dhgid) == 0)
75 break;
76 crypto_free_kpp(ctrl->dh_tfm);
77 ctrl->dh_tfm = NULL;
78 ctrl->dh_gid = 0;
79 }
80 if (!ctrl->dh_tfm && null_dh < 0) {
81 pr_debug("%s: ctrl %d qid %d: no DH group selected\n",
82 __func__, ctrl->cntlid, req->sq->qid);
83 return NVME_AUTH_DHCHAP_FAILURE_DHGROUP_UNUSABLE;
84 }
85 pr_debug("%s: ctrl %d qid %d: DH group %s (%d)\n",
86 __func__, ctrl->cntlid, req->sq->qid,
87 nvme_auth_dhgroup_name(ctrl->dh_gid), ctrl->dh_gid);
88 return 0;
89 }
90
91 static u16 nvmet_auth_reply(struct nvmet_req *req, void *d)
92 {
93 struct nvmet_ctrl *ctrl = req->sq->ctrl;
94 struct nvmf_auth_dhchap_reply_data *data = d;
95 int hash_len = crypto_shash_digestsize(ctrl->shash_tfm);
96 u8 *response;
97
98 pr_debug("%s: ctrl %d qid %d: data hl %d cvalid %d dhvlen %d\n",
99 __func__, ctrl->cntlid, req->sq->qid,
100 data->hl, data->cvalid, data->dhvlen);
101 if (data->hl != hash_len)
102 return NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;
103
104 if (data->dhvlen) {
105 if (!ctrl->dh_tfm)
106 return NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;
107 if (nvmet_auth_ctrl_sesskey(req, data->rval + 2 * data->hl,
> 108 data->dhvlen) < 0)
109 return NVME_AUTH_DHCHAP_FAILURE_DHGROUP_UNUSABLE;
110 }
111
112 response = kmalloc(data->hl, GFP_KERNEL);
113 if (!response)
114 return NVME_AUTH_DHCHAP_FAILURE_FAILED;
115
116 if (nvmet_auth_host_hash(req, response, data->hl) < 0) {
117 pr_debug("ctrl %d qid %d DH-HMAC-CHAP hash failed\n",
118 ctrl->cntlid, req->sq->qid);
119 kfree(response);
120 return NVME_AUTH_DHCHAP_FAILURE_FAILED;
121 }
122
123 if (memcmp(data->rval, response, data->hl)) {
124 pr_info("ctrl %d qid %d DH-HMAC-CHAP response mismatch\n",
125 ctrl->cntlid, req->sq->qid);
126 kfree(response);
127 return NVME_AUTH_DHCHAP_FAILURE_FAILED;
128 }
129 kfree(response);
130 pr_info("ctrl %d qid %d DH-HMAC-CHAP host authenticated\n",
131 ctrl->cntlid, req->sq->qid);
132 if (data->cvalid) {
133 req->sq->dhchap_c2 = kmalloc(data->hl, GFP_KERNEL);
134 if (!req->sq->dhchap_c2)
135 return NVME_AUTH_DHCHAP_FAILURE_FAILED;
136 memcpy(req->sq->dhchap_c2, data->rval + data->hl, data->hl);
137
138 pr_debug("ctrl %d qid %d challenge %*ph\n",
139 ctrl->cntlid, req->sq->qid, data->hl,
140 req->sq->dhchap_c2);
141 req->sq->dhchap_s2 = le32_to_cpu(data->seqnum);
142 } else
143 req->sq->dhchap_c2 = NULL;
144
145 return 0;
146 }
147
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 34691 bytes --]
next prev parent reply other threads:[~2021-09-11 23:47 UTC|newest]
Thread overview: 102+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-10 6:43 [PATCHv3 00/12] nvme: In-band authentication support Hannes Reinecke
2021-09-10 6:43 ` Hannes Reinecke
2021-09-10 6:43 ` [PATCH 01/12] crypto: add crypto_has_shash() Hannes Reinecke
2021-09-10 6:43 ` Hannes Reinecke
2021-09-13 13:15 ` Sagi Grimberg
2021-09-13 13:15 ` Sagi Grimberg
2021-09-16 17:01 ` Chaitanya Kulkarni
2021-09-16 17:01 ` Chaitanya Kulkarni
2021-09-10 6:43 ` [PATCH 02/12] crypto: add crypto_has_kpp() Hannes Reinecke
2021-09-10 6:43 ` Hannes Reinecke
2021-09-13 13:16 ` Sagi Grimberg
2021-09-13 13:16 ` Sagi Grimberg
2021-09-16 17:02 ` Chaitanya Kulkarni
2021-09-16 17:02 ` Chaitanya Kulkarni
2021-09-10 6:43 ` [PATCH 03/12] crypto/ffdhe: Finite Field DH Ephemeral Parameters Hannes Reinecke
2021-09-10 6:43 ` Hannes Reinecke
2021-09-10 6:43 ` [PATCH 04/12] lib/base64: RFC4648-compliant base64 encoding Hannes Reinecke
2021-09-10 6:43 ` Hannes Reinecke
2021-09-10 6:43 ` [PATCH 05/12] nvme: add definitions for NVMe In-Band authentication Hannes Reinecke
2021-09-10 6:43 ` Hannes Reinecke
2021-09-13 13:18 ` Sagi Grimberg
2021-09-13 13:18 ` Sagi Grimberg
2021-09-16 17:04 ` Chaitanya Kulkarni
2021-09-16 17:04 ` Chaitanya Kulkarni
2021-09-17 5:39 ` Hannes Reinecke
2021-09-17 5:39 ` Hannes Reinecke
2021-09-10 6:43 ` [PATCH 06/12] nvme-fabrics: decode 'authentication required' connect error Hannes Reinecke
2021-09-10 6:43 ` Hannes Reinecke
2021-09-13 13:18 ` Sagi Grimberg
2021-09-13 13:18 ` Sagi Grimberg
2021-09-16 17:04 ` Chaitanya Kulkarni
2021-09-16 17:04 ` Chaitanya Kulkarni
2021-09-10 6:43 ` [PATCH 07/12] nvme: Implement In-Band authentication Hannes Reinecke
2021-09-10 6:43 ` Hannes Reinecke
2021-09-13 13:55 ` Sagi Grimberg
2021-09-13 13:55 ` Sagi Grimberg
2021-09-13 14:33 ` Hannes Reinecke
2021-09-13 14:33 ` Hannes Reinecke
2021-09-14 7:06 ` Sagi Grimberg
2021-09-14 7:06 ` Sagi Grimberg
2021-09-14 7:19 ` Hannes Reinecke
2021-09-14 7:19 ` Hannes Reinecke
2021-09-16 17:23 ` Chaitanya Kulkarni
2021-09-26 22:04 ` Sagi Grimberg
2021-09-26 22:04 ` Sagi Grimberg
2021-09-27 7:26 ` Hannes Reinecke
2021-09-27 7:26 ` Hannes Reinecke
2021-09-27 7:52 ` Sagi Grimberg
2021-09-27 7:52 ` Sagi Grimberg
2021-09-26 22:53 ` Sagi Grimberg
2021-09-26 22:53 ` Sagi Grimberg
2021-09-27 5:48 ` Hannes Reinecke
2021-09-27 5:48 ` Hannes Reinecke
2021-09-27 7:52 ` Sagi Grimberg
2021-09-27 7:52 ` Sagi Grimberg
2021-09-10 6:43 ` [PATCH 08/12] nvme-auth: Diffie-Hellman key exchange support Hannes Reinecke
2021-09-10 6:43 ` Hannes Reinecke
2021-09-11 22:22 ` kernel test robot
2021-09-10 6:43 ` [PATCH 09/12] nvmet: Parse fabrics commands on all queues Hannes Reinecke
2021-09-10 6:43 ` Hannes Reinecke
2021-09-13 13:56 ` Sagi Grimberg
2021-09-13 13:56 ` Sagi Grimberg
2021-09-10 6:43 ` [PATCH 10/12] nvmet: Implement basic In-Band Authentication Hannes Reinecke
2021-09-10 6:43 ` Hannes Reinecke
2021-09-11 23:10 ` kernel test robot
2021-09-26 14:30 ` Sagi Grimberg
2021-09-26 14:30 ` Sagi Grimberg
2021-09-26 22:51 ` Sagi Grimberg
2021-09-26 22:51 ` Sagi Grimberg
2021-09-27 6:40 ` Hannes Reinecke
2021-09-27 6:40 ` Hannes Reinecke
2021-09-27 7:17 ` Hannes Reinecke
2021-09-27 7:17 ` Hannes Reinecke
2021-09-27 7:55 ` Sagi Grimberg
2021-09-27 7:55 ` Sagi Grimberg
2021-09-27 8:28 ` Hannes Reinecke
2021-09-27 8:28 ` Hannes Reinecke
2021-09-28 22:36 ` Sagi Grimberg
2021-09-28 22:36 ` Sagi Grimberg
2021-09-29 6:01 ` Hannes Reinecke
2021-09-29 6:01 ` Hannes Reinecke
2021-09-10 6:43 ` [PATCH 11/12] nvmet-auth: Diffie-Hellman key exchange support Hannes Reinecke
2021-09-10 6:43 ` Hannes Reinecke
2021-09-11 23:47 ` kernel test robot [this message]
2021-09-10 6:43 ` [PATCH 12/12] nvmet-auth: expire authentication sessions Hannes Reinecke
2021-09-10 6:43 ` Hannes Reinecke
2021-09-13 9:16 ` [PATCHv3 00/12] nvme: In-band authentication support Sagi Grimberg
2021-09-13 9:16 ` Sagi Grimberg
2021-09-13 9:43 ` Hannes Reinecke
2021-09-13 9:43 ` Hannes Reinecke
2021-09-19 10:02 ` Sagi Grimberg
2021-09-19 10:02 ` Sagi Grimberg
-- strict thread matches above, loose matches on Subject: below --
2021-09-28 6:03 [PATCHv4 " Hannes Reinecke
2021-09-28 6:03 ` [PATCH 11/12] nvmet-auth: Diffie-Hellman key exchange support Hannes Reinecke
2021-09-28 6:03 ` Hannes Reinecke
2021-11-12 12:59 [PATCHv5 00/12] nvme: In-band authentication support Hannes Reinecke
2021-11-12 12:59 ` [PATCH 11/12] nvmet-auth: Diffie-Hellman key exchange support Hannes Reinecke
2021-11-19 19:34 ` kernel test robot
2021-11-22 7:47 [PATCHv6 00/12] nvme: In-band authentication support Hannes Reinecke
2021-11-22 7:47 ` [PATCH 11/12] nvmet-auth: Diffie-Hellman key exchange support Hannes Reinecke
2021-11-23 12:37 [PATCHv7 00/12] nvme: In-band authentication support Hannes Reinecke
2021-11-23 12:38 ` [PATCH 11/12] nvmet-auth: Diffie-Hellman key exchange support Hannes Reinecke
2021-11-23 15:22 ` kernel test robot
2021-11-26 20:04 ` kernel test robot
2021-11-26 20:04 ` kernel test robot
2021-12-02 15:23 [PATCHv8 00/12] nvme: In-band authentication support Hannes Reinecke
2021-12-02 15:23 ` [PATCH 11/12] nvmet-auth: Diffie-Hellman key exchange support Hannes Reinecke
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202109120742.4R2a7UQU-lkp@intel.com \
--to=lkp@intel.com \
--cc=kbuild-all@lists.01.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.