From: hare@kernel.org
To: Christoph Hellwig <hch@lst.de>
Cc: Keith Busch <kbusch@kernel.org>, Sagi Grimberg <sagi@grimberg.me>,
linux-nvme@lists.infradead.org, Hannes Reinecke <hare@suse.de>
Subject: [PATCH 07/13] nvme-tcp: check for invalidated or revoked key
Date: Sat, 27 Jan 2024 10:30:52 +0100 [thread overview]
Message-ID: <20240127093058.15699-8-hare@kernel.org> (raw)
In-Reply-To: <20240127093058.15699-1-hare@kernel.org>
From: Hannes Reinecke <hare@suse.de>
key_lookup() will always return a key, even if that key is revoked
or invalidated. So check for invalid keys before continuing.
Signed-off-by: Hannes Reinecke <hare@suse.de>
---
drivers/nvme/host/fabrics.c | 7 ++++++-
drivers/nvme/host/sysfs.c | 9 +++++++--
drivers/nvme/host/tcp.c | 8 +++++++-
3 files changed, 20 insertions(+), 4 deletions(-)
diff --git a/drivers/nvme/host/fabrics.c b/drivers/nvme/host/fabrics.c
index aa88606a44c4..a7da088331dc 100644
--- a/drivers/nvme/host/fabrics.c
+++ b/drivers/nvme/host/fabrics.c
@@ -635,7 +635,12 @@ static struct key *nvmf_parse_key(int key_id)
key = key_lookup(key_id);
if (!IS_ERR(key))
pr_err("key id %08x not found\n", key_id);
- else
+ else if (test_bit(KEY_FLAG_REVOKED, &key->flags) ||
+ test_bit(KEY_FLAG_INVALIDATED, &key->flags)) {
+ pr_err("key id %08x invalid\n", key_id);
+ key_put(key);
+ key = ERR_PTR(-EKEYREVOKED);
+ } else
pr_debug("Using key id %08x\n", key_id);
return key;
}
diff --git a/drivers/nvme/host/sysfs.c b/drivers/nvme/host/sysfs.c
index 754e91111042..1076b5b59b35 100644
--- a/drivers/nvme/host/sysfs.c
+++ b/drivers/nvme/host/sysfs.c
@@ -617,10 +617,15 @@ static ssize_t tls_key_show(struct device *dev,
struct device_attribute *attr, char *buf)
{
struct nvme_ctrl *ctrl = dev_get_drvdata(dev);
+ struct key *key = ctrl->tls_key;
- if (!ctrl->tls_key)
+ if (!key)
return 0;
- return sysfs_emit(buf, "%08x", key_serial(ctrl->tls_key));
+ if (test_bit(KEY_FLAG_REVOKED, &key->flags) ||
+ test_bit(KEY_FLAG_INVALIDATED, &key->flags))
+ return -EKEYREVOKED;
+
+ return sysfs_emit(buf, "%08x", key_serial(key));
}
static DEVICE_ATTR_RO(tls_key);
#endif
diff --git a/drivers/nvme/host/tcp.c b/drivers/nvme/host/tcp.c
index c160b1a64ec0..65d9a817e752 100644
--- a/drivers/nvme/host/tcp.c
+++ b/drivers/nvme/host/tcp.c
@@ -1571,9 +1571,15 @@ static void nvme_tcp_tls_done(void *data, int status, key_serial_t pskid)
tls_key = key_lookup(pskid);
if (IS_ERR(tls_key)) {
- dev_warn(ctrl->ctrl.device, "queue %d: Invalid key %x\n",
+ dev_warn(ctrl->ctrl.device, "queue %d: key %08x not found\n",
qid, pskid);
queue->tls_err = -ENOKEY;
+ } else if (test_bit(KEY_FLAG_REVOKED, &tls_key->flags) ||
+ test_bit(KEY_FLAG_INVALIDATED, &tls_key->flags)) {
+ dev_warn(ctrl->ctrl.device, "queue %d: key %08x invalid\n",
+ qid, pskid);
+ key_put(tls_key);
+ queue->tls_err = -EKEYREVOKED;
} else {
ctrl->ctrl.tls_key = tls_key;
queue->tls_err = 0;
--
2.35.3
next prev parent reply other threads:[~2024-01-27 9:31 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-27 9:30 [PATCHv2 00/13] nvme: implement secure concatenation hare
2024-01-27 9:30 ` [PATCH 01/13] crypto,fs: Separate out hkdf_extract() and hkdf_expand() hare
2024-01-27 9:30 ` [PATCH 02/13] nvme: add nvme_auth_generate_psk() hare
2024-03-07 10:42 ` Sagi Grimberg
2024-01-27 9:30 ` [PATCH 03/13] nvme: add nvme_auth_generate_digest() hare
2024-03-07 10:44 ` Sagi Grimberg
2024-01-27 9:30 ` [PATCH 04/13] nvme: add nvme_auth_derive_tls_psk() hare
2024-01-27 9:30 ` [PATCH 05/13] nvme-keyring: add nvme_tls_psk_refresh() hare
2024-01-27 9:30 ` [PATCH 06/13] nvme-keyring: restrict match length for version '1' identifiers hare
2024-03-07 10:49 ` Sagi Grimberg
2024-03-07 11:35 ` Hannes Reinecke
2024-03-07 12:08 ` Sagi Grimberg
2024-03-07 12:13 ` Hannes Reinecke
2024-01-27 9:30 ` hare [this message]
2024-03-07 10:51 ` [PATCH 07/13] nvme-tcp: check for invalidated or revoked key Sagi Grimberg
2024-03-07 11:36 ` Hannes Reinecke
2024-01-27 9:30 ` [PATCH 08/13] nvme-fabrics: authentication errors are not retryable hare
2024-03-07 10:52 ` Sagi Grimberg
2024-03-07 11:37 ` Hannes Reinecke
2024-01-27 9:30 ` [PATCH 09/13] nvme-tcp: sanitize TLS key handling hare
2024-03-07 11:03 ` Sagi Grimberg
2024-03-07 11:42 ` Hannes Reinecke
2024-01-27 9:30 ` [PATCH 10/13] nvme-tcp: request secure channel concatenation hare
2024-01-27 9:30 ` [PATCH 11/13] nvme-tcp: combine reset and recovery hare
2024-03-07 11:08 ` Sagi Grimberg
2024-03-07 11:43 ` Hannes Reinecke
2024-01-27 9:30 ` [PATCH 12/13] nvme-tcp: reset after recovery for secure concatenation hare
2024-01-27 9:30 ` [PATCH 13/13] nvmet-tcp: support secure channel concatenation hare
2024-02-12 7:40 ` [PATCHv2 00/13] nvme: implement secure concatenation Hannes Reinecke
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240127093058.15699-8-hare@kernel.org \
--to=hare@kernel.org \
--cc=hare@suse.de \
--cc=hch@lst.de \
--cc=kbusch@kernel.org \
--cc=linux-nvme@lists.infradead.org \
--cc=sagi@grimberg.me \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.