[bug report] nvmet: implement basic In-Band Authentication

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Dan Carpenter <dan.carpenter@oracle.com>
To: hare@suse.de
Cc: linux-nvme@lists.infradead.org
Subject: [bug report] nvmet: implement basic In-Band Authentication
Date: Mon, 18 Jul 2022 16:14:30 +0300	[thread overview]
Message-ID: <YtVctvOUthLBZeir@kili> (raw)

Hello Hannes Reinecke,

The patch b281bec75946: "nvmet: implement basic In-Band
Authentication" from Jun 27, 2022, leads to the following Smatch
static checker warning:

    drivers/nvme/target/fabrics-cmd-auth.c:251 nvmet_execute_auth_send()
    warn: impossible condition '(status < 0) => (0-u16max < 0)'

    drivers/nvme/target/fabrics-cmd-auth.c:488 nvmet_execute_auth_receive()
    warn: impossible condition '(status < 0) => (0-u16max < 0)'

drivers/nvme/target/fabrics-cmd-auth.c
    187 void nvmet_execute_auth_send(struct nvmet_req *req)
    188 {
    189         struct nvmet_ctrl *ctrl = req->sq->ctrl;
    190         struct nvmf_auth_dhchap_success2_data *data;
    191         void *d;
    192         u32 tl;
    193         u16 status = 0;
    194 
    195         if (req->cmd->auth_send.secp != NVME_AUTH_DHCHAP_PROTOCOL_IDENTIFIER) {
    196                 status = NVME_SC_INVALID_FIELD | NVME_SC_DNR;
    197                 req->error_loc =
    198                         offsetof(struct nvmf_auth_send_command, secp);
    199                 goto done;
    200         }
    201         if (req->cmd->auth_send.spsp0 != 0x01) {
    202                 status = NVME_SC_INVALID_FIELD | NVME_SC_DNR;
    203                 req->error_loc =
    204                         offsetof(struct nvmf_auth_send_command, spsp0);
    205                 goto done;
    206         }
    207         if (req->cmd->auth_send.spsp1 != 0x01) {
    208                 status = NVME_SC_INVALID_FIELD | NVME_SC_DNR;
    209                 req->error_loc =
    210                         offsetof(struct nvmf_auth_send_command, spsp1);
    211                 goto done;
    212         }
    213         tl = le32_to_cpu(req->cmd->auth_send.tl);
    214         if (!tl) {
    215                 status = NVME_SC_INVALID_FIELD | NVME_SC_DNR;
    216                 req->error_loc =
    217                         offsetof(struct nvmf_auth_send_command, tl);
    218                 goto done;
    219         }
    220         if (!nvmet_check_transfer_len(req, tl)) {
    221                 pr_debug("%s: transfer length mismatch (%u)\n", __func__, tl);
    222                 return;
    223         }
    224 
    225         d = kmalloc(tl, GFP_KERNEL);
    226         if (!d) {
    227                 status = NVME_SC_INTERNAL;
    228                 goto done;
    229         }
    230 
    231         status = nvmet_copy_from_sgl(req, 0, d, tl);
    232         if (status) {
    233                 kfree(d);
    234                 goto done;
    235         }
    236 
    237         data = d;
    238         pr_debug("%s: ctrl %d qid %d type %d id %d step %x\n", __func__,
    239                  ctrl->cntlid, req->sq->qid, data->auth_type, data->auth_id,
    240                  req->sq->dhchap_step);
    241         if (data->auth_type != NVME_AUTH_COMMON_MESSAGES &&
    242             data->auth_type != NVME_AUTH_DHCHAP_MESSAGES)
    243                 goto done_failure1;
    244         if (data->auth_type == NVME_AUTH_COMMON_MESSAGES) {
    245                 if (data->auth_id == NVME_AUTH_DHCHAP_MESSAGE_NEGOTIATE) {
    246                         /* Restart negotiation */
    247                         pr_debug("%s: ctrl %d qid %d reset negotiation\n", __func__,
    248                                  ctrl->cntlid, req->sq->qid);
    249                         if (!req->sq->qid) {
    250                                 status = nvmet_setup_auth(ctrl);
--> 251                                 if (status < 0) {

"status" is a u16 so it can't be negative.

    252                                         pr_err("ctrl %d qid 0 failed to setup"
    253                                                "re-authentication",
    254                                                ctrl->cntlid);
    255                                         goto done_failure1;

regards,
dan carpenter

next             reply	other threads:[~2022-07-18 13:14 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-07-18 13:14 Dan Carpenter [this message]
2022-07-18 23:13 ` [bug report] nvmet: implement basic In-Band Authentication Chaitanya Kulkarni

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YtVctvOUthLBZeir@kili \
    --to=dan.carpenter@oracle.com \
    --cc=hare@suse.de \
    --cc=linux-nvme@lists.infradead.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.