From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 8E988C04E69 for ; Thu, 10 Aug 2023 15:07:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=seYxve8DvSP7Ka0Px645jF/MDhPgYqBDd++Pv235u5Q=; b=WGzDqqt1u/jQr1P2yUXhNyyl3i XaEddHPGvYCMpoQUmZIIt4/EdGWBE1jx4Dz1R8d0XQ4z18l/rJ69pmijLzsoJZKF4Tah+FJIOTbgz nooBryGPR5upNiF9MrrcLxfqoF0V08CyAdKxjKAJhS2cy+fnxFxt0bgWObbEMUUC2Px412pdzpuii uVklL8xhzugEtxCsIljmvItrsRnXd+GUjyJ5qxbKmqCXDdP0JG6Iv/YwtboVGIEQPgg0MrfofTwNt pjqtNNQtnhzC9JXyyAB5BI6BCcw4xMiPROXQWbffRe7oh5HwFwd0JI5MbiOw+PoJ6LpANIXrUFR4M ORIMvrpQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1qU7Fg-007yOc-2n; Thu, 10 Aug 2023 15:07:04 +0000 Received: from smtp-out1.suse.de ([2001:67c:2178:6::1c]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1qU7FN-007y7u-39 for linux-nvme@lists.infradead.org; Thu, 10 Aug 2023 15:06:48 +0000 Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out1.suse.de (Postfix) with ESMTP id 1CD512187E; Thu, 10 Aug 2023 15:06:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1691680001; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=seYxve8DvSP7Ka0Px645jF/MDhPgYqBDd++Pv235u5Q=; b=AeaTaWbcSG3qIhUCB+g8op9j4VigN07hxkYuDmDuptUAUluD6xGykapkroPEY4q8YVJAzr 6Lck0b9MIf+dbZqzob7sF7QOjH9NTSQb+WtPgHnBkobI3ie0VSZtkz2/F/W8NSvRhzf9bU 2jSO5xX3Zz2pH6F+JNNmvVNkRJ2VrrA= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1691680001; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=seYxve8DvSP7Ka0Px645jF/MDhPgYqBDd++Pv235u5Q=; b=DH7rAW9ql5C+yIT217AW5rbqhueQDaxxq9SjeOcmvxJzrOkFbGct+VVdAvMB9iibohIjSU I4plkL6Xbrsh0yDQ== Received: from adalid.arch.suse.de (adalid.arch.suse.de [10.161.8.13]) by relay2.suse.de (Postfix) with ESMTP id 05F082C162; Thu, 10 Aug 2023 15:06:41 +0000 (UTC) Received: by adalid.arch.suse.de (Postfix, from userid 16045) id 496BA51CAE5A; Thu, 10 Aug 2023 17:06:40 +0200 (CEST) From: Hannes Reinecke To: Christoph Hellwig Cc: Sagi Grimberg , Keith Busch , linux-nvme@lists.infradead.org, Jakub Kicinski , Eric Dumazet , Paolo Abeni , netdev@vger.kernel.org, Hannes Reinecke Subject: [PATCH 15/17] nvmet: Set 'TREQ' to 'required' when TLS is enabled Date: Thu, 10 Aug 2023 17:06:28 +0200 Message-Id: <20230810150630.134991-16-hare@suse.de> X-Mailer: git-send-email 2.35.3 In-Reply-To: <20230810150630.134991-1-hare@suse.de> References: <20230810150630.134991-1-hare@suse.de> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230810_080646_193921_A000A458 X-CRM114-Status: GOOD ( 15.19 ) X-BeenThere: linux-nvme@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Linux-nvme" Errors-To: linux-nvme-bounces+linux-nvme=archiver.kernel.org@lists.infradead.org The current implementation does not support secure concatenation, so 'TREQ' is always set to 'required' when TLS is enabled. Signed-off-by: Hannes Reinecke --- drivers/nvme/target/configfs.c | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/drivers/nvme/target/configfs.c b/drivers/nvme/target/configfs.c index d83295f47f95..eef01370ff40 100644 --- a/drivers/nvme/target/configfs.c +++ b/drivers/nvme/target/configfs.c @@ -159,10 +159,15 @@ static const struct nvmet_type_name_map nvmet_addr_treq[] = { { NVMF_TREQ_NOT_REQUIRED, "not required" }, }; +static inline u8 nvmet_port_disc_addr_treq(struct nvmet_port *port) +{ + return (port->disc_addr.treq & NVME_TREQ_SECURE_CHANNEL_MASK); +} + static ssize_t nvmet_addr_treq_show(struct config_item *item, char *page) { - u8 treq = to_nvmet_port(item)->disc_addr.treq & - NVME_TREQ_SECURE_CHANNEL_MASK; + struct nvmet_port *port = to_nvmet_port(item); + u8 treq = nvmet_port_disc_addr_treq(port); int i; for (i = 0; i < ARRAY_SIZE(nvmet_addr_treq); i++) { @@ -398,6 +403,17 @@ static ssize_t nvmet_addr_tsas_store(struct config_item *item, found: nvmet_port_init_tsas_tcp(port, sectype); + /* + * The TLS implementation currently does not support + * secure concatenation, so TREQ is always set to 'required' + * if TLS is enabled. + */ + if (sectype == NVMF_TCP_SECTYPE_TLS13) { + treq |= NVMF_TREQ_REQUIRED; + } else { + treq |= NVMF_TREQ_NOT_SPECIFIED; + } + port->disc_addr.treq = treq; return count; } -- 2.35.3