From: hare@kernel.org
To: Christoph Hellwig <hch@lst.de>
Cc: Keith Busch <kbusch@kernel.org>, Sagi Grimberg <sagi@grimberg.me>,
linux-nvme@lists.infradead.org, Hannes Reinecke <hare@kernel.org>
Subject: [PATCHv2 0/2] nvme: restrict authentication to the admin queue
Date: Fri, 24 Jan 2025 12:47:36 +0100 [thread overview]
Message-ID: <20250124114738.115882-1-hare@kernel.org> (raw)
From: Hannes Reinecke <hare@kernel.org>
Hi all,
with secure concatenation the spec got more explicit to state that it
would be perfectly fine to implement authentication on the admin queue only.
But once a partner implemented that he found that re-authentication was
failing as we continue to start authentication on all queues.
So these two patches implement this functionalify, the first one on
the target (to have a testbed to test against), and the second one
to the host to have it fixed.
Patches are on top of my 'secure-concat.v14' branch on kernel.org.
As usual, comments and reviews are welcome.
Changes to the original submission:
- Rebased to nvme-6.14
Hannes Reinecke (2):
nvmet: Implement 'admin_only' authentication
nvme: Do not re-authenticate queues with no prior authentication
drivers/nvme/host/auth.c | 12 ++++++++++++
drivers/nvme/target/auth.c | 11 +++++++----
drivers/nvme/target/configfs.c | 24 ++++++++++++++++++++++++
drivers/nvme/target/fabrics-cmd-auth.c | 7 +++++++
drivers/nvme/target/fabrics-cmd.c | 4 ++--
drivers/nvme/target/nvmet.h | 2 ++
6 files changed, 54 insertions(+), 6 deletions(-)
--
2.35.3
next reply other threads:[~2025-01-24 11:47 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-24 11:47 hare [this message]
2025-01-24 11:47 ` [PATCH 1/2] nvmet: Implement 'admin_only' authentication hare
2025-01-24 13:49 ` Sagi Grimberg
2025-01-24 13:51 ` Hannes Reinecke
2025-01-28 8:11 ` Sagi Grimberg
2025-01-28 8:48 ` Hannes Reinecke
2025-01-24 11:47 ` [PATCH 2/2] nvme: Do not re-authenticate queues with no prior authentication hare
2025-01-28 8:06 ` Sagi Grimberg
[not found] ` <BY5PR04MB6849C5BBCCD96273CF2F2A52BCC42@BY5PR04MB6849.namprd04.prod.outlook.com>
[not found] ` <BY5PR04MB6849700BB53BBE24BBE640D4BCD32@BY5PR04MB6849.namprd04.prod.outlook.com>
2025-03-14 7:59 ` [PATCHv2 0/2] nvme: restrict authentication to the admin queue Hannes Reinecke
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250124114738.115882-1-hare@kernel.org \
--to=hare@kernel.org \
--cc=hch@lst.de \
--cc=kbusch@kernel.org \
--cc=linux-nvme@lists.infradead.org \
--cc=sagi@grimberg.me \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox