From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 875281EEA3C for ; Thu, 16 Apr 2026 22:07:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776377249; cv=none; b=PFdjfJ/Inv9JF0Kd2Z+UqlxZpkLIeNQgIwv0Jc/kW6c0wya11yhL3jQGVTSCMtdzc62rU5RGnHP3P+E4uxMN2OkFC6E1Sc/CtZchGt07+YuQSxI7PEUDXGa8JAlrwSQVO9E4rS/ydJFZ9YNW9xgMRqoBDenSB+SlBAlSI58Uf94= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776377249; c=relaxed/simple; bh=61sgJtIqq8zo1aQ7v363fv690pZpMoHlAB1cTHsxuFY=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=LNfOQz3zER7nC0eL+n4oeLRMSvelu0EuQi2HFdx8G1v/2y7AFzz3FC9IcWi6UaWU+KmLcZaSTf8YgtK0s7wcGEiWAB/+5zbPgIJvmSP9acKy2296hkG4mdoPG2GzATdTondNZ5vdmrMwB1vFXRrD4vxE9WZDVK1J3kznZXCvIlY= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=nOAK0skt; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="nOAK0skt" Received: by smtp.kernel.org (Postfix) with ESMTPSA id BF62AC2BCAF; Thu, 16 Apr 2026 22:07:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1776377249; bh=61sgJtIqq8zo1aQ7v363fv690pZpMoHlAB1cTHsxuFY=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=nOAK0skt+e5SewzHFkr7ViYH/8beaPWpuTgY97oMkDUiM/cmY0fY53cJt5a9j0McL HMWP/x0UggoqguTr76/xchabSL19SSBoD6603zplWkIQ8PWh7h80gOQJTVak1qepU2 433ObClpllTVUSY/k3Yc4aq646bAG3Y2s/p0GPKeP0hOUjpPRMp4CVbuckgAT3eddu vU5BM24i4b4WE6D+YpekEpImdLiu0gycqxZlCTQXH7YCj0Bpg/oYhMQVrGaRlC1Ct6 weBcGD3Gt0622ORRcqZu7h2daNZcdKDKcivHxQt1vQZaDjZUukrTyOkjHsjjVClsFS Oqg3cqE7UilXQ== Date: Thu, 16 Apr 2026 16:07:26 -0600 From: Keith Busch To: Daniel Wagner Cc: Christoph Hellwig , Sagi Grimberg , Hannes Reinecke , linux-nvme@lists.infradead.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v3] nvme: expose TLS mode Message-ID: References: <20260408-expose-tls-mode-v3-1-b869da028eff@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20260408-expose-tls-mode-v3-1-b869da028eff@kernel.org> On Wed, Apr 08, 2026 at 06:19:56PM +0200, Daniel Wagner wrote: > It is not possible to determine the active TLS mode from the > presence or absence of sysfs attributes like tls_key, > tls_configured_key, or dhchap_secret. > > With the introduction of the concat mode and optional DH-CHAP > authentication, different configurations can result in identical > sysfs state. This makes user space detection unreliable. > > Expose the TLS mode explicitly to allow user space to > unambiguously identify the active configuration and avoid > fragile heuristics in nvme-cli. I'd applied v2 earlier, but I'll force push this one instead since we haven't done a pull request since then.