Re: [PATCH 2/3] nvmet-auth: Don't log DHCHAP keys in nvmet_setup_auth()

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Thorsten Blum <thorsten.blum@linux.dev>
To: Hannes Reinecke <hare@suse.de>
Cc: Christoph Hellwig <hch@lst.de>, Sagi Grimberg <sagi@grimberg.me>,
	Chaitanya Kulkarni <kch@nvidia.com>, Jens Axboe <axboe@kernel.dk>,
	stable@vger.kernel.org, linux-nvme@lists.infradead.org,
	linux-kernel@vger.kernel.org
Subject: Re: [PATCH 2/3] nvmet-auth: Don't log DHCHAP keys in nvmet_setup_auth()
Date: Sat, 18 Apr 2026 13:42:46 +0200	[thread overview]
Message-ID: <aeNuNq8diftLnhUs@linux.dev> (raw)
In-Reply-To: <2b40f93f-f987-423d-8263-ba9b10a1bcaf@suse.de>

On Wed, Mar 04, 2026 at 08:19:59AM +0100, Hannes Reinecke wrote:
> On 3/3/26 20:03, Thorsten Blum wrote:
> > When debug logging is enabled, nvmet_setup_auth() logs the host and
> > controller DHCHAP key bytes. Remove the keys from debug logs to avoid
> > exposing key material.
> > 
> > Fixes: db1312dd9548 ("nvmet: implement basic In-Band Authentication")
> > Cc: stable@vger.kernel.org
> > Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> > ---
> >   drivers/nvme/target/auth.c | 10 ++++------
> >   1 file changed, 4 insertions(+), 6 deletions(-)
> > 
> > diff --git a/drivers/nvme/target/auth.c b/drivers/nvme/target/auth.c
> > index 2eadeb7e06f2..f24add0bb86f 100644
> > --- a/drivers/nvme/target/auth.c
> > +++ b/drivers/nvme/target/auth.c
> > @@ -199,10 +199,9 @@ u8 nvmet_setup_auth(struct nvmet_ctrl *ctrl, struct nvmet_sq *sq)
> >   		ctrl->host_key = NULL;
> >   		goto out_free_hash;
> >   	}
> > -	pr_debug("%s: using hash %s key %*ph\n", __func__,
> > +	pr_debug("%s: using hash %s\n", __func__,
> >   		 ctrl->host_key->hash > 0 ?
> > -		 nvme_auth_hmac_name(ctrl->host_key->hash) : "none",
> > -		 (int)ctrl->host_key->len, ctrl->host_key->key);
> > +		 nvme_auth_hmac_name(ctrl->host_key->hash) : "none");
> >   	nvme_auth_free_key(ctrl->ctrl_key);
> >   	if (!host->dhchap_ctrl_secret) {
> > @@ -217,10 +216,9 @@ u8 nvmet_setup_auth(struct nvmet_ctrl *ctrl, struct nvmet_sq *sq)
> >   		ctrl->ctrl_key = NULL;
> >   		goto out_free_hash;
> >   	}
> > -	pr_debug("%s: using ctrl hash %s key %*ph\n", __func__,
> > +	pr_debug("%s: using ctrl hash %s\n", __func__,
> >   		 ctrl->ctrl_key->hash > 0 ?
> > -		 nvme_auth_hmac_name(ctrl->ctrl_key->hash) : "none",
> > -		 (int)ctrl->ctrl_key->len, ctrl->ctrl_key->key);
> > +		 nvme_auth_hmac_name(ctrl->ctrl_key->hash) : "none");
> >   out_free_hash:
> >   	if (ret) {
> 
> Without the key the pr_debug calls are pretty much pointless anyway,
> so you might want to remove them, too.
> 
> However, these debug prints really help when trying to figure out
> authentication failures.
> I think it would be better to add a compile-time option to disable
> these outputs entirely.
> 
> I'll send a patch.

Did you ever send a patch? I couldn't find anything.  The code hasn't
changed either and the keys are still logged (same for patch 3/3).

Thanks,
Thorsten

next prev parent reply	other threads:[~2026-04-18 11:43 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <CGME20260304073624epcas5p45099e56c0d1c772b233d03f0cd847ea7@epcas5p4.samsung.com>
2026-03-03 19:03 ` [PATCH 1/3] nvme-auth: Don't log shared secret in nvme_auth_dhchap_exponential() Thorsten Blum
2026-03-03 19:03   ` [PATCH 2/3] nvmet-auth: Don't log DHCHAP keys in nvmet_setup_auth() Thorsten Blum
2026-03-04  7:19     ` Hannes Reinecke
2026-04-18 11:42       ` Thorsten Blum [this message]
2026-03-03 19:03   ` [PATCH 3/3] nvmet-auth: Don't log DHCHAP shared secret in nvmet_auth_ctrl_sesskey() Thorsten Blum
2026-03-04  7:20     ` Hannes Reinecke
2026-03-04  7:17   ` [PATCH 1/3] nvme-auth: Don't log shared secret in nvme_auth_dhchap_exponential() Hannes Reinecke
2026-04-18 11:36     ` Thorsten Blum
2026-03-04  7:31   ` Nitesh Shetty

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=aeNuNq8diftLnhUs@linux.dev \
    --to=thorsten.blum@linux.dev \
    --cc=axboe@kernel.dk \
    --cc=hare@suse.de \
    --cc=hch@lst.de \
    --cc=kch@nvidia.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-nvme@lists.infradead.org \
    --cc=sagi@grimberg.me \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox