[PATCH 1/3] nvme-auth: Don't log shared secret in nvme_auth_dhchap

public inbox for stable@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH 1/3] nvme-auth: Don't log shared secret in nvme_auth_dhchap_exponential()
@ 2026-03-03 19:03 ` Thorsten Blum
  2026-03-03 19:03   ` [PATCH 2/3] nvmet-auth: Don't log DHCHAP keys in nvmet_setup_auth() Thorsten Blum
                     ` (3 more replies)
  0 siblings, 4 replies; 7+ messages in thread
From: Thorsten Blum @ 2026-03-03 19:03 UTC (permalink / raw)
  To: Hannes Reinecke, Keith Busch, Jens Axboe, Christoph Hellwig,
	Sagi Grimberg
  Cc: Thorsten Blum, stable, linux-nvme, linux-kernel

When debug logging is enabled, nvme_auth_dhchap_exponential() logs the
DHCHAP shared secret. Remove the log to avoid exposing key material.

Fixes: b61775d185a3 ("nvme-auth: Diffie-Hellman key exchange support")
Cc: stable@vger.kernel.org
Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
---
 drivers/nvme/host/auth.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/drivers/nvme/host/auth.c b/drivers/nvme/host/auth.c
index 405e7c03b1cf..5e4df2ac3cc0 100644
--- a/drivers/nvme/host/auth.c
+++ b/drivers/nvme/host/auth.c
@@ -655,8 +655,6 @@ static int nvme_auth_dhchap_exponential(struct nvme_ctrl *ctrl,
 		chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;
 		return ret;
 	}
-	dev_dbg(ctrl->device, "shared secret %*ph\n",
-		(int)chap->sess_key_len, chap->sess_key);
 	return 0;
 }
 
-- 
Thorsten Blum <thorsten.blum@linux.dev>
GPG: 1D60 735E 8AEF 3BE4 73B6  9D84 7336 78FD 8DFE EAD4


^ permalink raw reply related	[flat|nested] 7+ messages in thread

* [PATCH 2/3] nvmet-auth: Don't log DHCHAP keys in nvmet_setup_auth()
  2026-03-03 19:03 ` [PATCH 1/3] nvme-auth: Don't log shared secret in nvme_auth_dhchap_exponential() Thorsten Blum
@ 2026-03-03 19:03   ` Thorsten Blum
  2026-03-04  7:19     ` Hannes Reinecke
  2026-03-03 19:03   ` [PATCH 3/3] nvmet-auth: Don't log DHCHAP shared secret in nvmet_auth_ctrl_sesskey() Thorsten Blum
                     ` (2 subsequent siblings)
  3 siblings, 1 reply; 7+ messages in thread
From: Thorsten Blum @ 2026-03-03 19:03 UTC (permalink / raw)
  To: Hannes Reinecke, Christoph Hellwig, Sagi Grimberg,
	Chaitanya Kulkarni, Jens Axboe
  Cc: Thorsten Blum, stable, linux-nvme, linux-kernel

When debug logging is enabled, nvmet_setup_auth() logs the host and
controller DHCHAP key bytes. Remove the keys from debug logs to avoid
exposing key material.

Fixes: db1312dd9548 ("nvmet: implement basic In-Band Authentication")
Cc: stable@vger.kernel.org
Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
---
 drivers/nvme/target/auth.c | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/drivers/nvme/target/auth.c b/drivers/nvme/target/auth.c
index 2eadeb7e06f2..f24add0bb86f 100644
--- a/drivers/nvme/target/auth.c
+++ b/drivers/nvme/target/auth.c
@@ -199,10 +199,9 @@ u8 nvmet_setup_auth(struct nvmet_ctrl *ctrl, struct nvmet_sq *sq)
 		ctrl->host_key = NULL;
 		goto out_free_hash;
 	}
-	pr_debug("%s: using hash %s key %*ph\n", __func__,
+	pr_debug("%s: using hash %s\n", __func__,
 		 ctrl->host_key->hash > 0 ?
-		 nvme_auth_hmac_name(ctrl->host_key->hash) : "none",
-		 (int)ctrl->host_key->len, ctrl->host_key->key);
+		 nvme_auth_hmac_name(ctrl->host_key->hash) : "none");
 
 	nvme_auth_free_key(ctrl->ctrl_key);
 	if (!host->dhchap_ctrl_secret) {
@@ -217,10 +216,9 @@ u8 nvmet_setup_auth(struct nvmet_ctrl *ctrl, struct nvmet_sq *sq)
 		ctrl->ctrl_key = NULL;
 		goto out_free_hash;
 	}
-	pr_debug("%s: using ctrl hash %s key %*ph\n", __func__,
+	pr_debug("%s: using ctrl hash %s\n", __func__,
 		 ctrl->ctrl_key->hash > 0 ?
-		 nvme_auth_hmac_name(ctrl->ctrl_key->hash) : "none",
-		 (int)ctrl->ctrl_key->len, ctrl->ctrl_key->key);
+		 nvme_auth_hmac_name(ctrl->ctrl_key->hash) : "none");
 
 out_free_hash:
 	if (ret) {
-- 
Thorsten Blum <thorsten.blum@linux.dev>
GPG: 1D60 735E 8AEF 3BE4 73B6  9D84 7336 78FD 8DFE EAD4


^ permalink raw reply related	[flat|nested] 7+ messages in thread

* Re: [PATCH 2/3] nvmet-auth: Don't log DHCHAP keys in nvmet_setup_auth()
  2026-03-03 19:03   ` [PATCH 2/3] nvmet-auth: Don't log DHCHAP keys in nvmet_setup_auth() Thorsten Blum
@ 2026-03-04  7:19     ` Hannes Reinecke
  0 siblings, 0 replies; 7+ messages in thread
From: Hannes Reinecke @ 2026-03-04  7:19 UTC (permalink / raw)
  To: Thorsten Blum, Christoph Hellwig, Sagi Grimberg,
	Chaitanya Kulkarni, Jens Axboe
  Cc: stable, linux-nvme, linux-kernel

On 3/3/26 20:03, Thorsten Blum wrote:
> When debug logging is enabled, nvmet_setup_auth() logs the host and
> controller DHCHAP key bytes. Remove the keys from debug logs to avoid
> exposing key material.
> 
> Fixes: db1312dd9548 ("nvmet: implement basic In-Band Authentication")
> Cc: stable@vger.kernel.org
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> ---
>   drivers/nvme/target/auth.c | 10 ++++------
>   1 file changed, 4 insertions(+), 6 deletions(-)
> 
> diff --git a/drivers/nvme/target/auth.c b/drivers/nvme/target/auth.c
> index 2eadeb7e06f2..f24add0bb86f 100644
> --- a/drivers/nvme/target/auth.c
> +++ b/drivers/nvme/target/auth.c
> @@ -199,10 +199,9 @@ u8 nvmet_setup_auth(struct nvmet_ctrl *ctrl, struct nvmet_sq *sq)
>   		ctrl->host_key = NULL;
>   		goto out_free_hash;
>   	}
> -	pr_debug("%s: using hash %s key %*ph\n", __func__,
> +	pr_debug("%s: using hash %s\n", __func__,
>   		 ctrl->host_key->hash > 0 ?
> -		 nvme_auth_hmac_name(ctrl->host_key->hash) : "none",
> -		 (int)ctrl->host_key->len, ctrl->host_key->key);
> +		 nvme_auth_hmac_name(ctrl->host_key->hash) : "none");
>   
>   	nvme_auth_free_key(ctrl->ctrl_key);
>   	if (!host->dhchap_ctrl_secret) {
> @@ -217,10 +216,9 @@ u8 nvmet_setup_auth(struct nvmet_ctrl *ctrl, struct nvmet_sq *sq)
>   		ctrl->ctrl_key = NULL;
>   		goto out_free_hash;
>   	}
> -	pr_debug("%s: using ctrl hash %s key %*ph\n", __func__,
> +	pr_debug("%s: using ctrl hash %s\n", __func__,
>   		 ctrl->ctrl_key->hash > 0 ?
> -		 nvme_auth_hmac_name(ctrl->ctrl_key->hash) : "none",
> -		 (int)ctrl->ctrl_key->len, ctrl->ctrl_key->key);
> +		 nvme_auth_hmac_name(ctrl->ctrl_key->hash) : "none");
>   
>   out_free_hash:
>   	if (ret) {

Without the key the pr_debug calls are pretty much pointless anyway,
so you might want to remove them, too.

However, these debug prints really help when trying to figure out
authentication failures.
I think it would be better to add a compile-time option to disable
these outputs entirely.

I'll send a patch.

Cheers,

Hannes
-- 
Dr. Hannes Reinecke                  Kernel Storage Architect
hare@suse.de                                +49 911 74053 688
SUSE Software Solutions GmbH, Frankenstr. 146, 90461 Nürnberg
HRB 36809 (AG Nürnberg), GF: I. Totev, A. McDonald, W. Knoblich

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [PATCH 3/3] nvmet-auth: Don't log DHCHAP shared secret in nvmet_auth_ctrl_sesskey()
  2026-03-03 19:03 ` [PATCH 1/3] nvme-auth: Don't log shared secret in nvme_auth_dhchap_exponential() Thorsten Blum
  2026-03-03 19:03   ` [PATCH 2/3] nvmet-auth: Don't log DHCHAP keys in nvmet_setup_auth() Thorsten Blum
@ 2026-03-03 19:03   ` Thorsten Blum
  2026-03-04  7:20     ` Hannes Reinecke
  2026-03-04  7:17   ` [PATCH 1/3] nvme-auth: Don't log shared secret in nvme_auth_dhchap_exponential() Hannes Reinecke
  2026-03-04  7:31   ` Nitesh Shetty
  3 siblings, 1 reply; 7+ messages in thread
From: Thorsten Blum @ 2026-03-03 19:03 UTC (permalink / raw)
  To: Hannes Reinecke, Christoph Hellwig, Sagi Grimberg,
	Chaitanya Kulkarni, Jens Axboe
  Cc: Thorsten Blum, stable, linux-nvme, linux-kernel

When debug logging is enabled, nvmet_auth_ctrl_sesskey() logs the DHCHAP
shared secret. Remove the log to avoid exposing key material.

Fixes: 7a277c37d352 ("nvmet-auth: Diffie-Hellman key exchange support")
Cc: stable@vger.kernel.org
Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
---
 drivers/nvme/target/auth.c | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/drivers/nvme/target/auth.c b/drivers/nvme/target/auth.c
index f24add0bb86f..f62fed6bd897 100644
--- a/drivers/nvme/target/auth.c
+++ b/drivers/nvme/target/auth.c
@@ -544,10 +544,6 @@ int nvmet_auth_ctrl_sesskey(struct nvmet_req *req,
 					  req->sq->dhchap_skey_len);
 	if (ret)
 		pr_debug("failed to compute shared secret, err %d\n", ret);
-	else
-		pr_debug("%s: shared secret %*ph\n", __func__,
-			 (int)req->sq->dhchap_skey_len,
-			 req->sq->dhchap_skey);
 
 	return ret;
 }
-- 
Thorsten Blum <thorsten.blum@linux.dev>
GPG: 1D60 735E 8AEF 3BE4 73B6  9D84 7336 78FD 8DFE EAD4


^ permalink raw reply related	[flat|nested] 7+ messages in thread

* Re: [PATCH 3/3] nvmet-auth: Don't log DHCHAP shared secret in nvmet_auth_ctrl_sesskey()
  2026-03-03 19:03   ` [PATCH 3/3] nvmet-auth: Don't log DHCHAP shared secret in nvmet_auth_ctrl_sesskey() Thorsten Blum
@ 2026-03-04  7:20     ` Hannes Reinecke
  0 siblings, 0 replies; 7+ messages in thread
From: Hannes Reinecke @ 2026-03-04  7:20 UTC (permalink / raw)
  To: Thorsten Blum, Christoph Hellwig, Sagi Grimberg,
	Chaitanya Kulkarni, Jens Axboe
  Cc: stable, linux-nvme, linux-kernel

On 3/3/26 20:03, Thorsten Blum wrote:
> When debug logging is enabled, nvmet_auth_ctrl_sesskey() logs the DHCHAP
> shared secret. Remove the log to avoid exposing key material.
> 
> Fixes: 7a277c37d352 ("nvmet-auth: Diffie-Hellman key exchange support")
> Cc: stable@vger.kernel.org
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> ---
>   drivers/nvme/target/auth.c | 4 ----
>   1 file changed, 4 deletions(-)
> 
> diff --git a/drivers/nvme/target/auth.c b/drivers/nvme/target/auth.c
> index f24add0bb86f..f62fed6bd897 100644
> --- a/drivers/nvme/target/auth.c
> +++ b/drivers/nvme/target/auth.c
> @@ -544,10 +544,6 @@ int nvmet_auth_ctrl_sesskey(struct nvmet_req *req,
>   					  req->sq->dhchap_skey_len);
>   	if (ret)
>   		pr_debug("failed to compute shared secret, err %d\n", ret);
> -	else
> -		pr_debug("%s: shared secret %*ph\n", __func__,
> -			 (int)req->sq->dhchap_skey_len,
> -			 req->sq->dhchap_skey);
>   
>   	return ret;
>   }
As indicated in the previous patch, we should use a compile time option
to disable the messages.

Cheers,

Hannes
-- 
Dr. Hannes Reinecke                  Kernel Storage Architect
hare@suse.de                                +49 911 74053 688
SUSE Software Solutions GmbH, Frankenstr. 146, 90461 Nürnberg
HRB 36809 (AG Nürnberg), GF: I. Totev, A. McDonald, W. Knoblich

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH 1/3] nvme-auth: Don't log shared secret in nvme_auth_dhchap_exponential()
  2026-03-03 19:03 ` [PATCH 1/3] nvme-auth: Don't log shared secret in nvme_auth_dhchap_exponential() Thorsten Blum
  2026-03-03 19:03   ` [PATCH 2/3] nvmet-auth: Don't log DHCHAP keys in nvmet_setup_auth() Thorsten Blum
  2026-03-03 19:03   ` [PATCH 3/3] nvmet-auth: Don't log DHCHAP shared secret in nvmet_auth_ctrl_sesskey() Thorsten Blum
@ 2026-03-04  7:17   ` Hannes Reinecke
  2026-03-04  7:31   ` Nitesh Shetty
  3 siblings, 0 replies; 7+ messages in thread
From: Hannes Reinecke @ 2026-03-04  7:17 UTC (permalink / raw)
  To: Thorsten Blum, Keith Busch, Jens Axboe, Christoph Hellwig,
	Sagi Grimberg
  Cc: stable, linux-nvme, linux-kernel

On 3/3/26 20:03, Thorsten Blum wrote:
> When debug logging is enabled, nvme_auth_dhchap_exponential() logs the
> DHCHAP shared secret. Remove the log to avoid exposing key material.
> 
> Fixes: b61775d185a3 ("nvme-auth: Diffie-Hellman key exchange support")
> Cc: stable@vger.kernel.org
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> ---
>   drivers/nvme/host/auth.c | 2 --
>   1 file changed, 2 deletions(-)
> 
> diff --git a/drivers/nvme/host/auth.c b/drivers/nvme/host/auth.c
> index 405e7c03b1cf..5e4df2ac3cc0 100644
> --- a/drivers/nvme/host/auth.c
> +++ b/drivers/nvme/host/auth.c
> @@ -655,8 +655,6 @@ static int nvme_auth_dhchap_exponential(struct nvme_ctrl *ctrl,
>   		chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;
>   		return ret;
>   	}
> -	dev_dbg(ctrl->device, "shared secret %*ph\n",
> -		(int)chap->sess_key_len, chap->sess_key);
>   	return 0;
>   }
>   

Yeah, that was primarily for debugging.

Reviewed-by: Hannes Reinecke <hare@suse.de>

Cheers,

Hannes
-- 
Dr. Hannes Reinecke                  Kernel Storage Architect
hare@suse.de                                +49 911 74053 688
SUSE Software Solutions GmbH, Frankenstr. 146, 90461 Nürnberg
HRB 36809 (AG Nürnberg), GF: I. Totev, A. McDonald, W. Knoblich

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH 1/3] nvme-auth: Don't log shared secret in nvme_auth_dhchap_exponential()
  2026-03-03 19:03 ` [PATCH 1/3] nvme-auth: Don't log shared secret in nvme_auth_dhchap_exponential() Thorsten Blum
                     ` (2 preceding siblings ...)
  2026-03-04  7:17   ` [PATCH 1/3] nvme-auth: Don't log shared secret in nvme_auth_dhchap_exponential() Hannes Reinecke
@ 2026-03-04  7:31   ` Nitesh Shetty
  3 siblings, 0 replies; 7+ messages in thread
From: Nitesh Shetty @ 2026-03-04  7:31 UTC (permalink / raw)
  To: Thorsten Blum
  Cc: Hannes Reinecke, Keith Busch, Jens Axboe, Christoph Hellwig,
	Sagi Grimberg, stable, linux-nvme, linux-kernel

[-- Attachment #1: Type: text/plain, Size: 394 bytes --]

On 03/03/26 08:03PM, Thorsten Blum wrote:
>When debug logging is enabled, nvme_auth_dhchap_exponential() logs the
>DHCHAP shared secret. Remove the log to avoid exposing key material.
>
>Fixes: b61775d185a3 ("nvme-auth: Diffie-Hellman key exchange support")
>Cc: stable@vger.kernel.org
>Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>

Reviewed-by: Nitesh Shetty <nj.shetty@samsung.com>

[-- Attachment #2: Type: text/plain, Size: 0 bytes --]



^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2026-03-04  7:36 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
     [not found] <CGME20260304073624epcas5p45099e56c0d1c772b233d03f0cd847ea7@epcas5p4.samsung.com>
2026-03-03 19:03 ` [PATCH 1/3] nvme-auth: Don't log shared secret in nvme_auth_dhchap_exponential() Thorsten Blum
2026-03-03 19:03   ` [PATCH 2/3] nvmet-auth: Don't log DHCHAP keys in nvmet_setup_auth() Thorsten Blum
2026-03-04  7:19     ` Hannes Reinecke
2026-03-03 19:03   ` [PATCH 3/3] nvmet-auth: Don't log DHCHAP shared secret in nvmet_auth_ctrl_sesskey() Thorsten Blum
2026-03-04  7:20     ` Hannes Reinecke
2026-03-04  7:17   ` [PATCH 1/3] nvme-auth: Don't log shared secret in nvme_auth_dhchap_exponential() Hannes Reinecke
2026-03-04  7:31   ` Nitesh Shetty

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox