Skip to content

Commit f047dae

Browse files
shifteekeithbusch
shiftee
authored and
keithbusch
committed
nvme-auth: use transformed key size to create resp
This does not change current behaviour as the driver currently verifies that the secret size is the same size as the length of the transformation hash. Co-developed-by: Akash Appaiah <Akash.Appaiah@dell.com> Signed-off-by: Akash Appaiah <Akash.Appaiah@dell.com> Signed-off-by: Mark O'Donovan <shiftee@posteo.net> Reviewed-by: Hannes Reinecke <hare@suse.de> Signed-off-by: Keith Busch <kbusch@kernel.org>
1 parent 3ebed37 commit f047dae

4 files changed

Lines changed: 48 additions & 39 deletions

File tree

drivers/nvme/common/auth.c

Lines changed: 14 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -242,21 +242,25 @@ void nvme_auth_free_key(struct nvme_dhchap_key *key)
242242
}
243243
EXPORT_SYMBOL_GPL(nvme_auth_free_key);
244244

245-
u8 *nvme_auth_transform_key(struct nvme_dhchap_key *key, char *nqn)
245+
struct nvme_dhchap_key *nvme_auth_transform_key(
246+
struct nvme_dhchap_key *key, char *nqn)
246247
{
247248
const char *hmac_name;
248249
struct crypto_shash *key_tfm;
249250
struct shash_desc *shash;
250-
u8 *transformed_key;
251-
int ret;
251+
struct nvme_dhchap_key *transformed_key;
252+
int ret, key_len;
252253

253254
if (!key) {
254255
pr_warn("No key specified\n");
255256
return ERR_PTR(-ENOKEY);
256257
}
257258
if (key->hash == 0) {
258-
transformed_key = kmemdup(key->key, key->len, GFP_KERNEL);
259-
return transformed_key ? transformed_key : ERR_PTR(-ENOMEM);
259+
key_len = nvme_auth_key_struct_size(key->len);
260+
transformed_key = kmemdup(key, key_len, GFP_KERNEL);
261+
if (!transformed_key)
262+
return ERR_PTR(-ENOMEM);
263+
return transformed_key;
260264
}
261265
hmac_name = nvme_auth_hmac_name(key->hash);
262266
if (!hmac_name) {
@@ -266,7 +270,7 @@ u8 *nvme_auth_transform_key(struct nvme_dhchap_key *key, char *nqn)
266270

267271
key_tfm = crypto_alloc_shash(hmac_name, 0, 0);
268272
if (IS_ERR(key_tfm))
269-
return (u8 *)key_tfm;
273+
return ERR_CAST(key_tfm);
270274

271275
shash = kmalloc(sizeof(struct shash_desc) +
272276
crypto_shash_descsize(key_tfm),
@@ -276,7 +280,8 @@ u8 *nvme_auth_transform_key(struct nvme_dhchap_key *key, char *nqn)
276280
goto out_free_key;
277281
}
278282

279-
transformed_key = kzalloc(crypto_shash_digestsize(key_tfm), GFP_KERNEL);
283+
key_len = crypto_shash_digestsize(key_tfm);
284+
transformed_key = nvme_auth_alloc_key(key_len, key->hash);
280285
if (!transformed_key) {
281286
ret = -ENOMEM;
282287
goto out_free_shash;
@@ -295,7 +300,7 @@ u8 *nvme_auth_transform_key(struct nvme_dhchap_key *key, char *nqn)
295300
ret = crypto_shash_update(shash, "NVMe-over-Fabrics", 17);
296301
if (ret < 0)
297302
goto out_free_transformed_key;
298-
ret = crypto_shash_final(shash, transformed_key);
303+
ret = crypto_shash_final(shash, transformed_key->key);
299304
if (ret < 0)
300305
goto out_free_transformed_key;
301306

@@ -305,7 +310,7 @@ u8 *nvme_auth_transform_key(struct nvme_dhchap_key *key, char *nqn)
305310
return transformed_key;
306311

307312
out_free_transformed_key:
308-
kfree_sensitive(transformed_key);
313+
nvme_auth_free_key(transformed_key);
309314
out_free_shash:
310315
kfree(shash);
311316
out_free_key:

drivers/nvme/host/auth.c

Lines changed: 15 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@ struct nvme_dhchap_queue_context {
2323
struct nvme_ctrl *ctrl;
2424
struct crypto_shash *shash_tfm;
2525
struct crypto_kpp *dh_tfm;
26+
struct nvme_dhchap_key *transformed_key;
2627
void *buf;
2728
int qid;
2829
int error;
@@ -36,7 +37,6 @@ struct nvme_dhchap_queue_context {
3637
u8 c1[64];
3738
u8 c2[64];
3839
u8 response[64];
39-
u8 *host_response;
4040
u8 *ctrl_key;
4141
u8 *host_key;
4242
u8 *sess_key;
@@ -428,12 +428,12 @@ static int nvme_auth_dhchap_setup_host_response(struct nvme_ctrl *ctrl,
428428
dev_dbg(ctrl->device, "%s: qid %d host response seq %u transaction %d\n",
429429
__func__, chap->qid, chap->s1, chap->transaction);
430430

431-
if (!chap->host_response) {
432-
chap->host_response = nvme_auth_transform_key(ctrl->host_key,
431+
if (!chap->transformed_key) {
432+
chap->transformed_key = nvme_auth_transform_key(ctrl->host_key,
433433
ctrl->opts->host->nqn);
434-
if (IS_ERR(chap->host_response)) {
435-
ret = PTR_ERR(chap->host_response);
436-
chap->host_response = NULL;
434+
if (IS_ERR(chap->transformed_key)) {
435+
ret = PTR_ERR(chap->transformed_key);
436+
chap->transformed_key = NULL;
437437
return ret;
438438
}
439439
} else {
@@ -442,7 +442,7 @@ static int nvme_auth_dhchap_setup_host_response(struct nvme_ctrl *ctrl,
442442
}
443443

444444
ret = crypto_shash_setkey(chap->shash_tfm,
445-
chap->host_response, ctrl->host_key->len);
445+
chap->transformed_key->key, chap->transformed_key->len);
446446
if (ret) {
447447
dev_warn(ctrl->device, "qid %d: failed to set key, error %d\n",
448448
chap->qid, ret);
@@ -508,19 +508,19 @@ static int nvme_auth_dhchap_setup_ctrl_response(struct nvme_ctrl *ctrl,
508508
struct nvme_dhchap_queue_context *chap)
509509
{
510510
SHASH_DESC_ON_STACK(shash, chap->shash_tfm);
511-
u8 *ctrl_response;
511+
struct nvme_dhchap_key *transformed_key;
512512
u8 buf[4], *challenge = chap->c2;
513513
int ret;
514514

515-
ctrl_response = nvme_auth_transform_key(ctrl->ctrl_key,
515+
transformed_key = nvme_auth_transform_key(ctrl->ctrl_key,
516516
ctrl->opts->subsysnqn);
517-
if (IS_ERR(ctrl_response)) {
518-
ret = PTR_ERR(ctrl_response);
517+
if (IS_ERR(transformed_key)) {
518+
ret = PTR_ERR(transformed_key);
519519
return ret;
520520
}
521521

522522
ret = crypto_shash_setkey(chap->shash_tfm,
523-
ctrl_response, ctrl->ctrl_key->len);
523+
transformed_key->key, transformed_key->len);
524524
if (ret) {
525525
dev_warn(ctrl->device, "qid %d: failed to set key, error %d\n",
526526
chap->qid, ret);
@@ -586,7 +586,7 @@ static int nvme_auth_dhchap_setup_ctrl_response(struct nvme_ctrl *ctrl,
586586
out:
587587
if (challenge != chap->c2)
588588
kfree(challenge);
589-
kfree(ctrl_response);
589+
nvme_auth_free_key(transformed_key);
590590
return ret;
591591
}
592592

@@ -648,8 +648,8 @@ static int nvme_auth_dhchap_exponential(struct nvme_ctrl *ctrl,
648648

649649
static void nvme_auth_reset_dhchap(struct nvme_dhchap_queue_context *chap)
650650
{
651-
kfree_sensitive(chap->host_response);
652-
chap->host_response = NULL;
651+
nvme_auth_free_key(chap->transformed_key);
652+
chap->transformed_key = NULL;
653653
kfree_sensitive(chap->host_key);
654654
chap->host_key = NULL;
655655
chap->host_key_len = 0;

drivers/nvme/target/auth.c

Lines changed: 17 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -267,7 +267,8 @@ int nvmet_auth_host_hash(struct nvmet_req *req, u8 *response,
267267
struct shash_desc *shash;
268268
struct nvmet_ctrl *ctrl = req->sq->ctrl;
269269
const char *hash_name;
270-
u8 *challenge = req->sq->dhchap_c1, *host_response;
270+
u8 *challenge = req->sq->dhchap_c1;
271+
struct nvme_dhchap_key *transformed_key;
271272
u8 buf[4];
272273
int ret;
273274

@@ -291,14 +292,15 @@ int nvmet_auth_host_hash(struct nvmet_req *req, u8 *response,
291292
goto out_free_tfm;
292293
}
293294

294-
host_response = nvme_auth_transform_key(ctrl->host_key, ctrl->hostnqn);
295-
if (IS_ERR(host_response)) {
296-
ret = PTR_ERR(host_response);
295+
transformed_key = nvme_auth_transform_key(ctrl->host_key,
296+
ctrl->hostnqn);
297+
if (IS_ERR(transformed_key)) {
298+
ret = PTR_ERR(transformed_key);
297299
goto out_free_tfm;
298300
}
299301

300-
ret = crypto_shash_setkey(shash_tfm, host_response,
301-
ctrl->host_key->len);
302+
ret = crypto_shash_setkey(shash_tfm, transformed_key->key,
303+
transformed_key->len);
302304
if (ret)
303305
goto out_free_response;
304306

@@ -365,7 +367,7 @@ int nvmet_auth_host_hash(struct nvmet_req *req, u8 *response,
365367
kfree(challenge);
366368
kfree(shash);
367369
out_free_response:
368-
kfree_sensitive(host_response);
370+
nvme_auth_free_key(transformed_key);
369371
out_free_tfm:
370372
crypto_free_shash(shash_tfm);
371373
return 0;
@@ -378,7 +380,8 @@ int nvmet_auth_ctrl_hash(struct nvmet_req *req, u8 *response,
378380
struct shash_desc *shash;
379381
struct nvmet_ctrl *ctrl = req->sq->ctrl;
380382
const char *hash_name;
381-
u8 *challenge = req->sq->dhchap_c2, *ctrl_response;
383+
u8 *challenge = req->sq->dhchap_c2;
384+
struct nvme_dhchap_key *transformed_key;
382385
u8 buf[4];
383386
int ret;
384387

@@ -402,15 +405,15 @@ int nvmet_auth_ctrl_hash(struct nvmet_req *req, u8 *response,
402405
goto out_free_tfm;
403406
}
404407

405-
ctrl_response = nvme_auth_transform_key(ctrl->ctrl_key,
408+
transformed_key = nvme_auth_transform_key(ctrl->ctrl_key,
406409
ctrl->subsysnqn);
407-
if (IS_ERR(ctrl_response)) {
408-
ret = PTR_ERR(ctrl_response);
410+
if (IS_ERR(transformed_key)) {
411+
ret = PTR_ERR(transformed_key);
409412
goto out_free_tfm;
410413
}
411414

412-
ret = crypto_shash_setkey(shash_tfm, ctrl_response,
413-
ctrl->ctrl_key->len);
415+
ret = crypto_shash_setkey(shash_tfm, transformed_key->key,
416+
transformed_key->len);
414417
if (ret)
415418
goto out_free_response;
416419

@@ -474,7 +477,7 @@ int nvmet_auth_ctrl_hash(struct nvmet_req *req, u8 *response,
474477
kfree(challenge);
475478
kfree(shash);
476479
out_free_response:
477-
kfree_sensitive(ctrl_response);
480+
nvme_auth_free_key(transformed_key);
478481
out_free_tfm:
479482
crypto_free_shash(shash_tfm);
480483
return 0;

include/linux/nvme-auth.h

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,8 @@ struct nvme_dhchap_key *nvme_auth_extract_key(unsigned char *secret,
2929
u8 key_hash);
3030
void nvme_auth_free_key(struct nvme_dhchap_key *key);
3131
struct nvme_dhchap_key *nvme_auth_alloc_key(u32 len, u8 hash);
32-
u8 *nvme_auth_transform_key(struct nvme_dhchap_key *key, char *nqn);
32+
struct nvme_dhchap_key *nvme_auth_transform_key(
33+
struct nvme_dhchap_key *key, char *nqn);
3334
int nvme_auth_generate_key(u8 *secret, struct nvme_dhchap_key **ret_key);
3435
int nvme_auth_augmented_challenge(u8 hmac_id, u8 *skey, size_t skey_len,
3536
u8 *challenge, u8 *aug, size_t hlen);

0 commit comments

Comments
 (0)