[PATCH 1/3] nvme-fabrics: factor out auth code into helper

All the mail mirrored from lore.kernel.org
 help / color / mirror / Atom feed

From: Chaitanya Kulkarni <kch@nvidia.com>
To: <hare@suse.de>
Cc: <kbusch@kernel.org>, <hch@lst.de>, <sagi@grimberg.me>,
	<linux-nvme@lists.infradead.org>,
	Chaitanya Kulkarni <kch@nvidia.com>
Subject: [PATCH 1/3] nvme-fabrics: factor out auth code into helper
Date: Wed, 7 Feb 2024 22:24:25 -0800	[thread overview]
Message-ID: <20240208062427.31255-2-kch@nvidia.com> (raw)
In-Reply-To: <20240208062427.31255-1-kch@nvidia.com>

Post connect command authentication handling code is repeated into in
nvmf_connect_admin_queue() and nvmf_connect_io_queue().

Add a helper to handle post connect command authentication helper. Use
the same helper in nvmf_connect_admin_queue(). This also removes
authentication specific code from a build where authentication feature
is not configured.

Signed-off-by: Chaitanya Kulkarni <kch@nvidia.com>
---
 drivers/nvme/host/auth.c    | 32 ++++++++++++++++++++++++++++++++
 drivers/nvme/host/fabrics.c | 25 +------------------------
 drivers/nvme/host/nvme.h    |  8 ++++++++
 3 files changed, 41 insertions(+), 24 deletions(-)

diff --git a/drivers/nvme/host/auth.c b/drivers/nvme/host/auth.c
index 3dce480d932e..159071462738 100644
--- a/drivers/nvme/host/auth.c
+++ b/drivers/nvme/host/auth.c
@@ -988,6 +988,38 @@ void nvme_auth_stop(struct nvme_ctrl *ctrl)
 }
 EXPORT_SYMBOL_GPL(nvme_auth_stop);
 
+u16 nvme_auth_post_connect(struct nvme_ctrl *ctrl, u16 qid, u32 result)
+{
+	int ret;
+
+	if (!(result & (NVME_CONNECT_AUTHREQ_ATR | NVME_CONNECT_AUTHREQ_ASCR)))
+		return NVME_SC_SUCCESS;
+
+	/* Secure concatenation is not implemented */
+	if (result & NVME_CONNECT_AUTHREQ_ASCR) {
+		dev_warn(ctrl->device,
+			  "qid %u: secure concatenation is not supported\n",
+			  qid);
+		return NVME_SC_AUTH_REQUIRED;
+	}
+	/* Authentication required */
+	ret = nvme_auth_negotiate(ctrl, qid);
+	if (ret) {
+		dev_warn(ctrl->device,
+			 "qid %u: authentication setup failed\n", qid);
+		return NVME_SC_AUTH_REQUIRED;
+	}
+	ret = nvme_auth_wait(ctrl, qid);
+	if (ret) {
+		dev_warn(ctrl->device, "qid %u: authentication failed\n", qid);
+		return ret;
+	}
+	if (!qid)
+		dev_info(ctrl->device, "qid 0: authenticated\n");
+	return ret;
+}
+EXPORT_SYMBOL_GPL(nvme_auth_post_connect);
+
 void nvme_auth_free(struct nvme_ctrl *ctrl)
 {
 	int i;
diff --git a/drivers/nvme/host/fabrics.c b/drivers/nvme/host/fabrics.c
index 373ed08e6b92..24f0d298825b 100644
--- a/drivers/nvme/host/fabrics.c
+++ b/drivers/nvme/host/fabrics.c
@@ -460,30 +460,7 @@ int nvmf_connect_admin_queue(struct nvme_ctrl *ctrl)
 
 	result = le32_to_cpu(res.u32);
 	ctrl->cntlid = result & 0xFFFF;
-	if (result & (NVME_CONNECT_AUTHREQ_ATR | NVME_CONNECT_AUTHREQ_ASCR)) {
-		/* Secure concatenation is not implemented */
-		if (result & NVME_CONNECT_AUTHREQ_ASCR) {
-			dev_warn(ctrl->device,
-				 "qid 0: secure concatenation is not supported\n");
-			ret = NVME_SC_AUTH_REQUIRED;
-			goto out_free_data;
-		}
-		/* Authentication required */
-		ret = nvme_auth_negotiate(ctrl, 0);
-		if (ret) {
-			dev_warn(ctrl->device,
-				 "qid 0: authentication setup failed\n");
-			ret = NVME_SC_AUTH_REQUIRED;
-			goto out_free_data;
-		}
-		ret = nvme_auth_wait(ctrl, 0);
-		if (ret)
-			dev_warn(ctrl->device,
-				 "qid 0: authentication failed\n");
-		else
-			dev_info(ctrl->device,
-				 "qid 0: authenticated\n");
-	}
+	ret = nvme_auth_post_connect(ctrl, 0, result);
 out_free_data:
 	kfree(data);
 	return ret;
diff --git a/drivers/nvme/host/nvme.h b/drivers/nvme/host/nvme.h
index 1700063bc24d..bb1c9b74aa55 100644
--- a/drivers/nvme/host/nvme.h
+++ b/drivers/nvme/host/nvme.h
@@ -1085,6 +1085,7 @@ void nvme_auth_stop(struct nvme_ctrl *ctrl);
 int nvme_auth_negotiate(struct nvme_ctrl *ctrl, int qid);
 int nvme_auth_wait(struct nvme_ctrl *ctrl, int qid);
 void nvme_auth_free(struct nvme_ctrl *ctrl);
+u16 nvme_auth_post_connect(struct nvme_ctrl *ctrl, u16 qid, u32 result);
 #else
 static inline int nvme_auth_init_ctrl(struct nvme_ctrl *ctrl)
 {
@@ -1107,6 +1108,13 @@ static inline int nvme_auth_wait(struct nvme_ctrl *ctrl, int qid)
 	return NVME_SC_AUTH_REQUIRED;
 }
 static inline void nvme_auth_free(struct nvme_ctrl *ctrl) {};
+static inline u16 nvme_auth_post_connect(struct nvme_ctrl *ctrl, u16 qid,
+		u32 result)
+{
+	if (result & (NVME_CONNECT_AUTHREQ_ATR | NVME_CONNECT_AUTHREQ_ASCR))
+		return NVME_SC_AUTH_REQUIRED;
+	return NVME_SC_SUCCESS;
+}
 #endif
 
 u32 nvme_command_effects(struct nvme_ctrl *ctrl, struct nvme_ns *ns,
-- 
2.40.0

next prev parent reply	other threads:[~2024-02-08  6:25 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-02-08  6:24 [PATCH 0/3] nvme-fabrics: add post connect auth code helper Chaitanya Kulkarni
2024-02-08  6:24 ` Chaitanya Kulkarni [this message]
2024-04-18  9:30   ` [PATCH 1/3] nvme-fabrics: factor out auth code into helper Sagi Grimberg
2024-04-23 19:57     ` Chaitanya Kulkarni
2024-05-23  9:35   ` Hannes Reinecke
2024-02-08  6:24 ` [PATCH 2/3] nvme-fabrics: use post connect auth helper Chaitanya Kulkarni
2024-04-18  9:31   ` Sagi Grimberg
2024-05-23  9:39   ` Hannes Reinecke
2024-02-08  6:24 ` [PATCH 3/3] nvme-auth: unexport negotiate and wait functions Chaitanya Kulkarni
2024-04-18  9:32   ` Sagi Grimberg
2024-05-23  9:40   ` Hannes Reinecke
2024-04-16  3:53 ` [PATCH 0/3] nvme-fabrics: add post connect auth code helper Chaitanya Kulkarni
2024-04-18  4:24   ` Chaitanya Kulkarni

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:3dce480d932 dfblob:15907146273 dfblob:373ed08e6b9
dfblob:24f0d298825 dfblob:1700063bc24 dfblob:bb1c9b74aa5 )
 OR (
bs:"[PATCH 1/3] nvme-fabrics: factor out auth code into helper" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240208062427.31255-2-kch@nvidia.com \
    --to=kch@nvidia.com \
    --cc=hare@suse.de \
    --cc=hch@lst.de \
    --cc=kbusch@kernel.org \
    --cc=linux-nvme@lists.infradead.org \
    --cc=sagi@grimberg.me \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.