]> www.infradead.org Git - users/hch/block.git/commit
projects / users / hch / block.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 4e893ca) | patch
nvme-keyring: restrict match length for version '1' identifiers
authorHannes Reinecke <hare@kernel.org>
Mon, 22 Jul 2024 12:02:18 +0000 (14:02 +0200)
committerKeith Busch <kbusch@kernel.org>
Thu, 22 Aug 2024 20:22:41 +0000 (13:22 -0700)
commit79559c75332458985ab8a21f11b08bf7c9b833b0
tree6c57e7e8bd873a0684f60d2830a1af94c01983ectree
parent4e893ca8117022de68ce1b61c0309e3d17bb8a25commit | diff
nvme-keyring: restrict match length for version '1' identifiers

TP8018 introduced a new TLS PSK identifier version (version 1), which appended
a PSK hash value to the existing identifier (cf NVMe TCP specification v1.1,
section 3.6.1.3 'TLS PSK and PSK Identity Derivation').
An original (version 0) identifier has the form:

NVMe0<type><hmac> <hostnqn> <subsysnqn>

and a version 1 identifier has the form:

NVMe1<type><hmac> <hostnqn> <subsysnqn> <hash>

This patch modifies the lookup algorthm to compare only the first part
of the identifier (excluding the hash value) to handle both version 0 and
version 1 identifiers.
And the spec declares 'version 0' identifiers obsolete, so the lookup
algorithm is modified to prever v1 identifiers.

Signed-off-by: Hannes Reinecke <hare@kernel.org>
Reviewed-by: Sagi Grimberg <sagi@grimberg.me>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Keith Busch <kbusch@kernel.org>
drivers/nvme/common/keyring.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.