nvme/044: test bi-directional authentication

Signed-off-by: Hannes Reinecke <hare@suse.de>

diff --git a/tests/nvme/044 b/tests/nvme/044
new file mode 100755 (executable)
index 0000000..0465531
--- /dev/null
+++ b/tests/nvme/044
@@ -0,0 +1,122 @@
+#!/bin/bash
+# SPDX-License-Identifier: GPL-3.0+
+# Copyright (C) 2022 Hannes Reinecke, SUSE Labs
+#
+# Test bi-directional authentication
+
+. tests/nvme/rc
+
+DESCRIPTION="Test bi-directional authentication"
+QUICK=1
+
+requires() {
+       _nvme_requires
+       _have_loop
+       _have_kernel_option NVME_AUTH
+       _have_kernel_option NVME_TARGET_AUTH
+       _require_nvme_trtype_is_fabrics
+       _require_nvme_cli_auth
+}
+
+
+test() {
+       local port
+       local subsys_name="blktests-subsystem-1"
+       local hostid
+       local hostnqn="nqn.2014-08.org.nvmexpress:uuid:${hostid}"
+       local file_path="${TMPDIR}/img"
+       local hostkey
+       local ctrlkey
+       local ctrldev
+
+       echo "Running ${TEST_NAME}"
+
+       hostid="$(uuidgen)"
+       if [ -z "$hostid" ] ; then
+               echo "uuidgen failed"
+               return 1
+       fi
+
+       hostkey="$(nvme gen-dhchap-key -n ${subsys_name} 2> /dev/null)"
+       if [ -z "$hostkey" ] ; then
+               echo "failed to generate host key"
+               return 1
+       fi
+
+       ctrlkey="$(nvme gen-dhchap-key -n ${subsys_name} 2> /dev/null)"
+       if [ -z "$ctrlkey" ] ; then
+               echo "failed to generate ctrl key"
+               return 1
+       fi
+
+       _setup_nvmet
+
+       truncate -s 512M "${file_path}"
+
+       _create_nvmet_subsystem "${subsys_name}" "${file_path}"
+       port="$(_create_nvmet_port "${nvme_trtype}")"
+       _add_nvmet_subsys_to_port "${port}" "${subsys_name}"
+       _create_nvmet_host "${subsys_name}" "${hostnqn}" \
+                          "${hostkey}" "${ctrlkey}"
+
+       _set_nvmet_dhgroup "${hostnqn}" "ffdhe2048"
+
+       # Step 1: Connect with host authentication only
+       echo "Test host authentication"
+       _nvme_connect_subsys "${nvme_trtype}" "${subsys_name}" \
+                            "${def_traddr}" "${def_trsvcid}" \
+                            "${hostnqn}" "${hostid}" \
+                            "${hostkey}"
+
+       udevadm settle
+
+       _nvme_disconnect_subsys "${subsys_name}"
+
+       # Step 2: Connect with host authentication
+       # and invalid ctrl authentication
+       echo "Test invalid ctrl authentication (should fail)"
+       _nvme_connect_subsys "${nvme_trtype}" "${subsys_name}" \
+                            "${def_traddr}" "${def_trsvcid}" \
+                            "${hostnqn}" "${hostid}" \
+                            "${hostkey}" "${hostkey}"
+
+       udevadm settle
+
+       _nvme_disconnect_subsys "${subsys_name}"
+
+       # Step 3: Connect with host authentication
+       # and valid ctrl authentication
+       echo "Test valid ctrl authentication"
+       _nvme_connect_subsys "${nvme_trtype}" "${subsys_name}" \
+                            "${def_traddr}" "${def_trsvcid}" \
+                            "${hostnqn}" "${hostid}" \
+                            "${hostkey}" "${ctrlkey}"
+
+       udevadm settle
+
+       _nvme_disconnect_subsys "${subsys_name}"
+
+       # Step 4: Connect with host authentication
+       # and invalid ctrl key
+       echo "Test invalid ctrl key (should fail)"
+       invkey="DHHC-1:00:Jc/My1o0qtLCWRp+sHhAVafdfaS7YQOMYhk9zSmlatobqB8C:"
+       _nvme_connect_subsys "${nvme_trtype}" "${subsys_name}" \
+                            "${def_traddr}" "${def_trsvcid}" \
+                            "${hostnqn}" "${hostid}" \
+                            "${hostkey}" "${invkey}"
+
+       udevadm settle
+
+       _nvme_disconnect_subsys "${subsys_name}"
+
+       _remove_nvmet_subsystem_from_port "${port}" "${subsys_name}"
+       _remove_nvmet_subsystem "${subsys_name}"
+
+       _remove_nvmet_port "${port}"
+
+       _remove_nvmet_host "${hostnqn}"
+
+       rm "${file_path}"
+
+       echo "Test complete"
+}

diff --git a/tests/nvme/044.out b/tests/nvme/044.out
new file mode 100644 (file)
index 0000000..d2fefa9
--- /dev/null
+++ b/tests/nvme/044.out
@@ -0,0 +1,12 @@
+Running nvme/044
+Test host authentication
+NQN:blktests-subsystem-1 disconnected 1 controller(s)
+Test invalid ctrl authentication (should fail)
+no controller found: failed to write to nvme-fabrics device
+NQN:blktests-subsystem-1 disconnected 0 controller(s)
+Test valid ctrl authentication
+NQN:blktests-subsystem-1 disconnected 1 controller(s)
+Test invalid ctrl key (should fail)
+no controller found: failed to write to nvme-fabrics device
+NQN:blktests-subsystem-1 disconnected 0 controller(s)
+Test complete