fabrics: add configuration option 'keyring'

author Hannes Reinecke <hare@suse.de>

Thu, 23 Mar 2023 09:14:03 +0000 (10:14 +0100)

committer Daniel Wagner <wagi@monom.org>

Mon, 27 Mar 2023 11:46:18 +0000 (13:46 +0200)
author Hannes Reinecke <hare@suse.de>
Thu, 23 Mar 2023 09:14:03 +0000 (10:14 +0100)
committer Daniel Wagner <wagi@monom.org>
Mon, 27 Mar 2023 11:46:18 +0000 (13:46 +0200)
diff --git a/doc/config-schema.json b/doc/config-schema.json

index bde3d91c2902afa59ae44a4f7a57bc35000d3a60..68b1e2fd9a7973007a5be3e868004864ee062ef7 100644 (file)
--- a/doc/config-schema.json
+++ b/doc/config-schema.json
@@ -94,6 +94,10 @@
                     "description": "Controller DH-HMAC-CHAP key",
                     "type": "string"
                 },
+               "keyring": {
+                   "description": "Keyring to store and lookup keys",
+                   "type": "string",
+               },
                 "nr_io_queues": {
                     "description": "Number of I/O queues",
                     "type": "integer"
diff --git a/doc/rst/fabrics.rst b/doc/rst/fabrics.rst

index a7e0e6005bf691112ca3a591d27b491af003410c..ace7929d77cbcdaae5f5211f01c465d8ce96d54b 100644 (file)
--- a/doc/rst/fabrics.rst
+++ b/doc/rst/fabrics.rst
@@ -27,6 +27,7 @@ Fabrics-specific definitions.
      int nr_write_queues;
      int nr_poll_queues;
      int tos;
+    int keyring;
      bool duplicate_connect;
      bool disable_sqflow;
      bool hdr_digest;
@@ -69,6 +70,9 @@ Fabrics-specific definitions.
  ``tos``
    Type of service
  
+``keyring``
+  Serial number of the keyring to store and lookup keys
+
  ``duplicate_connect``
    Allow multiple connections to the same target
  
diff --git a/src/nvme/fabrics.c b/src/nvme/fabrics.c

index 1c2521681dfe701d09071aff019ee43c2d913879..8c9cff311147f023a9891b3513e35a5ca0f1bfa2 100644 (file)
--- a/src/nvme/fabrics.c
+++ b/src/nvme/fabrics.c
@@ -216,6 +216,7 @@ static struct nvme_fabrics_config *merge_config(nvme_ctrl_t c,
                           NVMF_DEF_CTRL_LOSS_TMO);
         MERGE_CFG_OPTION(ctrl_cfg, cfg, fast_io_fail_tmo, 0);
         MERGE_CFG_OPTION(ctrl_cfg, cfg, tos, -1);
+       MERGE_CFG_OPTION(ctrl_cfg, cfg, keyring, 0);
         MERGE_CFG_OPTION(ctrl_cfg, cfg, duplicate_connect, false);
         MERGE_CFG_OPTION(ctrl_cfg, cfg, disable_sqflow, false);
         MERGE_CFG_OPTION(ctrl_cfg, cfg, hdr_digest, false);
@@ -243,6 +244,7 @@ void nvmf_update_config(nvme_ctrl_t c, const struct nvme_fabrics_config *cfg)
                           NVMF_DEF_CTRL_LOSS_TMO);
         UPDATE_CFG_OPTION(ctrl_cfg, cfg, fast_io_fail_tmo, 0);
         UPDATE_CFG_OPTION(ctrl_cfg, cfg, tos, -1);
+       UPDATE_CFG_OPTION(ctrl_cfg, cfg, keyring, 0);
         UPDATE_CFG_OPTION(ctrl_cfg, cfg, duplicate_connect, false);
         UPDATE_CFG_OPTION(ctrl_cfg, cfg, disable_sqflow, false);
         UPDATE_CFG_OPTION(ctrl_cfg, cfg, hdr_digest, false);
@@ -517,6 +519,7 @@ static int build_options(nvme_host_t h, nvme_ctrl_t c, char **argstr)
                               cfg->fast_io_fail_tmo, false)) ||
             (strcmp(transport, "loop") &&
              add_int_argument(argstr, "tos", cfg->tos, true)) ||
+           add_int_argument(argstr, "keyring", cfg->keyring, false) ||
             add_bool_argument(argstr, "duplicate_connect",
                               cfg->duplicate_connect) ||
             add_bool_argument(argstr, "disable_sqflow",
diff --git a/src/nvme/fabrics.h b/src/nvme/fabrics.h

index 272bb40815627243f642e4575d5da6eef5731c66..68f171abddcc68ec012a903f1b8a657216a96a4c 100644 (file)
--- a/src/nvme/fabrics.h
+++ b/src/nvme/fabrics.h
@@ -35,6 +35,7 @@
   * @nr_write_queues:   Number of queues to use for exclusively for writing
   * @nr_poll_queues:    Number of queues to reserve for polling completions
   * @tos:               Type of service
+ * @keyring:           Keyring to store and lookup keys
   * @duplicate_connect: Allow multiple connections to the same target
   * @disable_sqflow:    Disable controller sq flow control
   * @hdr_digest:                Generate/verify header digest (TCP)
@@ -53,6 +54,7 @@ struct nvme_fabrics_config {
         int nr_write_queues;
         int nr_poll_queues;
         int tos;
+       int keyring;
  
         bool duplicate_connect;
         bool disable_sqflow;
diff --git a/src/nvme/json.c b/src/nvme/json.c

index 072b6228af0674dad32cd324a18f75dfd78977ab..d0f36bd9177c7d1674149ac8b550163d2415848b 100644 (file)
--- a/src/nvme/json.c
+++ b/src/nvme/json.c
@@ -17,6 +17,7 @@
  #include "fabrics.h"
  #include "log.h"
  #include "private.h"
+#include "linux.h"
  
  #define JSON_UPDATE_INT_OPTION(c, k, a, o)                             \
         if (!strcmp(# a, k ) && !c->a) c->a = json_object_get_int(o);
@@ -64,6 +65,19 @@ static void json_update_attributes(nvme_ctrl_t c,
                 if (!strcmp("discovery", key_str) &&
                     !nvme_ctrl_is_discovery_ctrl(c))
                         nvme_ctrl_set_discovery_ctrl(c, true);
+               /*
+                * The JSON configuration holds the keyring description
+                * which needs to be converted into the keyring serial number.
+                */
+               if (!strcmp("keyring", key_str) && cfg->keyring == 0) {
+                       long keyring;
+
+                       keyring = nvme_lookup_keyring(json_object_get_string(val_obj));
+                       if (keyring) {
+                               cfg->keyring = keyring;
+                               nvme_set_keyring(cfg->keyring);
+                       }
+               }
         }
  }
  
@@ -299,6 +313,19 @@ static void json_update_port(struct json_object *ctrl_array, nvme_ctrl_t c)
         if (nvme_ctrl_is_discovery_ctrl(c))
                 json_object_object_add(port_obj, "discovery",
                                        json_object_new_boolean(true));
+       /*
+        * Store the keyring description in the JSON config file.
+        */
+       if (cfg->keyring) {
+               char *desc = nvme_describe_key_serial(cfg->keyring);
+
+               if (desc) {
+                       json_object_object_add(port_obj, "keyring",
+                                              json_object_new_string(desc));
+                       free(desc);
+               }
+       }
+
         json_object_array_add(ctrl_array, port_obj);
  }
author	Hannes Reinecke <hare@suse.de>
	Thu, 23 Mar 2023 09:14:03 +0000 (10:14 +0100)
committer	Daniel Wagner <wagi@monom.org>
	Mon, 27 Mar 2023 11:46:18 +0000 (13:46 +0200)
doc/config-schema.json		patch \| blob \| history
doc/rst/fabrics.rst		patch \| blob \| history
src/nvme/fabrics.c		patch \| blob \| history
src/nvme/fabrics.h		patch \| blob \| history
src/nvme/json.c		patch \| blob \| history