Lines Matching refs:ctrl
59 int nvmet_setup_dhgroup(struct nvmet_ctrl *ctrl, u8 dhgroup_id) in nvmet_setup_dhgroup() argument
65 __func__, ctrl->cntlid, dhgroup_id); in nvmet_setup_dhgroup()
67 if (ctrl->dh_tfm) { in nvmet_setup_dhgroup()
68 if (ctrl->dh_gid == dhgroup_id) { in nvmet_setup_dhgroup()
70 __func__, ctrl->cntlid, dhgroup_id); in nvmet_setup_dhgroup()
73 crypto_free_kpp(ctrl->dh_tfm); in nvmet_setup_dhgroup()
74 ctrl->dh_tfm = NULL; in nvmet_setup_dhgroup()
75 ctrl->dh_gid = 0; in nvmet_setup_dhgroup()
84 __func__, ctrl->cntlid, dhgroup_id); in nvmet_setup_dhgroup()
87 ctrl->dh_tfm = crypto_alloc_kpp(dhgroup_kpp, 0, 0); in nvmet_setup_dhgroup()
88 if (IS_ERR(ctrl->dh_tfm)) { in nvmet_setup_dhgroup()
90 __func__, ctrl->cntlid, dhgroup_id, in nvmet_setup_dhgroup()
91 PTR_ERR(ctrl->dh_tfm)); in nvmet_setup_dhgroup()
92 ret = PTR_ERR(ctrl->dh_tfm); in nvmet_setup_dhgroup()
93 ctrl->dh_tfm = NULL; in nvmet_setup_dhgroup()
94 ctrl->dh_gid = 0; in nvmet_setup_dhgroup()
96 ctrl->dh_gid = dhgroup_id; in nvmet_setup_dhgroup()
98 __func__, ctrl->cntlid, ctrl->dh_gid); in nvmet_setup_dhgroup()
99 ret = nvme_auth_gen_privkey(ctrl->dh_tfm, ctrl->dh_gid); in nvmet_setup_dhgroup()
102 __func__, ctrl->cntlid, ret); in nvmet_setup_dhgroup()
103 kfree_sensitive(ctrl->dh_key); in nvmet_setup_dhgroup()
106 ctrl->dh_keysize = crypto_kpp_maxsize(ctrl->dh_tfm); in nvmet_setup_dhgroup()
107 kfree_sensitive(ctrl->dh_key); in nvmet_setup_dhgroup()
108 ctrl->dh_key = kzalloc(ctrl->dh_keysize, GFP_KERNEL); in nvmet_setup_dhgroup()
109 if (!ctrl->dh_key) { in nvmet_setup_dhgroup()
111 ctrl->cntlid); in nvmet_setup_dhgroup()
114 ret = nvme_auth_gen_pubkey(ctrl->dh_tfm, ctrl->dh_key, in nvmet_setup_dhgroup()
115 ctrl->dh_keysize); in nvmet_setup_dhgroup()
118 ctrl->cntlid); in nvmet_setup_dhgroup()
119 kfree(ctrl->dh_key); in nvmet_setup_dhgroup()
120 ctrl->dh_key = NULL; in nvmet_setup_dhgroup()
127 int nvmet_setup_auth(struct nvmet_ctrl *ctrl) in nvmet_setup_auth() argument
135 if (nvmet_is_disc_subsys(ctrl->subsys)) in nvmet_setup_auth()
138 if (ctrl->subsys->allow_any_host) in nvmet_setup_auth()
141 list_for_each_entry(p, &ctrl->subsys->hosts, entry) { in nvmet_setup_auth()
143 if (strcmp(nvmet_host_name(p->host), ctrl->hostnqn)) in nvmet_setup_auth()
149 pr_debug("host %s not found\n", ctrl->hostnqn); in nvmet_setup_auth()
154 ret = nvmet_setup_dhgroup(ctrl, host->dhchap_dhgroup_id); in nvmet_setup_auth()
163 if (host->dhchap_hash_id == ctrl->shash_id) { in nvmet_setup_auth()
165 ctrl->shash_id); in nvmet_setup_auth()
173 ctrl->shash_id = host->dhchap_hash_id; in nvmet_setup_auth()
177 nvme_auth_free_key(ctrl->host_key); in nvmet_setup_auth()
178 ctrl->host_key = nvme_auth_extract_key(host->dhchap_secret + 10, in nvmet_setup_auth()
180 if (IS_ERR(ctrl->host_key)) { in nvmet_setup_auth()
181 ret = PTR_ERR(ctrl->host_key); in nvmet_setup_auth()
182 ctrl->host_key = NULL; in nvmet_setup_auth()
186 ctrl->host_key->hash > 0 ? in nvmet_setup_auth()
187 nvme_auth_hmac_name(ctrl->host_key->hash) : "none", in nvmet_setup_auth()
188 (int)ctrl->host_key->len, ctrl->host_key->key); in nvmet_setup_auth()
190 nvme_auth_free_key(ctrl->ctrl_key); in nvmet_setup_auth()
192 ctrl->ctrl_key = NULL; in nvmet_setup_auth()
196 ctrl->ctrl_key = nvme_auth_extract_key(host->dhchap_ctrl_secret + 10, in nvmet_setup_auth()
198 if (IS_ERR(ctrl->ctrl_key)) { in nvmet_setup_auth()
199 ret = PTR_ERR(ctrl->ctrl_key); in nvmet_setup_auth()
200 ctrl->ctrl_key = NULL; in nvmet_setup_auth()
204 ctrl->ctrl_key->hash > 0 ? in nvmet_setup_auth()
205 nvme_auth_hmac_name(ctrl->ctrl_key->hash) : "none", in nvmet_setup_auth()
206 (int)ctrl->ctrl_key->len, ctrl->ctrl_key->key); in nvmet_setup_auth()
210 if (ctrl->host_key) { in nvmet_setup_auth()
211 nvme_auth_free_key(ctrl->host_key); in nvmet_setup_auth()
212 ctrl->host_key = NULL; in nvmet_setup_auth()
214 ctrl->shash_id = 0; in nvmet_setup_auth()
233 void nvmet_destroy_auth(struct nvmet_ctrl *ctrl) in nvmet_destroy_auth() argument
235 ctrl->shash_id = 0; in nvmet_destroy_auth()
237 if (ctrl->dh_tfm) { in nvmet_destroy_auth()
238 crypto_free_kpp(ctrl->dh_tfm); in nvmet_destroy_auth()
239 ctrl->dh_tfm = NULL; in nvmet_destroy_auth()
240 ctrl->dh_gid = 0; in nvmet_destroy_auth()
242 kfree_sensitive(ctrl->dh_key); in nvmet_destroy_auth()
243 ctrl->dh_key = NULL; in nvmet_destroy_auth()
245 if (ctrl->host_key) { in nvmet_destroy_auth()
246 nvme_auth_free_key(ctrl->host_key); in nvmet_destroy_auth()
247 ctrl->host_key = NULL; in nvmet_destroy_auth()
249 if (ctrl->ctrl_key) { in nvmet_destroy_auth()
250 nvme_auth_free_key(ctrl->ctrl_key); in nvmet_destroy_auth()
251 ctrl->ctrl_key = NULL; in nvmet_destroy_auth()
257 if (req->sq->ctrl->host_key && in nvmet_check_auth_status()
268 struct nvmet_ctrl *ctrl = req->sq->ctrl; in nvmet_auth_host_hash() local
274 hash_name = nvme_auth_hmac_name(ctrl->shash_id); in nvmet_auth_host_hash()
276 pr_warn("Hash ID %d invalid\n", ctrl->shash_id); in nvmet_auth_host_hash()
294 host_response = nvme_auth_transform_key(ctrl->host_key, ctrl->hostnqn); in nvmet_auth_host_hash()
301 ctrl->host_key->len); in nvmet_auth_host_hash()
305 if (ctrl->dh_gid != NVME_AUTH_DHGROUP_NULL) { in nvmet_auth_host_hash()
311 ret = nvme_auth_augmented_challenge(ctrl->shash_id, in nvmet_auth_host_hash()
321 ctrl->cntlid, req->sq->qid, req->sq->dhchap_s1, in nvmet_auth_host_hash()
352 ret = crypto_shash_update(shash, ctrl->hostnqn, strlen(ctrl->hostnqn)); in nvmet_auth_host_hash()
358 ret = crypto_shash_update(shash, ctrl->subsysnqn, in nvmet_auth_host_hash()
359 strlen(ctrl->subsysnqn)); in nvmet_auth_host_hash()
379 struct nvmet_ctrl *ctrl = req->sq->ctrl; in nvmet_auth_ctrl_hash() local
385 hash_name = nvme_auth_hmac_name(ctrl->shash_id); in nvmet_auth_ctrl_hash()
387 pr_warn("Hash ID %d invalid\n", ctrl->shash_id); in nvmet_auth_ctrl_hash()
405 ctrl_response = nvme_auth_transform_key(ctrl->ctrl_key, in nvmet_auth_ctrl_hash()
406 ctrl->subsysnqn); in nvmet_auth_ctrl_hash()
413 ctrl->ctrl_key->len); in nvmet_auth_ctrl_hash()
417 if (ctrl->dh_gid != NVME_AUTH_DHGROUP_NULL) { in nvmet_auth_ctrl_hash()
423 ret = nvme_auth_augmented_challenge(ctrl->shash_id, in nvmet_auth_ctrl_hash()
461 ret = crypto_shash_update(shash, ctrl->subsysnqn, in nvmet_auth_ctrl_hash()
462 strlen(ctrl->subsysnqn)); in nvmet_auth_ctrl_hash()
468 ret = crypto_shash_update(shash, ctrl->hostnqn, strlen(ctrl->hostnqn)); in nvmet_auth_ctrl_hash()
486 struct nvmet_ctrl *ctrl = req->sq->ctrl; in nvmet_auth_ctrl_exponential() local
489 if (!ctrl->dh_key) { in nvmet_auth_ctrl_exponential()
490 pr_warn("ctrl %d no DH public key!\n", ctrl->cntlid); in nvmet_auth_ctrl_exponential()
493 if (buf_size != ctrl->dh_keysize) { in nvmet_auth_ctrl_exponential()
495 ctrl->cntlid, ctrl->dh_keysize, buf_size); in nvmet_auth_ctrl_exponential()
498 memcpy(buf, ctrl->dh_key, buf_size); in nvmet_auth_ctrl_exponential()
500 ctrl->cntlid, (int)buf_size, buf); in nvmet_auth_ctrl_exponential()
509 struct nvmet_ctrl *ctrl = req->sq->ctrl; in nvmet_auth_ctrl_sesskey() local
512 req->sq->dhchap_skey_len = ctrl->dh_keysize; in nvmet_auth_ctrl_sesskey()
516 ret = nvme_auth_gen_shared_secret(ctrl->dh_tfm, in nvmet_auth_ctrl_sesskey()