diff options
| author | Martin Wilck <[email protected]> | 2023-09-04 17:26:38 +0200 |
|---|---|---|
| committer | Keith Busch <[email protected]> | 2023-10-10 08:06:06 -0700 |
| commit | 4ae55a7dce04989f289d5c5c8c8e5c37adc36c71 (patch) | |
| tree | e2b748477a682cfdc6b64b6fd5d5777dd39cc804 /tools/perf/util/trace-event-scripting.c | |
| parent | d920abd1e7c4884f9ecd0749d1921b7ab19ddfbd (diff) | |
nvme-auth: use chap->s2 to indicate bidirectional authentication
Commit 546dea18c999 ("nvme-auth: check chap ctrl_key once constructed")
replaced the condition "if (ctrl->ctrl_key)" (indicating bidirectional
auth) by "if (chap->ctrl_key)", because ctrl->ctrl_key is a resource shared
with sysfs. But chap->ctrl_key is set in
nvme_auth_process_dhchap_challenge() depending on the DHVLEN in the
DH-HMAC-CHAP Challenge message received from the controller, and will thus
be non-NULL for every DH-HMAC-CHAP exchange, even if unidirectional auth
was requested. This will lead to a protocol violation by sending a Success2
message in the unidirectional case (per NVMe base spec 2.0, the
authentication transaction ends after the Success1 message for
unidirectional auth). Use chap->s2 instead, which is non-zero if and only
if the host requested bi-directional authentication from the controller.
Fixes: 546dea18c999 ("nvme-auth: check chap ctrl_key once constructed")
Signed-off-by: Martin Wilck <[email protected]>
Reviewed-by: Daniel Wagner <[email protected]>
Reviewed-by: Sagi Grimberg <[email protected]>
Reviewed-by: Hannes Reinecke <[email protected]>
Reviewed-by: Christoph Hellwig <[email protected]>
Signed-off-by: Keith Busch <[email protected]>
Diffstat (limited to 'tools/perf/util/trace-event-scripting.c')
0 files changed, 0 insertions, 0 deletions