Received: by 2002:a05:7412:f690:b0:e2:908c:2ebd with SMTP id ej16csp1006659rdb; Fri, 20 Oct 2023 06:07:41 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHOmgN5nxMyKKMCyWNkmBUHD9+ffnqCpBzsxoF28YXg8QOzKSxUSarLExiSdyK2O4sdX3M9 X-Received: by 2002:a05:6a00:189c:b0:6bd:254a:8876 with SMTP id x28-20020a056a00189c00b006bd254a8876mr1844255pfh.23.1697807260397; Fri, 20 Oct 2023 06:07:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697807260; cv=none; d=google.com; s=arc-20160816; b=eBx4XQzfpSNvfzZTCmKKAIdAnaQqc2eveShkV4OkJ5ImivJdJfCXfbJbLOMhCgiy/j BJ4aHpEuFF14k8B6RxxQc3FrGgT1C5VIgvgDjsCsKOL8D9U91pXB4QsrrSW0xuop95CY RXPjV6/zyc59CtJSmCccNrnbgg/JdKIESxiiuhHzuaO0PY/iFow1ronMQCtjSYsEILAe KVawwwwcLrLISsWhe0vVkpsaaOQTguOnn3UQbmXjwYYrqeTaCuRVwTvGnS1lZXSE/1nb FmFlYjOVjS3Su+C3Z+4vdcmnYqNHdWMRnuKF/7otXniArFhmyZH+XNkKgDprOzB2RG5u zE+g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=vGXv66eZ0wMRoaEtzxxK0+b9veWNLthpxNxvzTx435I=; fh=tljoug9YOyjcmz5/cSm+m3eDMKPHfkwPXlNM+CBRyek=; b=aIjJE5j68ZdZkA27WCY5dlgpOLtVTNonOYHK5TV+hOyQhoHfWscvXs2Y0xdRvDF+Yz i4qo06YldWnG9BwLZCdF8hViEu4urCl+ZDDM2H8Ki0pSX5INc1WWlUwFLJpHbcAXpnsm +ZFGNZ5r86fBGOsAiuExCFFsy+m50CJ2RGNXsOgMXGSuoCrlcnSIosQ7V0Lp3yQ8N1Np y10ulSzYDpZtfcrlKWyqy1Dj7KoSqYaJ7ipBRUz6UP6/4du7cB+J5hZ+160ejCP7ASYQ qQxf4BOwPsgy/GqLQM3pk7Z+QQ9eUy3dh/CNyN0hu1F+VPcdIDPOfj8pdzkEluqX/sKo VC+Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=JpRPnE5M; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from lipwig.vger.email (lipwig.vger.email. [2620:137:e000::3:3]) by mx.google.com with ESMTPS id j71-20020a638b4a000000b0059ff7c499cesi1755614pge.270.2023.10.20.06.07.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Oct 2023 06:07:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) client-ip=2620:137:e000::3:3; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=JpRPnE5M; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id 1F3908307C30; Fri, 20 Oct 2023 06:07:38 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1377412AbjJTNH3 (ORCPT + 99 others); Fri, 20 Oct 2023 09:07:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53606 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1377410AbjJTNH2 (ORCPT ); Fri, 20 Oct 2023 09:07:28 -0400 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8E8ABD66 for ; Fri, 20 Oct 2023 06:07:25 -0700 (PDT) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9CE90C433C9; Fri, 20 Oct 2023 13:07:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1697807245; bh=wNQVb7PLDPRN/789KQQ8f4+mbdFALdcAtpqplVs0G9k=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=JpRPnE5M2ye+1dOqHuel9GcdgmwuyV5hS2C7vr04oOI1DvF7WXPXKybloPw3+mD4u IRjbnZLvlFcchjX2BRjLF3i+Zw1vvLYrCfk1keITwRDF4VbaCyc1ONgJntwn4OCSWZ PEcHDWpEkFcDXDFypGcTfgoVI/iCMaJChPMeQ6QQ8osUx5VDIdUZN3IujbWafwyoSJ zIPzGc6+gJXS3i0W7wERZXO+RHgz+sY0AnLeg8BpHCzygUoPGRs0fmnTit3CdCeVpB O2NhSYdQmPRsKmyTs6/EVyL7hWBYQAsRpMbP59+KVXL2GOTlZilJxcAHUVEjWphne+ Jnco2n6lpng5w== From: Arnd Bergmann To: Keith Busch , Jens Axboe , Christoph Hellwig , Sagi Grimberg , Chaitanya Kulkarni , Hannes Reinecke Cc: Arnd Bergmann , Mike Christie , Uday Shankar , David Howells , linux-nvme@lists.infradead.org, linux-kernel@vger.kernel.org Subject: [PATCH 2/2] nvme: keyring: fix conditional compilation Date: Fri, 20 Oct 2023 15:05:37 +0200 Message-Id: <20231020130644.485649-2-arnd@kernel.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20231020130644.485649-1-arnd@kernel.org> References: <20231020130644.485649-1-arnd@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1.2 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Fri, 20 Oct 2023 06:07:38 -0700 (PDT) From: Arnd Bergmann The keyring and auth functions can be called from both the host and the target side and are controlled by Kconfig options for each of the combinations, but the declarations are controlled by #ifdef checks on the shared Kconfig symbols. This leads to link failures in combinations where one of the frontends is built-in and the other one is a module, and the keyring code ends up in a module that is not reachable from the builtin code: ld: drivers/nvme/host/core.o: in function `nvme_core_exit': core.c:(.exit.text+0x4): undefined reference to `nvme_keyring_exit' ld: drivers/nvme/host/core.o: in function `nvme_core_init': core.c:(.init.text+0x94): undefined reference to `nvme_keyring_init ld: drivers/nvme/host/tcp.o: in function `nvme_tcp_setup_ctrl': tcp.c:(.text+0x4c18): undefined reference to `nvme_tls_psk_default' Address this by adding compile-time checks around the callers where needed, based on whether the functionality is actually used for the target and host side, respectively. In Kconfig, this requires changing the 'select NVME_KEYRING' since the keyring calls are done from the host core module, which may be built-in even when the tcp front-end is in a loadable module. Fixes: be8e82caa6859 ("nvme-tcp: enable TLS handshake upcall") Signed-off-by: Arnd Bergmann --- drivers/nvme/host/Kconfig | 2 +- drivers/nvme/host/core.c | 16 +++++++++++----- drivers/nvme/host/tcp.c | 2 +- drivers/nvme/target/configfs.c | 2 +- 4 files changed, 14 insertions(+), 8 deletions(-) diff --git a/drivers/nvme/host/Kconfig b/drivers/nvme/host/Kconfig index 8fe2dd619e80e..2d53c23f0a483 100644 --- a/drivers/nvme/host/Kconfig +++ b/drivers/nvme/host/Kconfig @@ -2,6 +2,7 @@ config NVME_CORE tristate select BLK_DEV_INTEGRITY_T10 if BLK_DEV_INTEGRITY + select NVME_KEYRING if NVME_TCP_TLS config BLK_DEV_NVME tristate "NVM Express block device" @@ -95,7 +96,6 @@ config NVME_TCP config NVME_TCP_TLS bool "NVMe over Fabrics TCP TLS encryption support" depends on NVME_TCP - select NVME_KEYRING select NET_HANDSHAKE select KEYS help diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c index 62612f87aafa2..ac92534f6da90 100644 --- a/drivers/nvme/host/core.c +++ b/drivers/nvme/host/core.c @@ -4724,16 +4724,20 @@ static int __init nvme_core_init(void) result = PTR_ERR(nvme_ns_chr_class); goto unregister_generic_ns; } - result = nvme_keyring_init(); + if (IS_ENABLED(CONFIG_NVME_TCP_TLS)) + result = nvme_keyring_init(); if (result) goto destroy_ns_chr; - result = nvme_init_auth(); + + if (IS_ENABLED(CONFIG_NVME_HOST_AUTH)) + result = nvme_init_auth(); if (result) goto keyring_exit; return 0; keyring_exit: - nvme_keyring_exit(); + if (IS_ENABLED(CONFIG_NVME_TCP_TLS)) + nvme_keyring_exit(); destroy_ns_chr: class_destroy(nvme_ns_chr_class); unregister_generic_ns: @@ -4756,8 +4760,10 @@ static int __init nvme_core_init(void) static void __exit nvme_core_exit(void) { - nvme_exit_auth(); - nvme_keyring_exit(); + if (IS_ENABLED(CONFIG_NVME_HOST_AUTH)) + nvme_exit_auth(); + if (IS_ENABLED(CONFIG_NVME_TCP_TLS)) + nvme_keyring_exit(); class_destroy(nvme_ns_chr_class); class_destroy(nvme_subsys_class); class_destroy(nvme_class); diff --git a/drivers/nvme/host/tcp.c b/drivers/nvme/host/tcp.c index 4714a902f4caa..e2b90789c0407 100644 --- a/drivers/nvme/host/tcp.c +++ b/drivers/nvme/host/tcp.c @@ -1915,7 +1915,7 @@ static int nvme_tcp_alloc_admin_queue(struct nvme_ctrl *ctrl) int ret; key_serial_t pskid = 0; - if (ctrl->opts->tls) { + if (IS_ENABLED(CONFIG_NVME_TCP_TLS) && ctrl->opts->tls) { if (ctrl->opts->tls_key) pskid = key_serial(ctrl->opts->tls_key); else diff --git a/drivers/nvme/target/configfs.c b/drivers/nvme/target/configfs.c index 9eed6e6765eaa..e307a044b1a1b 100644 --- a/drivers/nvme/target/configfs.c +++ b/drivers/nvme/target/configfs.c @@ -1893,7 +1893,7 @@ static struct config_group *nvmet_ports_make(struct config_group *group, return ERR_PTR(-ENOMEM); } - if (nvme_keyring_id()) { + if (IS_ENABLED(CONFIG_NVME_TARGET_TCP_TLS) && nvme_keyring_id()) { port->keyring = key_lookup(nvme_keyring_id()); if (IS_ERR(port->keyring)) { pr_warn("NVMe keyring not available, disabling TLS\n"); -- 2.39.2