Received: by 2002:a05:6a10:1287:0:0:0:0 with SMTP id d7csp2207953pxv; Sat, 17 Jul 2021 07:04:52 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz6cZAQqTehQZN6aA6Fcs3XEqhbj2VCXXFJVgVXn2rS/W2rMsICl9dMbsP1LwaeAtsViJmt X-Received: by 2002:a92:905:: with SMTP id y5mr9898815ilg.222.1626530692450; Sat, 17 Jul 2021 07:04:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1626530692; cv=none; d=google.com; s=arc-20160816; b=N5a/lMA4dKwkNLdf6iZuo0HDE66WobRbbnjrbrJ+mr+rMNatlEzon+z4koFAOBBFeK IeepydKVfprVvaPC5U52TSl7kxo+RJ0QX52qkS4+l4B5lUKgxM2LZdjak0CJp7BbQ7sF uFPKmORbGQVVfxxJrOb5MmNF2qwcNwZPglvNZoROnenRRP9L/72D8BFekTEJFSr78sQo kGvGS+goozW//TT02sG44v/b0NWuMqniVuS8v6sAYZzC+djdlx6pS1k4dLs2pQUTa6aA t1TNe4KFZhuMWLCefNas89T2T13L97AM+L4T9kqSHmpZSQmRY00+JdA/iTSTVkhDaFXM O3jQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject:dkim-signature:dkim-signature; bh=ooutCQibbOiNGEZGhO+9j3kI1VFjrp8UoKKYx5PFTKw=; b=lIscablS94wQrW7iO+ntfUA5+jlBcFOTse4VDTJqD9xKhDafC36HnQHJ5zWYTNPwUN objGEv+5vHU2Smy034xcG9ULNJ+ruWuEjq6X7zAZ3iDjUBKzGUfqK9VhelFC3XnhWdGp 5x7FYkqqxP/rTH6IKycPRgCSmh5sHGTg1THFcdbf79O4rEELxEGjXZm52ywIsUBSQSQq CzGUQ957eTQKnjvUDibE1/7Hvedv3nUN0Az++rPNJdvjsVF+SrjynbOMdNeghcfXIwOU NDCJpc3lnZYWpTG7LT7C/H/GNK6lZu9PrRni7ONMNXDfcW5SlYjb0Y9MrTyW71XjfPr9 LWVw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=xp7qrftO; dkim=neutral (no key) header.i=@suse.de; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id w5si3486218ilu.14.2021.07.17.07.04.39; Sat, 17 Jul 2021 07:04:52 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=xp7qrftO; dkim=neutral (no key) header.i=@suse.de; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233593AbhGQOHd (ORCPT + 99 others); Sat, 17 Jul 2021 10:07:33 -0400 Received: from smtp-out2.suse.de ([195.135.220.29]:34838 "EHLO smtp-out2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232893AbhGQOHa (ORCPT ); Sat, 17 Jul 2021 10:07:30 -0400 Received: from imap1.suse-dmz.suse.de (imap1.suse-dmz.suse.de [192.168.254.73]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id 0127A1FF14; Sat, 17 Jul 2021 14:04:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1626530672; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ooutCQibbOiNGEZGhO+9j3kI1VFjrp8UoKKYx5PFTKw=; b=xp7qrftOt0oBA8oStTq+HkabCYkPaQkYFRkiKCd/Z/rtE3DjZd++KoRUKQtlfj2LHceco6 VWBZhzdTu+tjXq46IgD6KDZ8Ozcy1hHyXSVLkkK48u9XqNJ/3h7gCCv7HqOJWf+q4tkBO2 YTmkcLo5VDdWy1guS1INXZbblJ/c+zY= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1626530672; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ooutCQibbOiNGEZGhO+9j3kI1VFjrp8UoKKYx5PFTKw=; b=z/nJ3jWoOL1O9F6Ba/j9xPTeASFWUIs/vuk6zIV+8Ngz4kSIMWm0qp3W3n6bWT3JAPdsYR jOV5MgnCVidRL3AA== Received: from imap1.suse-dmz.suse.de (imap1.suse-dmz.suse.de [192.168.254.73]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap1.suse-dmz.suse.de (Postfix) with ESMTPS id C6F5D13A57; Sat, 17 Jul 2021 14:04:31 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap1.suse-dmz.suse.de with ESMTPSA id vcLHL2/j8mB+XQAAGKfGzw (envelope-from ); Sat, 17 Jul 2021 14:04:31 +0000 Subject: Re: [PATCH 05/11] nvme: add definitions for NVMe In-Band authentication To: Sagi Grimberg , Christoph Hellwig Cc: Keith Busch , linux-nvme@lists.infradead.org, Herbert Xu , "David S . Miller" , linux-crypto@vger.kernel.org References: <20210716110428.9727-1-hare@suse.de> <20210716110428.9727-6-hare@suse.de> From: Hannes Reinecke Message-ID: <2eebe51b-7ca0-c2cf-0949-18fb88a0395b@suse.de> Date: Sat, 17 Jul 2021 16:04:31 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On 7/17/21 8:30 AM, Sagi Grimberg wrote: > > > On 7/16/21 4:04 AM, Hannes Reinecke wrote: >> Signed-off-by: Hannes Reinecke >> --- >>   include/linux/nvme.h | 185 ++++++++++++++++++++++++++++++++++++++++++- >>   1 file changed, 184 insertions(+), 1 deletion(-) >> >> diff --git a/include/linux/nvme.h b/include/linux/nvme.h >> index b7c4c4130b65..7b94abacfd08 100644 >> --- a/include/linux/nvme.h >> +++ b/include/linux/nvme.h >> @@ -19,6 +19,7 @@ >>   #define NVMF_TRSVCID_SIZE    32 >>   #define NVMF_TRADDR_SIZE    256 >>   #define NVMF_TSAS_SIZE        256 >> +#define NVMF_AUTH_HASH_LEN    64 >>   #define NVME_DISC_SUBSYS_NAME    "nqn.2014-08.org.nvmexpress.discovery" >> @@ -1263,6 +1264,8 @@ enum nvmf_capsule_command { >>       nvme_fabrics_type_property_set    = 0x00, >>       nvme_fabrics_type_connect    = 0x01, >>       nvme_fabrics_type_property_get    = 0x04, >> +    nvme_fabrics_type_auth_send    = 0x05, >> +    nvme_fabrics_type_auth_receive    = 0x06, >>   }; >>   #define nvme_fabrics_type_name(type)   { type, #type } >> @@ -1270,7 +1273,9 @@ enum nvmf_capsule_command { >>       __print_symbolic(type,                        \ >>           nvme_fabrics_type_name(nvme_fabrics_type_property_set),    \ >>           nvme_fabrics_type_name(nvme_fabrics_type_connect),    \ >> -        nvme_fabrics_type_name(nvme_fabrics_type_property_get)) >> +        nvme_fabrics_type_name(nvme_fabrics_type_property_get), \ >> +        nvme_fabrics_type_name(nvme_fabrics_type_auth_send),    \ >> +        nvme_fabrics_type_name(nvme_fabrics_type_auth_receive)) >>   /* >>    * If not fabrics command, fctype will be ignored. >> @@ -1393,6 +1398,182 @@ struct nvmf_property_get_command { >>       __u8        resv4[16]; >>   }; >> +struct nvmf_auth_send_command { >> +    __u8        opcode; >> +    __u8        resv1; >> +    __u16        command_id; >> +    __u8        fctype; >> +    __u8        resv2[19]; >> +    union nvme_data_ptr dptr; >> +    __u8        resv3; >> +    __u8        spsp0; >> +    __u8        spsp1; >> +    __u8        secp; >> +    __le32        tl; >> +    __u8        resv4[12]; > > Isn't that 16 bytes? > You should add these to the compile time checkers > in _nvme_check_size. > If you say so ... I'll cross-check. >> + >> +}; >> + >> +struct nvmf_auth_receive_command { >> +    __u8        opcode; >> +    __u8        resv1; >> +    __u16        command_id; >> +    __u8        fctype; >> +    __u8        resv2[19]; >> +    union nvme_data_ptr dptr; >> +    __u8        resv3; >> +    __u8        spsp0; >> +    __u8        spsp1; >> +    __u8        secp; >> +    __le32        al; >> +    __u8        resv4[12]; >> +}; >> + >> +/* Value for secp */ >> +enum { >> +    NVME_AUTH_DHCHAP_PROTOCOL_IDENTIFIER    = 0xe9, >> +}; >> + >> +/* Defined value for auth_type */ >> +enum { >> +    NVME_AUTH_COMMON_MESSAGES    = 0x00, >> +    NVME_AUTH_DHCHAP_MESSAGES    = 0x01, >> +}; >> + >> +/* Defined messages for auth_id */ >> +enum { >> +    NVME_AUTH_DHCHAP_MESSAGE_NEGOTIATE    = 0x00, >> +    NVME_AUTH_DHCHAP_MESSAGE_CHALLENGE    = 0x01, >> +    NVME_AUTH_DHCHAP_MESSAGE_REPLY        = 0x02, >> +    NVME_AUTH_DHCHAP_MESSAGE_SUCCESS1    = 0x03, >> +    NVME_AUTH_DHCHAP_MESSAGE_SUCCESS2    = 0x04, >> +    NVME_AUTH_DHCHAP_MESSAGE_FAILURE2    = 0xf0, >> +    NVME_AUTH_DHCHAP_MESSAGE_FAILURE1    = 0xf1, >> +}; >> + >> +struct nvmf_auth_dhchap_protocol_descriptor { >> +    __u8        authid; >> +    __u8        rsvd; >> +    __u8        halen; >> +    __u8        dhlen; >> +    __u8        idlist[60]; >> +}; >> + >> +enum { >> +    NVME_AUTH_DHCHAP_AUTH_ID    = 0x01, >> +}; >> + >> +enum { >> +    NVME_AUTH_DHCHAP_HASH_SHA256    = 0x01, > > Maybe s/HASH/HF/ (stands for hash function, which is > a better description). > Or HMAC, as this is what it's used for... >> +    NVME_AUTH_DHCHAP_HASH_SHA384    = 0x02, >> +    NVME_AUTH_DHCHAP_HASH_SHA512    = 0x03, >> +}; >> + >> +enum { >> +    NVME_AUTH_DHCHAP_DHGROUP_NULL    = 0x00, >> +    NVME_AUTH_DHCHAP_DHGROUP_2048    = 0x01, >> +    NVME_AUTH_DHCHAP_DHGROUP_3072    = 0x02, >> +    NVME_AUTH_DHCHAP_DHGROUP_4096    = 0x03, >> +    NVME_AUTH_DHCHAP_DHGROUP_6144    = 0x04, >> +    NVME_AUTH_DHCHAP_DHGROUP_8192    = 0x05, >> +}; >> + >> +union nvmf_auth_protocol { >> +    struct nvmf_auth_dhchap_protocol_descriptor dhchap; >> +}; >> + >> +struct nvmf_auth_dhchap_negotiate_data { >> +    __u8        auth_type; >> +    __u8        auth_id; >> +    __u8        rsvd[2]; >> +    __le16        t_id; >> +    __u8        sc_c; >> +    __u8        napd; >> +    union nvmf_auth_protocol auth_protocol[]; >> +}; >> + >> +struct nvmf_auth_dhchap_challenge_data { >> +    __u8        auth_type; >> +    __u8        auth_id; >> +    __u8        rsvd1[2]; >> +    __le16        t_id; >> +    __u8        hl; >> +    __u8        rsvd2; >> +    __u8        hashid; >> +    __u8        dhgid; >> +    __le16        dhvlen; >> +    __le32        seqnum; >> +    /* 'hl' bytes of challenge value */ >> +    __u8        cval[]; >> +    /* followed by 'dhvlen' bytes of DH value */ >> +}; >> + >> +struct nvmf_auth_dhchap_reply_data { >> +    __u8        auth_type; >> +    __u8        auth_id; >> +    __u8        rsvd1[2]; > > Maybe __u32 rsvd1? Usually its done this way in the other > headers... > Ah. Right, will fix. >> +    __le16        t_id; >> +    __u8        hl; >> +    __u8        rsvd2; >> +    __u8        cvalid; >> +    __u8        rsvd3; >> +    __le16        dhvlen; >> +    __le32        seqnum; >> +    /* 'hl' bytes of response data */ >> +    __u8        rval[]; >> +    /* followed by 'hl' bytes of Challenge value */ >> +    /* followed by 'dhvlen' bytes of DH value */ >> +}; >> + >> +enum { >> +    NVME_AUTH_DHCHAP_RESPONSE_VALID    = (1 << 0), >> +}; >> + >> +struct nvmf_auth_dhchap_success1_data { >> +    __u8        auth_type; >> +    __u8        auth_id; >> +    __u8        rsvd1[2]; >> +    __le16        t_id; >> +    __u8        hl; >> +    __u8        rsvd2; >> +    __u8        rvalid; >> +    __u8        rsvd3[7]; >> +    /* 'hl' bytes of response value if 'rvalid' is set */ >> +    __u8        rval[]; > > It really sucks that we have zero-length pointers in > a wire-format struct... but anyways, it is what it is... > Yeah, and that's not the worst of it; the 'reply' structure has _three_ zero-length pointers. Makes me wonder if I should drop them completely... >> +}; >> + >> +struct nvmf_auth_dhchap_success2_data { >> +    __u8        auth_type; >> +    __u8        auth_id; >> +    __u8        rsvd1[2]; >> +    __le16        t_id; >> +    __u8        rsvd2[10]; >> +}; >> + >> +struct nvmf_auth_dhchap_failure_data { >> +    __u8        auth_type; >> +    __u8        auth_id; >> +    __u8        rsvd1[2]; >> +    __le16        t_id; >> +    __u8        reason_code; >> +    __u8        reason_code_explanation; > > I'd maybe do those shorter; > rescode > rescode_exp > Ok. >> +}; >> + >> +enum { >> +    NVME_AUTH_DHCHAP_FAILURE_REASON_FAILED    = 0x01, >> +}; >> + >> +enum { >> +    NVME_AUTH_DHCHAP_FAILURE_FAILED            = 0x01, >> +    NVME_AUTH_DHCHAP_FAILURE_NOT_USABLE        = 0x02, >> +    NVME_AUTH_DHCHAP_FAILURE_CONCAT_MISMATCH    = 0x03, >> +    NVME_AUTH_DHCHAP_FAILURE_HASH_UNUSABLE        = 0x04, >> +    NVME_AUTH_DHCHAP_FAILURE_DHGROUP_UNUSABLE    = 0x05, >> +    NVME_AUTH_DHCHAP_FAILURE_INVALID_PAYLOAD    = 0x06, >> +    NVME_AUTH_DHCHAP_FAILURE_INVALID_MESSAGE    = 0x07, > > I think the language in the spec is "incorrect", why not > stick with that instead of "invalid"? > Ah. Things got changed so much during development of the spec that I seem to have lost track. Will change it. >> +}; >> + >> + >>   struct nvme_dbbuf { >>       __u8            opcode; >>       __u8            flags; >> @@ -1436,6 +1617,8 @@ struct nvme_command { >>           struct nvmf_connect_command connect; >>           struct nvmf_property_set_command prop_set; >>           struct nvmf_property_get_command prop_get; >> +        struct nvmf_auth_send_command auth_send; >> +        struct nvmf_auth_receive_command auth_receive; >>           struct nvme_dbbuf dbbuf; >>           struct nvme_directive_cmd directive; >>       }; >> Cheers, Hannes -- Dr. Hannes Reinecke Kernel Storage Architect hare@suse.de +49 911 74053 688 SUSE Software Solutions GmbH, Maxfeldstr. 5, 90409 Nürnberg HRB 36809 (AG Nürnberg), Geschäftsführer: Felix Imendörffer