Received: by 2002:a05:6a10:1287:0:0:0:0 with SMTP id d7csp1625598pxv; Fri, 23 Jul 2021 13:04:10 -0700 (PDT) X-Google-Smtp-Source: ABdhPJynK1UXkxYbCGq4fNRRbHK/4cMOXdJK2S9pIPv5ieFCotSInFRY3SQinhJTJzR9H4K8tAPs X-Received: by 2002:a02:a913:: with SMTP id n19mr5618766jam.7.1627070650705; Fri, 23 Jul 2021 13:04:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1627070650; cv=none; d=google.com; s=arc-20160816; b=I9wNB3Tja8HEwH45zflBOs6jJsBRs3gK9BqPZI30lh1VU/sPgh+lChQnWI1n/ahwlj /oxOo2XbaxHdAxO4tdku75sqXb68uqwmV1NacR2qZN0Vcn3ytCZgWLikumZj0mi1YPRC 4xy0OPZ+FmU0cpEL4itlybrxTz/3ounRHRWVIacURb/MOjOsVLDUWkNFaZPPZS1DjmXh a3IfNWEa2RRdLOfFftQh5hIUVJXuvzCEEEuLO5IhoZS/PLfPBRut5Er7SV2nnIjVMLsC IQn6GxftgstTS+Tx1sEIvqYHr98j5L0tKXPqtf0tq7tuPXRlKox/8AKVXdgi1AACsFwl Rv1g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:references:cc :to:from:subject; bh=a9OUipRyKejq5QFp4ujNBqkQxbbSE1vI1KF6yD9W6HA=; b=mNUaArpX/aPCwBmg6JxDBGr2J1XEEcyEPQ73vNZmo/7MtND7a9clTAnyGSky7Oat2m DLe3cZ/okSGmM8mE+DxXWwOxdjPAnJ782pYkiQqnjVHtxBG8Vx3/EgddFvcsrCQ7s1WX RSQal2CP+8tPfQ5av2I7fHL/LrpPsJWM27KwJizy81RXfMXjOyGhm9KSst8QCBlhOhG6 Vax9nU31eeaefR6NtYfzGdVAz2EOgjMXMOdRaxvMht292UEqH+zc083c0XqbODpiJImI b5O6v57MhGi849Z7J5X8ug9e6NYXKMAI9miy/s5IbhiHi56id2hCsLy/cuw51j3meRz4 iA4A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id q41si32020029jav.74.2021.07.23.13.03.58; Fri, 23 Jul 2021 13:04:10 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229575AbhGWTXN (ORCPT + 99 others); Fri, 23 Jul 2021 15:23:13 -0400 Received: from mout.kundenserver.de ([217.72.192.75]:42203 "EHLO mout.kundenserver.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229461AbhGWTXN (ORCPT ); Fri, 23 Jul 2021 15:23:13 -0400 Received: from [192.168.0.113] ([178.252.67.224]) by mrelayeu.kundenserver.de (mreue107 [212.227.15.179]) with ESMTPSA (Nemesis) id 1N0WPK-1lD9WG2tro-00wRmx; Fri, 23 Jul 2021 22:03:20 +0200 Subject: Re: [RFC PATCH 00/11] nvme: In-band authentication support From: Vladislav Bolkhovitin To: Hannes Reinecke , Christoph Hellwig Cc: Sagi Grimberg , Keith Busch , linux-nvme@lists.infradead.org, Herbert Xu , "David S . Miller" , linux-crypto@vger.kernel.org References: <20210716110428.9727-1-hare@suse.de> <66b3b869-02bd-9dee-fadc-8538c6aad57a@vlnb.net> <833cfd62-1e1f-1dca-2e38-ff07b3a5e8fb@vlnb.net> Message-ID: <2f241490-3bfd-2151-9d76-970e0d6bfd68@vlnb.net> Date: Fri, 23 Jul 2021 23:02:58 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.12.0 MIME-Version: 1.0 In-Reply-To: <833cfd62-1e1f-1dca-2e38-ff07b3a5e8fb@vlnb.net> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K1:RYCcHwZV9sA2oxeVhxRvbvDhd5IuKxNV2ReWMKOc/9Q4bIvmbX6 h6RYWbMIsCKj8sHaD3mCj85uPWkaioVc64b2poXjAqL6ZAVFX6/lCeuHYGRPiUYMPFRMZs3 gf2eSyAVZuQ+32sCM3KWsLbiP1O8r0GfyqR+AyID0fXyWBhKRqOj/KeB1ybFHHXSzJzLJnO sv95hCpvxxzYV0jPlRAaA== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:6o1bz3z+h+o=:SSV8EKT7vAJ43Nb0alAscD WQ5KoUhkGSrAz1FPXExqq06cM24bCc/R8cx3lRx312zN0WUMBmjArC8aoyEgonkERZpBO7EHL nPqIWj/miPP7TUgT3z9YDabBVEfAloiyX6Z0Q2Z7yf7zp2csLN2Ng62VDQ6QNsDQ6Isa8PSCj u8sgpPcK3ph3T8NutzUtlHlqBNRAKGxtGclidm/sFotHeO7fkOBHLQTqnDkQq2Ss86GnZyCBd x9m+AdLw5cy7h6IUgz3yKXD9FPjgCgGUmirSjKpbktYIEUEnBI2z0NXfK3DBOg14ogE0oE4cQ XaAOPG9Z60UYHlc4PyuaXCaH6TxX5oscN1Lc8DqwO95IiVolS85Zwk8kKZ9dbyG20+YJHnw7U T6jiTx8JRh+uUvsMZXa/7duyTXQrj0lb76rCt+hysevM3jFn43rKlHcjiGVDfTarCbBAUuYpw +Mdj1f1/ertRxzEoIijr72VDJyCAjnRTUR46HFNUNSmfNbr6ZqTj7UvoZvraeuJOtz+Ss0E+v JlKKbeCnWr4I+VsWLBoMfCRuYRWNDmbfD2XyGacbSU8MEOqsM87bEy4jAY2tk4CSjEiVFZter YuA3rpf1Hs4771+zTvNZlh/SlglwEJhXbFrZ0wJ19RQdWiy68glZSGK7nfTJhYQis8QXHlA0h r9PFe3w9zG+JElZDK8q6nOEWuH3gkOPBHZg6J/8z9Q5EcZQiR4IF2zYbfAMObcz8RCE3o+OPr QpRdbWOyIaZTAO5KDZsrg6QgDK/9tebFmXYBq+F5CPxSuDrJgJ5z/73WH3JrVBW4qGCAo35Ix RyO4Ue1rGj3yo9QbTr1pgdk5glUYLtW+0ShtPopYY9U0jKqbzVpNHNehDHhkVXl39iTNyON Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Another comment is that better to perform CRC check of dhchap_secret and generation of dhchap_key right where the secret was specified (e.g., nvmet_auth_set_host_key() on the target side). No need to do it every time for every connection and by that increase authentication latency. As I wrote in the other comment, it might be 128 or more connections established during connecting to a single NVMe-oF device. Vlad