Received: by 2002:a05:6a10:413:0:0:0:0 with SMTP id 19csp3017902pxp; Tue, 22 Mar 2022 10:20:17 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzY5YxGZwTzMmT2zF0LDVbgVEsj2XmlTvRfZM1KMN1LybFJEcvF2aSQxxnqa11MTQa8KEWU X-Received: by 2002:a17:902:e8c2:b0:151:cae6:46fa with SMTP id v2-20020a170902e8c200b00151cae646famr19086295plg.164.1647969617107; Tue, 22 Mar 2022 10:20:17 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1647969617; cv=pass; d=google.com; s=arc-20160816; b=CJAQB2buVf0XFmZOEfYrTDeLeNPYMzGrIDN/dBJdVUQqHqYD2XdZhaXwLp6JFMwYiO /n49zwvCTES3HFUW88gr2RDCKPrH3DP0HfuWHl8RCJE3RlSRgSqMvf2Ax8A83NDMV9qY YaMHH/Yee3A4GPDedY/kZindFCLz4NLASB8hLD8lb3JA5jeRXDQoxSsJ1zWnbwfLZ4cM ChC17u6j+/o9baMvZJzjiKfFoWx1RsBLtGjWZXUxRTDZ1VjxDpCc4GKaSGWBdtewRcCZ xfC+DNJXzk1CWItvwZgrQjXsD+PVhImu9q+CxZ+PR41Fqh6tmX9g0DBnmV9HSk4Gc/UQ bTLA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:content-transfer-encoding :in-reply-to:from:references:cc:to:content-language:subject :user-agent:date:message-id:dkim-signature; bh=h4L64Q4nnKu/ZQ2xQbxtgbiuiNF3eMswbYU6nlIdlls=; b=uPV6Ir5gfYsxIl/rWBj19/iouWxkg/gVl3KbNrjTpWk4wnrtIwnnC+y94REei+SruM Ea5bicl0UndGjhO+mGPYQ5ZVBwe5hqoA5M1GenmmcEI9bRmhc7TMhKGfmUgeqjUzz9rA IeJK1qt02xJ0RAIK10PxhwX6TBTdVcbzFLzJNGI0yKhSfGIzd/wx2jOsfpq1sOqOq6JA n8xSDu8fCVDpNXa7Hh0/kpgxmkk0vv7G9H9oykSfQi28LT3z+x4bFefUpx+9O6BJUeYK sJQNR4Pafxc74XxSylJz2XcPDuRjEx4ahAXSmVcHB83l/qWjUgp9jIzhcoKZITFr1XdZ oQqw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@Nvidia.com header.s=selector2 header.b=HkFhGhkB; arc=pass (i=1 spf=pass spfdomain=nvidia.com dkim=pass dkdomain=nvidia.com dmarc=pass fromdomain=nvidia.com); spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=nvidia.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 136-20020a63028e000000b00385fcbfa2dasi1185175pgc.470.2022.03.22.10.18.56; Tue, 22 Mar 2022 10:20:17 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@Nvidia.com header.s=selector2 header.b=HkFhGhkB; arc=pass (i=1 spf=pass spfdomain=nvidia.com dkim=pass dkdomain=nvidia.com dmarc=pass fromdomain=nvidia.com); spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=nvidia.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233450AbiCVMXn (ORCPT + 99 others); Tue, 22 Mar 2022 08:23:43 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33446 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234822AbiCVMXd (ORCPT ); Tue, 22 Mar 2022 08:23:33 -0400 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2044.outbound.protection.outlook.com [40.107.92.44]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CB5048594E for ; Tue, 22 Mar 2022 05:22:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BK+zw8Q5xw8MaHmk6yfN3u4BJFJeNyfJItkbLSyKPGGQA7iz9PV01qHJl8/b/aNoQXkMnP/N4LXtO80rLyappu2Uqmupyy4ojKm0hRG9FaNRpdUQyujRMbTJ4cNuzD+SpboccoPqcA51se1zPO7nb+Dj/RSNypWFoqKJz2oOAVbZp1nl0vNwbkDpca1r14zkHCyNZ88zEt+Zq6aO82u6RBUx6KWvn1dzTsIt+VkRA8ILaZWhh/nTNZ7Zbaa9jSqJLr79Sc1urgOn2MxqUkGkHOuxbIetc75FFuuUlsNOx0KV+B1SvHnnYtXMktQ/Qt/r7FvS8y4DbImXxPRkx09j2A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=h4L64Q4nnKu/ZQ2xQbxtgbiuiNF3eMswbYU6nlIdlls=; b=aybMfxwsvfFabWNdAh+NsvKl7bcpO9xI5SPjACbd0iB6ACCGgXj14de19ltbnS3esuhMmwrHLyVDiVEVWlXLZ0AmyCz+WhmuVvwxeXW7Zqm24wyEOf39nfw2hQ5H7PNMWggnJWXdDFaUZAOCMUOF9SZmMQduCzPnUEBcfa7edyKjEVTMVcJnQUwF2iDI6O7jyOPcOx3ev+gCAdwpRoDHGY8yE+iMv5QqyBDWinSfoo28ka9x9Yodl1LSzblCp0jWyCHWo1JQgcRMOKnqFCpW6Q0wEP3dKkA0/PzXNBy5ExGq3TmjrPop8ucj2KeJjOIhnH0l2s+Faa9UXUGUVkMwyg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=h4L64Q4nnKu/ZQ2xQbxtgbiuiNF3eMswbYU6nlIdlls=; b=HkFhGhkBn6oCF4F9cX91NNgklxXfKCTZrb1X5gPWdTyAgx+gJWs5WvSX/6aWw8ePlYrKLkswejtcA5Pbtf0+H0kcniBUb28EzX79jNFhjfJ33whnyrlZpLYthEewQ6TnlxzVj+G49altjtUpNW2qnIXLRM/VxAP4DunA2jLFiVByqu/JozoifCjlV+6lxa4sNGvmUehdAtxfoSY/s+vBrtsnCwEsfJR2ufNsph7r7ljAIufjtUNDNIXmo2YLVBMilXZqVK59333LU9wWNv0hE6ByzzOzoVfPWi+g81lHqucarkCMDq3j8k3JO+funmeu8LzmoNL0oomWwsX5HlfQGw== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; Received: from DM4PR12MB5040.namprd12.prod.outlook.com (2603:10b6:5:38b::19) by MN2PR12MB2928.namprd12.prod.outlook.com (2603:10b6:208:105::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5081.17; Tue, 22 Mar 2022 12:22:02 +0000 Received: from DM4PR12MB5040.namprd12.prod.outlook.com ([fe80::f037:e2a1:f108:125a]) by DM4PR12MB5040.namprd12.prod.outlook.com ([fe80::f037:e2a1:f108:125a%7]) with mapi id 15.20.5081.023; Tue, 22 Mar 2022 12:22:02 +0000 Message-ID: <4f320d3b-7ade-211c-e1ff-d4eb37fe540a@nvidia.com> Date: Tue, 22 Mar 2022 14:21:55 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0 Subject: Re: [PATCH 07/12] nvme: Implement In-Band authentication Content-Language: en-US To: Hannes Reinecke , Sagi Grimberg Cc: Christoph Hellwig , Keith Busch , linux-nvme@lists.infradead.org, linux-crypto@vger.kernel.org References: <20211202152358.60116-1-hare@suse.de> <20211202152358.60116-8-hare@suse.de> <346e03e9-ece1-73f9-f7f4-c987055c5b9f@nvidia.com> <3382242d-7349-e6f9-9b3c-4a5162f630c0@suse.de> From: Max Gurtovoy In-Reply-To: <3382242d-7349-e6f9-9b3c-4a5162f630c0@suse.de> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-ClientProxiedBy: AM6P194CA0051.EURP194.PROD.OUTLOOK.COM (2603:10a6:209:84::28) To DM4PR12MB5040.namprd12.prod.outlook.com (2603:10b6:5:38b::19) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 273bbc07-f234-4d70-b846-08da0bfe91e4 X-MS-TrafficTypeDiagnostic: MN2PR12MB2928:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: LlMYa+DAqXLX9s7xH0i+L6ezlg8PCf9A7FnKOG+wv5TJkgzS6dscepkWdLSBtQhiJlE38zqIKkFQA2iSpc+KMsfKI0A+VOrmReys4njaOwuCp3Pg+/okpeRg0bXGl3nbhwG2/58hFbnPcu1R21aV38UpuOP4D3i2bJKwiof1c/mFIBcC2Ru//id0lzMP7JgnvTe9WLgC00CFHErdBrlybnnn6WsGg3hBe6nPN0qC308B7OUbLj/Jwa0HdwvJisNSPEZqhCLKCKQXd1tAst3Vp/8Wkbg/4aoCM+Kd5Ew1grV9nu/TPTwFE1gIcyCGq/YK2d1hnxg8PjrbhGZ+XRrAPs10f/OA8ucsPu0MqbcCzxLlnk4mkN+jMXHaR8y9Li/O7KjqFIxcajGuLGlA0nvX0YlSsVx1elczq/XcYwn8S5BPtUi0Gn2aXujWl7qkQi76kIR58XvUblVDcgKETmtV+p5qpjvOIy5YLVJd9rNsB1k4PEz+2KhFjXLjD7DslkgwmXt9WoY8pldE1kqX7mtdAWy+s4ZX2TSRR3dnfm7+zihmSjTjnEWaIBnurFONmQy4227q5w0mbFiQBbvFl0JZs0UlPMoDdsjuaYgexfgyafaG8mNGy+57bEJHyDK08ux1XBzvcUNMzsV1vpeZd/HM2vx80iP/V/6z/wSIpGQvhLmADN9ot8mwEgmGecUnoXGreXh8VTY6FBQnTKjlgeiZ2ZhLrbjqe9I8r/8Hpv9URJ7dzFZ/riTzU9nvjyjDyopEH4jDJSNt4kxuUGO3wNeQ9beoXnRy8+6fXjFYMdr+yEcNHUQAnf2Bqxydwp6Qocn7 X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM4PR12MB5040.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(4636009)(366004)(83380400001)(6666004)(6506007)(2906002)(66476007)(66556008)(8676002)(4326008)(53546011)(45080400002)(6486002)(966005)(508600001)(66946007)(26005)(8936002)(5660300002)(31696002)(86362001)(38100700002)(186003)(316002)(2616005)(6512007)(31686004)(36756003)(54906003)(110136005)(45980500001)(43740500002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?RlRWN1ZCc0tCbDhYUUdkMlR0OGNuZG44cnBEb1JiUUJVUWxiWWt4aDdVZmpn?= =?utf-8?B?enJTMVFiSUpLYVBnK0YxVTBqeU1DV1pidGZiZ0xIQy9FZEFNT3QyK1JHdUhQ?= =?utf-8?B?dENIa3BuQzkyM0lvRmxFdjF6S082S3NzNWxMcmFxOU5BbUcxSzJVVUo5QkdP?= =?utf-8?B?MGY3Y3NtOTJvb2pZMW43eml4NG55NkVrVjFHTGpBWExsOVlNTXRvb3haMlA2?= =?utf-8?B?MkxOS2xFOVExaUQ2cXJlb3htTXpBcWlaLzdPM29nT3pGSHpjSnJxYnJLWVhP?= =?utf-8?B?TUdWckwwQXlPVCtXOVMwV3VReTRVV2JHNHlieFJvYlQzaGZyd0hXdGhCbDZv?= =?utf-8?B?TFNSVG9jU2NCZHV2Y0RBZkMzYzZyQzZCSEJBQVVISlJoSmF3RVNySzA3RFFk?= =?utf-8?B?NCtqZHVYcGxPMWtMcUVlMFJrUGFlVktvbUhUbnk3NmJSWDBKdVI3UnBRVGx0?= =?utf-8?B?MEpmc2xoeWZQWlpGNTFENGd2VFV1T3dSUytvNDJRTDJ1M0htT2lWMjFtUjY5?= =?utf-8?B?YTkxUzVzMjZITFFUeXptVExNRERKYU1zUkN0THNkM1NOOXo2SVdYeVZxQ0xI?= =?utf-8?B?bnNaYmpSQjRoSk01RnRBaDhqKzdjQXRVaVhuRVVIYWZEL0l2RWZnYzRvWlds?= =?utf-8?B?a29BVTlxaFpJSWVBTGQzZzVvZ2VFQy9GbnI3dDRacFJyRE51WDNaSXVHZzZM?= =?utf-8?B?UGNMbzVRbUcvTlFLeHdKb2h3TXNmR3J5ZHpKejFBZ0FuYUNUbWQ5TVFVTzUy?= =?utf-8?B?MU1IUUFHOTRvN3dIc2Y3UjczVHlFdGRlZ2QraXNlTEpmTHJNU1hJbGZjdUY4?= =?utf-8?B?c3Ayb1NZK256NDUwOU9SenpxYXptbHZJbjNhSWYzTUkwUzd1RzVqVktMYnU5?= =?utf-8?B?MmZwb0YvYTRvNjh5bzl0MEd3YXhUd01LbzZDRW9wK0dkS2FGa2U3dlM0ZHJE?= =?utf-8?B?WVdtRFl2Ri9NL0R3QmxreWgxOWxUajVUZVRXWFBIU0ZTMFZHMU1EMndZRkhU?= =?utf-8?B?TG1tUVM0RzBpNTBqbmFxR1hCMmM0clVkZnY3UDZEM2pSOFliOWQvZG4wYjRx?= =?utf-8?B?SDk1OUlkbm9iR3NYT3FGczQraTBUZ21xSmtTU2RhMm1YUVlyeHhoaksveDZS?= =?utf-8?B?eWYxUGlWRldxWUZUV2h4ZWdHM09kb0lhZUh5bmhkNE00Mlc3MldubXJSSjJ6?= =?utf-8?B?WXN4cVNpTmNRNmF6YzludmZiVnN5d3BjekNZRFI3TDRDaUtzKzVPNy9OSG55?= =?utf-8?B?azFiT0ZuN281WEI3bDVGVS8raFlyOVlEdmRtb0Y2MG1YaVN2N2REVmROOWhB?= =?utf-8?B?ZUhIWmFJcTA4MGFtN0phMGQwOGhjNXNiTldVMXBoWjRtU3F1S1I4UEFHcmZ5?= =?utf-8?B?ampsellnejFub1YrOFp1d2VSVUx4YWg2VHFPcWhEaHVFM2U0cnRUUzErenNN?= =?utf-8?B?ZmhJdVNGWk5MVjZTRFhKcHNqRFZTeWRVQjFLTHNORTNkaHJha253OHlJb1hz?= =?utf-8?B?cHhRN2h3NHMwQS9QU3pta1lOVEx6UE5tajE0NE5PcE1NMDB1Zis0eFBIUXhM?= =?utf-8?B?L01LVHI1a0VkRkpVZWF6dUhPclFtZWFEeVZsTWNldmhGeXRjbmM0NUpnMGZu?= =?utf-8?B?UGlzcWZkV1ZSMWNPQTZaWXVEdGlPdnA1ZDVpZTA2ZzBiV3ZzaEx4MHpzN3ps?= =?utf-8?B?RitwblFkNWZhQ1JtYjhZTkg5YkRWcmdPOWhmaGlxcGpXZmRFUG5GdVRtQ0ZC?= =?utf-8?B?eXAzZDBDVmtmb3VjcHIvYXBnU3RhR0hTN2Z1R2tMY28vVFE5STA0Vi93NDFT?= =?utf-8?B?amtuUEhZMEQ0ZzhXOXdlcytMSkphUTVxdWZndnNOSUFWbmpGbE1TRXJ6NWw3?= =?utf-8?B?NWVZR0JoK21qVW8vSFl1VG1ocUQ1WUNXcEtoc09XY25Ca1JycmZ1bVVvelhF?= =?utf-8?B?NW9uY25CcFNIRHFEOWt4dDhodE5JdFY3SEIyS2Jyc3hQTEpBUXd5N0VnMHN3?= =?utf-8?B?RC8wOEwwdHlnPT0=?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: 273bbc07-f234-4d70-b846-08da0bfe91e4 X-MS-Exchange-CrossTenant-AuthSource: DM4PR12MB5040.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Mar 2022 12:22:02.6443 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Q6d0lvFcRdWMsLVh85Odbi/RKXASJwth9bxUKcQudmD2hnl6ZNmsVKKs0ZS7eF+SZ22rxkQK7Q+UK+hi3rxmQQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB2928 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, NICE_REPLY_A,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS, SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On 3/22/2022 2:10 PM, Hannes Reinecke wrote: > On 3/22/22 12:40, Max Gurtovoy wrote: >> Hi Hannes, >> >> On 12/2/2021 5:23 PM, Hannes Reinecke wrote: >>> Implement NVMe-oF In-Band authentication according to NVMe TPAR 8006. >>> This patch adds two new fabric options 'dhchap_secret' to specify the >>> pre-shared key (in ASCII respresentation according to NVMe 2.0 section >>> 8.13.5.8 'Secret representation') and 'dhchap_ctrl_secret' to specify >>> the pre-shared controller key for bi-directional authentication of both >>> the host and the controller. >>> Re-authentication can be triggered by writing the PSK into the new >>> controller sysfs attribute 'dhchap_secret' or 'dhchap_ctrl_secret'. >> >> Can you please add to commit log an example of the process ? >> >>  From target configuration through the 'nvme connect' cmd. >> >> > > Please check: > > https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fhreinecke%2Fblktests%2Ftree%2Fauth.v3&data=04%7C01%7Cmgurtovoy%40nvidia.com%7C4e6a16198c834c87e2ac08da0bfd01fc%7C43083d15727340c1b7db39efd9ccc17a%7C0%7C0%7C637835478535167965%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=OgZkPCwDUIllRWfKF0SoC6osWJy3hqAZouME3KDnIGQ%3D&reserved=0 > > > That contains the blktest scripts I'm using to validate the > implementation. > blktest is great but for features in this magnitude I think we need to add a simple usage example in the commit log or in the cover letter. for someone that is not familiar with blktests, one should start reverse engineering 4000 LOC to use it. Cheers, Max. Thanks for implementing this important feature. > Cheers, > > Hannes