Lines Matching refs:qpair
134 nvme_auth_digest_allowed(struct spdk_nvme_qpair *qpair, uint8_t digest)
136 struct spdk_nvme_ctrlr *ctrlr = qpair->ctrlr;
142 nvme_auth_dhgroup_allowed(struct spdk_nvme_qpair *qpair, uint8_t dhgroup)
144 struct spdk_nvme_ctrlr *ctrlr = qpair->ctrlr;
150 nvme_auth_set_state(struct spdk_nvme_qpair *qpair, enum nvme_qpair_auth_state state)
163 AUTH_DEBUGLOG(qpair, "auth state: %s\n", state_names[state]);
164 qpair->auth.state = state;
168 nvme_auth_set_failure(struct spdk_nvme_qpair *qpair, int status, bool failure2)
170 if (qpair->auth.status == 0) {
171 qpair->auth.status = status;
174 nvme_auth_set_state(qpair, failure2 ?
180 nvme_auth_print_cpl(struct spdk_nvme_qpair *qpair, const char *msg)
182 struct nvme_completion_poll_status *status = qpair->poll_status;
184 AUTH_ERRLOG(qpair, "%s failed: sc=%d, sct=%d (timed out: %s)\n", msg, status->cpl.status.sc,
189 nvme_auth_get_seqnum(struct spdk_nvme_qpair *qpair)
191 struct spdk_nvme_ctrlr *ctrlr = qpair->ctrlr;
663 nvme_auth_submit_request(struct spdk_nvme_qpair *qpair,
666 struct spdk_nvme_ctrlr *ctrlr = qpair->ctrlr;
667 struct nvme_request *req = qpair->reserved_req;
668 struct nvme_completion_poll_status *status = qpair->poll_status;
703 return nvme_qpair_submit_request(qpair, req);
707 nvme_auth_recv_message(struct spdk_nvme_qpair *qpair)
709 memset(qpair->poll_status->dma_data, 0, NVME_AUTH_DATA_SIZE);
710 return nvme_auth_submit_request(qpair, SPDK_NVMF_FABRIC_COMMAND_AUTHENTICATION_RECV,
715 nvme_auth_send_failure2(struct spdk_nvme_qpair *qpair, enum spdk_nvmf_auth_failure_reason reason)
717 struct spdk_nvmf_auth_failure *msg = qpair->poll_status->dma_data;
718 struct nvme_auth *auth = &qpair->auth;
720 memset(qpair->poll_status->dma_data, 0, NVME_AUTH_DATA_SIZE);
727 return nvme_auth_submit_request(qpair, SPDK_NVMF_FABRIC_COMMAND_AUTHENTICATION_SEND,
732 nvme_auth_check_message(struct spdk_nvme_qpair *qpair, enum spdk_nvmf_auth_id auth_id)
734 struct spdk_nvmf_auth_failure *msg = qpair->poll_status->dma_data;
751 AUTH_ERRLOG(qpair, "received unexpected DH-HMAC-CHAP message id: %u (expected: %u)\n",
757 AUTH_ERRLOG(qpair, "received unexpected common message id: %u\n",
764 AUTH_ERRLOG(qpair, "received AUTH_failure1: rc=%d, rce=%d (%s)\n",
766 nvme_auth_set_failure(qpair, -EACCES, false);
769 AUTH_ERRLOG(qpair, "received unknown message type: %u\n", msg->auth_type);
773 nvme_auth_set_failure(qpair, -EACCES,
774 nvme_auth_send_failure2(qpair,
780 nvme_auth_send_negotiate(struct spdk_nvme_qpair *qpair)
782 struct nvme_auth *auth = &qpair->auth;
783 struct spdk_nvmf_auth_negotiate *msg = qpair->poll_status->dma_data;
787 memset(qpair->poll_status->dma_data, 0, NVME_AUTH_DATA_SIZE);
793 if (!nvme_auth_digest_allowed(qpair, g_digests[i].id)) {
796 AUTH_DEBUGLOG(qpair, "digest: %u (%s)\n", g_digests[i].id,
801 if (!nvme_auth_dhgroup_allowed(qpair, g_dhgroups[i].id)) {
804 AUTH_DEBUGLOG(qpair, "dhgroup: %u (%s)\n", g_dhgroups[i].id,
815 return nvme_auth_submit_request(qpair, SPDK_NVMF_FABRIC_COMMAND_AUTHENTICATION_SEND,
820 nvme_auth_check_challenge(struct spdk_nvme_qpair *qpair)
822 struct spdk_nvmf_dhchap_challenge *challenge = qpair->poll_status->dma_data;
823 struct nvme_auth *auth = &qpair->auth;
827 rc = nvme_auth_check_message(qpair, SPDK_NVMF_AUTH_ID_DHCHAP_CHALLENGE);
833 AUTH_ERRLOG(qpair, "unexpected tid: received=%u, expected=%u\n",
839 AUTH_ERRLOG(qpair, "received challenge with seqnum=0\n");
845 AUTH_ERRLOG(qpair, "unsupported hash function: 0x%x\n", challenge->hash_id);
850 AUTH_ERRLOG(qpair, "unexpected hash length: received=%u, expected=%u\n",
858 AUTH_ERRLOG(qpair, "unexpected dhvlen=%u for dhgroup 0\n",
870 AUTH_ERRLOG(qpair, "invalid dhvlen=%u for dhgroup %u\n",
876 AUTH_ERRLOG(qpair, "unsupported dhgroup: 0x%x\n", challenge->dhg_id);
880 if (!nvme_auth_digest_allowed(qpair, challenge->hash_id)) {
881 AUTH_ERRLOG(qpair, "received disallowed digest: %u (%s)\n", challenge->hash_id,
886 if (!nvme_auth_dhgroup_allowed(qpair, challenge->dhg_id)) {
887 AUTH_ERRLOG(qpair, "received disallowed dhgroup: %u (%s)\n", challenge->dhg_id,
894 nvme_auth_set_failure(qpair, -EACCES,
895 nvme_auth_send_failure2(qpair, SPDK_NVMF_AUTH_INCORRECT_PAYLOAD));
900 nvme_auth_send_reply(struct spdk_nvme_qpair *qpair)
902 struct nvme_completion_poll_status *status = qpair->poll_status;
903 struct spdk_nvme_ctrlr *ctrlr = qpair->ctrlr;
906 struct nvme_auth *auth = &qpair->auth;
950 AUTH_DEBUGLOG(qpair, "key=%s, hash=%u, dhgroup=%u, seq=%u, tid=%u, subnqn=%s, hostnqn=%s, "
959 AUTH_ERRLOG(qpair, "failed to calculate response: %s\n", spdk_strerror(-rc));
964 seqnum = nvme_auth_get_seqnum(qpair);
984 AUTH_ERRLOG(qpair, "failed to calculate controller's response: %s\n",
991 memset(qpair->poll_status->dma_data, 0, NVME_AUTH_DATA_SIZE);
1008 rc = nvme_auth_submit_request(qpair, SPDK_NVMF_FABRIC_COMMAND_AUTHENTICATION_SEND,
1018 nvme_auth_check_success1(struct spdk_nvme_qpair *qpair)
1020 struct spdk_nvmf_dhchap_success1 *msg = qpair->poll_status->dma_data;
1021 struct spdk_nvme_ctrlr *ctrlr = qpair->ctrlr;
1022 struct nvme_auth *auth = &qpair->auth;
1026 rc = nvme_auth_check_message(qpair, SPDK_NVMF_AUTH_ID_DHCHAP_SUCCESS1);
1032 AUTH_ERRLOG(qpair, "unexpected tid: received=%u, expected=%u\n",
1040 AUTH_ERRLOG(qpair, "received rvalid=0, expected response\n");
1047 AUTH_ERRLOG(qpair, "received invalid hl=%u, expected=%u\n", msg->hl, hl);
1053 AUTH_ERRLOG(qpair, "controller challenge mismatch\n");
1063 nvme_auth_set_failure(qpair, -EACCES, nvme_auth_send_failure2(qpair, status));
1069 nvme_auth_send_success2(struct spdk_nvme_qpair *qpair)
1071 struct spdk_nvmf_dhchap_success2 *msg = qpair->poll_status->dma_data;
1072 struct nvme_auth *auth = &qpair->auth;
1074 memset(qpair->poll_status->dma_data, 0, NVME_AUTH_DATA_SIZE);
1079 return nvme_auth_submit_request(qpair, SPDK_NVMF_FABRIC_COMMAND_AUTHENTICATION_SEND,
1084 nvme_fabric_qpair_authenticate_poll(struct spdk_nvme_qpair *qpair)
1086 struct spdk_nvme_ctrlr *ctrlr = qpair->ctrlr;
1087 struct nvme_auth *auth = &qpair->auth;
1088 struct nvme_completion_poll_status *status = qpair->poll_status;
1097 rc = nvme_auth_send_negotiate(qpair);
1099 nvme_auth_set_failure(qpair, rc, false);
1100 AUTH_ERRLOG(qpair, "failed to send AUTH_negotiate: %s\n",
1104 nvme_auth_set_state(qpair, NVME_QPAIR_AUTH_STATE_AWAIT_NEGOTIATE);
1107 rc = nvme_wait_for_completion_robust_lock_timeout_poll(qpair, status, NULL);
1110 nvme_auth_print_cpl(qpair, "AUTH_negotiate");
1111 nvme_auth_set_failure(qpair, rc, false);
1116 rc = nvme_auth_recv_message(qpair);
1118 nvme_auth_set_failure(qpair, rc, false);
1119 AUTH_ERRLOG(qpair, "failed to recv DH-HMAC-CHAP_challenge: %s\n",
1123 nvme_auth_set_state(qpair, NVME_QPAIR_AUTH_STATE_AWAIT_CHALLENGE);
1126 rc = nvme_wait_for_completion_robust_lock_timeout_poll(qpair, status, NULL);
1129 nvme_auth_print_cpl(qpair, "DH-HMAC-CHAP_challenge");
1130 nvme_auth_set_failure(qpair, rc, false);
1134 rc = nvme_auth_check_challenge(qpair);
1138 rc = nvme_auth_send_reply(qpair);
1140 nvme_auth_set_failure(qpair, rc, false);
1141 AUTH_ERRLOG(qpair, "failed to send DH-HMAC-CHAP_reply: %s\n",
1145 nvme_auth_set_state(qpair, NVME_QPAIR_AUTH_STATE_AWAIT_REPLY);
1148 rc = nvme_wait_for_completion_robust_lock_timeout_poll(qpair, status, NULL);
1151 nvme_auth_print_cpl(qpair, "DH-HMAC-CHAP_reply");
1152 nvme_auth_set_failure(qpair, rc, false);
1157 rc = nvme_auth_recv_message(qpair);
1159 nvme_auth_set_failure(qpair, rc, false);
1160 AUTH_ERRLOG(qpair, "failed to recv DH-HMAC-CHAP_success1: %s\n",
1164 nvme_auth_set_state(qpair, NVME_QPAIR_AUTH_STATE_AWAIT_SUCCESS1);
1167 rc = nvme_wait_for_completion_robust_lock_timeout_poll(qpair, status, NULL);
1170 nvme_auth_print_cpl(qpair, "DH-HMAC-CHAP_success1");
1171 nvme_auth_set_failure(qpair, rc, false);
1175 rc = nvme_auth_check_success1(qpair);
1179 AUTH_DEBUGLOG(qpair, "authentication completed successfully\n");
1181 rc = nvme_auth_send_success2(qpair);
1183 AUTH_ERRLOG(qpair, "failed to send DH-HMAC-CHAP_success2: "
1185 nvme_auth_set_failure(qpair, rc, false);
1188 nvme_auth_set_state(qpair, NVME_QPAIR_AUTH_STATE_AWAIT_SUCCESS2);
1191 nvme_auth_set_state(qpair, NVME_QPAIR_AUTH_STATE_DONE);
1195 rc = nvme_wait_for_completion_robust_lock_timeout_poll(qpair, status, NULL);
1199 nvme_auth_set_state(qpair, NVME_QPAIR_AUTH_STATE_DONE);
1202 if (qpair->poll_status != NULL && !status->timed_out) {
1203 qpair->poll_status = NULL;
1222 nvme_fabric_qpair_authenticate_async(struct spdk_nvme_qpair *qpair)
1224 struct spdk_nvme_ctrlr *ctrlr = qpair->ctrlr;
1226 struct nvme_auth *auth = &qpair->auth;
1230 AUTH_ERRLOG(qpair, "missing DH-HMAC-CHAP key\n");
1234 if (qpair->auth.flags & NVME_QPAIR_AUTH_FLAG_ASCR) {
1235 AUTH_ERRLOG(qpair, "secure channel concatenation is not supported\n");
1239 status = calloc(1, sizeof(*qpair->poll_status));
1241 AUTH_ERRLOG(qpair, "failed to allocate poll status\n");
1248 AUTH_ERRLOG(qpair, "failed to allocate poll status\n");
1253 assert(qpair->poll_status == NULL);
1254 qpair->poll_status = status;
1260 nvme_auth_set_state(qpair, NVME_QPAIR_AUTH_STATE_NEGOTIATE);
1263 rc = nvme_fabric_qpair_authenticate_poll(qpair);
1268 spdk_nvme_qpair_authenticate(struct spdk_nvme_qpair *qpair,
1271 struct spdk_nvme_ctrlr *ctrlr = qpair->ctrlr;
1274 if (qpair->auth.cb_fn != NULL) {
1284 rc = nvme_transport_qpair_authenticate(qpair);
1286 qpair->auth.cb_fn = cb_fn;
1287 qpair->auth.cb_ctx = cb_ctx;