diff options
author | Hannes Reinecke <hare@suse.de> | 2023-08-24 16:39:18 +0200 |
---|---|---|
committer | Keith Busch <kbusch@kernel.org> | 2023-10-11 10:29:58 -0700 |
commit | adf22c520b5ec45a6f05a19ed26d61fe463b6626 (patch) | |
tree | fb44a31873e22156baec7f5c1fd19866b7c53d42 /drivers/nvme/host/tcp.c | |
parent | e4f4aabb6f66177410e573bdf821f29f9746765f (diff) |
nvme-fabrics: parse options 'keyring' and 'tls_key'
Parse the fabrics options 'keyring' and 'tls_key' and store the
referenced keys in the options structure.
Signed-off-by: Hannes Reinecke <hare@suse.de>
Reviewed-by: Sagi Grimberg <sagi@grimberg.me>
Signed-off-by: Keith Busch <kbusch@kernel.org>
Diffstat (limited to 'drivers/nvme/host/tcp.c')
-rw-r--r-- | drivers/nvme/host/tcp.c | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/drivers/nvme/host/tcp.c b/drivers/nvme/host/tcp.c index 4656ad20e157..4714a902f4ca 100644 --- a/drivers/nvme/host/tcp.c +++ b/drivers/nvme/host/tcp.c @@ -1595,6 +1595,8 @@ static int nvme_tcp_start_tls(struct nvme_ctrl *nctrl, args.ta_data = queue; args.ta_my_peerids[0] = pskid; args.ta_num_peerids = 1; + if (nctrl->opts->keyring) + keyring = key_serial(nctrl->opts->keyring); args.ta_keyring = keyring; args.ta_timeout_ms = tls_handshake_timeout * 1000; queue->tls_err = -EOPNOTSUPP; @@ -1914,9 +1916,12 @@ static int nvme_tcp_alloc_admin_queue(struct nvme_ctrl *ctrl) key_serial_t pskid = 0; if (ctrl->opts->tls) { - pskid = nvme_tls_psk_default(NULL, - ctrl->opts->host->nqn, - ctrl->opts->subsysnqn); + if (ctrl->opts->tls_key) + pskid = key_serial(ctrl->opts->tls_key); + else + pskid = nvme_tls_psk_default(ctrl->opts->keyring, + ctrl->opts->host->nqn, + ctrl->opts->subsysnqn); if (!pskid) { dev_err(ctrl->device, "no valid PSK found\n"); ret = -ENOKEY; @@ -2777,7 +2782,8 @@ static struct nvmf_transport_ops nvme_tcp_transport = { NVMF_OPT_HOST_TRADDR | NVMF_OPT_CTRL_LOSS_TMO | NVMF_OPT_HDR_DIGEST | NVMF_OPT_DATA_DIGEST | NVMF_OPT_NR_WRITE_QUEUES | NVMF_OPT_NR_POLL_QUEUES | - NVMF_OPT_TOS | NVMF_OPT_HOST_IFACE | NVMF_OPT_TLS, + NVMF_OPT_TOS | NVMF_OPT_HOST_IFACE | NVMF_OPT_TLS | + NVMF_OPT_KEYRING | NVMF_OPT_TLS_KEY, .create_ctrl = nvme_tcp_create_ctrl, }; |