lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 25 Oct 2023 08:32:22 +0200
From:   Hannes Reinecke <hare@...e.de>
To:     Mark O'Donovan <shiftee@...teo.net>, linux-kernel@...r.kernel.org
Cc:     linux-nvme@...ts.infradead.org, sagi@...mberg.me, hch@....de,
        axboe@...nel.dk, kbusch@...nel.org
Subject: Re: [PATCH v2 3/3] nvme-auth: always set valid seq_num in dhchap
 reply

On 10/23/23 16:00, Mark O'Donovan wrote:
> Currently a seqnum of zero is sent during uni-directional
> authentication. The zero value is reserved for the secure channel
> feature which is not yet implemented.
> 
> Relevant extract from the spec:
> The value 0h is used to indicate that bidirectional authentication
> is not performed, but a challenge value C2 is carried in order to
> generate a pre-shared key (PSK) for subsequent establishment of a
> secure channel
> 
> Signed-off-by: Mark O'Donovan <shiftee@...teo.net>
> 
> ---
> v1: used incorrect prefix nvme-tcp
> v2: added spec extract to commit message
> 
>   drivers/nvme/host/auth.c | 3 +--
>   1 file changed, 1 insertion(+), 2 deletions(-)
> 
> diff --git a/drivers/nvme/host/auth.c b/drivers/nvme/host/auth.c
> index 8558a02865ac..7f6b2e99a78c 100644
> --- a/drivers/nvme/host/auth.c
> +++ b/drivers/nvme/host/auth.c
> @@ -316,15 +316,14 @@ static int nvme_auth_set_dhchap_reply_data(struct nvme_ctrl *ctrl,
>   		chap->bi_directional = true;
>   		get_random_bytes(chap->c2, chap->hash_len);
>   		data->cvalid = 1;
> -		chap->s2 = nvme_auth_get_seqnum();
>   		memcpy(data->rval + chap->hash_len, chap->c2,
>   		       chap->hash_len);
>   		dev_dbg(ctrl->device, "%s: qid %d ctrl challenge %*ph\n",
>   			__func__, chap->qid, (int)chap->hash_len, chap->c2);
>   	} else {
>   		memset(chap->c2, 0, chap->hash_len);
> -		chap->s2 = 0;
>   	}
> +	chap->s2 = nvme_auth_get_seqnum();
>   	data->seqnum = cpu_to_le32(chap->s2);
>   	if (chap->host_key_len) {
>   		dev_dbg(ctrl->device, "%s: qid %d host public key %*ph\n",

I guess you'll need to fix up nvmet, too, as this currently ignores 's2' 
when 'cvalid' is false.

Cheers,

Hannes
-- 
Dr. Hannes Reinecke                Kernel Storage Architect
hare@...e.de                              +49 911 74053 688
SUSE Software Solutions GmbH, Maxfeldstr. 5, 90409 Nürnberg
HRB 36809 (AG Nürnberg), Geschäftsführer: Ivo Totev, Andrew
Myers, Andrew McDonald, Martje Boudien Moerman

Powered by blists - more mailing lists