lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <cdaae245-89ef-486c-958b-83c9d358e47d@suse.de> Date: Wed, 25 Oct 2023 08:32:22 +0200 From: Hannes Reinecke <hare@...e.de> To: Mark O'Donovan <shiftee@...teo.net>, linux-kernel@...r.kernel.org Cc: linux-nvme@...ts.infradead.org, sagi@...mberg.me, hch@....de, axboe@...nel.dk, kbusch@...nel.org Subject: Re: [PATCH v2 3/3] nvme-auth: always set valid seq_num in dhchap reply On 10/23/23 16:00, Mark O'Donovan wrote: > Currently a seqnum of zero is sent during uni-directional > authentication. The zero value is reserved for the secure channel > feature which is not yet implemented. > > Relevant extract from the spec: > The value 0h is used to indicate that bidirectional authentication > is not performed, but a challenge value C2 is carried in order to > generate a pre-shared key (PSK) for subsequent establishment of a > secure channel > > Signed-off-by: Mark O'Donovan <shiftee@...teo.net> > > --- > v1: used incorrect prefix nvme-tcp > v2: added spec extract to commit message > > drivers/nvme/host/auth.c | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) > > diff --git a/drivers/nvme/host/auth.c b/drivers/nvme/host/auth.c > index 8558a02865ac..7f6b2e99a78c 100644 > --- a/drivers/nvme/host/auth.c > +++ b/drivers/nvme/host/auth.c > @@ -316,15 +316,14 @@ static int nvme_auth_set_dhchap_reply_data(struct nvme_ctrl *ctrl, > chap->bi_directional = true; > get_random_bytes(chap->c2, chap->hash_len); > data->cvalid = 1; > - chap->s2 = nvme_auth_get_seqnum(); > memcpy(data->rval + chap->hash_len, chap->c2, > chap->hash_len); > dev_dbg(ctrl->device, "%s: qid %d ctrl challenge %*ph\n", > __func__, chap->qid, (int)chap->hash_len, chap->c2); > } else { > memset(chap->c2, 0, chap->hash_len); > - chap->s2 = 0; > } > + chap->s2 = nvme_auth_get_seqnum(); > data->seqnum = cpu_to_le32(chap->s2); > if (chap->host_key_len) { > dev_dbg(ctrl->device, "%s: qid %d host public key %*ph\n", I guess you'll need to fix up nvmet, too, as this currently ignores 's2' when 'cvalid' is false. Cheers, Hannes -- Dr. Hannes Reinecke Kernel Storage Architect hare@...e.de +49 911 74053 688 SUSE Software Solutions GmbH, Maxfeldstr. 5, 90409 Nürnberg HRB 36809 (AG Nürnberg), Geschäftsführer: Ivo Totev, Andrew Myers, Andrew McDonald, Martje Boudien Moerman
Powered by blists - more mailing lists