lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20251031140310.GA17006@lst.de>
Date: Fri, 31 Oct 2025 15:03:10 +0100
From: Christoph Hellwig <hch@....de>
To: alistair23@...il.com
Cc: kbusch@...nel.org, axboe@...nel.dk, hch@....de, sagi@...mberg.me,
	hare@...e.de, kch@...dia.com, linux-nvme@...ts.infradead.org,
	linux-kernel@...r.kernel.org,
	Alistair Francis <alistair.francis@....com>
Subject: Re: [PATCH 2/3] nvmet-tcp: Don't free SQ on authentication success

On Thu, Oct 30, 2025 at 01:51:13PM +1000, alistair23@...il.com wrote:
> Curently after the host sends a REPLACETLSPSK we free the TLS keys as
> part of calling nvmet_auth_sq_free() on success. This means when the
> host sends a follow up REPLACETLSPSK we return CONCAT_MISMATCH as the
> check for !nvmet_queue_tls_keyid(req->sq) fails.
> 
> This patch ensures we don't free the TLS key on success as we might need
> it again in the future.

I initially though we'd now keep it around for the lifetime of the
queue, but I think we'll still free it from nvmet_execute_auth_send,
right?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ