lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <5b6ff1d7-00e0-7f16-ece0-a80426821b32@grimberg.me> Date: Sun, 13 Aug 2023 16:53:40 +0300 From: Sagi Grimberg <sagi@...mberg.me> To: Hannes Reinecke <hare@...e.de>, Christoph Hellwig <hch@....de> Cc: Keith Busch <kbusch@...nel.org>, linux-nvme@...ts.infradead.org, Jakub Kicinski <kuba@...nel.org>, Eric Dumazet <edumazet@...gle.com>, Paolo Abeni <pabeni@...hat.com>, netdev@...r.kernel.org Subject: Re: [PATCH 10/17] nvme-fabrics: parse options 'keyring' and 'tls_key' > @@ -928,6 +933,46 @@ static int nvmf_parse_options(struct nvmf_ctrl_options *opts, > } > opts->tos = token; > break; > + case NVMF_OPT_KEYRING: > + if (!IS_ENABLED(CONFIG_NVME_TCP_TLS)) { > + pr_err("TLS is not supported\n"); > + ret = -EINVAL; > + goto out; > + } > + if (match_int(args, &key_id) || key_id <= 0) { > + ret = -EINVAL; > + goto out; > + } > + key = key_lookup(key_id); > + if (IS_ERR(key)) { > + pr_err("Keyring %08x not found\n", key_id); > + ret = PTR_ERR(key); > + goto out; > + } > + pr_debug("Using keyring %08x\n", key_serial(key)); > + key_put(opts->keyring); > + opts->keyring = key; > + break; > + case NVMF_OPT_TLS_KEY: > + if (!IS_ENABLED(CONFIG_NVME_TCP_TLS)) { > + pr_err("TLS is not supported\n"); > + ret = -EINVAL; > + goto out; > + } > + if (match_int(args, &key_id) || key_id <= 0) { > + ret = -EINVAL; > + goto out; > + } > + key = key_lookup(key_id); > + if (IS_ERR(key)) { > + pr_err("Key %08x not found\n", key_id); > + ret = PTR_ERR(key); > + goto out; > + } > + pr_debug("Using key %08x\n", key_serial(key)); > + key_put(opts->tls_key); > + opts->tls_key = key; > + break; Didn't we agree that we will share the code and simply return the key? Maybe I missed further discussion on this?
Powered by blists - more mailing lists