Trang chủ Khám phá Trợ giúp
Đăng nhập
samsung-sm8650
/
android_kernel_samsung_sm8650_ksu
2
0
Fork 0
Các tập tin Các vấn đề 0 Yêu cầu kéo về 0 Wiki
Tree: 8062222ad7
Branches Tags
android_kernel_...
/
drivers
/
nvme
/
host
/
auth.c

auth.c 27 KB
Lịch sử Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014 
  1. // SPDX-License-Identifier: GPL-2.0
    2. 

  2. /*
    3. 

  3.  * Copyright (c) 2020 Hannes Reinecke, SUSE Linux
    4. 

  4.  */
    5. 

  5. 

  6. #include <linux/crc32.h>
    7. 

  7. #include <linux/base64.h>
    8. 

  8. #include <linux/prandom.h>
    9. 

  9. #include <asm/unaligned.h>
    10. 

  10. #include <crypto/hash.h>
    11. 

  11. #include <crypto/dh.h>
    12. 

  12. #include "nvme.h"
    13. 

  13. #include "fabrics.h"
    14. 

  14. #include <linux/nvme-auth.h>
    15. 

  15. 

  16. struct nvme_dhchap_queue_context {
    17. 

  17. 	struct list_head entry;
    18. 

  18. 	struct work_struct auth_work;
    19. 

  19. 	struct nvme_ctrl *ctrl;
    20. 

  20. 	struct crypto_shash *shash_tfm;
    21. 

  21. 	struct crypto_kpp *dh_tfm;
    22. 

  22. 	void *buf;
    23. 

  23. 	size_t buf_size;
    24. 

  24. 	int qid;
    25. 

  25. 	int error;
    26. 

  26. 	u32 s1;
    27. 

  27. 	u32 s2;
    28. 

  28. 	u16 transaction;
    29. 

  29. 	u8 status;
    30. 

  30. 	u8 hash_id;
    31. 

  31. 	size_t hash_len;
    32. 

  32. 	u8 dhgroup_id;
    33. 

  33. 	u8 c1[64];
    34. 

  34. 	u8 c2[64];
    35. 

  35. 	u8 response[64];
    36. 

  36. 	u8 *host_response;
    37. 

  37. 	u8 *ctrl_key;
    38. 

  38. 	int ctrl_key_len;
    39. 

  39. 	u8 *host_key;
    40. 

  40. 	int host_key_len;
    41. 

  41. 	u8 *sess_key;
    42. 

  42. 	int sess_key_len;
    43. 

  43. };
    44. 

  44. 

  45. #define nvme_auth_flags_from_qid(qid) \
    46. 

  46. 	(qid == 0) ? 0 : BLK_MQ_REQ_NOWAIT | BLK_MQ_REQ_RESERVED
    47. 

  47. #define nvme_auth_queue_from_qid(ctrl, qid) \
    48. 

  48. 	(qid == 0) ? (ctrl)->fabrics_q : (ctrl)->connect_q
    49. 

  49. 

  50. static int nvme_auth_submit(struct nvme_ctrl *ctrl, int qid,
    51. 

  51. 			    void *data, size_t data_len, bool auth_send)
    52. 

  52. {
    53. 

  53. 	struct nvme_command cmd = {};
    54. 

  54. 	blk_mq_req_flags_t flags = nvme_auth_flags_from_qid(qid);
    55. 

  55. 	struct request_queue *q = nvme_auth_queue_from_qid(ctrl, qid);
    56. 

  56. 	int ret;
    57. 

  57. 

  58. 	cmd.auth_common.opcode = nvme_fabrics_command;
    59. 

  59. 	cmd.auth_common.secp = NVME_AUTH_DHCHAP_PROTOCOL_IDENTIFIER;
    60. 

  60. 	cmd.auth_common.spsp0 = 0x01;
    61. 

  61. 	cmd.auth_common.spsp1 = 0x01;
    62. 

  62. 	if (auth_send) {
    63. 

  63. 		cmd.auth_send.fctype = nvme_fabrics_type_auth_send;
    64. 

  64. 		cmd.auth_send.tl = cpu_to_le32(data_len);
    65. 

  65. 	} else {
    66. 

  66. 		cmd.auth_receive.fctype = nvme_fabrics_type_auth_receive;
    67. 

  67. 		cmd.auth_receive.al = cpu_to_le32(data_len);
    68. 

  68. 	}
    69. 

  69. 

  70. 	ret = __nvme_submit_sync_cmd(q, &cmd, NULL, data, data_len,
    71. 

  71. 				     qid == 0 ? NVME_QID_ANY : qid,
    72. 

  72. 				     0, flags);
    73. 

  73. 	if (ret > 0)
    74. 

  74. 		dev_warn(ctrl->device,
    75. 

  75. 			"qid %d auth_send failed with status %d\n", qid, ret);
    76. 

  76. 	else if (ret < 0)
    77. 

  77. 		dev_err(ctrl->device,
    78. 

  78. 			"qid %d auth_send failed with error %d\n", qid, ret);
    79. 

  79. 	return ret;
    80. 

  80. }
    81. 

  81. 

  82. static int nvme_auth_receive_validate(struct nvme_ctrl *ctrl, int qid,
    83. 

  83. 		struct nvmf_auth_dhchap_failure_data *data,
    84. 

  84. 		u16 transaction, u8 expected_msg)
    85. 

  85. {
    86. 

  86. 	dev_dbg(ctrl->device, "%s: qid %d auth_type %d auth_id %x\n",
    87. 

  87. 		__func__, qid, data->auth_type, data->auth_id);
    88. 

  88. 

  89. 	if (data->auth_type == NVME_AUTH_COMMON_MESSAGES &&
    90. 

  90. 	    data->auth_id == NVME_AUTH_DHCHAP_MESSAGE_FAILURE1) {
    91. 

  91. 		return data->rescode_exp;
    92. 

  92. 	}
    93. 

  93. 	if (data->auth_type != NVME_AUTH_DHCHAP_MESSAGES ||
    94. 

  94. 	    data->auth_id != expected_msg) {
    95. 

  95. 		dev_warn(ctrl->device,
    96. 

  96. 			 "qid %d invalid message %02x/%02x\n",
    97. 

  97. 			 qid, data->auth_type, data->auth_id);
    98. 

  98. 		return NVME_AUTH_DHCHAP_FAILURE_INCORRECT_MESSAGE;
    99. 

  99. 	}
    100. 

  100. 	if (le16_to_cpu(data->t_id) != transaction) {
    101. 

  101. 		dev_warn(ctrl->device,
    102. 

  102. 			 "qid %d invalid transaction ID %d\n",
    103. 

  103. 			 qid, le16_to_cpu(data->t_id));
    104. 

  104. 		return NVME_AUTH_DHCHAP_FAILURE_INCORRECT_MESSAGE;
    105. 

  105. 	}
    106. 

  106. 	return 0;
    107. 

  107. }
    108. 

  108. 

  109. static int nvme_auth_set_dhchap_negotiate_data(struct nvme_ctrl *ctrl,
    110. 

  110. 		struct nvme_dhchap_queue_context *chap)
    111. 

  111. {
    112. 

  112. 	struct nvmf_auth_dhchap_negotiate_data *data = chap->buf;
    113. 

  113. 	size_t size = sizeof(*data) + sizeof(union nvmf_auth_protocol);
    114. 

  114. 

  115. 	if (chap->buf_size < size) {
    116. 

  116. 		chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;
    117. 

  117. 		return -EINVAL;
    118. 

  118. 	}
    119. 

  119. 	memset((u8 *)chap->buf, 0, size);
    120. 

  120. 	data->auth_type = NVME_AUTH_COMMON_MESSAGES;
    121. 

  121. 	data->auth_id = NVME_AUTH_DHCHAP_MESSAGE_NEGOTIATE;
    122. 

  122. 	data->t_id = cpu_to_le16(chap->transaction);
    123. 

  123. 	data->sc_c = 0; /* No secure channel concatenation */
    124. 

  124. 	data->napd = 1;
    125. 

  125. 	data->auth_protocol[0].dhchap.authid = NVME_AUTH_DHCHAP_AUTH_ID;
    126. 

  126. 	data->auth_protocol[0].dhchap.halen = 3;
    127. 

  127. 	data->auth_protocol[0].dhchap.dhlen = 6;
    128. 

  128. 	data->auth_protocol[0].dhchap.idlist[0] = NVME_AUTH_HASH_SHA256;
    129. 

  129. 	data->auth_protocol[0].dhchap.idlist[1] = NVME_AUTH_HASH_SHA384;
    130. 

  130. 	data->auth_protocol[0].dhchap.idlist[2] = NVME_AUTH_HASH_SHA512;
    131. 

  131. 	data->auth_protocol[0].dhchap.idlist[30] = NVME_AUTH_DHGROUP_NULL;
    132. 

  132. 	data->auth_protocol[0].dhchap.idlist[31] = NVME_AUTH_DHGROUP_2048;
    133. 

  133. 	data->auth_protocol[0].dhchap.idlist[32] = NVME_AUTH_DHGROUP_3072;
    134. 

  134. 	data->auth_protocol[0].dhchap.idlist[33] = NVME_AUTH_DHGROUP_4096;
    135. 

  135. 	data->auth_protocol[0].dhchap.idlist[34] = NVME_AUTH_DHGROUP_6144;
    136. 

  136. 	data->auth_protocol[0].dhchap.idlist[35] = NVME_AUTH_DHGROUP_8192;
    137. 

  137. 

  138. 	return size;
    139. 

  139. }
    140. 

  140. 

  141. static int nvme_auth_process_dhchap_challenge(struct nvme_ctrl *ctrl,
    142. 

  142. 		struct nvme_dhchap_queue_context *chap)
    143. 

  143. {
    144. 

  144. 	struct nvmf_auth_dhchap_challenge_data *data = chap->buf;
    145. 

  145. 	u16 dhvlen = le16_to_cpu(data->dhvlen);
    146. 

  146. 	size_t size = sizeof(*data) + data->hl + dhvlen;
    147. 

  147. 	const char *gid_name = nvme_auth_dhgroup_name(data->dhgid);
    148. 

  148. 	const char *hmac_name, *kpp_name;
    149. 

  149. 

  150. 	if (chap->buf_size < size) {
    151. 

  151. 		chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;
    152. 

  152. 		return NVME_SC_INVALID_FIELD;
    153. 

  153. 	}
    154. 

  154. 

  155. 	hmac_name = nvme_auth_hmac_name(data->hashid);
    156. 

  156. 	if (!hmac_name) {
    157. 

  157. 		dev_warn(ctrl->device,
    158. 

  158. 			 "qid %d: invalid HASH ID %d\n",
    159. 

  159. 			 chap->qid, data->hashid);
    160. 

  160. 		chap->status = NVME_AUTH_DHCHAP_FAILURE_HASH_UNUSABLE;
    161. 

  161. 		return NVME_SC_INVALID_FIELD;
    162. 

  162. 	}
    163. 

  163. 

  164. 	if (chap->hash_id == data->hashid && chap->shash_tfm &&
    165. 

  165. 	    !strcmp(crypto_shash_alg_name(chap->shash_tfm), hmac_name) &&
    166. 

  166. 	    crypto_shash_digestsize(chap->shash_tfm) == data->hl) {
    167. 

  167. 		dev_dbg(ctrl->device,
    168. 

  168. 			"qid %d: reuse existing hash %s\n",
    169. 

  169. 			chap->qid, hmac_name);
    170. 

  170. 		goto select_kpp;
    171. 

  171. 	}
    172. 

  172. 

  173. 	/* Reset if hash cannot be reused */
    174. 

  174. 	if (chap->shash_tfm) {
    175. 

  175. 		crypto_free_shash(chap->shash_tfm);
    176. 

  176. 		chap->hash_id = 0;
    177. 

  177. 		chap->hash_len = 0;
    178. 

  178. 	}
    179. 

  179. 	chap->shash_tfm = crypto_alloc_shash(hmac_name, 0,
    180. 

  180. 					     CRYPTO_ALG_ALLOCATES_MEMORY);
    181. 

  181. 	if (IS_ERR(chap->shash_tfm)) {
    182. 

  182. 		dev_warn(ctrl->device,
    183. 

  183. 			 "qid %d: failed to allocate hash %s, error %ld\n",
    184. 

  184. 			 chap->qid, hmac_name, PTR_ERR(chap->shash_tfm));
    185. 

  185. 		chap->shash_tfm = NULL;
    186. 

  186. 		chap->status = NVME_AUTH_DHCHAP_FAILURE_FAILED;
    187. 

  187. 		return NVME_SC_AUTH_REQUIRED;
    188. 

  188. 	}
    189. 

  189. 

  190. 	if (crypto_shash_digestsize(chap->shash_tfm) != data->hl) {
    191. 

  191. 		dev_warn(ctrl->device,
    192. 

  192. 			 "qid %d: invalid hash length %d\n",
    193. 

  193. 			 chap->qid, data->hl);
    194. 

  194. 		crypto_free_shash(chap->shash_tfm);
    195. 

  195. 		chap->shash_tfm = NULL;
    196. 

  196. 		chap->status = NVME_AUTH_DHCHAP_FAILURE_HASH_UNUSABLE;
    197. 

  197. 		return NVME_SC_AUTH_REQUIRED;
    198. 

  198. 	}
    199. 

  199. 

  200. 	/* Reset host response if the hash had been changed */
    201. 

  201. 	if (chap->hash_id != data->hashid) {
    202. 

  202. 		kfree(chap->host_response);
    203. 

  203. 		chap->host_response = NULL;
    204. 

  204. 	}
    205. 

  205. 

  206. 	chap->hash_id = data->hashid;
    207. 

  207. 	chap->hash_len = data->hl;
    208. 

  208. 	dev_dbg(ctrl->device, "qid %d: selected hash %s\n",
    209. 

  209. 		chap->qid, hmac_name);
    210. 

  210. 

  211. select_kpp:
    212. 

  212. 	kpp_name = nvme_auth_dhgroup_kpp(data->dhgid);
    213. 

  213. 	if (!kpp_name) {
    214. 

  214. 		dev_warn(ctrl->device,
    215. 

  215. 			 "qid %d: invalid DH group id %d\n",
    216. 

  216. 			 chap->qid, data->dhgid);
    217. 

  217. 		chap->status = NVME_AUTH_DHCHAP_FAILURE_DHGROUP_UNUSABLE;
    218. 

  218. 		/* Leave previous dh_tfm intact */
    219. 

  219. 		return NVME_SC_AUTH_REQUIRED;
    220. 

  220. 	}
    221. 

  221. 

  222. 	/* Clear host and controller key to avoid accidental reuse */
    223. 

  223. 	kfree_sensitive(chap->host_key);
    224. 

  224. 	chap->host_key = NULL;
    225. 

  225. 	chap->host_key_len = 0;
    226. 

  226. 	kfree_sensitive(chap->ctrl_key);
    227. 

  227. 	chap->ctrl_key = NULL;
    228. 

  228. 	chap->ctrl_key_len = 0;
    229. 

  229. 

  230. 	if (chap->dhgroup_id == data->dhgid &&
    231. 

  231. 	    (data->dhgid == NVME_AUTH_DHGROUP_NULL || chap->dh_tfm)) {
    232. 

  232. 		dev_dbg(ctrl->device,
    233. 

  233. 			"qid %d: reuse existing DH group %s\n",
    234. 

  234. 			chap->qid, gid_name);
    235. 

  235. 		goto skip_kpp;
    236. 

  236. 	}
    237. 

  237. 

  238. 	/* Reset dh_tfm if it can't be reused */
    239. 

  239. 	if (chap->dh_tfm) {
    240. 

  240. 		crypto_free_kpp(chap->dh_tfm);
    241. 

  241. 		chap->dh_tfm = NULL;
    242. 

  242. 	}
    243. 

  243. 

  244. 	if (data->dhgid != NVME_AUTH_DHGROUP_NULL) {
    245. 

  245. 		if (dhvlen == 0) {
    246. 

  246. 			dev_warn(ctrl->device,
    247. 

  247. 				 "qid %d: empty DH value\n",
    248. 

  248. 				 chap->qid);
    249. 

  249. 			chap->status = NVME_AUTH_DHCHAP_FAILURE_DHGROUP_UNUSABLE;
    250. 

  250. 			return NVME_SC_INVALID_FIELD;
    251. 

  251. 		}
    252. 

  252. 

  253. 		chap->dh_tfm = crypto_alloc_kpp(kpp_name, 0, 0);
    254. 

  254. 		if (IS_ERR(chap->dh_tfm)) {
    255. 

  255. 			int ret = PTR_ERR(chap->dh_tfm);
    256. 

  256. 

  257. 			dev_warn(ctrl->device,
    258. 

  258. 				 "qid %d: error %d initializing DH group %s\n",
    259. 

  259. 				 chap->qid, ret, gid_name);
    260. 

  260. 			chap->status = NVME_AUTH_DHCHAP_FAILURE_DHGROUP_UNUSABLE;
    261. 

  261. 			chap->dh_tfm = NULL;
    262. 

  262. 			return NVME_SC_AUTH_REQUIRED;
    263. 

  263. 		}
    264. 

  264. 		dev_dbg(ctrl->device, "qid %d: selected DH group %s\n",
    265. 

  265. 			chap->qid, gid_name);
    266. 

  266. 	} else if (dhvlen != 0) {
    267. 

  267. 		dev_warn(ctrl->device,
    268. 

  268. 			 "qid %d: invalid DH value for NULL DH\n",
    269. 

  269. 			 chap->qid);
    270. 

  270. 		chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;
    271. 

  271. 		return NVME_SC_INVALID_FIELD;
    272. 

  272. 	}
    273. 

  273. 	chap->dhgroup_id = data->dhgid;
    274. 

  274. 

  275. skip_kpp:
    276. 

  276. 	chap->s1 = le32_to_cpu(data->seqnum);
    277. 

  277. 	memcpy(chap->c1, data->cval, chap->hash_len);
    278. 

  278. 	if (dhvlen) {
    279. 

  279. 		chap->ctrl_key = kmalloc(dhvlen, GFP_KERNEL);
    280. 

  280. 		if (!chap->ctrl_key) {
    281. 

  281. 			chap->status = NVME_AUTH_DHCHAP_FAILURE_FAILED;
    282. 

  282. 			return NVME_SC_AUTH_REQUIRED;
    283. 

  283. 		}
    284. 

  284. 		chap->ctrl_key_len = dhvlen;
    285. 

  285. 		memcpy(chap->ctrl_key, data->cval + chap->hash_len,
    286. 

  286. 		       dhvlen);
    287. 

  287. 		dev_dbg(ctrl->device, "ctrl public key %*ph\n",
    288. 

  288. 			 (int)chap->ctrl_key_len, chap->ctrl_key);
    289. 

  289. 	}
    290. 

  290. 

  291. 	return 0;
    292. 

  292. }
    293. 

  293. 

  294. static int nvme_auth_set_dhchap_reply_data(struct nvme_ctrl *ctrl,
    295. 

  295. 		struct nvme_dhchap_queue_context *chap)
    296. 

  296. {
    297. 

  297. 	struct nvmf_auth_dhchap_reply_data *data = chap->buf;
    298. 

  298. 	size_t size = sizeof(*data);
    299. 

  299. 

  300. 	size += 2 * chap->hash_len;
    301. 

  301. 

  302. 	if (chap->host_key_len)
    303. 

  303. 		size += chap->host_key_len;
    304. 

  304. 

  305. 	if (chap->buf_size < size) {
    306. 

  306. 		chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;
    307. 

  307. 		return -EINVAL;
    308. 

  308. 	}
    309. 

  309. 

  310. 	memset(chap->buf, 0, size);
    311. 

  311. 	data->auth_type = NVME_AUTH_DHCHAP_MESSAGES;
    312. 

  312. 	data->auth_id = NVME_AUTH_DHCHAP_MESSAGE_REPLY;
    313. 

  313. 	data->t_id = cpu_to_le16(chap->transaction);
    314. 

  314. 	data->hl = chap->hash_len;
    315. 

  315. 	data->dhvlen = cpu_to_le16(chap->host_key_len);
    316. 

  316. 	memcpy(data->rval, chap->response, chap->hash_len);
    317. 

  317. 	if (ctrl->ctrl_key) {
    318. 

  318. 		get_random_bytes(chap->c2, chap->hash_len);
    319. 

  319. 		data->cvalid = 1;
    320. 

  320. 		chap->s2 = nvme_auth_get_seqnum();
    321. 

  321. 		memcpy(data->rval + chap->hash_len, chap->c2,
    322. 

  322. 		       chap->hash_len);
    323. 

  323. 		dev_dbg(ctrl->device, "%s: qid %d ctrl challenge %*ph\n",
    324. 

  324. 			__func__, chap->qid, (int)chap->hash_len, chap->c2);
    325. 

  325. 	} else {
    326. 

  326. 		memset(chap->c2, 0, chap->hash_len);
    327. 

  327. 		chap->s2 = 0;
    328. 

  328. 	}
    329. 

  329. 	data->seqnum = cpu_to_le32(chap->s2);
    330. 

  330. 	if (chap->host_key_len) {
    331. 

  331. 		dev_dbg(ctrl->device, "%s: qid %d host public key %*ph\n",
    332. 

  332. 			__func__, chap->qid,
    333. 

  333. 			chap->host_key_len, chap->host_key);
    334. 

  334. 		memcpy(data->rval + 2 * chap->hash_len, chap->host_key,
    335. 

  335. 		       chap->host_key_len);
    336. 

  336. 	}
    337. 

  337. 

  338. 	return size;
    339. 

  339. }
    340. 

  340. 

  341. static int nvme_auth_process_dhchap_success1(struct nvme_ctrl *ctrl,
    342. 

  342. 		struct nvme_dhchap_queue_context *chap)
    343. 

  343. {
    344. 

  344. 	struct nvmf_auth_dhchap_success1_data *data = chap->buf;
    345. 

  345. 	size_t size = sizeof(*data);
    346. 

  346. 

  347. 	if (ctrl->ctrl_key)
    348. 

  348. 		size += chap->hash_len;
    349. 

  349. 

  350. 	if (chap->buf_size < size) {
    351. 

  351. 		chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;
    352. 

  352. 		return NVME_SC_INVALID_FIELD;
    353. 

  353. 	}
    354. 

  354. 

  355. 	if (data->hl != chap->hash_len) {
    356. 

  356. 		dev_warn(ctrl->device,
    357. 

  357. 			 "qid %d: invalid hash length %u\n",
    358. 

  358. 			 chap->qid, data->hl);
    359. 

  359. 		chap->status = NVME_AUTH_DHCHAP_FAILURE_HASH_UNUSABLE;
    360. 

  360. 		return NVME_SC_INVALID_FIELD;
    361. 

  361. 	}
    362. 

  362. 

  363. 	/* Just print out information for the admin queue */
    364. 

  364. 	if (chap->qid == 0)
    365. 

  365. 		dev_info(ctrl->device,
    366. 

  366. 			 "qid 0: authenticated with hash %s dhgroup %s\n",
    367. 

  367. 			 nvme_auth_hmac_name(chap->hash_id),
    368. 

  368. 			 nvme_auth_dhgroup_name(chap->dhgroup_id));
    369. 

  369. 

  370. 	if (!data->rvalid)
    371. 

  371. 		return 0;
    372. 

  372. 

  373. 	/* Validate controller response */
    374. 

  374. 	if (memcmp(chap->response, data->rval, data->hl)) {
    375. 

  375. 		dev_dbg(ctrl->device, "%s: qid %d ctrl response %*ph\n",
    376. 

  376. 			__func__, chap->qid, (int)chap->hash_len, data->rval);
    377. 

  377. 		dev_dbg(ctrl->device, "%s: qid %d host response %*ph\n",
    378. 

  378. 			__func__, chap->qid, (int)chap->hash_len,
    379. 

  379. 			chap->response);
    380. 

  380. 		dev_warn(ctrl->device,
    381. 

  381. 			 "qid %d: controller authentication failed\n",
    382. 

  382. 			 chap->qid);
    383. 

  383. 		chap->status = NVME_AUTH_DHCHAP_FAILURE_FAILED;
    384. 

  384. 		return NVME_SC_AUTH_REQUIRED;
    385. 

  385. 	}
    386. 

  386. 

  387. 	/* Just print out information for the admin queue */
    388. 

  388. 	if (chap->qid == 0)
    389. 

  389. 		dev_info(ctrl->device,
    390. 

  390. 			 "qid 0: controller authenticated\n");
    391. 

  391. 	return 0;
    392. 

  392. }
    393. 

  393. 

  394. static int nvme_auth_set_dhchap_success2_data(struct nvme_ctrl *ctrl,
    395. 

  395. 		struct nvme_dhchap_queue_context *chap)
    396. 

  396. {
    397. 

  397. 	struct nvmf_auth_dhchap_success2_data *data = chap->buf;
    398. 

  398. 	size_t size = sizeof(*data);
    399. 

  399. 

  400. 	memset(chap->buf, 0, size);
    401. 

  401. 	data->auth_type = NVME_AUTH_DHCHAP_MESSAGES;
    402. 

  402. 	data->auth_id = NVME_AUTH_DHCHAP_MESSAGE_SUCCESS2;
    403. 

  403. 	data->t_id = cpu_to_le16(chap->transaction);
    404. 

  404. 

  405. 	return size;
    406. 

  406. }
    407. 

  407. 

  408. static int nvme_auth_set_dhchap_failure2_data(struct nvme_ctrl *ctrl,
    409. 

  409. 		struct nvme_dhchap_queue_context *chap)
    410. 

  410. {
    411. 

  411. 	struct nvmf_auth_dhchap_failure_data *data = chap->buf;
    412. 

  412. 	size_t size = sizeof(*data);
    413. 

  413. 

  414. 	memset(chap->buf, 0, size);
    415. 

  415. 	data->auth_type = NVME_AUTH_COMMON_MESSAGES;
    416. 

  416. 	data->auth_id = NVME_AUTH_DHCHAP_MESSAGE_FAILURE2;
    417. 

  417. 	data->t_id = cpu_to_le16(chap->transaction);
    418. 

  418. 	data->rescode = NVME_AUTH_DHCHAP_FAILURE_REASON_FAILED;
    419. 

  419. 	data->rescode_exp = chap->status;
    420. 

  420. 

  421. 	return size;
    422. 

  422. }
    423. 

  423. 

  424. static int nvme_auth_dhchap_setup_host_response(struct nvme_ctrl *ctrl,
    425. 

  425. 		struct nvme_dhchap_queue_context *chap)
    426. 

  426. {
    427. 

  427. 	SHASH_DESC_ON_STACK(shash, chap->shash_tfm);
    428. 

  428. 	u8 buf[4], *challenge = chap->c1;
    429. 

  429. 	int ret;
    430. 

  430. 

  431. 	dev_dbg(ctrl->device, "%s: qid %d host response seq %u transaction %d\n",
    432. 

  432. 		__func__, chap->qid, chap->s1, chap->transaction);
    433. 

  433. 

  434. 	if (!chap->host_response) {
    435. 

  435. 		chap->host_response = nvme_auth_transform_key(ctrl->host_key,
    436. 

  436. 						ctrl->opts->host->nqn);
    437. 

  437. 		if (IS_ERR(chap->host_response)) {
    438. 

  438. 			ret = PTR_ERR(chap->host_response);
    439. 

  439. 			chap->host_response = NULL;
    440. 

  440. 			return ret;
    441. 

  441. 		}
    442. 

  442. 	} else {
    443. 

  443. 		dev_dbg(ctrl->device, "%s: qid %d re-using host response\n",
    444. 

  444. 			__func__, chap->qid);
    445. 

  445. 	}
    446. 

  446. 

  447. 	ret = crypto_shash_setkey(chap->shash_tfm,
    448. 

  448. 			chap->host_response, ctrl->host_key->len);
    449. 

  449. 	if (ret) {
    450. 

  450. 		dev_warn(ctrl->device, "qid %d: failed to set key, error %d\n",
    451. 

  451. 			 chap->qid, ret);
    452. 

  452. 		goto out;
    453. 

  453. 	}
    454. 

  454. 

  455. 	if (chap->dh_tfm) {
    456. 

  456. 		challenge = kmalloc(chap->hash_len, GFP_KERNEL);
    457. 

  457. 		if (!challenge) {
    458. 

  458. 			ret = -ENOMEM;
    459. 

  459. 			goto out;
    460. 

  460. 		}
    461. 

  461. 		ret = nvme_auth_augmented_challenge(chap->hash_id,
    462. 

  462. 						    chap->sess_key,
    463. 

  463. 						    chap->sess_key_len,
    464. 

  464. 						    chap->c1, challenge,
    465. 

  465. 						    chap->hash_len);
    466. 

  466. 		if (ret)
    467. 

  467. 			goto out;
    468. 

  468. 	}
    469. 

  469. 

  470. 	shash->tfm = chap->shash_tfm;
    471. 

  471. 	ret = crypto_shash_init(shash);
    472. 

  472. 	if (ret)
    473. 

  473. 		goto out;
    474. 

  474. 	ret = crypto_shash_update(shash, challenge, chap->hash_len);
    475. 

  475. 	if (ret)
    476. 

  476. 		goto out;
    477. 

  477. 	put_unaligned_le32(chap->s1, buf);
    478. 

  478. 	ret = crypto_shash_update(shash, buf, 4);
    479. 

  479. 	if (ret)
    480. 

  480. 		goto out;
    481. 

  481. 	put_unaligned_le16(chap->transaction, buf);
    482. 

  482. 	ret = crypto_shash_update(shash, buf, 2);
    483. 

  483. 	if (ret)
    484. 

  484. 		goto out;
    485. 

  485. 	memset(buf, 0, sizeof(buf));
    486. 

  486. 	ret = crypto_shash_update(shash, buf, 1);
    487. 

  487. 	if (ret)
    488. 

  488. 		goto out;
    489. 

  489. 	ret = crypto_shash_update(shash, "HostHost", 8);
    490. 

  490. 	if (ret)
    491. 

  491. 		goto out;
    492. 

  492. 	ret = crypto_shash_update(shash, ctrl->opts->host->nqn,
    493. 

  493. 				  strlen(ctrl->opts->host->nqn));
    494. 

  494. 	if (ret)
    495. 

  495. 		goto out;
    496. 

  496. 	ret = crypto_shash_update(shash, buf, 1);
    497. 

  497. 	if (ret)
    498. 

  498. 		goto out;
    499. 

  499. 	ret = crypto_shash_update(shash, ctrl->opts->subsysnqn,
    500. 

  500. 			    strlen(ctrl->opts->subsysnqn));
    501. 

  501. 	if (ret)
    502. 

  502. 		goto out;
    503. 

  503. 	ret = crypto_shash_final(shash, chap->response);
    504. 

  504. out:
    505. 

  505. 	if (challenge != chap->c1)
    506. 

  506. 		kfree(challenge);
    507. 

  507. 	return ret;
    508. 

  508. }
    509. 

  509. 

  510. static int nvme_auth_dhchap_setup_ctrl_response(struct nvme_ctrl *ctrl,
    511. 

  511. 		struct nvme_dhchap_queue_context *chap)
    512. 

  512. {
    513. 

  513. 	SHASH_DESC_ON_STACK(shash, chap->shash_tfm);
    514. 

  514. 	u8 *ctrl_response;
    515. 

  515. 	u8 buf[4], *challenge = chap->c2;
    516. 

  516. 	int ret;
    517. 

  517. 

  518. 	ctrl_response = nvme_auth_transform_key(ctrl->ctrl_key,
    519. 

  519. 				ctrl->opts->subsysnqn);
    520. 

  520. 	if (IS_ERR(ctrl_response)) {
    521. 

  521. 		ret = PTR_ERR(ctrl_response);
    522. 

  522. 		return ret;
    523. 

  523. 	}
    524. 

  524. 	ret = crypto_shash_setkey(chap->shash_tfm,
    525. 

  525. 			ctrl_response, ctrl->ctrl_key->len);
    526. 

  526. 	if (ret) {
    527. 

  527. 		dev_warn(ctrl->device, "qid %d: failed to set key, error %d\n",
    528. 

  528. 			 chap->qid, ret);
    529. 

  529. 		goto out;
    530. 

  530. 	}
    531. 

  531. 

  532. 	if (chap->dh_tfm) {
    533. 

  533. 		challenge = kmalloc(chap->hash_len, GFP_KERNEL);
    534. 

  534. 		if (!challenge) {
    535. 

  535. 			ret = -ENOMEM;
    536. 

  536. 			goto out;
    537. 

  537. 		}
    538. 

  538. 		ret = nvme_auth_augmented_challenge(chap->hash_id,
    539. 

  539. 						    chap->sess_key,
    540. 

  540. 						    chap->sess_key_len,
    541. 

  541. 						    chap->c2, challenge,
    542. 

  542. 						    chap->hash_len);
    543. 

  543. 		if (ret)
    544. 

  544. 			goto out;
    545. 

  545. 	}
    546. 

  546. 	dev_dbg(ctrl->device, "%s: qid %d ctrl response seq %u transaction %d\n",
    547. 

  547. 		__func__, chap->qid, chap->s2, chap->transaction);
    548. 

  548. 	dev_dbg(ctrl->device, "%s: qid %d challenge %*ph\n",
    549. 

  549. 		__func__, chap->qid, (int)chap->hash_len, challenge);
    550. 

  550. 	dev_dbg(ctrl->device, "%s: qid %d subsysnqn %s\n",
    551. 

  551. 		__func__, chap->qid, ctrl->opts->subsysnqn);
    552. 

  552. 	dev_dbg(ctrl->device, "%s: qid %d hostnqn %s\n",
    553. 

  553. 		__func__, chap->qid, ctrl->opts->host->nqn);
    554. 

  554. 	shash->tfm = chap->shash_tfm;
    555. 

  555. 	ret = crypto_shash_init(shash);
    556. 

  556. 	if (ret)
    557. 

  557. 		goto out;
    558. 

  558. 	ret = crypto_shash_update(shash, challenge, chap->hash_len);
    559. 

  559. 	if (ret)
    560. 

  560. 		goto out;
    561. 

  561. 	put_unaligned_le32(chap->s2, buf);
    562. 

  562. 	ret = crypto_shash_update(shash, buf, 4);
    563. 

  563. 	if (ret)
    564. 

  564. 		goto out;
    565. 

  565. 	put_unaligned_le16(chap->transaction, buf);
    566. 

  566. 	ret = crypto_shash_update(shash, buf, 2);
    567. 

  567. 	if (ret)
    568. 

  568. 		goto out;
    569. 

  569. 	memset(buf, 0, 4);
    570. 

  570. 	ret = crypto_shash_update(shash, buf, 1);
    571. 

  571. 	if (ret)
    572. 

  572. 		goto out;
    573. 

  573. 	ret = crypto_shash_update(shash, "Controller", 10);
    574. 

  574. 	if (ret)
    575. 

  575. 		goto out;
    576. 

  576. 	ret = crypto_shash_update(shash, ctrl->opts->subsysnqn,
    577. 

  577. 				  strlen(ctrl->opts->subsysnqn));
    578. 

  578. 	if (ret)
    579. 

  579. 		goto out;
    580. 

  580. 	ret = crypto_shash_update(shash, buf, 1);
    581. 

  581. 	if (ret)
    582. 

  582. 		goto out;
    583. 

  583. 	ret = crypto_shash_update(shash, ctrl->opts->host->nqn,
    584. 

  584. 				  strlen(ctrl->opts->host->nqn));
    585. 

  585. 	if (ret)
    586. 

  586. 		goto out;
    587. 

  587. 	ret = crypto_shash_final(shash, chap->response);
    588. 

  588. out:
    589. 

  589. 	if (challenge != chap->c2)
    590. 

  590. 		kfree(challenge);
    591. 

  591. 	kfree(ctrl_response);
    592. 

  592. 	return ret;
    593. 

  593. }
    594. 

  594. 

  595. static int nvme_auth_dhchap_exponential(struct nvme_ctrl *ctrl,
    596. 

  596. 		struct nvme_dhchap_queue_context *chap)
    597. 

  597. {
    598. 

  598. 	int ret;
    599. 

  599. 

  600. 	if (chap->host_key && chap->host_key_len) {
    601. 

  601. 		dev_dbg(ctrl->device,
    602. 

  602. 			"qid %d: reusing host key\n", chap->qid);
    603. 

  603. 		goto gen_sesskey;
    604. 

  604. 	}
    605. 

  605. 	ret = nvme_auth_gen_privkey(chap->dh_tfm, chap->dhgroup_id);
    606. 

  606. 	if (ret < 0) {
    607. 

  607. 		chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;
    608. 

  608. 		return ret;
    609. 

  609. 	}
    610. 

  610. 

  611. 	chap->host_key_len = crypto_kpp_maxsize(chap->dh_tfm);
    612. 

  612. 

  613. 	chap->host_key = kzalloc(chap->host_key_len, GFP_KERNEL);
    614. 

  614. 	if (!chap->host_key) {
    615. 

  615. 		chap->host_key_len = 0;
    616. 

  616. 		chap->status = NVME_AUTH_DHCHAP_FAILURE_FAILED;
    617. 

  617. 		return -ENOMEM;
    618. 

  618. 	}
    619. 

  619. 	ret = nvme_auth_gen_pubkey(chap->dh_tfm,
    620. 

  620. 				   chap->host_key, chap->host_key_len);
    621. 

  621. 	if (ret) {
    622. 

  622. 		dev_dbg(ctrl->device,
    623. 

  623. 			"failed to generate public key, error %d\n", ret);
    624. 

  624. 		kfree(chap->host_key);
    625. 

  625. 		chap->host_key = NULL;
    626. 

  626. 		chap->host_key_len = 0;
    627. 

  627. 		chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;
    628. 

  628. 		return ret;
    629. 

  629. 	}
    630. 

  630. 

  631. gen_sesskey:
    632. 

  632. 	chap->sess_key_len = chap->host_key_len;
    633. 

  633. 	chap->sess_key = kmalloc(chap->sess_key_len, GFP_KERNEL);
    634. 

  634. 	if (!chap->sess_key) {
    635. 

  635. 		chap->sess_key_len = 0;
    636. 

  636. 		chap->status = NVME_AUTH_DHCHAP_FAILURE_FAILED;
    637. 

  637. 		return -ENOMEM;
    638. 

  638. 	}
    639. 

  639. 

  640. 	ret = nvme_auth_gen_shared_secret(chap->dh_tfm,
    641. 

  641. 					  chap->ctrl_key, chap->ctrl_key_len,
    642. 

  642. 					  chap->sess_key, chap->sess_key_len);
    643. 

  643. 	if (ret) {
    644. 

  644. 		dev_dbg(ctrl->device,
    645. 

  645. 			"failed to generate shared secret, error %d\n", ret);
    646. 

  646. 		kfree_sensitive(chap->sess_key);
    647. 

  647. 		chap->sess_key = NULL;
    648. 

  648. 		chap->sess_key_len = 0;
    649. 

  649. 		chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;
    650. 

  650. 		return ret;
    651. 

  651. 	}
    652. 

  652. 	dev_dbg(ctrl->device, "shared secret %*ph\n",
    653. 

  653. 		(int)chap->sess_key_len, chap->sess_key);
    654. 

  654. 	return 0;
    655. 

  655. }
    656. 

  656. 

  657. static void nvme_auth_reset_dhchap(struct nvme_dhchap_queue_context *chap)
    658. 

  658. {
    659. 

  659. 	kfree_sensitive(chap->host_response);
    660. 

  660. 	chap->host_response = NULL;
    661. 

  661. 	kfree_sensitive(chap->host_key);
    662. 

  662. 	chap->host_key = NULL;
    663. 

  663. 	chap->host_key_len = 0;
    664. 

  664. 	kfree_sensitive(chap->ctrl_key);
    665. 

  665. 	chap->ctrl_key = NULL;
    666. 

  666. 	chap->ctrl_key_len = 0;
    667. 

  667. 	kfree_sensitive(chap->sess_key);
    668. 

  668. 	chap->sess_key = NULL;
    669. 

  669. 	chap->sess_key_len = 0;
    670. 

  670. 	chap->status = 0;
    671. 

  671. 	chap->error = 0;
    672. 

  672. 	chap->s1 = 0;
    673. 

  673. 	chap->s2 = 0;
    674. 

  674. 	chap->transaction = 0;
    675. 

  675. 	memset(chap->c1, 0, sizeof(chap->c1));
    676. 

  676. 	memset(chap->c2, 0, sizeof(chap->c2));
    677. 

  677. }
    678. 

  678. 

  679. static void nvme_auth_free_dhchap(struct nvme_dhchap_queue_context *chap)
    680. 

  680. {
    681. 

  681. 	nvme_auth_reset_dhchap(chap);
    682. 

  682. 	if (chap->shash_tfm)
    683. 

  683. 		crypto_free_shash(chap->shash_tfm);
    684. 

  684. 	if (chap->dh_tfm)
    685. 

  685. 		crypto_free_kpp(chap->dh_tfm);
    686. 

  686. 	kfree_sensitive(chap->ctrl_key);
    687. 

  687. 	kfree_sensitive(chap->host_key);
    688. 

  688. 	kfree_sensitive(chap->sess_key);
    689. 

  689. 	kfree_sensitive(chap->host_response);
    690. 

  690. 	kfree(chap->buf);
    691. 

  691. 	kfree(chap);
    692. 

  692. }
    693. 

  693. 

  694. static void nvme_queue_auth_work(struct work_struct *work)
    695. 

  695. {
    696. 

  696. 	struct nvme_dhchap_queue_context *chap =
    697. 

  697. 		container_of(work, struct nvme_dhchap_queue_context, auth_work);
    698. 

  698. 	struct nvme_ctrl *ctrl = chap->ctrl;
    699. 

  699. 	size_t tl;
    700. 

  700. 	int ret = 0;
    701. 

  701. 

  702. 	chap->transaction = ctrl->transaction++;
    703. 

  703. 

  704. 	/* DH-HMAC-CHAP Step 1: send negotiate */
    705. 

  705. 	dev_dbg(ctrl->device, "%s: qid %d send negotiate\n",
    706. 

  706. 		__func__, chap->qid);
    707. 

  707. 	ret = nvme_auth_set_dhchap_negotiate_data(ctrl, chap);
    708. 

  708. 	if (ret < 0) {
    709. 

  709. 		chap->error = ret;
    710. 

  710. 		return;
    711. 

  711. 	}
    712. 

  712. 	tl = ret;
    713. 

  713. 	ret = nvme_auth_submit(ctrl, chap->qid, chap->buf, tl, true);
    714. 

  714. 	if (ret) {
    715. 

  715. 		chap->error = ret;
    716. 

  716. 		return;
    717. 

  717. 	}
    718. 

  718. 

  719. 	/* DH-HMAC-CHAP Step 2: receive challenge */
    720. 

  720. 	dev_dbg(ctrl->device, "%s: qid %d receive challenge\n",
    721. 

  721. 		__func__, chap->qid);
    722. 

  722. 

  723. 	memset(chap->buf, 0, chap->buf_size);
    724. 

  724. 	ret = nvme_auth_submit(ctrl, chap->qid, chap->buf, chap->buf_size, false);
    725. 

  725. 	if (ret) {
    726. 

  726. 		dev_warn(ctrl->device,
    727. 

  727. 			 "qid %d failed to receive challenge, %s %d\n",
    728. 

  728. 			 chap->qid, ret < 0 ? "error" : "nvme status", ret);
    729. 

  729. 		chap->error = ret;
    730. 

  730. 		return;
    731. 

  731. 	}
    732. 

  732. 	ret = nvme_auth_receive_validate(ctrl, chap->qid, chap->buf, chap->transaction,
    733. 

  733. 					 NVME_AUTH_DHCHAP_MESSAGE_CHALLENGE);
    734. 

  734. 	if (ret) {
    735. 

  735. 		chap->status = ret;
    736. 

  736. 		chap->error = NVME_SC_AUTH_REQUIRED;
    737. 

  737. 		return;
    738. 

  738. 	}
    739. 

  739. 

  740. 	ret = nvme_auth_process_dhchap_challenge(ctrl, chap);
    741. 

  741. 	if (ret) {
    742. 

  742. 		/* Invalid challenge parameters */
    743. 

  743. 		chap->error = ret;
    744. 

  744. 		goto fail2;
    745. 

  745. 	}
    746. 

  746. 

  747. 	if (chap->ctrl_key_len) {
    748. 

  748. 		dev_dbg(ctrl->device,
    749. 

  749. 			"%s: qid %d DH exponential\n",
    750. 

  750. 			__func__, chap->qid);
    751. 

  751. 		ret = nvme_auth_dhchap_exponential(ctrl, chap);
    752. 

  752. 		if (ret) {
    753. 

  753. 			chap->error = ret;
    754. 

  754. 			goto fail2;
    755. 

  755. 		}
    756. 

  756. 	}
    757. 

  757. 

  758. 	dev_dbg(ctrl->device, "%s: qid %d host response\n",
    759. 

  759. 		__func__, chap->qid);
    760. 

  760. 	ret = nvme_auth_dhchap_setup_host_response(ctrl, chap);
    761. 

  761. 	if (ret) {
    762. 

  762. 		chap->error = ret;
    763. 

  763. 		goto fail2;
    764. 

  764. 	}
    765. 

  765. 

  766. 	/* DH-HMAC-CHAP Step 3: send reply */
    767. 

  767. 	dev_dbg(ctrl->device, "%s: qid %d send reply\n",
    768. 

  768. 		__func__, chap->qid);
    769. 

  769. 	ret = nvme_auth_set_dhchap_reply_data(ctrl, chap);
    770. 

  770. 	if (ret < 0) {
    771. 

  771. 		chap->error = ret;
    772. 

  772. 		goto fail2;
    773. 

  773. 	}
    774. 

  774. 

  775. 	tl = ret;
    776. 

  776. 	ret = nvme_auth_submit(ctrl, chap->qid, chap->buf, tl, true);
    777. 

  777. 	if (ret) {
    778. 

  778. 		chap->error = ret;
    779. 

  779. 		goto fail2;
    780. 

  780. 	}
    781. 

  781. 

  782. 	/* DH-HMAC-CHAP Step 4: receive success1 */
    783. 

  783. 	dev_dbg(ctrl->device, "%s: qid %d receive success1\n",
    784. 

  784. 		__func__, chap->qid);
    785. 

  785. 

  786. 	memset(chap->buf, 0, chap->buf_size);
    787. 

  787. 	ret = nvme_auth_submit(ctrl, chap->qid, chap->buf, chap->buf_size, false);
    788. 

  788. 	if (ret) {
    789. 

  789. 		dev_warn(ctrl->device,
    790. 

  790. 			 "qid %d failed to receive success1, %s %d\n",
    791. 

  791. 			 chap->qid, ret < 0 ? "error" : "nvme status", ret);
    792. 

  792. 		chap->error = ret;
    793. 

  793. 		return;
    794. 

  794. 	}
    795. 

  795. 	ret = nvme_auth_receive_validate(ctrl, chap->qid,
    796. 

  796. 					 chap->buf, chap->transaction,
    797. 

  797. 					 NVME_AUTH_DHCHAP_MESSAGE_SUCCESS1);
    798. 

  798. 	if (ret) {
    799. 

  799. 		chap->status = ret;
    800. 

  800. 		chap->error = NVME_SC_AUTH_REQUIRED;
    801. 

  801. 		return;
    802. 

  802. 	}
    803. 

  803. 

  804. 	if (ctrl->ctrl_key) {
    805. 

  805. 		dev_dbg(ctrl->device,
    806. 

  806. 			"%s: qid %d controller response\n",
    807. 

  807. 			__func__, chap->qid);
    808. 

  808. 		ret = nvme_auth_dhchap_setup_ctrl_response(ctrl, chap);
    809. 

  809. 		if (ret) {
    810. 

  810. 			chap->error = ret;
    811. 

  811. 			goto fail2;
    812. 

  812. 		}
    813. 

  813. 	}
    814. 

  814. 

  815. 	ret = nvme_auth_process_dhchap_success1(ctrl, chap);
    816. 

  816. 	if (ret) {
    817. 

  817. 		/* Controller authentication failed */
    818. 

  818. 		chap->error = NVME_SC_AUTH_REQUIRED;
    819. 

  819. 		goto fail2;
    820. 

  820. 	}
    821. 

  821. 

  822. 	if (ctrl->ctrl_key) {
    823. 

  823. 		/* DH-HMAC-CHAP Step 5: send success2 */
    824. 

  824. 		dev_dbg(ctrl->device, "%s: qid %d send success2\n",
    825. 

  825. 			__func__, chap->qid);
    826. 

  826. 		tl = nvme_auth_set_dhchap_success2_data(ctrl, chap);
    827. 

  827. 		ret = nvme_auth_submit(ctrl, chap->qid, chap->buf, tl, true);
    828. 

  828. 		if (ret)
    829. 

  829. 			chap->error = ret;
    830. 

  830. 	}
    831. 

  831. 	if (!ret) {
    832. 

  832. 		chap->error = 0;
    833. 

  833. 		return;
    834. 

  834. 	}
    835. 

  835. 

  836. fail2:
    837. 

  837. 	dev_dbg(ctrl->device, "%s: qid %d send failure2, status %x\n",
    838. 

  838. 		__func__, chap->qid, chap->status);
    839. 

  839. 	tl = nvme_auth_set_dhchap_failure2_data(ctrl, chap);
    840. 

  840. 	ret = nvme_auth_submit(ctrl, chap->qid, chap->buf, tl, true);
    841. 

  841. 	/*
    842. 

  842. 	 * only update error if send failure2 failed and no other
    843. 

  843. 	 * error had been set during authentication.
    844. 

  844. 	 */
    845. 

  845. 	if (ret && !chap->error)
    846. 

  846. 		chap->error = ret;
    847. 

  847. }
    848. 

  848. 

  849. int nvme_auth_negotiate(struct nvme_ctrl *ctrl, int qid)
    850. 

  850. {
    851. 

  851. 	struct nvme_dhchap_queue_context *chap;
    852. 

  852. 

  853. 	if (!ctrl->host_key) {
    854. 

  854. 		dev_warn(ctrl->device, "qid %d: no key\n", qid);
    855. 

  855. 		return -ENOKEY;
    856. 

  856. 	}
    857. 

  857. 

  858. 	if (ctrl->opts->dhchap_ctrl_secret && !ctrl->ctrl_key) {
    859. 

  859. 		dev_warn(ctrl->device, "qid %d: invalid ctrl key\n", qid);
    860. 

  860. 		return -ENOKEY;
    861. 

  861. 	}
    862. 

  862. 

  863. 	mutex_lock(&ctrl->dhchap_auth_mutex);
    864. 

  864. 	/* Check if the context is already queued */
    865. 

  865. 	list_for_each_entry(chap, &ctrl->dhchap_auth_list, entry) {
    866. 

  866. 		WARN_ON(!chap->buf);
    867. 

  867. 		if (chap->qid == qid) {
    868. 

  868. 			dev_dbg(ctrl->device, "qid %d: re-using context\n", qid);
    869. 

  869. 			mutex_unlock(&ctrl->dhchap_auth_mutex);
    870. 

  870. 			flush_work(&chap->auth_work);
    871. 

  871. 			nvme_auth_reset_dhchap(chap);
    872. 

  872. 			queue_work(nvme_wq, &chap->auth_work);
    873. 

  873. 			return 0;
    874. 

  874. 		}
    875. 

  875. 	}
    876. 

  876. 	chap = kzalloc(sizeof(*chap), GFP_KERNEL);
    877. 

  877. 	if (!chap) {
    878. 

  878. 		mutex_unlock(&ctrl->dhchap_auth_mutex);
    879. 

  879. 		return -ENOMEM;
    880. 

  880. 	}
    881. 

  881. 	chap->qid = (qid == NVME_QID_ANY) ? 0 : qid;
    882. 

  882. 	chap->ctrl = ctrl;
    883. 

  883. 

  884. 	/*
    885. 

  885. 	 * Allocate a large enough buffer for the entire negotiation:
    886. 

  886. 	 * 4k should be enough to ffdhe8192.
    887. 

  887. 	 */
    888. 

  888. 	chap->buf_size = 4096;
    889. 

  889. 	chap->buf = kzalloc(chap->buf_size, GFP_KERNEL);
    890. 

  890. 	if (!chap->buf) {
    891. 

  891. 		mutex_unlock(&ctrl->dhchap_auth_mutex);
    892. 

  892. 		kfree(chap);
    893. 

  893. 		return -ENOMEM;
    894. 

  894. 	}
    895. 

  895. 

  896. 	INIT_WORK(&chap->auth_work, nvme_queue_auth_work);
    897. 

  897. 	list_add(&chap->entry, &ctrl->dhchap_auth_list);
    898. 

  898. 	mutex_unlock(&ctrl->dhchap_auth_mutex);
    899. 

  899. 	queue_work(nvme_wq, &chap->auth_work);
    900. 

  900. 	return 0;
    901. 

  901. }
    902. 

  902. EXPORT_SYMBOL_GPL(nvme_auth_negotiate);
    903. 

  903. 

  904. int nvme_auth_wait(struct nvme_ctrl *ctrl, int qid)
    905. 

  905. {
    906. 

  906. 	struct nvme_dhchap_queue_context *chap;
    907. 

  907. 	int ret;
    908. 

  908. 

  909. 	mutex_lock(&ctrl->dhchap_auth_mutex);
    910. 

  910. 	list_for_each_entry(chap, &ctrl->dhchap_auth_list, entry) {
    911. 

  911. 		if (chap->qid != qid)
    912. 

  912. 			continue;
    913. 

  913. 		mutex_unlock(&ctrl->dhchap_auth_mutex);
    914. 

  914. 		flush_work(&chap->auth_work);
    915. 

  915. 		ret = chap->error;
    916. 

  916. 		return ret;
    917. 

  917. 	}
    918. 

  918. 	mutex_unlock(&ctrl->dhchap_auth_mutex);
    919. 

  919. 	return -ENXIO;
    920. 

  920. }
    921. 

  921. EXPORT_SYMBOL_GPL(nvme_auth_wait);
    922. 

  922. 

  923. static void nvme_ctrl_auth_work(struct work_struct *work)
    924. 

  924. {
    925. 

  925. 	struct nvme_ctrl *ctrl =
    926. 

  926. 		container_of(work, struct nvme_ctrl, dhchap_auth_work);
    927. 

  927. 	int ret, q;
    928. 

  928. 

  929. 	/* Authenticate admin queue first */
    930. 

  930. 	ret = nvme_auth_negotiate(ctrl, 0);
    931. 

  931. 	if (ret) {
    932. 

  932. 		dev_warn(ctrl->device,
    933. 

  933. 			 "qid 0: error %d setting up authentication\n", ret);
    934. 

  934. 		return;
    935. 

  935. 	}
    936. 

  936. 	ret = nvme_auth_wait(ctrl, 0);
    937. 

  937. 	if (ret) {
    938. 

  938. 		dev_warn(ctrl->device,
    939. 

  939. 			 "qid 0: authentication failed\n");
    940. 

  940. 		return;
    941. 

  941. 	}
    942. 

  942. 

  943. 	for (q = 1; q < ctrl->queue_count; q++) {
    944. 

  944. 		ret = nvme_auth_negotiate(ctrl, q);
    945. 

  945. 		if (ret) {
    946. 

  946. 			dev_warn(ctrl->device,
    947. 

  947. 				 "qid %d: error %d setting up authentication\n",
    948. 

  948. 				 q, ret);
    949. 

  949. 			break;
    950. 

  950. 		}
    951. 

  951. 	}
    952. 

  952. 

  953. 	/*
    954. 

  954. 	 * Failure is a soft-state; credentials remain valid until
    955. 

  955. 	 * the controller terminates the connection.
    956. 

  956. 	 */
    957. 

  957. }
    958. 

  958. 

  959. int nvme_auth_init_ctrl(struct nvme_ctrl *ctrl)
    960. 

  960. {
    961. 

  961. 	int ret;
    962. 

  962. 

  963. 	INIT_LIST_HEAD(&ctrl->dhchap_auth_list);
    964. 

  964. 	INIT_WORK(&ctrl->dhchap_auth_work, nvme_ctrl_auth_work);
    965. 

  965. 	mutex_init(&ctrl->dhchap_auth_mutex);
    966. 

  966. 	if (!ctrl->opts)
    967. 

  967. 		return 0;
    968. 

  968. 	ret = nvme_auth_generate_key(ctrl->opts->dhchap_secret,
    969. 

  969. 			&ctrl->host_key);
    970. 

  970. 	if (ret)
    971. 

  971. 		return ret;
    972. 

  972. 	ret = nvme_auth_generate_key(ctrl->opts->dhchap_ctrl_secret,
    973. 

  973. 			&ctrl->ctrl_key);
    974. 

  974. 	if (ret) {
    975. 

  975. 		nvme_auth_free_key(ctrl->host_key);
    976. 

  976. 		ctrl->host_key = NULL;
    977. 

  977. 	}
    978. 

  978. 	return ret;
    979. 

  979. }
    980. 

  980. EXPORT_SYMBOL_GPL(nvme_auth_init_ctrl);
    981. 

  981. 

  982. void nvme_auth_stop(struct nvme_ctrl *ctrl)
    983. 

  983. {
    984. 

  984. 	struct nvme_dhchap_queue_context *chap = NULL, *tmp;
    985. 

  985. 

  986. 	cancel_work_sync(&ctrl->dhchap_auth_work);
    987. 

  987. 	mutex_lock(&ctrl->dhchap_auth_mutex);
    988. 

  988. 	list_for_each_entry_safe(chap, tmp, &ctrl->dhchap_auth_list, entry)
    989. 

  989. 		cancel_work_sync(&chap->auth_work);
    990. 

  990. 	mutex_unlock(&ctrl->dhchap_auth_mutex);
    991. 

  991. }
    992. 

  992. EXPORT_SYMBOL_GPL(nvme_auth_stop);
    993. 

  993. 

  994. void nvme_auth_free(struct nvme_ctrl *ctrl)
    995. 

  995. {
    996. 

  996. 	struct nvme_dhchap_queue_context *chap = NULL, *tmp;
    997. 

  997. 

  998. 	mutex_lock(&ctrl->dhchap_auth_mutex);
    999. 

  999. 	list_for_each_entry_safe(chap, tmp, &ctrl->dhchap_auth_list, entry) {
    1000. 

  1000. 		list_del_init(&chap->entry);
    1001. 

  1001. 		flush_work(&chap->auth_work);
    1002. 

  1002. 		nvme_auth_free_dhchap(chap);
    1003. 

  1003. 	}
    1004. 

  1004. 	mutex_unlock(&ctrl->dhchap_auth_mutex);
    1005. 

  1005. 	if (ctrl->host_key) {
    1006. 

  1006. 		nvme_auth_free_key(ctrl->host_key);
    1007. 

  1007. 		ctrl->host_key = NULL;
    1008. 

  1008. 	}
    1009. 

  1009. 	if (ctrl->ctrl_key) {
    1010. 

  1010. 		nvme_auth_free_key(ctrl->ctrl_key);
    1011. 

  1011. 		ctrl->ctrl_key = NULL;
    1012. 

  1012. 	}
    1013. 

  1013. }
    1014. 

  1014. EXPORT_SYMBOL_GPL(nvme_auth_free);
    1015.