Re: [PATCH 05/11] nvme: add definitions for NVMe In-Band authentication

Hannes Reinecke <hare@xxxxxxx> · Sat, 17 Jul 2021 16:04:31 +0200

On 7/17/21 8:30 AM, Sagi Grimberg wrote:


On 7/16/21 4:04 AM, Hannes Reinecke wrote:
Signed-off-by: Hannes Reinecke <hare@xxxxxxx>
---
  include/linux/nvme.h | 185 ++++++++++++++++++++++++++++++++++++++++++-
  1 file changed, 184 insertions(+), 1 deletion(-)

diff --git a/include/linux/nvme.h b/include/linux/nvme.h
index b7c4c4130b65..7b94abacfd08 100644
--- a/include/linux/nvme.h
+++ b/include/linux/nvme.h
@@ -19,6 +19,7 @@
  #define NVMF_TRSVCID_SIZE    32
  #define NVMF_TRADDR_SIZE    256
  #define NVMF_TSAS_SIZE        256
+#define NVMF_AUTH_HASH_LEN    64
  #define NVME_DISC_SUBSYS_NAME    "nqn.2014-08.org.nvmexpress.discovery"
@@ -1263,6 +1264,8 @@ enum nvmf_capsule_command {
      nvme_fabrics_type_property_set    = 0x00,
      nvme_fabrics_type_connect    = 0x01,
      nvme_fabrics_type_property_get    = 0x04,
+    nvme_fabrics_type_auth_send    = 0x05,
+    nvme_fabrics_type_auth_receive    = 0x06,
  };
  #define nvme_fabrics_type_name(type)   { type, #type }
@@ -1270,7 +1273,9 @@ enum nvmf_capsule_command {
      __print_symbolic(type,                        \
          nvme_fabrics_type_name(nvme_fabrics_type_property_set),    \
          nvme_fabrics_type_name(nvme_fabrics_type_connect),    \
-        nvme_fabrics_type_name(nvme_fabrics_type_property_get))
+        nvme_fabrics_type_name(nvme_fabrics_type_property_get), \
+        nvme_fabrics_type_name(nvme_fabrics_type_auth_send),    \
+        nvme_fabrics_type_name(nvme_fabrics_type_auth_receive))
  /*
   * If not fabrics command, fctype will be ignored.
@@ -1393,6 +1398,182 @@ struct nvmf_property_get_command {
      __u8        resv4[16];
  };
+struct nvmf_auth_send_command {
+    __u8        opcode;
+    __u8        resv1;
+    __u16        command_id;
+    __u8        fctype;
+    __u8        resv2[19];
+    union nvme_data_ptr dptr;
+    __u8        resv3;
+    __u8        spsp0;
+    __u8        spsp1;
+    __u8        secp;
+    __le32        tl;
+    __u8        resv4[12];

Isn't that 16 bytes?
You should add these to the compile time checkers
in _nvme_check_size.


If you say so ... I'll cross-check.

+
+};
+
+struct nvmf_auth_receive_command {
+    __u8        opcode;
+    __u8        resv1;
+    __u16        command_id;
+    __u8        fctype;
+    __u8        resv2[19];
+    union nvme_data_ptr dptr;
+    __u8        resv3;
+    __u8        spsp0;
+    __u8        spsp1;
+    __u8        secp;
+    __le32        al;
+    __u8        resv4[12];
+};
+
+/* Value for secp */
+enum {
+    NVME_AUTH_DHCHAP_PROTOCOL_IDENTIFIER    = 0xe9,
+};
+
+/* Defined value for auth_type */
+enum {
+    NVME_AUTH_COMMON_MESSAGES    = 0x00,
+    NVME_AUTH_DHCHAP_MESSAGES    = 0x01,
+};
+
+/* Defined messages for auth_id */
+enum {
+    NVME_AUTH_DHCHAP_MESSAGE_NEGOTIATE    = 0x00,
+    NVME_AUTH_DHCHAP_MESSAGE_CHALLENGE    = 0x01,
+    NVME_AUTH_DHCHAP_MESSAGE_REPLY        = 0x02,
+    NVME_AUTH_DHCHAP_MESSAGE_SUCCESS1    = 0x03,
+    NVME_AUTH_DHCHAP_MESSAGE_SUCCESS2    = 0x04,
+    NVME_AUTH_DHCHAP_MESSAGE_FAILURE2    = 0xf0,
+    NVME_AUTH_DHCHAP_MESSAGE_FAILURE1    = 0xf1,
+};
+
+struct nvmf_auth_dhchap_protocol_descriptor {
+    __u8        authid;
+    __u8        rsvd;
+    __u8        halen;
+    __u8        dhlen;
+    __u8        idlist[60];
+};
+
+enum {
+    NVME_AUTH_DHCHAP_AUTH_ID    = 0x01,
+};
+
+enum {
+    NVME_AUTH_DHCHAP_HASH_SHA256    = 0x01,

Maybe s/HASH/HF/ (stands for hash function, which is
a better description).


Or HMAC, as this is what it's used for...

+    NVME_AUTH_DHCHAP_HASH_SHA384    = 0x02,
+    NVME_AUTH_DHCHAP_HASH_SHA512    = 0x03,
+};
+
+enum {
+    NVME_AUTH_DHCHAP_DHGROUP_NULL    = 0x00,
+    NVME_AUTH_DHCHAP_DHGROUP_2048    = 0x01,
+    NVME_AUTH_DHCHAP_DHGROUP_3072    = 0x02,
+    NVME_AUTH_DHCHAP_DHGROUP_4096    = 0x03,
+    NVME_AUTH_DHCHAP_DHGROUP_6144    = 0x04,
+    NVME_AUTH_DHCHAP_DHGROUP_8192    = 0x05,
+};
+
+union nvmf_auth_protocol {
+    struct nvmf_auth_dhchap_protocol_descriptor dhchap;
+};
+
+struct nvmf_auth_dhchap_negotiate_data {
+    __u8        auth_type;
+    __u8        auth_id;
+    __u8        rsvd[2];
+    __le16        t_id;
+    __u8        sc_c;
+    __u8        napd;
+    union nvmf_auth_protocol auth_protocol[];
+};
+
+struct nvmf_auth_dhchap_challenge_data {
+    __u8        auth_type;
+    __u8        auth_id;
+    __u8        rsvd1[2];
+    __le16        t_id;
+    __u8        hl;
+    __u8        rsvd2;
+    __u8        hashid;
+    __u8        dhgid;
+    __le16        dhvlen;
+    __le32        seqnum;
+    /* 'hl' bytes of challenge value */
+    __u8        cval[];
+    /* followed by 'dhvlen' bytes of DH value */
+};
+
+struct nvmf_auth_dhchap_reply_data {
+    __u8        auth_type;
+    __u8        auth_id;
+    __u8        rsvd1[2];

Maybe __u32 rsvd1? Usually its done this way in the other
headers...


Ah. Right, will fix.

+    __le16        t_id;
+    __u8        hl;
+    __u8        rsvd2;
+    __u8        cvalid;
+    __u8        rsvd3;
+    __le16        dhvlen;
+    __le32        seqnum;
+    /* 'hl' bytes of response data */
+    __u8        rval[];
+    /* followed by 'hl' bytes of Challenge value */
+    /* followed by 'dhvlen' bytes of DH value */
+};
+
+enum {
+    NVME_AUTH_DHCHAP_RESPONSE_VALID    = (1 << 0),
+};
+
+struct nvmf_auth_dhchap_success1_data {
+    __u8        auth_type;
+    __u8        auth_id;
+    __u8        rsvd1[2];
+    __le16        t_id;
+    __u8        hl;
+    __u8        rsvd2;
+    __u8        rvalid;
+    __u8        rsvd3[7];
+    /* 'hl' bytes of response value if 'rvalid' is set */
+    __u8        rval[];

It really sucks that we have zero-length pointers in
a wire-format struct... but anyways, it is what it is...


Yeah, and that's not the worst of it; the 'reply' structure has _three_ 
zero-length pointers.
Makes me wonder if I should drop them completely...

+};
+
+struct nvmf_auth_dhchap_success2_data {
+    __u8        auth_type;
+    __u8        auth_id;
+    __u8        rsvd1[2];
+    __le16        t_id;
+    __u8        rsvd2[10];
+};
+
+struct nvmf_auth_dhchap_failure_data {
+    __u8        auth_type;
+    __u8        auth_id;
+    __u8        rsvd1[2];
+    __le16        t_id;
+    __u8        reason_code;
+    __u8        reason_code_explanation;

I'd maybe do those shorter;
rescode
rescode_exp


Ok.

+};
+
+enum {
+    NVME_AUTH_DHCHAP_FAILURE_REASON_FAILED    = 0x01,
+};
+
+enum {
+    NVME_AUTH_DHCHAP_FAILURE_FAILED            = 0x01,
+    NVME_AUTH_DHCHAP_FAILURE_NOT_USABLE        = 0x02,
+    NVME_AUTH_DHCHAP_FAILURE_CONCAT_MISMATCH    = 0x03,
+    NVME_AUTH_DHCHAP_FAILURE_HASH_UNUSABLE        = 0x04,
+    NVME_AUTH_DHCHAP_FAILURE_DHGROUP_UNUSABLE    = 0x05,
+    NVME_AUTH_DHCHAP_FAILURE_INVALID_PAYLOAD    = 0x06,
+    NVME_AUTH_DHCHAP_FAILURE_INVALID_MESSAGE    = 0x07,

I think the language in the spec is "incorrect", why not
stick with that instead of "invalid"?


Ah. Things got changed so much during development of the spec that I 
seem to have lost track. Will change it.

+};
+
+
  struct nvme_dbbuf {
      __u8            opcode;
      __u8            flags;
@@ -1436,6 +1617,8 @@ struct nvme_command {
          struct nvmf_connect_command connect;
          struct nvmf_property_set_command prop_set;
          struct nvmf_property_get_command prop_get;
+        struct nvmf_auth_send_command auth_send;
+        struct nvmf_auth_receive_command auth_receive;
          struct nvme_dbbuf dbbuf;
          struct nvme_directive_cmd directive;
      };


Cheers,

Hannes
--
Dr. Hannes Reinecke                Kernel Storage Architect
hare@xxxxxxx                              +49 911 74053 688
SUSE Software Solutions GmbH, Maxfeldstr. 5, 90409 Nürnberg
HRB 36809 (AG Nürnberg), Geschäftsführer: Felix Imendörffer






