On 3/22/22 12:40, Max Gurtovoy wrote:
Hi Hannes,
On 12/2/2021 5:23 PM, Hannes Reinecke wrote:
Implement NVMe-oF In-Band authentication according to NVMe TPAR 8006.
This patch adds two new fabric options 'dhchap_secret' to specify the
pre-shared key (in ASCII respresentation according to NVMe 2.0 section
8.13.5.8 'Secret representation') and 'dhchap_ctrl_secret' to specify
the pre-shared controller key for bi-directional authentication of both
the host and the controller.
Re-authentication can be triggered by writing the PSK into the new
controller sysfs attribute 'dhchap_secret' or 'dhchap_ctrl_secret'.
Can you please add to commit log an example of the process ?
From target configuration through the 'nvme connect' cmd.
Please check:
https://github.com/hreinecke/blktests/tree/auth.v3
That contains the blktest scripts I'm using to validate the implementation.
Cheers,
Hannes
--
Dr. Hannes Reinecke Kernel Storage Architect
hare@xxxxxxx +49 911 74053 688
SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nürnberg
HRB 36809 (AG Nürnberg), GF: Felix Imendörffer
