Hi all, recent updates to the NVMe spec have added definitions for in-band authentication, and seeing that it provides some real benefit especially for NVMe-TCP here's an attempt to implement it. Thanks to Nicolai Stange the crypto DH framework has been upgraded to provide us with a FFDHE implementation; I've updated the patchset to use the ephemeral key generation provided there. Note that this is just for in-band authentication. Secure concatenation (ie starting TLS with the negotiated parameters) requires a TLS handshake, which the in-kernel TLS implementation does not provide. This is being worked on with a different patchset which is still WIP. The nvme-cli support has already been merged; please use the latest nvme-cli git repository to build the most recent version. A copy of this patchset can be found at git://git.kernel.org/pub/scm/linux/kernel/git/hare/scsi-devel branch auth.v12 It is being cut against the latest master branch from Linus. As usual, comments and reviews are welcome. Changes to v11: - Fixup type for FAILURE2 message (Prashant Nayak) - Do not sent SUCCESS2 if bi-directional authentication is not requested (Martin George) Changes to v10: - Fixup error return value when authentication failed Changes to v9: - Include review from Chaitanya - Use sparse array for dhgroup and hash lookup - Common function for auth_send and auth_receive Changes to v8: - Rebased to Nicolais crypto DH rework - Fixed oops on non-fabrics devices Changes to v7: - Space out hash list and dhgroup list in nvme negotiate data to be conformant with the spec - Update sequence number handling to start with a random value and ignore '0' as mandated by the spec - Update nvme_auth_generate_key to return the key as suggested by Sagi - Add nvmet_parse_fabrics_io_cmd() as suggested by hch Changes to v6: - Use 'u8' for DH group id and hash id - Use 'struct nvme_dhchap_key' - Rename variables to drop 'DHCHAP' - Include reviews from Chaitanya Changes to v5: - Unify nvme_auth_generate_key() - Unify nvme_auth_extract_key() - Fixed bug where re-authentication with wrong controller key would not fail - Include reviews from Sagi Changes to v4: - Validate against blktest suite - Fixup base64 decoding - Transform secret with correct hmac algorithm Changes to v3: - Renamed parameter to 'dhchap_ctrl_key' - Fixed bi-directional authentication - Included reviews from Sagi - Fixed base64 algorithm for transport encoding Changes to v2: - Dropped non-standard algorithms - Reworked base64 based on fs/crypto/fname.c - Fixup crash with no keys Changes to the original submission: - Included reviews from Vladislav - Included reviews from Sagi - Implemented re-authentication support - Fixed up key handling Hannes Reinecke (11): crypto: add crypto_has_shash() crypto: add crypto_has_kpp() lib/base64: RFC4648-compliant base64 encoding nvme: add definitions for NVMe In-Band authentication nvme-fabrics: decode 'authentication required' connect error nvme: Implement In-Band authentication nvme-auth: Diffie-Hellman key exchange support nvmet: parse fabrics commands on io queues nvmet: Implement basic In-Band Authentication nvmet-auth: Diffie-Hellman key exchange support nvmet-auth: expire authentication sessions crypto/kpp.c | 6 + crypto/shash.c | 6 + drivers/nvme/host/Kconfig | 12 + drivers/nvme/host/Makefile | 1 + drivers/nvme/host/auth.c | 1464 ++++++++++++++++++++++++ drivers/nvme/host/auth.h | 40 + drivers/nvme/host/core.c | 141 ++- drivers/nvme/host/fabrics.c | 83 +- drivers/nvme/host/fabrics.h | 7 + drivers/nvme/host/nvme.h | 31 + drivers/nvme/host/rdma.c | 1 + drivers/nvme/host/tcp.c | 1 + drivers/nvme/host/trace.c | 32 + drivers/nvme/target/Kconfig | 13 + drivers/nvme/target/Makefile | 1 + drivers/nvme/target/admin-cmd.c | 4 +- drivers/nvme/target/auth.c | 525 +++++++++ drivers/nvme/target/configfs.c | 138 ++- drivers/nvme/target/core.c | 15 + drivers/nvme/target/fabrics-cmd-auth.c | 536 +++++++++ drivers/nvme/target/fabrics-cmd.c | 55 +- drivers/nvme/target/nvmet.h | 75 +- include/crypto/hash.h | 2 + include/crypto/kpp.h | 2 + include/linux/base64.h | 16 + include/linux/nvme.h | 204 +++- lib/Makefile | 2 +- lib/base64.c | 103 ++ 28 files changed, 3501 insertions(+), 15 deletions(-) create mode 100644 drivers/nvme/host/auth.c create mode 100644 drivers/nvme/host/auth.h create mode 100644 drivers/nvme/target/auth.c create mode 100644 drivers/nvme/target/fabrics-cmd-auth.c create mode 100644 include/linux/base64.h create mode 100644 lib/base64.c -- 2.29.2