162306a36Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0 262306a36Sopenharmony_ci/* 362306a36Sopenharmony_ci * NVMe over Fabrics DH-HMAC-CHAP authentication command handling. 462306a36Sopenharmony_ci * Copyright (c) 2020 Hannes Reinecke, SUSE Software Solutions. 562306a36Sopenharmony_ci * All rights reserved. 662306a36Sopenharmony_ci */ 762306a36Sopenharmony_ci#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 862306a36Sopenharmony_ci#include <linux/blkdev.h> 962306a36Sopenharmony_ci#include <linux/random.h> 1062306a36Sopenharmony_ci#include <linux/nvme-auth.h> 1162306a36Sopenharmony_ci#include <crypto/hash.h> 1262306a36Sopenharmony_ci#include <crypto/kpp.h> 1362306a36Sopenharmony_ci#include "nvmet.h" 1462306a36Sopenharmony_ci 1562306a36Sopenharmony_cistatic void nvmet_auth_expired_work(struct work_struct *work) 1662306a36Sopenharmony_ci{ 1762306a36Sopenharmony_ci struct nvmet_sq *sq = container_of(to_delayed_work(work), 1862306a36Sopenharmony_ci struct nvmet_sq, auth_expired_work); 1962306a36Sopenharmony_ci 2062306a36Sopenharmony_ci pr_debug("%s: ctrl %d qid %d transaction %u expired, resetting\n", 2162306a36Sopenharmony_ci __func__, sq->ctrl->cntlid, sq->qid, sq->dhchap_tid); 2262306a36Sopenharmony_ci sq->dhchap_step = NVME_AUTH_DHCHAP_MESSAGE_NEGOTIATE; 2362306a36Sopenharmony_ci sq->dhchap_tid = -1; 2462306a36Sopenharmony_ci} 2562306a36Sopenharmony_ci 2662306a36Sopenharmony_civoid nvmet_auth_sq_init(struct nvmet_sq *sq) 2762306a36Sopenharmony_ci{ 2862306a36Sopenharmony_ci /* Initialize in-band authentication */ 2962306a36Sopenharmony_ci INIT_DELAYED_WORK(&sq->auth_expired_work, nvmet_auth_expired_work); 3062306a36Sopenharmony_ci sq->authenticated = false; 3162306a36Sopenharmony_ci sq->dhchap_step = NVME_AUTH_DHCHAP_MESSAGE_NEGOTIATE; 3262306a36Sopenharmony_ci} 3362306a36Sopenharmony_ci 3462306a36Sopenharmony_cistatic u16 nvmet_auth_negotiate(struct nvmet_req *req, void *d) 3562306a36Sopenharmony_ci{ 3662306a36Sopenharmony_ci struct nvmet_ctrl *ctrl = req->sq->ctrl; 3762306a36Sopenharmony_ci struct nvmf_auth_dhchap_negotiate_data *data = d; 3862306a36Sopenharmony_ci int i, hash_id = 0, fallback_hash_id = 0, dhgid, fallback_dhgid; 3962306a36Sopenharmony_ci 4062306a36Sopenharmony_ci pr_debug("%s: ctrl %d qid %d: data sc_d %d napd %d authid %d halen %d dhlen %d\n", 4162306a36Sopenharmony_ci __func__, ctrl->cntlid, req->sq->qid, 4262306a36Sopenharmony_ci data->sc_c, data->napd, data->auth_protocol[0].dhchap.authid, 4362306a36Sopenharmony_ci data->auth_protocol[0].dhchap.halen, 4462306a36Sopenharmony_ci data->auth_protocol[0].dhchap.dhlen); 4562306a36Sopenharmony_ci req->sq->dhchap_tid = le16_to_cpu(data->t_id); 4662306a36Sopenharmony_ci if (data->sc_c) 4762306a36Sopenharmony_ci return NVME_AUTH_DHCHAP_FAILURE_CONCAT_MISMATCH; 4862306a36Sopenharmony_ci 4962306a36Sopenharmony_ci if (data->napd != 1) 5062306a36Sopenharmony_ci return NVME_AUTH_DHCHAP_FAILURE_HASH_UNUSABLE; 5162306a36Sopenharmony_ci 5262306a36Sopenharmony_ci if (data->auth_protocol[0].dhchap.authid != 5362306a36Sopenharmony_ci NVME_AUTH_DHCHAP_AUTH_ID) 5462306a36Sopenharmony_ci return NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD; 5562306a36Sopenharmony_ci 5662306a36Sopenharmony_ci for (i = 0; i < data->auth_protocol[0].dhchap.halen; i++) { 5762306a36Sopenharmony_ci u8 host_hmac_id = data->auth_protocol[0].dhchap.idlist[i]; 5862306a36Sopenharmony_ci 5962306a36Sopenharmony_ci if (!fallback_hash_id && 6062306a36Sopenharmony_ci crypto_has_shash(nvme_auth_hmac_name(host_hmac_id), 0, 0)) 6162306a36Sopenharmony_ci fallback_hash_id = host_hmac_id; 6262306a36Sopenharmony_ci if (ctrl->shash_id != host_hmac_id) 6362306a36Sopenharmony_ci continue; 6462306a36Sopenharmony_ci hash_id = ctrl->shash_id; 6562306a36Sopenharmony_ci break; 6662306a36Sopenharmony_ci } 6762306a36Sopenharmony_ci if (hash_id == 0) { 6862306a36Sopenharmony_ci if (fallback_hash_id == 0) { 6962306a36Sopenharmony_ci pr_debug("%s: ctrl %d qid %d: no usable hash found\n", 7062306a36Sopenharmony_ci __func__, ctrl->cntlid, req->sq->qid); 7162306a36Sopenharmony_ci return NVME_AUTH_DHCHAP_FAILURE_HASH_UNUSABLE; 7262306a36Sopenharmony_ci } 7362306a36Sopenharmony_ci pr_debug("%s: ctrl %d qid %d: no usable hash found, falling back to %s\n", 7462306a36Sopenharmony_ci __func__, ctrl->cntlid, req->sq->qid, 7562306a36Sopenharmony_ci nvme_auth_hmac_name(fallback_hash_id)); 7662306a36Sopenharmony_ci ctrl->shash_id = fallback_hash_id; 7762306a36Sopenharmony_ci } 7862306a36Sopenharmony_ci 7962306a36Sopenharmony_ci dhgid = -1; 8062306a36Sopenharmony_ci fallback_dhgid = -1; 8162306a36Sopenharmony_ci for (i = 0; i < data->auth_protocol[0].dhchap.dhlen; i++) { 8262306a36Sopenharmony_ci int tmp_dhgid = data->auth_protocol[0].dhchap.idlist[i + 30]; 8362306a36Sopenharmony_ci 8462306a36Sopenharmony_ci if (tmp_dhgid != ctrl->dh_gid) { 8562306a36Sopenharmony_ci dhgid = tmp_dhgid; 8662306a36Sopenharmony_ci break; 8762306a36Sopenharmony_ci } 8862306a36Sopenharmony_ci if (fallback_dhgid < 0) { 8962306a36Sopenharmony_ci const char *kpp = nvme_auth_dhgroup_kpp(tmp_dhgid); 9062306a36Sopenharmony_ci 9162306a36Sopenharmony_ci if (crypto_has_kpp(kpp, 0, 0)) 9262306a36Sopenharmony_ci fallback_dhgid = tmp_dhgid; 9362306a36Sopenharmony_ci } 9462306a36Sopenharmony_ci } 9562306a36Sopenharmony_ci if (dhgid < 0) { 9662306a36Sopenharmony_ci if (fallback_dhgid < 0) { 9762306a36Sopenharmony_ci pr_debug("%s: ctrl %d qid %d: no usable DH group found\n", 9862306a36Sopenharmony_ci __func__, ctrl->cntlid, req->sq->qid); 9962306a36Sopenharmony_ci return NVME_AUTH_DHCHAP_FAILURE_DHGROUP_UNUSABLE; 10062306a36Sopenharmony_ci } 10162306a36Sopenharmony_ci pr_debug("%s: ctrl %d qid %d: configured DH group %s not found\n", 10262306a36Sopenharmony_ci __func__, ctrl->cntlid, req->sq->qid, 10362306a36Sopenharmony_ci nvme_auth_dhgroup_name(fallback_dhgid)); 10462306a36Sopenharmony_ci ctrl->dh_gid = fallback_dhgid; 10562306a36Sopenharmony_ci } 10662306a36Sopenharmony_ci pr_debug("%s: ctrl %d qid %d: selected DH group %s (%d)\n", 10762306a36Sopenharmony_ci __func__, ctrl->cntlid, req->sq->qid, 10862306a36Sopenharmony_ci nvme_auth_dhgroup_name(ctrl->dh_gid), ctrl->dh_gid); 10962306a36Sopenharmony_ci return 0; 11062306a36Sopenharmony_ci} 11162306a36Sopenharmony_ci 11262306a36Sopenharmony_cistatic u16 nvmet_auth_reply(struct nvmet_req *req, void *d) 11362306a36Sopenharmony_ci{ 11462306a36Sopenharmony_ci struct nvmet_ctrl *ctrl = req->sq->ctrl; 11562306a36Sopenharmony_ci struct nvmf_auth_dhchap_reply_data *data = d; 11662306a36Sopenharmony_ci u16 dhvlen = le16_to_cpu(data->dhvlen); 11762306a36Sopenharmony_ci u8 *response; 11862306a36Sopenharmony_ci 11962306a36Sopenharmony_ci pr_debug("%s: ctrl %d qid %d: data hl %d cvalid %d dhvlen %u\n", 12062306a36Sopenharmony_ci __func__, ctrl->cntlid, req->sq->qid, 12162306a36Sopenharmony_ci data->hl, data->cvalid, dhvlen); 12262306a36Sopenharmony_ci 12362306a36Sopenharmony_ci if (dhvlen) { 12462306a36Sopenharmony_ci if (!ctrl->dh_tfm) 12562306a36Sopenharmony_ci return NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD; 12662306a36Sopenharmony_ci if (nvmet_auth_ctrl_sesskey(req, data->rval + 2 * data->hl, 12762306a36Sopenharmony_ci dhvlen) < 0) 12862306a36Sopenharmony_ci return NVME_AUTH_DHCHAP_FAILURE_DHGROUP_UNUSABLE; 12962306a36Sopenharmony_ci } 13062306a36Sopenharmony_ci 13162306a36Sopenharmony_ci response = kmalloc(data->hl, GFP_KERNEL); 13262306a36Sopenharmony_ci if (!response) 13362306a36Sopenharmony_ci return NVME_AUTH_DHCHAP_FAILURE_FAILED; 13462306a36Sopenharmony_ci 13562306a36Sopenharmony_ci if (!ctrl->host_key) { 13662306a36Sopenharmony_ci pr_warn("ctrl %d qid %d no host key\n", 13762306a36Sopenharmony_ci ctrl->cntlid, req->sq->qid); 13862306a36Sopenharmony_ci kfree(response); 13962306a36Sopenharmony_ci return NVME_AUTH_DHCHAP_FAILURE_FAILED; 14062306a36Sopenharmony_ci } 14162306a36Sopenharmony_ci if (nvmet_auth_host_hash(req, response, data->hl) < 0) { 14262306a36Sopenharmony_ci pr_debug("ctrl %d qid %d host hash failed\n", 14362306a36Sopenharmony_ci ctrl->cntlid, req->sq->qid); 14462306a36Sopenharmony_ci kfree(response); 14562306a36Sopenharmony_ci return NVME_AUTH_DHCHAP_FAILURE_FAILED; 14662306a36Sopenharmony_ci } 14762306a36Sopenharmony_ci 14862306a36Sopenharmony_ci if (memcmp(data->rval, response, data->hl)) { 14962306a36Sopenharmony_ci pr_info("ctrl %d qid %d host response mismatch\n", 15062306a36Sopenharmony_ci ctrl->cntlid, req->sq->qid); 15162306a36Sopenharmony_ci kfree(response); 15262306a36Sopenharmony_ci return NVME_AUTH_DHCHAP_FAILURE_FAILED; 15362306a36Sopenharmony_ci } 15462306a36Sopenharmony_ci kfree(response); 15562306a36Sopenharmony_ci pr_debug("%s: ctrl %d qid %d host authenticated\n", 15662306a36Sopenharmony_ci __func__, ctrl->cntlid, req->sq->qid); 15762306a36Sopenharmony_ci if (data->cvalid) { 15862306a36Sopenharmony_ci req->sq->dhchap_c2 = kmemdup(data->rval + data->hl, data->hl, 15962306a36Sopenharmony_ci GFP_KERNEL); 16062306a36Sopenharmony_ci if (!req->sq->dhchap_c2) 16162306a36Sopenharmony_ci return NVME_AUTH_DHCHAP_FAILURE_FAILED; 16262306a36Sopenharmony_ci 16362306a36Sopenharmony_ci pr_debug("%s: ctrl %d qid %d challenge %*ph\n", 16462306a36Sopenharmony_ci __func__, ctrl->cntlid, req->sq->qid, data->hl, 16562306a36Sopenharmony_ci req->sq->dhchap_c2); 16662306a36Sopenharmony_ci req->sq->dhchap_s2 = le32_to_cpu(data->seqnum); 16762306a36Sopenharmony_ci } else { 16862306a36Sopenharmony_ci req->sq->authenticated = true; 16962306a36Sopenharmony_ci req->sq->dhchap_c2 = NULL; 17062306a36Sopenharmony_ci } 17162306a36Sopenharmony_ci 17262306a36Sopenharmony_ci return 0; 17362306a36Sopenharmony_ci} 17462306a36Sopenharmony_ci 17562306a36Sopenharmony_cistatic u16 nvmet_auth_failure2(void *d) 17662306a36Sopenharmony_ci{ 17762306a36Sopenharmony_ci struct nvmf_auth_dhchap_failure_data *data = d; 17862306a36Sopenharmony_ci 17962306a36Sopenharmony_ci return data->rescode_exp; 18062306a36Sopenharmony_ci} 18162306a36Sopenharmony_ci 18262306a36Sopenharmony_civoid nvmet_execute_auth_send(struct nvmet_req *req) 18362306a36Sopenharmony_ci{ 18462306a36Sopenharmony_ci struct nvmet_ctrl *ctrl = req->sq->ctrl; 18562306a36Sopenharmony_ci struct nvmf_auth_dhchap_success2_data *data; 18662306a36Sopenharmony_ci void *d; 18762306a36Sopenharmony_ci u32 tl; 18862306a36Sopenharmony_ci u16 status = 0; 18962306a36Sopenharmony_ci 19062306a36Sopenharmony_ci if (req->cmd->auth_send.secp != NVME_AUTH_DHCHAP_PROTOCOL_IDENTIFIER) { 19162306a36Sopenharmony_ci status = NVME_SC_INVALID_FIELD | NVME_SC_DNR; 19262306a36Sopenharmony_ci req->error_loc = 19362306a36Sopenharmony_ci offsetof(struct nvmf_auth_send_command, secp); 19462306a36Sopenharmony_ci goto done; 19562306a36Sopenharmony_ci } 19662306a36Sopenharmony_ci if (req->cmd->auth_send.spsp0 != 0x01) { 19762306a36Sopenharmony_ci status = NVME_SC_INVALID_FIELD | NVME_SC_DNR; 19862306a36Sopenharmony_ci req->error_loc = 19962306a36Sopenharmony_ci offsetof(struct nvmf_auth_send_command, spsp0); 20062306a36Sopenharmony_ci goto done; 20162306a36Sopenharmony_ci } 20262306a36Sopenharmony_ci if (req->cmd->auth_send.spsp1 != 0x01) { 20362306a36Sopenharmony_ci status = NVME_SC_INVALID_FIELD | NVME_SC_DNR; 20462306a36Sopenharmony_ci req->error_loc = 20562306a36Sopenharmony_ci offsetof(struct nvmf_auth_send_command, spsp1); 20662306a36Sopenharmony_ci goto done; 20762306a36Sopenharmony_ci } 20862306a36Sopenharmony_ci tl = le32_to_cpu(req->cmd->auth_send.tl); 20962306a36Sopenharmony_ci if (!tl) { 21062306a36Sopenharmony_ci status = NVME_SC_INVALID_FIELD | NVME_SC_DNR; 21162306a36Sopenharmony_ci req->error_loc = 21262306a36Sopenharmony_ci offsetof(struct nvmf_auth_send_command, tl); 21362306a36Sopenharmony_ci goto done; 21462306a36Sopenharmony_ci } 21562306a36Sopenharmony_ci if (!nvmet_check_transfer_len(req, tl)) { 21662306a36Sopenharmony_ci pr_debug("%s: transfer length mismatch (%u)\n", __func__, tl); 21762306a36Sopenharmony_ci return; 21862306a36Sopenharmony_ci } 21962306a36Sopenharmony_ci 22062306a36Sopenharmony_ci d = kmalloc(tl, GFP_KERNEL); 22162306a36Sopenharmony_ci if (!d) { 22262306a36Sopenharmony_ci status = NVME_SC_INTERNAL; 22362306a36Sopenharmony_ci goto done; 22462306a36Sopenharmony_ci } 22562306a36Sopenharmony_ci 22662306a36Sopenharmony_ci status = nvmet_copy_from_sgl(req, 0, d, tl); 22762306a36Sopenharmony_ci if (status) 22862306a36Sopenharmony_ci goto done_kfree; 22962306a36Sopenharmony_ci 23062306a36Sopenharmony_ci data = d; 23162306a36Sopenharmony_ci pr_debug("%s: ctrl %d qid %d type %d id %d step %x\n", __func__, 23262306a36Sopenharmony_ci ctrl->cntlid, req->sq->qid, data->auth_type, data->auth_id, 23362306a36Sopenharmony_ci req->sq->dhchap_step); 23462306a36Sopenharmony_ci if (data->auth_type != NVME_AUTH_COMMON_MESSAGES && 23562306a36Sopenharmony_ci data->auth_type != NVME_AUTH_DHCHAP_MESSAGES) 23662306a36Sopenharmony_ci goto done_failure1; 23762306a36Sopenharmony_ci if (data->auth_type == NVME_AUTH_COMMON_MESSAGES) { 23862306a36Sopenharmony_ci if (data->auth_id == NVME_AUTH_DHCHAP_MESSAGE_NEGOTIATE) { 23962306a36Sopenharmony_ci /* Restart negotiation */ 24062306a36Sopenharmony_ci pr_debug("%s: ctrl %d qid %d reset negotiation\n", __func__, 24162306a36Sopenharmony_ci ctrl->cntlid, req->sq->qid); 24262306a36Sopenharmony_ci if (!req->sq->qid) { 24362306a36Sopenharmony_ci if (nvmet_setup_auth(ctrl) < 0) { 24462306a36Sopenharmony_ci status = NVME_SC_INTERNAL; 24562306a36Sopenharmony_ci pr_err("ctrl %d qid 0 failed to setup" 24662306a36Sopenharmony_ci "re-authentication", 24762306a36Sopenharmony_ci ctrl->cntlid); 24862306a36Sopenharmony_ci goto done_failure1; 24962306a36Sopenharmony_ci } 25062306a36Sopenharmony_ci } 25162306a36Sopenharmony_ci req->sq->dhchap_step = NVME_AUTH_DHCHAP_MESSAGE_NEGOTIATE; 25262306a36Sopenharmony_ci } else if (data->auth_id != req->sq->dhchap_step) 25362306a36Sopenharmony_ci goto done_failure1; 25462306a36Sopenharmony_ci /* Validate negotiation parameters */ 25562306a36Sopenharmony_ci status = nvmet_auth_negotiate(req, d); 25662306a36Sopenharmony_ci if (status == 0) 25762306a36Sopenharmony_ci req->sq->dhchap_step = 25862306a36Sopenharmony_ci NVME_AUTH_DHCHAP_MESSAGE_CHALLENGE; 25962306a36Sopenharmony_ci else { 26062306a36Sopenharmony_ci req->sq->dhchap_step = 26162306a36Sopenharmony_ci NVME_AUTH_DHCHAP_MESSAGE_FAILURE1; 26262306a36Sopenharmony_ci req->sq->dhchap_status = status; 26362306a36Sopenharmony_ci status = 0; 26462306a36Sopenharmony_ci } 26562306a36Sopenharmony_ci goto done_kfree; 26662306a36Sopenharmony_ci } 26762306a36Sopenharmony_ci if (data->auth_id != req->sq->dhchap_step) { 26862306a36Sopenharmony_ci pr_debug("%s: ctrl %d qid %d step mismatch (%d != %d)\n", 26962306a36Sopenharmony_ci __func__, ctrl->cntlid, req->sq->qid, 27062306a36Sopenharmony_ci data->auth_id, req->sq->dhchap_step); 27162306a36Sopenharmony_ci goto done_failure1; 27262306a36Sopenharmony_ci } 27362306a36Sopenharmony_ci if (le16_to_cpu(data->t_id) != req->sq->dhchap_tid) { 27462306a36Sopenharmony_ci pr_debug("%s: ctrl %d qid %d invalid transaction %d (expected %d)\n", 27562306a36Sopenharmony_ci __func__, ctrl->cntlid, req->sq->qid, 27662306a36Sopenharmony_ci le16_to_cpu(data->t_id), 27762306a36Sopenharmony_ci req->sq->dhchap_tid); 27862306a36Sopenharmony_ci req->sq->dhchap_step = 27962306a36Sopenharmony_ci NVME_AUTH_DHCHAP_MESSAGE_FAILURE1; 28062306a36Sopenharmony_ci req->sq->dhchap_status = 28162306a36Sopenharmony_ci NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD; 28262306a36Sopenharmony_ci goto done_kfree; 28362306a36Sopenharmony_ci } 28462306a36Sopenharmony_ci 28562306a36Sopenharmony_ci switch (data->auth_id) { 28662306a36Sopenharmony_ci case NVME_AUTH_DHCHAP_MESSAGE_REPLY: 28762306a36Sopenharmony_ci status = nvmet_auth_reply(req, d); 28862306a36Sopenharmony_ci if (status == 0) 28962306a36Sopenharmony_ci req->sq->dhchap_step = 29062306a36Sopenharmony_ci NVME_AUTH_DHCHAP_MESSAGE_SUCCESS1; 29162306a36Sopenharmony_ci else { 29262306a36Sopenharmony_ci req->sq->dhchap_step = 29362306a36Sopenharmony_ci NVME_AUTH_DHCHAP_MESSAGE_FAILURE1; 29462306a36Sopenharmony_ci req->sq->dhchap_status = status; 29562306a36Sopenharmony_ci status = 0; 29662306a36Sopenharmony_ci } 29762306a36Sopenharmony_ci goto done_kfree; 29862306a36Sopenharmony_ci case NVME_AUTH_DHCHAP_MESSAGE_SUCCESS2: 29962306a36Sopenharmony_ci req->sq->authenticated = true; 30062306a36Sopenharmony_ci pr_debug("%s: ctrl %d qid %d ctrl authenticated\n", 30162306a36Sopenharmony_ci __func__, ctrl->cntlid, req->sq->qid); 30262306a36Sopenharmony_ci goto done_kfree; 30362306a36Sopenharmony_ci case NVME_AUTH_DHCHAP_MESSAGE_FAILURE2: 30462306a36Sopenharmony_ci status = nvmet_auth_failure2(d); 30562306a36Sopenharmony_ci if (status) { 30662306a36Sopenharmony_ci pr_warn("ctrl %d qid %d: authentication failed (%d)\n", 30762306a36Sopenharmony_ci ctrl->cntlid, req->sq->qid, status); 30862306a36Sopenharmony_ci req->sq->dhchap_status = status; 30962306a36Sopenharmony_ci req->sq->authenticated = false; 31062306a36Sopenharmony_ci status = 0; 31162306a36Sopenharmony_ci } 31262306a36Sopenharmony_ci goto done_kfree; 31362306a36Sopenharmony_ci default: 31462306a36Sopenharmony_ci req->sq->dhchap_status = 31562306a36Sopenharmony_ci NVME_AUTH_DHCHAP_FAILURE_INCORRECT_MESSAGE; 31662306a36Sopenharmony_ci req->sq->dhchap_step = 31762306a36Sopenharmony_ci NVME_AUTH_DHCHAP_MESSAGE_FAILURE2; 31862306a36Sopenharmony_ci req->sq->authenticated = false; 31962306a36Sopenharmony_ci goto done_kfree; 32062306a36Sopenharmony_ci } 32162306a36Sopenharmony_cidone_failure1: 32262306a36Sopenharmony_ci req->sq->dhchap_status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_MESSAGE; 32362306a36Sopenharmony_ci req->sq->dhchap_step = NVME_AUTH_DHCHAP_MESSAGE_FAILURE2; 32462306a36Sopenharmony_ci 32562306a36Sopenharmony_cidone_kfree: 32662306a36Sopenharmony_ci kfree(d); 32762306a36Sopenharmony_cidone: 32862306a36Sopenharmony_ci pr_debug("%s: ctrl %d qid %d dhchap status %x step %x\n", __func__, 32962306a36Sopenharmony_ci ctrl->cntlid, req->sq->qid, 33062306a36Sopenharmony_ci req->sq->dhchap_status, req->sq->dhchap_step); 33162306a36Sopenharmony_ci if (status) 33262306a36Sopenharmony_ci pr_debug("%s: ctrl %d qid %d nvme status %x error loc %d\n", 33362306a36Sopenharmony_ci __func__, ctrl->cntlid, req->sq->qid, 33462306a36Sopenharmony_ci status, req->error_loc); 33562306a36Sopenharmony_ci req->cqe->result.u64 = 0; 33662306a36Sopenharmony_ci if (req->sq->dhchap_step != NVME_AUTH_DHCHAP_MESSAGE_SUCCESS2 && 33762306a36Sopenharmony_ci req->sq->dhchap_step != NVME_AUTH_DHCHAP_MESSAGE_FAILURE2) { 33862306a36Sopenharmony_ci unsigned long auth_expire_secs = ctrl->kato ? ctrl->kato : 120; 33962306a36Sopenharmony_ci 34062306a36Sopenharmony_ci mod_delayed_work(system_wq, &req->sq->auth_expired_work, 34162306a36Sopenharmony_ci auth_expire_secs * HZ); 34262306a36Sopenharmony_ci goto complete; 34362306a36Sopenharmony_ci } 34462306a36Sopenharmony_ci /* Final states, clear up variables */ 34562306a36Sopenharmony_ci nvmet_auth_sq_free(req->sq); 34662306a36Sopenharmony_ci if (req->sq->dhchap_step == NVME_AUTH_DHCHAP_MESSAGE_FAILURE2) 34762306a36Sopenharmony_ci nvmet_ctrl_fatal_error(ctrl); 34862306a36Sopenharmony_ci 34962306a36Sopenharmony_cicomplete: 35062306a36Sopenharmony_ci nvmet_req_complete(req, status); 35162306a36Sopenharmony_ci} 35262306a36Sopenharmony_ci 35362306a36Sopenharmony_cistatic int nvmet_auth_challenge(struct nvmet_req *req, void *d, int al) 35462306a36Sopenharmony_ci{ 35562306a36Sopenharmony_ci struct nvmf_auth_dhchap_challenge_data *data = d; 35662306a36Sopenharmony_ci struct nvmet_ctrl *ctrl = req->sq->ctrl; 35762306a36Sopenharmony_ci int ret = 0; 35862306a36Sopenharmony_ci int hash_len = nvme_auth_hmac_hash_len(ctrl->shash_id); 35962306a36Sopenharmony_ci int data_size = sizeof(*d) + hash_len; 36062306a36Sopenharmony_ci 36162306a36Sopenharmony_ci if (ctrl->dh_tfm) 36262306a36Sopenharmony_ci data_size += ctrl->dh_keysize; 36362306a36Sopenharmony_ci if (al < data_size) { 36462306a36Sopenharmony_ci pr_debug("%s: buffer too small (al %d need %d)\n", __func__, 36562306a36Sopenharmony_ci al, data_size); 36662306a36Sopenharmony_ci return -EINVAL; 36762306a36Sopenharmony_ci } 36862306a36Sopenharmony_ci memset(data, 0, data_size); 36962306a36Sopenharmony_ci req->sq->dhchap_s1 = nvme_auth_get_seqnum(); 37062306a36Sopenharmony_ci data->auth_type = NVME_AUTH_DHCHAP_MESSAGES; 37162306a36Sopenharmony_ci data->auth_id = NVME_AUTH_DHCHAP_MESSAGE_CHALLENGE; 37262306a36Sopenharmony_ci data->t_id = cpu_to_le16(req->sq->dhchap_tid); 37362306a36Sopenharmony_ci data->hashid = ctrl->shash_id; 37462306a36Sopenharmony_ci data->hl = hash_len; 37562306a36Sopenharmony_ci data->seqnum = cpu_to_le32(req->sq->dhchap_s1); 37662306a36Sopenharmony_ci req->sq->dhchap_c1 = kmalloc(data->hl, GFP_KERNEL); 37762306a36Sopenharmony_ci if (!req->sq->dhchap_c1) 37862306a36Sopenharmony_ci return -ENOMEM; 37962306a36Sopenharmony_ci get_random_bytes(req->sq->dhchap_c1, data->hl); 38062306a36Sopenharmony_ci memcpy(data->cval, req->sq->dhchap_c1, data->hl); 38162306a36Sopenharmony_ci if (ctrl->dh_tfm) { 38262306a36Sopenharmony_ci data->dhgid = ctrl->dh_gid; 38362306a36Sopenharmony_ci data->dhvlen = cpu_to_le16(ctrl->dh_keysize); 38462306a36Sopenharmony_ci ret = nvmet_auth_ctrl_exponential(req, data->cval + data->hl, 38562306a36Sopenharmony_ci ctrl->dh_keysize); 38662306a36Sopenharmony_ci } 38762306a36Sopenharmony_ci pr_debug("%s: ctrl %d qid %d seq %d transaction %d hl %d dhvlen %zu\n", 38862306a36Sopenharmony_ci __func__, ctrl->cntlid, req->sq->qid, req->sq->dhchap_s1, 38962306a36Sopenharmony_ci req->sq->dhchap_tid, data->hl, ctrl->dh_keysize); 39062306a36Sopenharmony_ci return ret; 39162306a36Sopenharmony_ci} 39262306a36Sopenharmony_ci 39362306a36Sopenharmony_cistatic int nvmet_auth_success1(struct nvmet_req *req, void *d, int al) 39462306a36Sopenharmony_ci{ 39562306a36Sopenharmony_ci struct nvmf_auth_dhchap_success1_data *data = d; 39662306a36Sopenharmony_ci struct nvmet_ctrl *ctrl = req->sq->ctrl; 39762306a36Sopenharmony_ci int hash_len = nvme_auth_hmac_hash_len(ctrl->shash_id); 39862306a36Sopenharmony_ci 39962306a36Sopenharmony_ci WARN_ON(al < sizeof(*data)); 40062306a36Sopenharmony_ci memset(data, 0, sizeof(*data)); 40162306a36Sopenharmony_ci data->auth_type = NVME_AUTH_DHCHAP_MESSAGES; 40262306a36Sopenharmony_ci data->auth_id = NVME_AUTH_DHCHAP_MESSAGE_SUCCESS1; 40362306a36Sopenharmony_ci data->t_id = cpu_to_le16(req->sq->dhchap_tid); 40462306a36Sopenharmony_ci data->hl = hash_len; 40562306a36Sopenharmony_ci if (req->sq->dhchap_c2) { 40662306a36Sopenharmony_ci if (!ctrl->ctrl_key) { 40762306a36Sopenharmony_ci pr_warn("ctrl %d qid %d no ctrl key\n", 40862306a36Sopenharmony_ci ctrl->cntlid, req->sq->qid); 40962306a36Sopenharmony_ci return NVME_AUTH_DHCHAP_FAILURE_FAILED; 41062306a36Sopenharmony_ci } 41162306a36Sopenharmony_ci if (nvmet_auth_ctrl_hash(req, data->rval, data->hl)) 41262306a36Sopenharmony_ci return NVME_AUTH_DHCHAP_FAILURE_HASH_UNUSABLE; 41362306a36Sopenharmony_ci data->rvalid = 1; 41462306a36Sopenharmony_ci pr_debug("ctrl %d qid %d response %*ph\n", 41562306a36Sopenharmony_ci ctrl->cntlid, req->sq->qid, data->hl, data->rval); 41662306a36Sopenharmony_ci } 41762306a36Sopenharmony_ci return 0; 41862306a36Sopenharmony_ci} 41962306a36Sopenharmony_ci 42062306a36Sopenharmony_cistatic void nvmet_auth_failure1(struct nvmet_req *req, void *d, int al) 42162306a36Sopenharmony_ci{ 42262306a36Sopenharmony_ci struct nvmf_auth_dhchap_failure_data *data = d; 42362306a36Sopenharmony_ci 42462306a36Sopenharmony_ci WARN_ON(al < sizeof(*data)); 42562306a36Sopenharmony_ci data->auth_type = NVME_AUTH_COMMON_MESSAGES; 42662306a36Sopenharmony_ci data->auth_id = NVME_AUTH_DHCHAP_MESSAGE_FAILURE1; 42762306a36Sopenharmony_ci data->t_id = cpu_to_le16(req->sq->dhchap_tid); 42862306a36Sopenharmony_ci data->rescode = NVME_AUTH_DHCHAP_FAILURE_REASON_FAILED; 42962306a36Sopenharmony_ci data->rescode_exp = req->sq->dhchap_status; 43062306a36Sopenharmony_ci} 43162306a36Sopenharmony_ci 43262306a36Sopenharmony_civoid nvmet_execute_auth_receive(struct nvmet_req *req) 43362306a36Sopenharmony_ci{ 43462306a36Sopenharmony_ci struct nvmet_ctrl *ctrl = req->sq->ctrl; 43562306a36Sopenharmony_ci void *d; 43662306a36Sopenharmony_ci u32 al; 43762306a36Sopenharmony_ci u16 status = 0; 43862306a36Sopenharmony_ci 43962306a36Sopenharmony_ci if (req->cmd->auth_receive.secp != NVME_AUTH_DHCHAP_PROTOCOL_IDENTIFIER) { 44062306a36Sopenharmony_ci status = NVME_SC_INVALID_FIELD | NVME_SC_DNR; 44162306a36Sopenharmony_ci req->error_loc = 44262306a36Sopenharmony_ci offsetof(struct nvmf_auth_receive_command, secp); 44362306a36Sopenharmony_ci goto done; 44462306a36Sopenharmony_ci } 44562306a36Sopenharmony_ci if (req->cmd->auth_receive.spsp0 != 0x01) { 44662306a36Sopenharmony_ci status = NVME_SC_INVALID_FIELD | NVME_SC_DNR; 44762306a36Sopenharmony_ci req->error_loc = 44862306a36Sopenharmony_ci offsetof(struct nvmf_auth_receive_command, spsp0); 44962306a36Sopenharmony_ci goto done; 45062306a36Sopenharmony_ci } 45162306a36Sopenharmony_ci if (req->cmd->auth_receive.spsp1 != 0x01) { 45262306a36Sopenharmony_ci status = NVME_SC_INVALID_FIELD | NVME_SC_DNR; 45362306a36Sopenharmony_ci req->error_loc = 45462306a36Sopenharmony_ci offsetof(struct nvmf_auth_receive_command, spsp1); 45562306a36Sopenharmony_ci goto done; 45662306a36Sopenharmony_ci } 45762306a36Sopenharmony_ci al = le32_to_cpu(req->cmd->auth_receive.al); 45862306a36Sopenharmony_ci if (!al) { 45962306a36Sopenharmony_ci status = NVME_SC_INVALID_FIELD | NVME_SC_DNR; 46062306a36Sopenharmony_ci req->error_loc = 46162306a36Sopenharmony_ci offsetof(struct nvmf_auth_receive_command, al); 46262306a36Sopenharmony_ci goto done; 46362306a36Sopenharmony_ci } 46462306a36Sopenharmony_ci if (!nvmet_check_transfer_len(req, al)) { 46562306a36Sopenharmony_ci pr_debug("%s: transfer length mismatch (%u)\n", __func__, al); 46662306a36Sopenharmony_ci return; 46762306a36Sopenharmony_ci } 46862306a36Sopenharmony_ci 46962306a36Sopenharmony_ci d = kmalloc(al, GFP_KERNEL); 47062306a36Sopenharmony_ci if (!d) { 47162306a36Sopenharmony_ci status = NVME_SC_INTERNAL; 47262306a36Sopenharmony_ci goto done; 47362306a36Sopenharmony_ci } 47462306a36Sopenharmony_ci pr_debug("%s: ctrl %d qid %d step %x\n", __func__, 47562306a36Sopenharmony_ci ctrl->cntlid, req->sq->qid, req->sq->dhchap_step); 47662306a36Sopenharmony_ci switch (req->sq->dhchap_step) { 47762306a36Sopenharmony_ci case NVME_AUTH_DHCHAP_MESSAGE_CHALLENGE: 47862306a36Sopenharmony_ci if (nvmet_auth_challenge(req, d, al) < 0) { 47962306a36Sopenharmony_ci pr_warn("ctrl %d qid %d: challenge error (%d)\n", 48062306a36Sopenharmony_ci ctrl->cntlid, req->sq->qid, status); 48162306a36Sopenharmony_ci status = NVME_SC_INTERNAL; 48262306a36Sopenharmony_ci break; 48362306a36Sopenharmony_ci } 48462306a36Sopenharmony_ci req->sq->dhchap_step = NVME_AUTH_DHCHAP_MESSAGE_REPLY; 48562306a36Sopenharmony_ci break; 48662306a36Sopenharmony_ci case NVME_AUTH_DHCHAP_MESSAGE_SUCCESS1: 48762306a36Sopenharmony_ci status = nvmet_auth_success1(req, d, al); 48862306a36Sopenharmony_ci if (status) { 48962306a36Sopenharmony_ci req->sq->dhchap_status = status; 49062306a36Sopenharmony_ci req->sq->authenticated = false; 49162306a36Sopenharmony_ci nvmet_auth_failure1(req, d, al); 49262306a36Sopenharmony_ci pr_warn("ctrl %d qid %d: success1 status (%x)\n", 49362306a36Sopenharmony_ci ctrl->cntlid, req->sq->qid, 49462306a36Sopenharmony_ci req->sq->dhchap_status); 49562306a36Sopenharmony_ci break; 49662306a36Sopenharmony_ci } 49762306a36Sopenharmony_ci req->sq->dhchap_step = NVME_AUTH_DHCHAP_MESSAGE_SUCCESS2; 49862306a36Sopenharmony_ci break; 49962306a36Sopenharmony_ci case NVME_AUTH_DHCHAP_MESSAGE_FAILURE1: 50062306a36Sopenharmony_ci req->sq->authenticated = false; 50162306a36Sopenharmony_ci nvmet_auth_failure1(req, d, al); 50262306a36Sopenharmony_ci pr_warn("ctrl %d qid %d failure1 (%x)\n", 50362306a36Sopenharmony_ci ctrl->cntlid, req->sq->qid, req->sq->dhchap_status); 50462306a36Sopenharmony_ci break; 50562306a36Sopenharmony_ci default: 50662306a36Sopenharmony_ci pr_warn("ctrl %d qid %d unhandled step (%d)\n", 50762306a36Sopenharmony_ci ctrl->cntlid, req->sq->qid, req->sq->dhchap_step); 50862306a36Sopenharmony_ci req->sq->dhchap_step = NVME_AUTH_DHCHAP_MESSAGE_FAILURE1; 50962306a36Sopenharmony_ci req->sq->dhchap_status = NVME_AUTH_DHCHAP_FAILURE_FAILED; 51062306a36Sopenharmony_ci nvmet_auth_failure1(req, d, al); 51162306a36Sopenharmony_ci status = 0; 51262306a36Sopenharmony_ci break; 51362306a36Sopenharmony_ci } 51462306a36Sopenharmony_ci 51562306a36Sopenharmony_ci status = nvmet_copy_to_sgl(req, 0, d, al); 51662306a36Sopenharmony_ci kfree(d); 51762306a36Sopenharmony_cidone: 51862306a36Sopenharmony_ci req->cqe->result.u64 = 0; 51962306a36Sopenharmony_ci 52062306a36Sopenharmony_ci if (req->sq->dhchap_step == NVME_AUTH_DHCHAP_MESSAGE_SUCCESS2) 52162306a36Sopenharmony_ci nvmet_auth_sq_free(req->sq); 52262306a36Sopenharmony_ci else if (req->sq->dhchap_step == NVME_AUTH_DHCHAP_MESSAGE_FAILURE1) { 52362306a36Sopenharmony_ci nvmet_auth_sq_free(req->sq); 52462306a36Sopenharmony_ci nvmet_ctrl_fatal_error(ctrl); 52562306a36Sopenharmony_ci } 52662306a36Sopenharmony_ci nvmet_req_complete(req, status); 52762306a36Sopenharmony_ci} 528