Commit 2e6eb6b2 authored by Alistair Francis's avatar Alistair Francis Committed by Keith Busch
Browse files

nvmet-tcp: Don't free SQ on authentication success 



Curently after the host sends a REPLACETLSPSK we free the TLS keys as
part of calling nvmet_auth_sq_free() on success. This means when the
host sends a follow up REPLACETLSPSK we return CONCAT_MISMATCH as the
check for !nvmet_queue_tls_keyid(req->sq) fails.

This patch ensures we don't free the TLS key on success as we might need
it again in the future.

Signed-off-by: default avatarAlistair Francis <alistair.francis@wdc.com>
Reviewed-by: default avatarChristoph Hellwig <hch@lst.de>
Reviewed-by: default avatarHannes Reinecke <hare@suse.de>
Reviewed-by: default avatarWilfred Mallawa <wilfred.mallawa@wdc.com>
Reviewed-by: default avatarSagi Grimberg <sagi@grimberg.me>
Signed-off-by: default avatarKeith Busch <kbusch@kernel.org>
parent ecf4d2d8

drivers/nvme/target/fabrics-cmd-auth.c

+4 −5
Original line number Diff line number Diff line
@@ -395,9 +395,10 @@ void nvmet_execute_auth_send(struct nvmet_req *req) 
		goto complete;

	}

	/* Final states, clear up variables */

	if (req->sq->dhchap_step == NVME_AUTH_DHCHAP_MESSAGE_FAILURE2) {

		nvmet_auth_sq_free(req->sq);

	if (req->sq->dhchap_step == NVME_AUTH_DHCHAP_MESSAGE_FAILURE2)

		nvmet_ctrl_fatal_error(ctrl);

	}



complete:

	nvmet_req_complete(req, status);
@@ -573,9 +574,7 @@ void nvmet_execute_auth_receive(struct nvmet_req *req) 
	status = nvmet_copy_to_sgl(req, 0, d, al);

	kfree(d);

done:

	if (req->sq->dhchap_step == NVME_AUTH_DHCHAP_MESSAGE_SUCCESS2)

		nvmet_auth_sq_free(req->sq);

	else if (req->sq->dhchap_step == NVME_AUTH_DHCHAP_MESSAGE_FAILURE1) {

	if (req->sq->dhchap_step == NVME_AUTH_DHCHAP_MESSAGE_FAILURE1) {

		nvmet_auth_sq_free(req->sq);

		nvmet_ctrl_fatal_error(ctrl);

	}