tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

nvme: expose TLS mode

It is not possible to determine the active TLS mode from the
presence or absence of sysfs attributes like tls_key,
tls_configured_key, or dhchap_secret.

With the introduction of the concat mode and optional DH-CHAP
authentication, different configurations can result in identical
sysfs state. This makes user space detection unreliable.

Expose the TLS mode explicitly to allow user space to
unambiguously identify the active configuration and avoid
fragile heuristics in nvme-cli.

Reviewed-by: Chris Leech <cleech@redhat.com>
Reviewed-by: Hannes Reinecke <hare@suse.de>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Daniel Wagner <wagi@kernel.org>
Signed-off-by: Keith Busch <kbusch@kernel.org>

authored by

Daniel Wagner and committed by
Keith Busch 20925812 ba9d308c

+19
+19
drivers/nvme/host/sysfs.c
··· 883 883 } 884 884 static DEVICE_ATTR_RO(tls_keyring); 885 885 886 + static ssize_t tls_mode_show(struct device *dev, 887 + struct device_attribute *attr, char *buf) 888 + { 889 + struct nvme_ctrl *ctrl = dev_get_drvdata(dev); 890 + const char *mode; 891 + 892 + if (ctrl->opts->tls) 893 + mode = "tls"; 894 + else 895 + mode = "concat"; 896 + 897 + return sysfs_emit(buf, "%s\n", mode); 898 + } 899 + static DEVICE_ATTR_RO(tls_mode); 900 + 886 901 static struct attribute *nvme_tls_attrs[] = { 887 902 &dev_attr_tls_key.attr, 888 903 &dev_attr_tls_configured_key.attr, 889 904 &dev_attr_tls_keyring.attr, 905 + &dev_attr_tls_mode.attr, 890 906 NULL, 891 907 }; 892 908 ··· 923 907 return 0; 924 908 if (a == &dev_attr_tls_keyring.attr && 925 909 !ctrl->opts->keyring) 910 + return 0; 911 + if (a == &dev_attr_tls_mode.attr && 912 + !ctrl->opts->tls && !ctrl->opts->concat) 926 913 return 0; 927 914 928 915 return a->mode;