Merge tag 'block-6.7-2023-11-10' of git://git.kernel.dk/linux

+2 -2

block/blk-core.c

··· 501 501 if (op_is_write(bio_op(bio)) && bdev_read_only(bio->bi_bdev)) { 502 502 if (op_is_flush(bio->bi_opf) && !bio_sectors(bio)) 503 503 return; 504 - pr_warn("Trying to write to read-only block-device %pg\n", 505 - bio->bi_bdev); 504 + pr_warn_ratelimited("Trying to write to read-only block-device %pg\n", 505 + bio->bi_bdev); 506 506 /* Older lvm-tools actually trigger this */ 507 507 } 508 508 }

+9 -2

drivers/block/nbd.c

··· 250 250 struct gendisk *disk = nbd->disk; 251 251 252 252 del_gendisk(disk); 253 - put_disk(disk); 254 253 blk_mq_free_tag_set(&nbd->tag_set); 255 254 256 255 /* ··· 260 261 idr_remove(&nbd_index_idr, nbd->index); 261 262 mutex_unlock(&nbd_index_mutex); 262 263 destroy_workqueue(nbd->recv_workq); 263 - kfree(nbd); 264 + put_disk(disk); 264 265 } 265 266 266 267 static void nbd_dev_remove_work(struct work_struct *work) ··· 1607 1608 nbd_put(nbd); 1608 1609 } 1609 1610 1611 + static void nbd_free_disk(struct gendisk *disk) 1612 + { 1613 + struct nbd_device *nbd = disk->private_data; 1614 + 1615 + kfree(nbd); 1616 + } 1617 + 1610 1618 static const struct block_device_operations nbd_fops = 1611 1619 { 1612 1620 .owner = THIS_MODULE, ··· 1621 1615 .release = nbd_release, 1622 1616 .ioctl = nbd_ioctl, 1623 1617 .compat_ioctl = nbd_ioctl, 1618 + .free_disk = nbd_free_disk, 1624 1619 }; 1625 1620 1626 1621 #if IS_ENABLED(CONFIG_DEBUG_FS)

+1 -1

drivers/nvme/Makefile

··· 1 1 # SPDX-License-Identifier: GPL-2.0-only 2 2 3 - obj-$(CONFIG_NVME_COMMON) += common/ 3 + obj-y += common/ 4 4 obj-y += host/ 5 5 obj-y += target/

+2 -5

drivers/nvme/common/Kconfig

··· 1 1 # SPDX-License-Identifier: GPL-2.0-only 2 2 3 - config NVME_COMMON 4 - tristate 5 - 6 3 config NVME_KEYRING 7 - bool 4 + tristate 8 5 select KEYS 9 6 10 7 config NVME_AUTH 11 - bool 8 + tristate 12 9 select CRYPTO 13 10 select CRYPTO_HMAC 14 11 select CRYPTO_SHA256

+4 -3

drivers/nvme/common/Makefile

··· 2 2 3 3 ccflags-y += -I$(src) 4 4 5 - obj-$(CONFIG_NVME_COMMON) += nvme-common.o 5 + obj-$(CONFIG_NVME_AUTH) += nvme-auth.o 6 + obj-$(CONFIG_NVME_KEYRING) += nvme-keyring.o 6 7 7 - nvme-common-$(CONFIG_NVME_AUTH) += auth.o 8 - nvme-common-$(CONFIG_NVME_KEYRING) += keyring.o 8 + nvme-auth-y += auth.o 9 + nvme-keyring-y += keyring.o

+2 -21

drivers/nvme/common/auth.c

··· 341 341 u8 *challenge, u8 *aug, size_t hlen) 342 342 { 343 343 struct crypto_shash *tfm; 344 - struct shash_desc *desc; 345 344 u8 *hashed_key; 346 345 const char *hmac_name; 347 346 int ret; ··· 368 369 goto out_free_key; 369 370 } 370 371 371 - desc = kmalloc(sizeof(struct shash_desc) + crypto_shash_descsize(tfm), 372 - GFP_KERNEL); 373 - if (!desc) { 374 - ret = -ENOMEM; 375 - goto out_free_hash; 376 - } 377 - desc->tfm = tfm; 378 - 379 372 ret = crypto_shash_setkey(tfm, hashed_key, hlen); 380 373 if (ret) 381 - goto out_free_desc; 374 + goto out_free_hash; 382 375 383 - ret = crypto_shash_init(desc); 384 - if (ret) 385 - goto out_free_desc; 386 - 387 - ret = crypto_shash_update(desc, challenge, hlen); 388 - if (ret) 389 - goto out_free_desc; 390 - 391 - ret = crypto_shash_final(desc, aug); 392 - out_free_desc: 393 - kfree_sensitive(desc); 376 + ret = crypto_shash_tfm_digest(tfm, challenge, hlen, aug); 394 377 out_free_hash: 395 378 crypto_free_shash(tfm); 396 379 out_free_key:

+7 -4

drivers/nvme/common/keyring.c

··· 151 151 } 152 152 EXPORT_SYMBOL_GPL(nvme_tls_psk_default); 153 153 154 - int nvme_keyring_init(void) 154 + static int __init nvme_keyring_init(void) 155 155 { 156 156 int err; 157 157 ··· 171 171 } 172 172 return 0; 173 173 } 174 - EXPORT_SYMBOL_GPL(nvme_keyring_init); 175 174 176 - void nvme_keyring_exit(void) 175 + static void __exit nvme_keyring_exit(void) 177 176 { 178 177 unregister_key_type(&nvme_tls_psk_key_type); 179 178 key_revoke(nvme_keyring); 180 179 key_put(nvme_keyring); 181 180 } 182 - EXPORT_SYMBOL_GPL(nvme_keyring_exit); 181 + 182 + MODULE_LICENSE("GPL v2"); 183 + MODULE_AUTHOR("Hannes Reinecke <hare@suse.de>"); 184 + module_init(nvme_keyring_init); 185 + module_exit(nvme_keyring_exit);

-2

drivers/nvme/host/Kconfig

··· 95 95 config NVME_TCP_TLS 96 96 bool "NVMe over Fabrics TCP TLS encryption support" 97 97 depends on NVME_TCP 98 - select NVME_COMMON 99 98 select NVME_KEYRING 100 99 select NET_HANDSHAKE 101 100 select KEYS ··· 109 110 config NVME_HOST_AUTH 110 111 bool "NVM Express over Fabrics In-Band Authentication" 111 112 depends on NVME_CORE 112 - select NVME_COMMON 113 113 select NVME_AUTH 114 114 help 115 115 This provides support for NVMe over Fabrics In-Band Authentication.

+6 -7

drivers/nvme/host/auth.c

··· 29 29 int error; 30 30 u32 s1; 31 31 u32 s2; 32 + bool bi_directional; 32 33 u16 transaction; 33 34 u8 status; 34 35 u8 dhgroup_id; ··· 313 312 data->dhvlen = cpu_to_le16(chap->host_key_len); 314 313 memcpy(data->rval, chap->response, chap->hash_len); 315 314 if (ctrl->ctrl_key) { 315 + chap->bi_directional = true; 316 316 get_random_bytes(chap->c2, chap->hash_len); 317 317 data->cvalid = 1; 318 - chap->s2 = nvme_auth_get_seqnum(); 319 318 memcpy(data->rval + chap->hash_len, chap->c2, 320 319 chap->hash_len); 321 320 dev_dbg(ctrl->device, "%s: qid %d ctrl challenge %*ph\n", 322 321 __func__, chap->qid, (int)chap->hash_len, chap->c2); 323 322 } else { 324 323 memset(chap->c2, 0, chap->hash_len); 325 - chap->s2 = 0; 326 324 } 325 + chap->s2 = nvme_auth_get_seqnum(); 327 326 data->seqnum = cpu_to_le32(chap->s2); 328 327 if (chap->host_key_len) { 329 328 dev_dbg(ctrl->device, "%s: qid %d host public key %*ph\n", ··· 340 339 struct nvme_dhchap_queue_context *chap) 341 340 { 342 341 struct nvmf_auth_dhchap_success1_data *data = chap->buf; 343 - size_t size = sizeof(*data); 344 - 345 - if (chap->s2) 346 - size += chap->hash_len; 342 + size_t size = sizeof(*data) + chap->hash_len; 347 343 348 344 if (size > CHAP_BUF_SIZE) { 349 345 chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD; ··· 661 663 chap->error = 0; 662 664 chap->s1 = 0; 663 665 chap->s2 = 0; 666 + chap->bi_directional = false; 664 667 chap->transaction = 0; 665 668 memset(chap->c1, 0, sizeof(chap->c1)); 666 669 memset(chap->c2, 0, sizeof(chap->c2)); ··· 824 825 goto fail2; 825 826 } 826 827 827 - if (chap->s2) { 828 + if (chap->bi_directional) { 828 829 /* DH-HMAC-CHAP Step 5: send success2 */ 829 830 dev_dbg(ctrl->device, "%s: qid %d send success2\n", 830 831 __func__, chap->qid);

+18 -12

drivers/nvme/host/core.c

··· 25 25 #include "nvme.h" 26 26 #include "fabrics.h" 27 27 #include <linux/nvme-auth.h> 28 - #include <linux/nvme-keyring.h> 29 28 30 29 #define CREATE_TRACE_POINTS 31 30 #include "trace.h" ··· 482 483 483 484 void nvme_cancel_admin_tagset(struct nvme_ctrl *ctrl) 484 485 { 486 + nvme_stop_keep_alive(ctrl); 485 487 if (ctrl->admin_tagset) { 486 488 blk_mq_tagset_busy_iter(ctrl->admin_tagset, 487 489 nvme_cancel_request, ctrl); ··· 3200 3200 clear_bit(NVME_CTRL_DIRTY_CAPABILITY, &ctrl->flags); 3201 3201 ctrl->identified = true; 3202 3202 3203 + nvme_start_keep_alive(ctrl); 3204 + 3203 3205 return 0; 3204 3206 } 3205 3207 EXPORT_SYMBOL_GPL(nvme_init_ctrl_finish); ··· 4076 4074 return; 4077 4075 4078 4076 if (nvme_get_log(ctrl, NVME_NSID_ALL, NVME_LOG_FW_SLOT, 0, NVME_CSI_NVM, 4079 - log, sizeof(*log), 0)) 4077 + log, sizeof(*log), 0)) { 4080 4078 dev_warn(ctrl->device, "Get FW SLOT INFO log error\n"); 4079 + goto out_free_log; 4080 + } 4081 + 4082 + if (log->afi & 0x70 || !(log->afi & 0x7)) { 4083 + dev_info(ctrl->device, 4084 + "Firmware is activated after next Controller Level Reset\n"); 4085 + goto out_free_log; 4086 + } 4087 + 4088 + memcpy(ctrl->subsys->firmware_rev, &log->frs[(log->afi & 0x7) - 1], 4089 + sizeof(ctrl->subsys->firmware_rev)); 4090 + 4091 + out_free_log: 4081 4092 kfree(log); 4082 4093 } 4083 4094 ··· 4348 4333 { 4349 4334 nvme_mpath_stop(ctrl); 4350 4335 nvme_auth_stop(ctrl); 4351 - nvme_stop_keep_alive(ctrl); 4352 4336 nvme_stop_failfast_work(ctrl); 4353 4337 flush_work(&ctrl->async_event_work); 4354 4338 cancel_work_sync(&ctrl->fw_act_work); ··· 4358 4344 4359 4345 void nvme_start_ctrl(struct nvme_ctrl *ctrl) 4360 4346 { 4361 - nvme_start_keep_alive(ctrl); 4362 - 4363 4347 nvme_enable_aen(ctrl); 4364 4348 4365 4349 /* ··· 4736 4724 result = PTR_ERR(nvme_ns_chr_class); 4737 4725 goto unregister_generic_ns; 4738 4726 } 4739 - result = nvme_keyring_init(); 4740 - if (result) 4741 - goto destroy_ns_chr; 4742 4727 result = nvme_init_auth(); 4743 4728 if (result) 4744 - goto keyring_exit; 4729 + goto destroy_ns_chr; 4745 4730 return 0; 4746 4731 4747 - keyring_exit: 4748 - nvme_keyring_exit(); 4749 4732 destroy_ns_chr: 4750 4733 class_destroy(nvme_ns_chr_class); 4751 4734 unregister_generic_ns: ··· 4764 4757 static void __exit nvme_core_exit(void) 4765 4758 { 4766 4759 nvme_exit_auth(); 4767 - nvme_keyring_exit(); 4768 4760 class_destroy(nvme_ns_chr_class); 4769 4761 class_destroy(nvme_subsys_class); 4770 4762 class_destroy(nvme_class);

+6

drivers/nvme/host/fc.c

··· 2530 2530 * clean up the admin queue. Same thing as above. 2531 2531 */ 2532 2532 nvme_quiesce_admin_queue(&ctrl->ctrl); 2533 + 2534 + /* 2535 + * Open-coding nvme_cancel_admin_tagset() as fc 2536 + * is not using nvme_cancel_request(). 2537 + */ 2538 + nvme_stop_keep_alive(&ctrl->ctrl); 2533 2539 blk_sync_queue(ctrl->ctrl.admin_q); 2534 2540 blk_mq_tagset_busy_iter(&ctrl->admin_tag_set, 2535 2541 nvme_fc_terminate_exchange, &ctrl->ctrl);

+5 -2

drivers/nvme/host/ioctl.c

··· 510 510 struct nvme_uring_cmd_pdu *pdu = nvme_uring_cmd_pdu(ioucmd); 511 511 512 512 req->bio = pdu->bio; 513 - if (nvme_req(req)->flags & NVME_REQ_CANCELLED) 513 + if (nvme_req(req)->flags & NVME_REQ_CANCELLED) { 514 514 pdu->nvme_status = -EINTR; 515 - else 515 + } else { 516 516 pdu->nvme_status = nvme_req(req)->status; 517 + if (!pdu->nvme_status) 518 + pdu->nvme_status = blk_status_to_errno(err); 519 + } 517 520 pdu->u.result = le64_to_cpu(nvme_req(req)->result.u64); 518 521 519 522 /*

+3 -6

drivers/nvme/host/tcp.c

··· 1423 1423 nvme_tcp_queue_id(queue), ret); 1424 1424 goto free_icresp; 1425 1425 } 1426 + ret = -ENOTCONN; 1426 1427 if (queue->ctrl->ctrl.opts->tls) { 1427 1428 ctype = tls_get_record_type(queue->sock->sk, 1428 1429 (struct cmsghdr *)cbuf); 1429 1430 if (ctype != TLS_RECORD_TYPE_DATA) { 1430 1431 pr_err("queue %d: unhandled TLS record %d\n", 1431 1432 nvme_tcp_queue_id(queue), ctype); 1432 - return -ENOTCONN; 1433 + goto free_icresp; 1433 1434 } 1434 1435 } 1435 1436 ret = -EINVAL; ··· 2237 2236 nvme_tcp_destroy_io_queues(ctrl, new); 2238 2237 } 2239 2238 destroy_admin: 2240 - nvme_quiesce_admin_queue(ctrl); 2241 - blk_sync_queue(ctrl->admin_q); 2242 - nvme_tcp_stop_queue(ctrl, 0); 2243 - nvme_cancel_admin_tagset(ctrl); 2244 - nvme_tcp_destroy_admin_queue(ctrl, new); 2239 + nvme_tcp_teardown_admin_queue(ctrl, false); 2245 2240 return ret; 2246 2241 } 2247 2242

-2

drivers/nvme/target/Kconfig

··· 87 87 config NVME_TARGET_TCP_TLS 88 88 bool "NVMe over Fabrics TCP target TLS encryption support" 89 89 depends on NVME_TARGET_TCP 90 - select NVME_COMMON 91 90 select NVME_KEYRING 92 91 select NET_HANDSHAKE 93 92 select KEYS ··· 101 102 config NVME_TARGET_AUTH 102 103 bool "NVMe over Fabrics In-band Authentication support" 103 104 depends on NVME_TARGET 104 - select NVME_COMMON 105 105 select NVME_AUTH 106 106 help 107 107 This enables support for NVMe over Fabrics In-band Authentication

+1 -1

drivers/nvme/target/fabrics-cmd-auth.c

··· 163 163 pr_debug("%s: ctrl %d qid %d challenge %*ph\n", 164 164 __func__, ctrl->cntlid, req->sq->qid, data->hl, 165 165 req->sq->dhchap_c2); 166 - req->sq->dhchap_s2 = le32_to_cpu(data->seqnum); 167 166 } else { 168 167 req->sq->authenticated = true; 169 168 req->sq->dhchap_c2 = NULL; 170 169 } 170 + req->sq->dhchap_s2 = le32_to_cpu(data->seqnum); 171 171 172 172 return 0; 173 173 }

+4

drivers/nvme/target/loop.c

··· 466 466 out_destroy_io: 467 467 nvme_loop_destroy_io_queues(ctrl); 468 468 out_destroy_admin: 469 + nvme_quiesce_admin_queue(&ctrl->ctrl); 470 + nvme_cancel_admin_tagset(&ctrl->ctrl); 469 471 nvme_loop_destroy_admin_queue(ctrl); 470 472 out_disable: 471 473 dev_warn(ctrl->ctrl.device, "Removing after reset failure\n"); ··· 602 600 return &ctrl->ctrl; 603 601 604 602 out_remove_admin_queue: 603 + nvme_quiesce_admin_queue(&ctrl->ctrl); 604 + nvme_cancel_admin_tagset(&ctrl->ctrl); 605 605 nvme_loop_destroy_admin_queue(ctrl); 606 606 out_free_queues: 607 607 kfree(ctrl->queues);

+1 -9

include/linux/nvme-keyring.h

··· 6 6 #ifndef _NVME_KEYRING_H 7 7 #define _NVME_KEYRING_H 8 8 9 - #ifdef CONFIG_NVME_KEYRING 9 + #if IS_ENABLED(CONFIG_NVME_KEYRING) 10 10 11 11 key_serial_t nvme_tls_psk_default(struct key *keyring, 12 12 const char *hostnqn, const char *subnqn); 13 13 14 14 key_serial_t nvme_keyring_id(void); 15 - int nvme_keyring_init(void); 16 - void nvme_keyring_exit(void); 17 15 18 16 #else 19 17 ··· 24 26 { 25 27 return 0; 26 28 } 27 - static inline int nvme_keyring_init(void) 28 - { 29 - return 0; 30 - } 31 - static inline void nvme_keyring_exit(void) {} 32 - 33 29 #endif /* !CONFIG_NVME_KEYRING */ 34 30 #endif /* _NVME_KEYRING_H */

+1 -1

include/linux/nvme.h

··· 1732 1732 __u8 rsvd2; 1733 1733 __u8 rvalid; 1734 1734 __u8 rsvd3[7]; 1735 - /* 'hl' bytes of response value if 'rvalid' is set */ 1735 + /* 'hl' bytes of response value */ 1736 1736 __u8 rval[]; 1737 1737 }; 1738 1738

Configure Feed

Configure Feed