diff options
| author | Martin Wilck <[email protected]> | 2023-09-04 15:26:38 +0000 |
|---|---|---|
| committer | Keith Busch <[email protected]> | 2023-10-10 15:06:06 +0000 |
| commit | 4ae55a7dce04989f289d5c5c8c8e5c37adc36c71 (patch) | |
| tree | e2b748477a682cfdc6b64b6fd5d5777dd39cc804 /tools/testing/selftests/tc-testing/plugin-lib/valgrindPlugin.py | |
| parent | nvmet-tcp: Fix a possible UAF in queue intialization setup (diff) | |
| download | kernel-4ae55a7dce04989f289d5c5c8c8e5c37adc36c71.tar.gz kernel-4ae55a7dce04989f289d5c5c8c8e5c37adc36c71.zip | |
nvme-auth: use chap->s2 to indicate bidirectional authentication
Commit 546dea18c999 ("nvme-auth: check chap ctrl_key once constructed")
replaced the condition "if (ctrl->ctrl_key)" (indicating bidirectional
auth) by "if (chap->ctrl_key)", because ctrl->ctrl_key is a resource shared
with sysfs. But chap->ctrl_key is set in
nvme_auth_process_dhchap_challenge() depending on the DHVLEN in the
DH-HMAC-CHAP Challenge message received from the controller, and will thus
be non-NULL for every DH-HMAC-CHAP exchange, even if unidirectional auth
was requested. This will lead to a protocol violation by sending a Success2
message in the unidirectional case (per NVMe base spec 2.0, the
authentication transaction ends after the Success1 message for
unidirectional auth). Use chap->s2 instead, which is non-zero if and only
if the host requested bi-directional authentication from the controller.
Fixes: 546dea18c999 ("nvme-auth: check chap ctrl_key once constructed")
Signed-off-by: Martin Wilck <[email protected]>
Reviewed-by: Daniel Wagner <[email protected]>
Reviewed-by: Sagi Grimberg <[email protected]>
Reviewed-by: Hannes Reinecke <[email protected]>
Reviewed-by: Christoph Hellwig <[email protected]>
Signed-off-by: Keith Busch <[email protected]>
Diffstat (limited to 'tools/testing/selftests/tc-testing/plugin-lib/valgrindPlugin.py')
0 files changed, 0 insertions, 0 deletions