nvme/tcp: Allow to choose SSL socket implementation (35f7f0ce) · Commits · Public Repositories / spdk

CHANGELOG.md

+6 −0

Original line number	Diff line number	Diff line
		@@ -43,6 +43,9 @@ Calculate num_md_pages from num_md_pages_per_cluster_ratio, and pass it to spdk_

		### rpc

		Added `psk` parameter to `bdev_nvme_attach_controller` RPC in order to enable SSL socket implementation
		of TCP connection and set the PSK. Applicable for TCP transport only.

		New options `enable_ktls` and `tls_version` were added to the `sock_impl_set_options` structure.
		New options `psk_key` and `psk_identity` were added to the `sock_impl_set_options` structure.

		@@ -81,6 +84,9 @@ tell the driver to not read the CHANGED_NS_LIST log page in response to a NS_ATT
		AEN. When called the application is required to read this log page instead to clear the
		AEN.

		Added `psk` field to `spdk_nvme_ctrlr_opts` struct in order to enable SSL socket implementation
		of TCP connection and set the PSK. Applicable for TCP transport only.

		### util

		Added new functions: `spdk_hexlify` and `spdk_unhexlify`.

+1 −0

Original line number	Diff line number	Diff line
		@@ -3245,6 +3245,7 @@ num_io_queues \| Optional \| uint32_t \| The number of IO queues to
		ctrlr_loss_timeout_sec \| Optional \| number \| Time to wait until ctrlr is reconnected before deleting ctrlr. -1 means infinite reconnects. 0 means no reconnect.
		reconnect_delay_sec \| Optional \| number \| Time to delay a reconnect trial. 0 means no reconnect.
		fast_io_fail_timeout_sec \| Optional \| number \| Time to wait until ctrlr is reconnected before failing I/O to ctrlr. 0 means no such timeout.
		psk \| Optional \| string \| PSK in hexadecimal digits, e.g. 1234567890ABCDEF (Enables SSL socket implementation for TCP)

		#### Example

+10 −1

Original line number	Diff line number	Diff line
		@@ -266,8 +266,17 @@ struct spdk_nvme_ctrlr_opts {
		* Default is `false` (CHANGED_NS_LIST log page is read).
		*/
		uint8_t disable_read_changed_ns_list_log_page;

		/**
		* Set PSK and enable SSL socket implementation for NVMe/TCP only.
		*
		* If empty, a default socket implementation will be used.
		* The TLS PSK interchange format is: NVMeTLSkey-1:xx:[Base64 encoded string]:
		* 12B (header) + 2B (hash) + 176B (base64 for 1024b + crc32) + 3B (colons) + 1B (NULL) + 6B (extra space for future)
		*/
		char psk[200];
		} __attribute__((packed));
		SPDK_STATIC_ASSERT(sizeof(struct spdk_nvme_ctrlr_opts) == 617, "Incorrect size");
		SPDK_STATIC_ASSERT(sizeof(struct spdk_nvme_ctrlr_opts) == 817, "Incorrect size");

		/**
		* NVMe acceleration operation callback.

+1 −0

Original line number	Diff line number	Diff line
		@@ -962,6 +962,7 @@ nvme_ctrlr_opts_init(struct spdk_nvme_ctrlr_opts *opts,
		SET_FIELD(fabrics_connect_timeout_us);
		SET_FIELD(disable_read_ana_log_page);
		SET_FIELD(disable_read_changed_ns_list_log_page);
		SET_FIELD_ARRAY(psk);

		#undef FIELD_OK
		#undef SET_FIELD

+4 −0

Original line number	Diff line number	Diff line
		@@ -234,6 +234,10 @@ spdk_nvme_ctrlr_get_default_ctrlr_opts(struct spdk_nvme_ctrlr_opts *opts, size_t
		SET_FIELD(disable_read_ana_log_page, false);
		SET_FIELD(disable_read_changed_ns_list_log_page, false);

		if (FIELD_OK(psk)) {
		memset(opts->psk, 0, sizeof(opts->psk));
		}

		#undef FIELD_OK
		#undef SET_FIELD
		}

Original line number	Diff line number	Diff line
		@@ -3245,6 +3245,7 @@ num_io_queues \| Optional \| uint32_t \| The number of IO queues to
		ctrlr_loss_timeout_sec \| Optional \| number \| Time to wait until ctrlr is reconnected before deleting ctrlr. -1 means infinite reconnects. 0 means no reconnect.
		reconnect_delay_sec \| Optional \| number \| Time to delay a reconnect trial. 0 means no reconnect.
		fast_io_fail_timeout_sec \| Optional \| number \| Time to wait until ctrlr is reconnected before failing I/O to ctrlr. 0 means no such timeout.
		psk \| Optional \| string \| PSK in hexadecimal digits, e.g. 1234567890ABCDEF (Enables SSL socket implementation for TCP)

		#### Example