Commit 3f4f8ad0 authored by Konrad Sztyber's avatar Konrad Sztyber Committed by Tomasz Zawadzki
Browse files

nvmf: set host's DH-HMAC-CHAP key



Signed-off-by: default avatarKonrad Sztyber <konrad.sztyber@intel.com>
Change-Id: I739409b136f085fe264b9c77ed2656fd4cc9ea1e
Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/22654


Tested-by: default avatarSPDK CI Jenkins <sys_sgci@intel.com>
Reviewed-by: default avatarBen Walker <ben@nvidia.com>
Reviewed-by: default avatarJim Harris <jim.harris@samsung.com>
Community-CI: Mellanox Build Bot
parent d96097b4
Loading
Loading
Loading
Loading
+3 −1
Original line number Diff line number Diff line
@@ -8524,6 +8524,7 @@ nqn | Required | string | Subsystem NQN
host                    | Required | string      | Host NQN to add to the list of allowed host NQNs
tgt_name                | Optional | string      | Parent NVMe-oF target name.
psk                     | Optional | string      | Path to a file containing PSK for TLS connection
dhchap_key              | Optional | string      | DH-HMAC-CHAP key name.

#### Example

@@ -8536,7 +8537,8 @@ Example request:
  "method": "nvmf_subsystem_add_host",
  "params": {
    "nqn": "nqn.2016-06.io.spdk:cnode1",
    "host": "nqn.2016-06.io.spdk:host1"
    "host": "nqn.2016-06.io.spdk:host1",
    "dhchap_key": "key0"
  }
}
~~~
+2 −0
Original line number Diff line number Diff line
@@ -615,6 +615,8 @@ struct spdk_nvmf_host_opts {
	size_t				size;
	/** Transport specific parameters */
	const struct spdk_json_val	*params;
	/** DH-HMAC-CHAP key */
	struct spdk_key			*dhchap_key;
};

/**
+4 −1
Original line number Diff line number Diff line
@@ -594,7 +594,10 @@ nvmf_write_nvme_subsystem_config(struct spdk_json_write_ctx *w,

		spdk_json_write_named_string(w, "nqn", spdk_nvmf_subsystem_get_nqn(subsystem));
		spdk_json_write_named_string(w, "host", spdk_nvmf_host_get_nqn(host));

		if (host->dhchap_key != NULL) {
			spdk_json_write_named_string(w, "dhchap_key",
						     spdk_key_get_name(host->dhchap_key));
		}
		TAILQ_FOREACH(transport, &subsystem->tgt->transports, link) {
			if (transport->ops->subsystem_dump_host != NULL) {
				transport->ops->subsystem_dump_host(transport, subsystem, host->nqn, w);
+2 −0
Original line number Diff line number Diff line
@@ -9,6 +9,7 @@

#include "spdk/stdinc.h"

#include "spdk/keyring.h"
#include "spdk/likely.h"
#include "spdk/nvmf.h"
#include "spdk/nvmf_cmd.h"
@@ -82,6 +83,7 @@ struct spdk_nvmf_tgt {

struct spdk_nvmf_host {
	char				nqn[SPDK_NVMF_NQN_MAX_LEN + 1];
	struct spdk_key			*dhchap_key;
	TAILQ_ENTRY(spdk_nvmf_host)	link;
};

+26 −1
Original line number Diff line number Diff line
@@ -195,6 +195,10 @@ dump_nvmf_subsystem(struct spdk_json_write_ctx *w, struct spdk_nvmf_subsystem *s
	     host = spdk_nvmf_subsystem_get_next_host(subsystem, host)) {
		spdk_json_write_object_begin(w);
		spdk_json_write_named_string(w, "nqn", spdk_nvmf_host_get_nqn(host));
		if (host->dhchap_key != NULL) {
			spdk_json_write_named_string(w, "dhchap_key",
						     spdk_key_get_name(host->dhchap_key));
		}
		spdk_json_write_object_end(w);
	}
	spdk_json_write_array_end(w);
@@ -1860,6 +1864,7 @@ struct nvmf_rpc_host_ctx {
	char *nqn;
	char *host;
	char *tgt_name;
	char *dhchap_key;
	bool allow_any_host;
};

@@ -1867,6 +1872,7 @@ static const struct spdk_json_object_decoder nvmf_rpc_subsystem_host_decoder[] =
	{"nqn", offsetof(struct nvmf_rpc_host_ctx, nqn), spdk_json_decode_string},
	{"host", offsetof(struct nvmf_rpc_host_ctx, host), spdk_json_decode_string},
	{"tgt_name", offsetof(struct nvmf_rpc_host_ctx, tgt_name), spdk_json_decode_string, true},
	{"dhchap_key", offsetof(struct nvmf_rpc_host_ctx, dhchap_key), spdk_json_decode_string, true},
};

static void
@@ -1875,6 +1881,7 @@ nvmf_rpc_host_ctx_free(struct nvmf_rpc_host_ctx *ctx)
	free(ctx->nqn);
	free(ctx->host);
	free(ctx->tgt_name);
	free(ctx->dhchap_key);
}

static void
@@ -1883,7 +1890,9 @@ rpc_nvmf_subsystem_add_host(struct spdk_jsonrpc_request *request,
{
	struct nvmf_rpc_host_ctx ctx = {};
	struct spdk_nvmf_subsystem *subsystem;
	struct spdk_nvmf_host_opts opts = {};
	struct spdk_nvmf_tgt *tgt;
	struct spdk_key *key = NULL;
	int rc;

	if (spdk_json_decode_object_relaxed(params, nvmf_rpc_subsystem_host_decoder,
@@ -1912,13 +1921,29 @@ rpc_nvmf_subsystem_add_host(struct spdk_jsonrpc_request *request,
		return;
	}

	rc = spdk_nvmf_subsystem_add_host(subsystem, ctx.host, params);
	if (ctx.dhchap_key != NULL) {
		key = spdk_keyring_get_key(ctx.dhchap_key);
		if (key == NULL) {
			SPDK_ERRLOG("Unable to find DH-HMAC-CHAP key: %s\n", ctx.dhchap_key);
			spdk_jsonrpc_send_error_response(request, SPDK_JSONRPC_ERROR_INVALID_PARAMS,
							 "Invalid parameters");
			nvmf_rpc_host_ctx_free(&ctx);
			return;
		}
	}

	opts.size = SPDK_SIZEOF(&opts, dhchap_key);
	opts.params = params;
	opts.dhchap_key = key;
	rc = spdk_nvmf_subsystem_add_host_ext(subsystem, ctx.host, &opts);
	if (rc != 0) {
		spdk_jsonrpc_send_error_response(request, SPDK_JSONRPC_ERROR_INTERNAL_ERROR, "Internal error");
		nvmf_rpc_host_ctx_free(&ctx);
		spdk_keyring_put_key(key);
		return;
	}

	spdk_keyring_put_key(key);
	spdk_jsonrpc_send_bool_response(request, true);
	nvmf_rpc_host_ctx_free(&ctx);
}
Loading