nvme/tcp: use keyring to pass TLS PSKs

The `int flags` parameter in various *submit* and *append* accel FW API is not used and deprecated. It will be removed

in 24.05 release.

### nvme

#### `spdk_nvme_ctrlr_opts.psk`

Passing NVMe/TLS pre-shared keys via `spdk_nvme_ctrlr_opts.psk` is deprecated and this field will be

removed in the v24.09 release.  Instead, a key obtained from the keyring library should be passed

in `spdk_nvme_ctrlr_opts.tls_psk`.

### util

#### `spdk_iov_one`

#include "spdk/dma.h"

#include "spdk/env.h"

#include "spdk/keyring.h"

#include "spdk/nvme_spec.h"

#include "spdk/nvmf_spec.h"

	 * Set the IP protocol type of service value for RDMA transport. Default is 0, which means that the TOS will not be set.

	 */

	uint8_t transport_tos;

	/**

	 * Pre-shared key for NVMe/TCP's TLS connection.

	 */

	struct spdk_key *tls_psk;

};

SPDK_STATIC_ASSERT(sizeof(struct spdk_nvme_ctrlr_opts) == 824, "Incorrect size");

SPDK_STATIC_ASSERT(sizeof(struct spdk_nvme_ctrlr_opts) == 832, "Incorrect size");

/**

 * NVMe acceleration operation callback.

	SET_FIELD(disable_read_ana_log_page);

	SET_FIELD(disable_read_changed_ns_list_log_page);

	SET_FIELD_ARRAY(psk);

	SET_FIELD(tls_psk);

#undef FIELD_OK

#undef SET_FIELD

	SET_FIELD(fabrics_connect_timeout_us, NVME_FABRIC_CONNECT_COMMAND_TIMEOUT);

	SET_FIELD(disable_read_ana_log_page, false);

	SET_FIELD(disable_read_changed_ns_list_log_page, false);

	SET_FIELD(tls_psk, NULL);

	if (FIELD_OK(psk)) {

		memset(opts->psk, 0, sizeof(opts->psk));

					   opts->io_queue_requests, opts->async_mode);

}

SPDK_LOG_DEPRECATION_REGISTER(nvme_ctrlr_psk, "spdk_nvme_ctrlr_opts.psk", "v24.09", 0);

static int

nvme_tcp_generate_tls_credentials(struct nvme_tcp_ctrlr *tctrlr)

{

	int rc;

	uint8_t psk_retained[SPDK_TLS_PSK_MAX_LEN] = {};

	uint8_t psk_configured[SPDK_TLS_PSK_MAX_LEN] = {};

	uint8_t pskbuf[SPDK_TLS_PSK_MAX_LEN + 1] = {};

	uint8_t tls_cipher_suite;

	uint8_t psk_retained_hash;

	uint64_t psk_configured_size;

	uint8_t *psk;

	if (ctrlr->opts.tls_psk != NULL) {

		rc = spdk_key_get_key(ctrlr->opts.tls_psk, pskbuf, SPDK_TLS_PSK_MAX_LEN);

		if (rc < 0) {

			SPDK_ERRLOG("Failed to obtain key '%s': %s\n",

				    spdk_key_get_name(ctrlr->opts.tls_psk), spdk_strerror(-rc));

			goto finish;

		}

	rc = nvme_tcp_parse_interchange_psk(ctrlr->opts.psk, psk_configured, sizeof(psk_configured),

		psk = pskbuf;

	} else {

		SPDK_LOG_DEPRECATED(nvme_ctrlr_psk);

		psk = ctrlr->opts.psk;

	}

	rc = nvme_tcp_parse_interchange_psk(psk, psk_configured, sizeof(psk_configured),

					    &psk_configured_size, &psk_retained_hash);

	if (rc < 0) {

		SPDK_ERRLOG("Failed to parse PSK interchange!\n");

	rc = 0;

finish:

	spdk_memset_s(psk_configured, sizeof(psk_configured), 0, sizeof(psk_configured));

	spdk_memset_s(pskbuf, sizeof(pskbuf), 0, sizeof(pskbuf));

	return rc;

}

	tctrlr->ctrlr.opts = *opts;

	tctrlr->ctrlr.trid = *trid;

	if (opts->psk[0] != '\0') {

	if (opts->psk[0] != '\0' || opts->tls_psk != NULL) {

		/* Only allow either one at a time */

		if (opts->tls_psk != NULL && opts->psk[0] != '\0') {

			SPDK_ERRLOG("Either spdk_nvme_ctrlr_opts.tls_psk or .psk can be set at "

				    "the same time\n");

			free(tctrlr);

			return NULL;

		}

		rc = nvme_tcp_generate_tls_credentials(tctrlr);

		spdk_memset_s(&tctrlr->ctrlr.opts.psk, sizeof(tctrlr->ctrlr.opts.psk), 0,

			      sizeof(tctrlr->ctrlr.opts.psk));