Commit c16dab7e authored by Konrad Sztyber's avatar Konrad Sztyber Committed by Ben Walker
Browse files

sma: crypto support for nvmf/tcp devices 



The nvmf/tcp devices will now support attaching volumes with encryption
enabled.  This basically boils down to getting the crypto bdev name
through the CryptoEngine.get_crypto_bdev() interface (instead of just
using volume_id) and specyfing UUID/NGUID when attaching namespaces
to a subsystem.

Signed-off-by: default avatarKonrad Sztyber <konrad.sztyber@intel.com>
Change-Id: Iefddbf07675152aa2e042564eb87c457b6995b9b
Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/13871


Tested-by: default avatarSPDK CI Jenkins <sys_sgci@intel.com>
Reviewed-by: default avatarBen Walker <benjamin.walker@intel.com>
Reviewed-by: default avatarJim Harris <james.r.harris@intel.com>
Reviewed-by: default avatar <sebastian.brzezinka@intel.com>
parent e1068a86

python/spdk/sma/common.py

+4 −0
Original line number Diff line number Diff line
@@ -15,3 +15,7 @@ def format_volume_id(volume_id): 
    except ValueError:

        pass

    return None





def volume_id_to_nguid(uuid):

    return uuid.replace('-', '')

python/spdk/sma/device/nvmf_tcp.py

+13 −6
Original line number Diff line number Diff line
@@ -3,7 +3,8 @@ import logging 
import uuid

from spdk.rpc.client import JSONRPCException

from .device import DeviceManager, DeviceException

from ..common import format_volume_id

from ..common import format_volume_id, volume_id_to_nguid

from ..volume import get_crypto_engine, CryptoException

from ..proto import sma_pb2

from ..proto import nvmf_tcp_pb2
@@ -95,11 +96,14 @@ class NvmfTcpDeviceManager(DeviceManager): 
                                 'listen_address': {'trtype': 'tcp', **addr}})

                volume_id = format_volume_id(request.volume.volume_id)

                if volume_id is not None:

                    bdev_name = get_crypto_engine().get_crypto_bdev(volume_id) or volume_id

                    result = client.call('nvmf_subsystem_add_ns',

                                         {'nqn': params.subnqn,

                                          'namespace': {

                                              'bdev_name': volume_id}})

            except JSONRPCException:

                                              'bdev_name': bdev_name,

                                              'uuid': volume_id,

                                              'nguid': volume_id_to_nguid(volume_id)}})

            except (JSONRPCException, CryptoException):

                try:

                    client.call('nvmf_delete_subsystem', {'nqn': params.subnqn})

                except JSONRPCException:
@@ -127,8 +131,9 @@ class NvmfTcpDeviceManager(DeviceManager): 


    def _find_bdev(self, client, guid):

        try:

            return client.call('bdev_get_bdevs', {'name': guid})[0]

        except JSONRPCException:

            bdev_name = get_crypto_engine().get_crypto_bdev(guid) or guid

            return client.call('bdev_get_bdevs', {'name': bdev_name})[0]

        except (JSONRPCException, CryptoException):

            return None



    @_check_transport
@@ -155,7 +160,9 @@ class NvmfTcpDeviceManager(DeviceManager): 
                    result = client.call('nvmf_subsystem_add_ns',

                                         {'nqn': nqn,

                                          'namespace': {

                                              'bdev_name': bdev['name']}})

                                              'bdev_name': bdev['name'],

                                              'uuid': volume_id,

                                              'nguid': volume_id_to_nguid(volume_id)}})

                    if not result:

                        raise DeviceException(grpc.StatusCode.INTERNAL,

                                              'Failed to attach volume')