From patchwork Fri Oct 13 20:28:25 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Mark O'Donovan <shiftee@posteo.net>
X-Patchwork-Id: 15353
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:612c:2908:b0:403:3b70:6f57 with SMTP id
 ib8csp2137184vqb;
        Fri, 13 Oct 2023 13:29:14 -0700 (PDT)
X-Google-Smtp-Source: 
 AGHT+IH0aRdFUks3KX2luK3D4mg2UT9vvZM4x2IPzQtnIVdP7hTrYTaaP7O0xJi3UP3gIGxAddAY
X-Received: by 2002:a05:6a20:1595:b0:163:ab09:195d with SMTP id
 h21-20020a056a20159500b00163ab09195dmr31555831pzj.0.1697228954064;
        Fri, 13 Oct 2023 13:29:14 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1697228954; cv=none;
        d=google.com; s=arc-20160816;
        b=azA45bm6qNbqWP7dDIg9VlLfd3AqhSqaMhB62i2U/cuX4alCDI1zH5wuguRP5+N5H/
         ZXohZq7buE13JVNXLbPSrQ9jGrQUIbzWcELwCB1pPuxDUQCbFlI470lVpYyhzqmCK40X
         xDdYbptp720xSHsI2wmPIcI3z1MnV4x363iYzD/pzfUDTRTMhe4/+w/Oafvi2dxU6lU3
         T2b0uBBwF3GOb+Dx6soqABLrWfEHadKgrKzyn8m96Sm0a++79zr1q05xsirAgxKrfFBp
         OU9uTbElB1eQlGbSqbHHbjm7rLeFdZeL7VnvL51AYSg2HlJJ4IJ6nOYSimi+FBv5v8PN
         NDog==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from:dkim-signature;
        bh=6cVklUBJ2GX15heOtwqXFzln+u/hJujOwwMqeS1EpW0=;
        fh=nK/B2gIzvYPsKU0sJgdKEVdz5eoE00hHt727sEimwsQ=;
        b=Vrit0vBPDx0rVjLbHDzMu4mbtkE4fGlUn0NMyYYiU2hkGD2o78+jKvb8WVyw8nELjb
         wi2IMybCHavXY+MzER5QKrJufhphyDIx2m38J4faqKjDGyDGL6lIAztnBT0hgfNNS5xU
         PvV7MdufX2J5paT/LDFs8ERDFkWtek/3XYpuNpoSP0k3CXy6KnY1+YvY8Btjq1nHDVR3
         qBVJnV28La7MZsDhfmhxIhNOV8jf6FouiVCVCwITh23e6PAJukSdLy/BVbrQAjoqoUTX
         G4ncfXFr+NX1KZOgcX7MKeQK7cCbk9/vKVsW3ut0koNtgdyaxX6T9xeF/W25zU9aPoxM
         JuEQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@posteo.net header.s=2017 header.b=ITA6Oled;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 23.128.96.37 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=posteo.net
Received: from snail.vger.email (snail.vger.email. [23.128.96.37])
        by mx.google.com with ESMTPS id
 c27-20020a630d1b000000b005789f552066si5406868pgl.335.2023.10.13.13.29.13
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 13 Oct 2023 13:29:14 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 23.128.96.37 as permitted sender) client-ip=23.128.96.37;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@posteo.net header.s=2017 header.b=ITA6Oled;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 23.128.96.37 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=posteo.net
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by snail.vger.email (Postfix) with ESMTP id 465D8834353E;
	Fri, 13 Oct 2023 13:29:13 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S232159AbjJMU3H (ORCPT <rfc822;rua109.linux@gmail.com>
        + 19 others); Fri, 13 Oct 2023 16:29:07 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33018 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S232005AbjJMU3G (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 13 Oct 2023 16:29:06 -0400
Received: from mout01.posteo.de (mout01.posteo.de [185.67.36.65])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7CAC7BB
        for <linux-kernel@vger.kernel.org>;
 Fri, 13 Oct 2023 13:29:01 -0700 (PDT)
Received: from submission (posteo.de [185.67.36.169])
        by mout01.posteo.de (Postfix) with ESMTPS id 56BA6240029
        for <linux-kernel@vger.kernel.org>;
 Fri, 13 Oct 2023 22:28:59 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.net; s=2017;
        t=1697228939; bh=FLYT+SprL3ZRgczhwxNKHQ8OrNt4PO3mwxSQn6FYQbQ=;
        h=From:To:Cc:Subject:Date:Message-Id:MIME-Version:
         Content-Transfer-Encoding:From;
        b=ITA6OledQbDyCnMqLfsAA0aT9iS6L1DU5tl5QEJHCFGUB5MTaE/9YBYioEfHWDtqY
         wzbdGHvjrX1lMo3S+iViQ3FltaKZFrNE52gizqA0mLdRgl7WHHVeF3kKEBCVzfCC7G
         Q8jtsmEiI2VrnD/bLiHqMaaXkhEKf/qN5xNMRR6/1iJbIpyjyxsDPaARsOLzp9nHBD
         RQTo6Pbgd8c9znabXOUEdtk45O99uRpZJNRgCY71zU1EZD+ntj/dm9lbVtSH6hLLcg
         sxJdDLZwRf7nMK/lLwcqtitkwAv1XJsBoG78vw5V3bBzbOzn4hu71Wr/N9eBtgWmL6
         aqC8BvhDXfKzQ==
Received: from customer (localhost [127.0.0.1])
        by submission (posteo.de) with ESMTPSA id 4S6dPz2MPJz9rxF;
        Fri, 13 Oct 2023 22:28:55 +0200 (CEST)
From: Mark O'Donovan <shiftee@posteo.net>
To: linux-kernel@vger.kernel.org
Cc: linux-nvme@lists.infradead.org, sagi@grimberg.me, hch@lst.de,
        axboe@kernel.dk, kbusch@kernel.org, hare@suse.de,
        Mark O'Donovan <shiftee@posteo.net>
Subject: [PATCH 0/2] Remove secret-size restrictions for hashes
Date: Fri, 13 Oct 2023 20:28:25 +0000
Message-Id: <20231013202827.2262708-1-shiftee@posteo.net>
MIME-Version: 1.0
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED,
        RCVD_IN_MSPIKE_H5,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_PASS
        autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
 not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]);
 Fri, 13 Oct 2023 13:29:13 -0700 (PDT)
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1779673547743809357
X-GMAIL-MSGID: 1779673547743809357

This relates to the hash functions used to transform the secret.
The kernel currently restricts us to using secrets equal in size
to the transformation hash function they use.
e.g. 32 byte secrets with the SHA-256(32 byte) hash function.

This restriction is not required by the spec and means
incompatibility with more permissive implementations.

With these patches the example secret from the spec should now
be permitted with any of the following:
DHHC-1:00:ia6zGodOr4SEG0Zzaw398rpY0wqipUWj4jWjUh4HWUz6aQ2n:
DHHC-1:01:ia6zGodOr4SEG0Zzaw398rpY0wqipUWj4jWjUh4HWUz6aQ2n:
DHHC-1:02:ia6zGodOr4SEG0Zzaw398rpY0wqipUWj4jWjUh4HWUz6aQ2n:
DHHC-1:03:ia6zGodOr4SEG0Zzaw398rpY0wqipUWj4jWjUh4HWUz6aQ2n:

Note: Secrets are still restricted to 32,48 or 64 bits.


Mark O'Donovan (2):
  nvme-auth: use transformed key size to create resp
  nvme-auth: allow mixing of secret and hash lengths

 drivers/nvme/common/auth.c |  8 --------
 drivers/nvme/host/auth.c   | 11 ++++++++++-
 2 files changed, 10 insertions(+), 9 deletions(-)