124 		struct nvme_dhchap_queue_context *chap)  in nvme_auth_set_dhchap_negotiate_data()  argument
126 	struct nvmf_auth_dhchap_negotiate_data *data = chap->buf;  in nvme_auth_set_dhchap_negotiate_data()
130 		chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;  in nvme_auth_set_dhchap_negotiate_data()
133 	memset((u8 *)chap->buf, 0, size);  in nvme_auth_set_dhchap_negotiate_data()
136 	data->t_id = cpu_to_le16(chap->transaction);  in nvme_auth_set_dhchap_negotiate_data()
137 	if (ctrl->opts->concat && chap->qid == 0) {  in nvme_auth_set_dhchap_negotiate_data()
158 	chap->sc_c = data->sc_c;  in nvme_auth_set_dhchap_negotiate_data()
164 		struct nvme_dhchap_queue_context *chap)  in nvme_auth_process_dhchap_challenge()  argument
166 	struct nvmf_auth_dhchap_challenge_data *data = chap->buf;  in nvme_auth_process_dhchap_challenge()
173 		chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;  in nvme_auth_process_dhchap_challenge()
181 			 chap->qid, data->hashid);  in nvme_auth_process_dhchap_challenge()
182 		chap->status = NVME_AUTH_DHCHAP_FAILURE_HASH_UNUSABLE;  in nvme_auth_process_dhchap_challenge()
186 	if (chap->hash_id == data->hashid && chap->shash_tfm &&  in nvme_auth_process_dhchap_challenge()
187 	    !strcmp(crypto_shash_alg_name(chap->shash_tfm), hmac_name) &&  in nvme_auth_process_dhchap_challenge()
188 	    crypto_shash_digestsize(chap->shash_tfm) == data->hl) {  in nvme_auth_process_dhchap_challenge()
191 			chap->qid, hmac_name);  in nvme_auth_process_dhchap_challenge()
196 	if (chap->shash_tfm) {  in nvme_auth_process_dhchap_challenge()
197 		crypto_free_shash(chap->shash_tfm);  in nvme_auth_process_dhchap_challenge()
198 		chap->hash_id = 0;  in nvme_auth_process_dhchap_challenge()
199 		chap->hash_len = 0;  in nvme_auth_process_dhchap_challenge()
201 	chap->shash_tfm = crypto_alloc_shash(hmac_name, 0,  in nvme_auth_process_dhchap_challenge()
203 	if (IS_ERR(chap->shash_tfm)) {  in nvme_auth_process_dhchap_challenge()
206 			 chap->qid, hmac_name, PTR_ERR(chap->shash_tfm));  in nvme_auth_process_dhchap_challenge()
207 		chap->shash_tfm = NULL;  in nvme_auth_process_dhchap_challenge()
208 		chap->status = NVME_AUTH_DHCHAP_FAILURE_FAILED;  in nvme_auth_process_dhchap_challenge()
212 	if (crypto_shash_digestsize(chap->shash_tfm) != data->hl) {  in nvme_auth_process_dhchap_challenge()
215 			 chap->qid, data->hl);  in nvme_auth_process_dhchap_challenge()
216 		crypto_free_shash(chap->shash_tfm);  in nvme_auth_process_dhchap_challenge()
217 		chap->shash_tfm = NULL;  in nvme_auth_process_dhchap_challenge()
218 		chap->status = NVME_AUTH_DHCHAP_FAILURE_HASH_UNUSABLE;  in nvme_auth_process_dhchap_challenge()
222 	chap->hash_id = data->hashid;  in nvme_auth_process_dhchap_challenge()
223 	chap->hash_len = data->hl;  in nvme_auth_process_dhchap_challenge()
225 		chap->qid, hmac_name);  in nvme_auth_process_dhchap_challenge()
232 			 chap->qid, data->dhgid);  in nvme_auth_process_dhchap_challenge()
233 		chap->status = NVME_AUTH_DHCHAP_FAILURE_DHGROUP_UNUSABLE;  in nvme_auth_process_dhchap_challenge()
238 	if (chap->dhgroup_id == data->dhgid &&  in nvme_auth_process_dhchap_challenge()
239 	    (data->dhgid == NVME_AUTH_DHGROUP_NULL || chap->dh_tfm)) {  in nvme_auth_process_dhchap_challenge()
242 			chap->qid, gid_name);  in nvme_auth_process_dhchap_challenge()
247 	if (chap->dh_tfm) {  in nvme_auth_process_dhchap_challenge()
248 		crypto_free_kpp(chap->dh_tfm);  in nvme_auth_process_dhchap_challenge()
249 		chap->dh_tfm = NULL;  in nvme_auth_process_dhchap_challenge()
256 				 chap->qid);  in nvme_auth_process_dhchap_challenge()
257 			chap->status = NVME_AUTH_DHCHAP_FAILURE_DHGROUP_UNUSABLE;  in nvme_auth_process_dhchap_challenge()
261 		chap->dh_tfm = crypto_alloc_kpp(kpp_name, 0, 0);  in nvme_auth_process_dhchap_challenge()
262 		if (IS_ERR(chap->dh_tfm)) {  in nvme_auth_process_dhchap_challenge()
263 			int ret = PTR_ERR(chap->dh_tfm);  in nvme_auth_process_dhchap_challenge()
267 				 chap->qid, ret, gid_name);  in nvme_auth_process_dhchap_challenge()
268 			chap->status = NVME_AUTH_DHCHAP_FAILURE_DHGROUP_UNUSABLE;  in nvme_auth_process_dhchap_challenge()
269 			chap->dh_tfm = NULL;  in nvme_auth_process_dhchap_challenge()
273 			chap->qid, gid_name);  in nvme_auth_process_dhchap_challenge()
277 			 chap->qid);  in nvme_auth_process_dhchap_challenge()
278 		chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;  in nvme_auth_process_dhchap_challenge()
281 	chap->dhgroup_id = data->dhgid;  in nvme_auth_process_dhchap_challenge()
284 	chap->s1 = le32_to_cpu(data->seqnum);  in nvme_auth_process_dhchap_challenge()
285 	memcpy(chap->c1, data->cval, chap->hash_len);  in nvme_auth_process_dhchap_challenge()
287 		chap->ctrl_key = kmalloc(dhvlen, GFP_KERNEL);  in nvme_auth_process_dhchap_challenge()
288 		if (!chap->ctrl_key) {  in nvme_auth_process_dhchap_challenge()
289 			chap->status = NVME_AUTH_DHCHAP_FAILURE_FAILED;  in nvme_auth_process_dhchap_challenge()
292 		chap->ctrl_key_len = dhvlen;  in nvme_auth_process_dhchap_challenge()
293 		memcpy(chap->ctrl_key, data->cval + chap->hash_len,  in nvme_auth_process_dhchap_challenge()
296 			 (int)chap->ctrl_key_len, chap->ctrl_key);  in nvme_auth_process_dhchap_challenge()
303 		struct nvme_dhchap_queue_context *chap)  in nvme_auth_set_dhchap_reply_data()  argument
305 	struct nvmf_auth_dhchap_reply_data *data = chap->buf;  in nvme_auth_set_dhchap_reply_data()
308 	size += 2 * chap->hash_len;  in nvme_auth_set_dhchap_reply_data()
310 	if (chap->host_key_len)  in nvme_auth_set_dhchap_reply_data()
311 		size += chap->host_key_len;  in nvme_auth_set_dhchap_reply_data()
314 		chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;  in nvme_auth_set_dhchap_reply_data()
318 	memset(chap->buf, 0, size);  in nvme_auth_set_dhchap_reply_data()
321 	data->t_id = cpu_to_le16(chap->transaction);  in nvme_auth_set_dhchap_reply_data()
322 	data->hl = chap->hash_len;  in nvme_auth_set_dhchap_reply_data()
323 	data->dhvlen = cpu_to_le16(chap->host_key_len);  in nvme_auth_set_dhchap_reply_data()
324 	memcpy(data->rval, chap->response, chap->hash_len);  in nvme_auth_set_dhchap_reply_data()
326 		chap->bi_directional = true;  in nvme_auth_set_dhchap_reply_data()
328 		get_random_bytes(chap->c2, chap->hash_len);  in nvme_auth_set_dhchap_reply_data()
330 		memcpy(data->rval + chap->hash_len, chap->c2,  in nvme_auth_set_dhchap_reply_data()
331 		       chap->hash_len);  in nvme_auth_set_dhchap_reply_data()
333 			__func__, chap->qid, (int)chap->hash_len, chap->c2);  in nvme_auth_set_dhchap_reply_data()
335 		memset(chap->c2, 0, chap->hash_len);  in nvme_auth_set_dhchap_reply_data()
338 		chap->s2 = 0;  in nvme_auth_set_dhchap_reply_data()
339 		chap->bi_directional = false;  in nvme_auth_set_dhchap_reply_data()
341 		chap->s2 = nvme_auth_get_seqnum();  in nvme_auth_set_dhchap_reply_data()
342 	data->seqnum = cpu_to_le32(chap->s2);  in nvme_auth_set_dhchap_reply_data()
343 	if (chap->host_key_len) {  in nvme_auth_set_dhchap_reply_data()
345 			__func__, chap->qid,  in nvme_auth_set_dhchap_reply_data()
346 			chap->host_key_len, chap->host_key);  in nvme_auth_set_dhchap_reply_data()
347 		memcpy(data->rval + 2 * chap->hash_len, chap->host_key,  in nvme_auth_set_dhchap_reply_data()
348 		       chap->host_key_len);  in nvme_auth_set_dhchap_reply_data()
355 		struct nvme_dhchap_queue_context *chap)  in nvme_auth_process_dhchap_success1()  argument
357 	struct nvmf_auth_dhchap_success1_data *data = chap->buf;  in nvme_auth_process_dhchap_success1()
358 	size_t size = sizeof(*data) + chap->hash_len;  in nvme_auth_process_dhchap_success1()
361 		chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;  in nvme_auth_process_dhchap_success1()
365 	if (data->hl != chap->hash_len) {  in nvme_auth_process_dhchap_success1()
368 			 chap->qid, data->hl);  in nvme_auth_process_dhchap_success1()
369 		chap->status = NVME_AUTH_DHCHAP_FAILURE_HASH_UNUSABLE;  in nvme_auth_process_dhchap_success1()
374 	if (chap->qid == 0)  in nvme_auth_process_dhchap_success1()
377 			 nvme_auth_hmac_name(chap->hash_id),  in nvme_auth_process_dhchap_success1()
378 			 nvme_auth_dhgroup_name(chap->dhgroup_id));  in nvme_auth_process_dhchap_success1()
384 	if (memcmp(chap->response, data->rval, data->hl)) {  in nvme_auth_process_dhchap_success1()
386 			__func__, chap->qid, (int)chap->hash_len, data->rval);  in nvme_auth_process_dhchap_success1()
388 			__func__, chap->qid, (int)chap->hash_len,  in nvme_auth_process_dhchap_success1()
389 			chap->response);  in nvme_auth_process_dhchap_success1()
392 			 chap->qid);  in nvme_auth_process_dhchap_success1()
393 		chap->status = NVME_AUTH_DHCHAP_FAILURE_FAILED;  in nvme_auth_process_dhchap_success1()
398 	if (chap->qid == 0)  in nvme_auth_process_dhchap_success1()
405 		struct nvme_dhchap_queue_context *chap)  in nvme_auth_set_dhchap_success2_data()  argument
407 	struct nvmf_auth_dhchap_success2_data *data = chap->buf;  in nvme_auth_set_dhchap_success2_data()
410 	memset(chap->buf, 0, size);  in nvme_auth_set_dhchap_success2_data()
413 	data->t_id = cpu_to_le16(chap->transaction);  in nvme_auth_set_dhchap_success2_data()
419 		struct nvme_dhchap_queue_context *chap)  in nvme_auth_set_dhchap_failure2_data()  argument
421 	struct nvmf_auth_dhchap_failure_data *data = chap->buf;  in nvme_auth_set_dhchap_failure2_data()
424 	memset(chap->buf, 0, size);  in nvme_auth_set_dhchap_failure2_data()
427 	data->t_id = cpu_to_le16(chap->transaction);  in nvme_auth_set_dhchap_failure2_data()
429 	data->rescode_exp = chap->status;  in nvme_auth_set_dhchap_failure2_data()
435 		struct nvme_dhchap_queue_context *chap)  in nvme_auth_dhchap_setup_host_response()  argument
437 	SHASH_DESC_ON_STACK(shash, chap->shash_tfm);  in nvme_auth_dhchap_setup_host_response()
438 	u8 buf[4], *challenge = chap->c1;  in nvme_auth_dhchap_setup_host_response()
442 		__func__, chap->qid, chap->s1, chap->transaction);  in nvme_auth_dhchap_setup_host_response()
444 	if (!chap->transformed_key) {  in nvme_auth_dhchap_setup_host_response()
445 		chap->transformed_key = nvme_auth_transform_key(ctrl->host_key,  in nvme_auth_dhchap_setup_host_response()
447 		if (IS_ERR(chap->transformed_key)) {  in nvme_auth_dhchap_setup_host_response()
448 			ret = PTR_ERR(chap->transformed_key);  in nvme_auth_dhchap_setup_host_response()
449 			chap->transformed_key = NULL;  in nvme_auth_dhchap_setup_host_response()
454 			__func__, chap->qid);  in nvme_auth_dhchap_setup_host_response()
457 	ret = crypto_shash_setkey(chap->shash_tfm,  in nvme_auth_dhchap_setup_host_response()
458 			chap->transformed_key->key, chap->transformed_key->len);  in nvme_auth_dhchap_setup_host_response()
461 			 chap->qid, ret);  in nvme_auth_dhchap_setup_host_response()
465 	if (chap->dh_tfm) {  in nvme_auth_dhchap_setup_host_response()
466 		challenge = kmalloc(chap->hash_len, GFP_KERNEL);  in nvme_auth_dhchap_setup_host_response()
471 		ret = nvme_auth_augmented_challenge(chap->hash_id,  in nvme_auth_dhchap_setup_host_response()
472 						    chap->sess_key,  in nvme_auth_dhchap_setup_host_response()
473 						    chap->sess_key_len,  in nvme_auth_dhchap_setup_host_response()
474 						    chap->c1, challenge,  in nvme_auth_dhchap_setup_host_response()
475 						    chap->hash_len);  in nvme_auth_dhchap_setup_host_response()
480 	shash->tfm = chap->shash_tfm;  in nvme_auth_dhchap_setup_host_response()
484 	ret = crypto_shash_update(shash, challenge, chap->hash_len);  in nvme_auth_dhchap_setup_host_response()
487 	put_unaligned_le32(chap->s1, buf);  in nvme_auth_dhchap_setup_host_response()
491 	put_unaligned_le16(chap->transaction, buf);  in nvme_auth_dhchap_setup_host_response()
495 	*buf = chap->sc_c;  in nvme_auth_dhchap_setup_host_response()
514 	ret = crypto_shash_final(shash, chap->response);  in nvme_auth_dhchap_setup_host_response()
516 	if (challenge != chap->c1)  in nvme_auth_dhchap_setup_host_response()
522 		struct nvme_dhchap_queue_context *chap)  in nvme_auth_dhchap_setup_ctrl_response()  argument
524 	SHASH_DESC_ON_STACK(shash, chap->shash_tfm);  in nvme_auth_dhchap_setup_ctrl_response()
526 	u8 buf[4], *challenge = chap->c2;  in nvme_auth_dhchap_setup_ctrl_response()
536 	ret = crypto_shash_setkey(chap->shash_tfm,  in nvme_auth_dhchap_setup_ctrl_response()
540 			 chap->qid, ret);  in nvme_auth_dhchap_setup_ctrl_response()
544 	if (chap->dh_tfm) {  in nvme_auth_dhchap_setup_ctrl_response()
545 		challenge = kmalloc(chap->hash_len, GFP_KERNEL);  in nvme_auth_dhchap_setup_ctrl_response()
550 		ret = nvme_auth_augmented_challenge(chap->hash_id,  in nvme_auth_dhchap_setup_ctrl_response()
551 						    chap->sess_key,  in nvme_auth_dhchap_setup_ctrl_response()
552 						    chap->sess_key_len,  in nvme_auth_dhchap_setup_ctrl_response()
553 						    chap->c2, challenge,  in nvme_auth_dhchap_setup_ctrl_response()
554 						    chap->hash_len);  in nvme_auth_dhchap_setup_ctrl_response()
559 		__func__, chap->qid, chap->s2, chap->transaction);  in nvme_auth_dhchap_setup_ctrl_response()
561 		__func__, chap->qid, (int)chap->hash_len, challenge);  in nvme_auth_dhchap_setup_ctrl_response()
563 		__func__, chap->qid, ctrl->opts->subsysnqn);  in nvme_auth_dhchap_setup_ctrl_response()
565 		__func__, chap->qid, ctrl->opts->host->nqn);  in nvme_auth_dhchap_setup_ctrl_response()
566 	shash->tfm = chap->shash_tfm;  in nvme_auth_dhchap_setup_ctrl_response()
570 	ret = crypto_shash_update(shash, challenge, chap->hash_len);  in nvme_auth_dhchap_setup_ctrl_response()
573 	put_unaligned_le32(chap->s2, buf);  in nvme_auth_dhchap_setup_ctrl_response()
577 	put_unaligned_le16(chap->transaction, buf);  in nvme_auth_dhchap_setup_ctrl_response()
599 	ret = crypto_shash_final(shash, chap->response);  in nvme_auth_dhchap_setup_ctrl_response()
601 	if (challenge != chap->c2)  in nvme_auth_dhchap_setup_ctrl_response()
608 		struct nvme_dhchap_queue_context *chap)  in nvme_auth_dhchap_exponential()  argument
612 	if (chap->host_key && chap->host_key_len) {  in nvme_auth_dhchap_exponential()
614 			"qid %d: reusing host key\n", chap->qid);  in nvme_auth_dhchap_exponential()
617 	ret = nvme_auth_gen_privkey(chap->dh_tfm, chap->dhgroup_id);  in nvme_auth_dhchap_exponential()
619 		chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;  in nvme_auth_dhchap_exponential()
623 	chap->host_key_len = crypto_kpp_maxsize(chap->dh_tfm);  in nvme_auth_dhchap_exponential()
625 	chap->host_key = kzalloc(chap->host_key_len, GFP_KERNEL);  in nvme_auth_dhchap_exponential()
626 	if (!chap->host_key) {  in nvme_auth_dhchap_exponential()
627 		chap->host_key_len = 0;  in nvme_auth_dhchap_exponential()
628 		chap->status = NVME_AUTH_DHCHAP_FAILURE_FAILED;  in nvme_auth_dhchap_exponential()
631 	ret = nvme_auth_gen_pubkey(chap->dh_tfm,  in nvme_auth_dhchap_exponential()
632 				   chap->host_key, chap->host_key_len);  in nvme_auth_dhchap_exponential()
636 		chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;  in nvme_auth_dhchap_exponential()
641 	chap->sess_key_len = chap->host_key_len;  in nvme_auth_dhchap_exponential()
642 	chap->sess_key = kmalloc(chap->sess_key_len, GFP_KERNEL);  in nvme_auth_dhchap_exponential()
643 	if (!chap->sess_key) {  in nvme_auth_dhchap_exponential()
644 		chap->sess_key_len = 0;  in nvme_auth_dhchap_exponential()
645 		chap->status = NVME_AUTH_DHCHAP_FAILURE_FAILED;  in nvme_auth_dhchap_exponential()
649 	ret = nvme_auth_gen_shared_secret(chap->dh_tfm,  in nvme_auth_dhchap_exponential()
650 					  chap->ctrl_key, chap->ctrl_key_len,  in nvme_auth_dhchap_exponential()
651 					  chap->sess_key, chap->sess_key_len);  in nvme_auth_dhchap_exponential()
655 		chap->status = NVME_AUTH_DHCHAP_FAILURE_INCORRECT_PAYLOAD;  in nvme_auth_dhchap_exponential()
659 		(int)chap->sess_key_len, chap->sess_key);  in nvme_auth_dhchap_exponential()
663 static void nvme_auth_reset_dhchap(struct nvme_dhchap_queue_context *chap)  in nvme_auth_reset_dhchap()  argument
665 	nvme_auth_free_key(chap->transformed_key);  in nvme_auth_reset_dhchap()
666 	chap->transformed_key = NULL;  in nvme_auth_reset_dhchap()
667 	kfree_sensitive(chap->host_key);  in nvme_auth_reset_dhchap()
668 	chap->host_key = NULL;  in nvme_auth_reset_dhchap()
669 	chap->host_key_len = 0;  in nvme_auth_reset_dhchap()
670 	kfree_sensitive(chap->ctrl_key);  in nvme_auth_reset_dhchap()
671 	chap->ctrl_key = NULL;  in nvme_auth_reset_dhchap()
672 	chap->ctrl_key_len = 0;  in nvme_auth_reset_dhchap()
673 	kfree_sensitive(chap->sess_key);  in nvme_auth_reset_dhchap()
674 	chap->sess_key = NULL;  in nvme_auth_reset_dhchap()
675 	chap->sess_key_len = 0;  in nvme_auth_reset_dhchap()
676 	chap->status = 0;  in nvme_auth_reset_dhchap()
677 	chap->error = 0;  in nvme_auth_reset_dhchap()
678 	chap->s1 = 0;  in nvme_auth_reset_dhchap()
679 	chap->s2 = 0;  in nvme_auth_reset_dhchap()
680 	chap->bi_directional = false;  in nvme_auth_reset_dhchap()
681 	chap->transaction = 0;  in nvme_auth_reset_dhchap()
682 	memset(chap->c1, 0, sizeof(chap->c1));  in nvme_auth_reset_dhchap()
683 	memset(chap->c2, 0, sizeof(chap->c2));  in nvme_auth_reset_dhchap()
684 	mempool_free(chap->buf, nvme_chap_buf_pool);  in nvme_auth_reset_dhchap()
685 	chap->buf = NULL;  in nvme_auth_reset_dhchap()
688 static void nvme_auth_free_dhchap(struct nvme_dhchap_queue_context *chap)  in nvme_auth_free_dhchap()  argument
690 	nvme_auth_reset_dhchap(chap);  in nvme_auth_free_dhchap()
691 	chap->authenticated = false;  in nvme_auth_free_dhchap()
692 	if (chap->shash_tfm)  in nvme_auth_free_dhchap()
693 		crypto_free_shash(chap->shash_tfm);  in nvme_auth_free_dhchap()
694 	if (chap->dh_tfm)  in nvme_auth_free_dhchap()
695 		crypto_free_kpp(chap->dh_tfm);  in nvme_auth_free_dhchap()
709 				   struct nvme_dhchap_queue_context *chap)  in nvme_auth_secure_concat()  argument
716 	if (!chap->sess_key) {  in nvme_auth_secure_concat()
719 			 __func__, chap->qid);  in nvme_auth_secure_concat()
723 	if (chap->qid) {  in nvme_auth_secure_concat()
726 			 chap->qid);  in nvme_auth_secure_concat()
729 	ret = nvme_auth_generate_psk(chap->hash_id, chap->sess_key,  in nvme_auth_secure_concat()
730 				     chap->sess_key_len,  in nvme_auth_secure_concat()
731 				     chap->c1, chap->c2,  in nvme_auth_secure_concat()
732 				     chap->hash_len, &psk, &psk_len);  in nvme_auth_secure_concat()
736 			 __func__, chap->qid, ret);  in nvme_auth_secure_concat()
742 	ret = nvme_auth_generate_digest(chap->hash_id, psk, psk_len,  in nvme_auth_secure_concat()
748 			 __func__, chap->qid, ret);  in nvme_auth_secure_concat()
753 	ret = nvme_auth_derive_tls_psk(chap->hash_id, psk, psk_len,  in nvme_auth_secure_concat()
758 			 __func__, chap->qid, ret);  in nvme_auth_secure_concat()
764 				       ctrl->opts->subsysnqn, chap->hash_id,  in nvme_auth_secure_concat()
770 			 __func__, chap->qid, ret);  in nvme_auth_secure_concat()
786 	struct nvme_dhchap_queue_context *chap =  in nvme_queue_auth_work()  local
788 	struct nvme_ctrl *ctrl = chap->ctrl;  in nvme_queue_auth_work()
796 	chap->buf = mempool_alloc(nvme_chap_buf_pool, GFP_KERNEL);  in nvme_queue_auth_work()
797 	if (!chap->buf) {  in nvme_queue_auth_work()
798 		chap->error = -ENOMEM;  in nvme_queue_auth_work()
802 	chap->transaction = ctrl->transaction++;  in nvme_queue_auth_work()
806 		__func__, chap->qid);  in nvme_queue_auth_work()
807 	ret = nvme_auth_set_dhchap_negotiate_data(ctrl, chap);  in nvme_queue_auth_work()
809 		chap->error = ret;  in nvme_queue_auth_work()
813 	ret = nvme_auth_submit(ctrl, chap->qid, chap->buf, tl, true);  in nvme_queue_auth_work()
815 		chap->error = ret;  in nvme_queue_auth_work()
821 		__func__, chap->qid);  in nvme_queue_auth_work()
823 	memset(chap->buf, 0, CHAP_BUF_SIZE);  in nvme_queue_auth_work()
824 	ret = nvme_auth_submit(ctrl, chap->qid, chap->buf, CHAP_BUF_SIZE,  in nvme_queue_auth_work()
829 			 chap->qid, ret < 0 ? "error" : "nvme status", ret);  in nvme_queue_auth_work()
830 		chap->error = ret;  in nvme_queue_auth_work()
833 	ret = nvme_auth_receive_validate(ctrl, chap->qid, chap->buf, chap->transaction,  in nvme_queue_auth_work()
836 		chap->status = ret;  in nvme_queue_auth_work()
837 		chap->error = -EKEYREJECTED;  in nvme_queue_auth_work()
841 	ret = nvme_auth_process_dhchap_challenge(ctrl, chap);  in nvme_queue_auth_work()
844 		chap->error = ret;  in nvme_queue_auth_work()
848 	if (chap->ctrl_key_len) {  in nvme_queue_auth_work()
851 			__func__, chap->qid);  in nvme_queue_auth_work()
852 		ret = nvme_auth_dhchap_exponential(ctrl, chap);  in nvme_queue_auth_work()
854 			chap->error = ret;  in nvme_queue_auth_work()
860 		__func__, chap->qid);  in nvme_queue_auth_work()
862 	ret = nvme_auth_dhchap_setup_host_response(ctrl, chap);  in nvme_queue_auth_work()
865 		chap->error = ret;  in nvme_queue_auth_work()
871 		__func__, chap->qid);  in nvme_queue_auth_work()
872 	ret = nvme_auth_set_dhchap_reply_data(ctrl, chap);  in nvme_queue_auth_work()
874 		chap->error = ret;  in nvme_queue_auth_work()
879 	ret = nvme_auth_submit(ctrl, chap->qid, chap->buf, tl, true);  in nvme_queue_auth_work()
881 		chap->error = ret;  in nvme_queue_auth_work()
887 		__func__, chap->qid);  in nvme_queue_auth_work()
889 	memset(chap->buf, 0, CHAP_BUF_SIZE);  in nvme_queue_auth_work()
890 	ret = nvme_auth_submit(ctrl, chap->qid, chap->buf, CHAP_BUF_SIZE,  in nvme_queue_auth_work()
895 			 chap->qid, ret < 0 ? "error" : "nvme status", ret);  in nvme_queue_auth_work()
896 		chap->error = ret;  in nvme_queue_auth_work()
899 	ret = nvme_auth_receive_validate(ctrl, chap->qid,  in nvme_queue_auth_work()
900 					 chap->buf, chap->transaction,  in nvme_queue_auth_work()
903 		chap->status = ret;  in nvme_queue_auth_work()
904 		chap->error = -EKEYREJECTED;  in nvme_queue_auth_work()
912 			__func__, chap->qid);  in nvme_queue_auth_work()
913 		ret = nvme_auth_dhchap_setup_ctrl_response(ctrl, chap);  in nvme_queue_auth_work()
916 			chap->error = ret;  in nvme_queue_auth_work()
922 	ret = nvme_auth_process_dhchap_success1(ctrl, chap);  in nvme_queue_auth_work()
925 		chap->error = -EKEYREJECTED;  in nvme_queue_auth_work()
929 	if (chap->bi_directional) {  in nvme_queue_auth_work()
932 			__func__, chap->qid);  in nvme_queue_auth_work()
933 		tl = nvme_auth_set_dhchap_success2_data(ctrl, chap);  in nvme_queue_auth_work()
934 		ret = nvme_auth_submit(ctrl, chap->qid, chap->buf, tl, true);  in nvme_queue_auth_work()
936 			chap->error = ret;  in nvme_queue_auth_work()
939 		chap->error = 0;  in nvme_queue_auth_work()
940 		chap->authenticated = true;  in nvme_queue_auth_work()
942 		    (ret = nvme_auth_secure_concat(ctrl, chap))) {  in nvme_queue_auth_work()
945 				 __func__, chap->qid);  in nvme_queue_auth_work()
946 			chap->error = ret;  in nvme_queue_auth_work()
947 			chap->authenticated = false;  in nvme_queue_auth_work()
953 	if (chap->status == 0)  in nvme_queue_auth_work()
954 		chap->status = NVME_AUTH_DHCHAP_FAILURE_FAILED;  in nvme_queue_auth_work()
956 		__func__, chap->qid, chap->status);  in nvme_queue_auth_work()
957 	tl = nvme_auth_set_dhchap_failure2_data(ctrl, chap);  in nvme_queue_auth_work()
958 	ret = nvme_auth_submit(ctrl, chap->qid, chap->buf, tl, true);  in nvme_queue_auth_work()
963 	if (ret && !chap->error)  in nvme_queue_auth_work()
964 		chap->error = ret;  in nvme_queue_auth_work()
969 	struct nvme_dhchap_queue_context *chap;  in nvme_auth_negotiate()  local
981 	chap = &ctrl->dhchap_ctxs[qid];  in nvme_auth_negotiate()
982 	cancel_work_sync(&chap->auth_work);  in nvme_auth_negotiate()
983 	queue_work(nvme_auth_wq, &chap->auth_work);  in nvme_auth_negotiate()
990 	struct nvme_dhchap_queue_context *chap;  in nvme_auth_wait()  local
993 	chap = &ctrl->dhchap_ctxs[qid];  in nvme_auth_wait()
994 	flush_work(&chap->auth_work);  in nvme_auth_wait()
995 	ret = chap->error;  in nvme_auth_wait()
997 	nvme_auth_reset_dhchap(chap);  in nvme_auth_wait()
1035 		struct nvme_dhchap_queue_context *chap =  in nvme_ctrl_auth_work()  local
1041 		if (!chap->authenticated)  in nvme_ctrl_auth_work()
1043 		cancel_work_sync(&chap->auth_work);  in nvme_ctrl_auth_work()
1044 		queue_work(nvme_auth_wq, &chap->auth_work);  in nvme_ctrl_auth_work()
1052 		struct nvme_dhchap_queue_context *chap =  in nvme_ctrl_auth_work()  local
1054 		if (!chap->authenticated)  in nvme_ctrl_auth_work()
1056 		flush_work(&chap->auth_work);  in nvme_ctrl_auth_work()
1057 		ret = chap->error;  in nvme_ctrl_auth_work()
1058 		nvme_auth_reset_dhchap(chap);  in nvme_ctrl_auth_work()
1067 	struct nvme_dhchap_queue_context *chap;  in nvme_auth_init_ctrl()  local
1086 	ctrl->dhchap_ctxs = kvzalloc_objs(*chap, ctrl_max_dhchaps(ctrl));  in nvme_auth_init_ctrl()
1093 		chap = &ctrl->dhchap_ctxs[i];  in nvme_auth_init_ctrl()
1094 		chap->qid = i;  in nvme_auth_init_ctrl()
1095 		chap->ctrl = ctrl;  in nvme_auth_init_ctrl()
1096 		chap->authenticated = false;  in nvme_auth_init_ctrl()
1097 		INIT_WORK(&chap->auth_work, nvme_queue_auth_work);  in nvme_auth_init_ctrl()