Re: [PATCH 3/3] nvme: Allow reauth from sysfs

Next message: Aaron Kling: "Re: [PATCH v4 3/5] memory: tegra186-emc: Support non-bpmp icc scaling"
Previous message: Yuwen Chen: "Re: [PATCH v4] zram: Implement multi-page write-back"
In reply to: Christoph Hellwig: "Re: [PATCH 3/3] nvme: Allow reauth from sysfs"
Next in thread: Christoph Hellwig: "Re: [PATCH 3/3] nvme: Allow reauth from sysfs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Hannes Reinecke

Date: Wed Nov 12 2025 - 02:21:45 EST

On 11/12/25 08:02, Christoph Hellwig wrote:

On Wed, Nov 12, 2025 at 09:32:00AM +1000, Alistair Francis wrote:

I would suggest just allow writes to the 'tls_key' attribute; any
writes to that would trigger a replacepsk operation.

I think the `tls_configured_key` is actually the better attribute to
write to as that is the one that updates after a REPLACETLSPSK
operation, see v2 patches which I'm sending now.

Just saw Hannes reply here and saw why you did the current version
the way I did. Hannes, please don't recommend weird ABIs that
make error checking and future extensibility impossible.

Hmm.

'tls_configured_key' prints out the value of
ctrl->opts->tls_key, ie the key passed in from the 'connect'
string. Normally this value will be empty,
as the 'connect' command will pick up the TLS key from
the keyring automatically.

'tls_key' prints out the value of
ctrl->tls_pskid, ie the value of the _negotiated_ key.

So why is 'tls_configured_key' key the better option?
Personally I think that 'tls_key' is more 'natural',
as we want to replace the negotiated key, not the
configured key ...

Cheers,

Hannes
--
Dr. Hannes Reinecke Kernel Storage Architect
hare@xxxxxxx +49 911 74053 688
SUSE Software Solutions GmbH, Frankenstr. 146, 90461 Nürnberg
HRB 36809 (AG Nürnberg), GF: I. Totev, A. McDonald, W. Knoblich