nvmet-tcp: Don't free SQ on authentication success

Curently after the host sends a REPLACETLSPSK we free the TLS keys as
part of calling nvmet_auth_sq_free() on success. This means when the
host sends a follow up REPLACETLSPSK we return CONCAT_MISMATCH as the
check for !nvmet_queue_tls_keyid(req->sq) fails.

This patch ensures we don't free the TLS key on success as we might need
it again in the future.

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Hannes Reinecke <hare@suse.de>
Reviewed-by: Wilfred Mallawa <wilfred.mallawa@wdc.com>
Reviewed-by: Sagi Grimberg <sagi@grimberg.me>
Signed-off-by: Keith Busch <kbusch@kernel.org>

diff --git a/drivers/nvme/target/fabrics-cmd-auth.c b/drivers/nvme/target/fabrics-cmd-auth.c
index a56b9fc35719851c7581018278f1d3e9e994ccf9..35f411fad8f9ed43f3db7de8921d72a8a92a7aca 100644 (file)
--- a/drivers/nvme/target/fabrics-cmd-auth.c
+++ b/drivers/nvme/target/fabrics-cmd-auth.c
@@ -395,9 +395,10 @@ done:
                goto complete;
        }
        /* Final states, clear up variables */
-       nvmet_auth_sq_free(req->sq);
-       if (req->sq->dhchap_step == NVME_AUTH_DHCHAP_MESSAGE_FAILURE2)
+       if (req->sq->dhchap_step == NVME_AUTH_DHCHAP_MESSAGE_FAILURE2) {
+               nvmet_auth_sq_free(req->sq);
                nvmet_ctrl_fatal_error(ctrl);
+       }
 
 complete:
        nvmet_req_complete(req, status);
@@ -573,9 +574,7 @@ void nvmet_execute_auth_receive(struct nvmet_req *req)
        status = nvmet_copy_to_sgl(req, 0, d, al);
        kfree(d);
 done:
-       if (req->sq->dhchap_step == NVME_AUTH_DHCHAP_MESSAGE_SUCCESS2)
-               nvmet_auth_sq_free(req->sq);
-       else if (req->sq->dhchap_step == NVME_AUTH_DHCHAP_MESSAGE_FAILURE1) {
+       if (req->sq->dhchap_step == NVME_AUTH_DHCHAP_MESSAGE_FAILURE1) {
                nvmet_auth_sq_free(req->sq);
                nvmet_ctrl_fatal_error(ctrl);
        }