nvme-tcp: send only permitted commands for secure concat

In addition to sending permitted commands such as connect/auth over the initial unencrypted admin connection as part of secure channel concatenation, the host also sends commands such as Property Get and Identify on the same. This is a spec violation leading to secure concat failures. Fix this by ensuring these additional commands are avoided on this connection. Fixes: 104d0e2f6222 ("nvme-fabrics: reset admin connection for secure concatenation") Signed-off-by: Martin George <marting@netapp.com> Reviewed-by: Hannes Reinecke <hare@suse.de> Signed-off-by: Keith Busch <kbusch@kernel.org>
author: Martin George <martinus.gpy@gmail.com> 2025-09-09 16:05:09 +0530
committer: Keith Busch <kbusch@kernel.org> 2025-09-15 09:25:05 -0700
commit: df4666a4908a6d883f628f93a3e6c80981332035 (patch)
tree: b698fd075d36f026ef131142f9551570c64b6598
parent: 891cdbb162ccdb079cd5228ae43bdeebce8597ad (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/drivers/nvme/host/tcp.c b/drivers/nvme/host/tcp.c
index c0fe8cfb7229..1413788ca7d5 100644
--- a/drivers/nvme/host/tcp.c
+++ b/drivers/nvme/host/tcp.c
@@ -2250,6 +2250,9 @@ static int nvme_tcp_configure_admin_queue(struct nvme_ctrl *ctrl, bool new)
 	if (error)
 		goto out_cleanup_tagset;
 
+	if (ctrl->opts->concat && !ctrl->tls_pskid)
+		return 0;
+
 	error = nvme_enable_ctrl(ctrl);
 	if (error)
 		goto out_stop_queue;
author	Martin George <martinus.gpy@gmail.com>	2025-09-09 16:05:09 +0530
committer	Keith Busch <kbusch@kernel.org>	2025-09-15 09:25:05 -0700
commit	df4666a4908a6d883f628f93a3e6c80981332035 (patch)
tree	b698fd075d36f026ef131142f9551570c64b6598
parent	891cdbb162ccdb079cd5228ae43bdeebce8597ad (diff)