common/nvme: TLS target support

Add --tls option to _create_nvmet_subsystem and allow to specify
the tls requirements in _create_nvmet_port.

Signed-off-by: Hannes Reinecke <[email protected]>
Signed-off-by: Shin'ichiro Kawasaki <[email protected]>

Author: hreinecke

common/nvme

@@ -479,6 +479,7 @@ _fc_host_traddr() {
 }
 
 _create_nvmet_port() {
+	local tls="${1:-none}"
 	local trtype="${nvme_trtype}"
 	local traddr="${def_traddr}"
 	local adrfam="${def_adrfam}"
@@ -515,7 +516,13 @@ _create_nvmet_port() {
 	   [[ "${adrfam}" != "loop" ]] ; then
 		echo "${trsvcid}" > "${portcfs}/addr_trsvcid"
 	fi
-
+	if [[ "${trtype}" == "tcp" ]] && \
+		   [[ "${tls}" != "none" ]]; then
+		echo "tls1.3" > "${portcfs}/addr_tsas"
+		if [[ "${tls}" != "required" ]]; then
+			echo "not required" > "${portcfs}/addr_treq"
+		fi
+	fi
 	echo "${port}"
 }
 
@@ -907,6 +914,7 @@ _nvmet_target_setup() {
 	local port p
 	local resv_enable=""
 	local num_ports=1
+	local tls="none"
 	local -a ARGS
 
 	while [[ $# -gt 0 ]]; do
@@ -939,6 +947,14 @@ _nvmet_target_setup() {
 				num_ports="$2"
 				shift 2
 				;;
+			--tls)
+				tls="not-required"
+				shift 1
+				;;
+			--force-tls)
+				tls="required"
+				shift 1
+				;;
 			*)
 				echo "WARNING: unknown argument: $1"
 				shift
@@ -985,7 +1001,7 @@ _nvmet_target_setup() {
 
 	p=0
 	while (( p < num_ports )); do
-		port="$(_create_nvmet_port)"
+		port="$(_create_nvmet_port ${tls})"
 		_add_nvmet_subsys_to_port "${port}" "${subsysnqn}"
 		p=$(( p + 1 ))
 	done