Loading...

Linking RHIVOS CVEs to...

Migration: Automation ...

Sync from "Extern...

XML

Word

Printable

Type: Story
Resolution: Unresolved
Priority: Undefined
Fix Version/s: None
Affects Version/s: None
Component/s: nvme-cli
Labels:
None

Severity:
Moderate
Epic Link:
[RHEL9] NVMe/TCP Transport Layer Security (TLS)

AssignedTeam:
rhel-storage-io-1
Sub-System Group:

ssg_platform_storage

Story Points:
None
Target Version:

rhel-9.7
Blocked:
False
Ready:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
None
Products:

Red Hat Enterprise Linux
Sprint:
None

Preliminary Testing:
None
Test Coverage:
None

Experience:
Architecture:

All
OS:
Linux

PX Impact Score:
SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

Goal

Secure storage and loading of TLS keys into the kernel keyring needs to be improved on and documented for users.

Currently the upstream nvme-cli has this udev rule to load TLS keys into the kernel keyring from a file:

https://github.com/linux-nvme/nvme-cli/blob/master/nvmf-autoconnect/udev-rules/70-nvmf-keys.rules.in

We could package and document this, or we might need to work on something more robust.

is cloned by

RHEL-73777 [RFE RHEL-10] NVMe/TLS key handling and usability improvements

New

Assignee:: Chris Leech

Reporter:: Chris Leech

Developer:: Maurizio Lombardi

QA Contact:: Marco Patalano

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 2025/01/13 8:42 PM

Updated:: 2025/10/07 2:16 AM

Stale Date:: 2026/01/12