On Thu, May 15, 2025 at 04:46:43PM +0200, Hannes Reinecke wrote: > > This is equivalent nvme_tls_key_lookup() so would it be more senseful > > to call it nfs_tls_key_lookup()? I'm also a bit puzzled how the code > > will associate nfs_keyring to all this (e.g., with keyring_search as > > done in nvme_tls_psk_lookup())? > > > With this patch the keyring is pretty much immaterial; the interface > is passing in a serial number which is unique across all keyrings. > Where the keyring comes in when looking up keys on the TLS server, > as there the TLS client hello only transports the key description > (which are not required to be unique across all keyrings). > So there we'll need the keyring to be specified. > But for the client we really don't. I did not see anything that would depend on having 2/2 at all, or it getting populated. > > Cheers, > > Hannes > -- > Dr. Hannes Reinecke Kernel Storage Architect > hare@xxxxxxx +49 911 74053 688 > SUSE Software Solutions GmbH, Frankenstr. 146, 90461 Nürnberg > HRB 36809 (AG Nürnberg), GF: I. Totev, A. McDonald, W. Knoblich BR, Jarkko
