Protecting data in buffer with an SA

Kevin D Butt kdbutt at us.ibm.com
Tue Mar 3 16:28:29 PST 2009


Formatted message: <a href="http://www.t10.org/cgi-bin/ac.pl?t=r&f=r0903036_f.htm">HTML-formatted message</a>

Ralph,
Thanks for the response.  Does it help to restate my question as this:
How can the device server know which SA the application client wants the 
device server to use to protect the data-in buffer using ESP-SCSI?
5.14.7.5.1 Overview
A device server shall transfer ESP-SCSI parameter data descriptors in a 
data-in buffer only in response to a
request that specifies an SA using the AC_SAI SA parameter and DS_SAI SA 
parameter values (see 5.14.2.2). If
the specified combination of AC_SAI and DS_SAI values in a command that 
requests the transfer of ESP-SCSI
parameter data descriptors is not known to the device server, the command 
shall be terminated with CHECK
CONDITION status, with the sense key set to ILLEGAL REQUEST, the 
additional sense code set to INVALID
FIELD IN PARAMETER LIST or to INVALID FIELD IN CDB, the SKSV bit set to 
one, and SENSE KEY SPECIFIC field
set as defined in 4.5.2.4.2.
How is this line in the above fulfilled "only in response to a request 
that specifies an SA using the AC_SAI SA parameter and DS_SAI SA parameter 
values".  How can the request (i.e., a CDB) specify an SA?
Thanks,
Kevin D. Butt
SCSI & Fibre Channel Architect, Tape Firmware
MS 6TYA, 9000 S. Rita Rd., Tucson, AZ 85744
Tel: 520-799-5280
Fax: 520-799-2723 (T/L:321)
Email address: kdbutt at us.ibm.com
http://www-03.ibm.com/servers/storage/ 
From:
Ralph Weber <roweber at IEEE.org>
To:
t10 at t10.org
Date:
03/03/2009 05:06 PM
Subject:
Re: Protecting data in buffer with an SA
* From the T10 Reflector (t10 at t10.org), posted by:
* Ralph Weber <roweber at ieee.org>
*
Kevin,
I am having difficulty parsing everything that follows, "There
is an ESP-SCSI defined for parameter in data but no method for
selecting which SA to use to protect it" in the original message.
Every ESP-SCSI format that I have checked contains an SAI
(Security Association Index) -- either DS_SAI or AC_SAI --
that identifies the SA to be applied when protecting the data.
Perhaps my confusion over the other questions will be clarified
when the inability of SAIs to identify SAs is explained.
All the best,
.Ralph
Kevin D Butt wrote:
>
> IBM is looking at what would be required to protect a data in buffer 
> with an SA.  There is an ESP-SCSI defined for parameter in data but no 
> method for selecting which SA to use to protect it.  How does the 
> application client tell the device server which SA to use?  Since 
> there are no SAI fields in the CDB's for the commands that request the 
> data we are looking to protect, we don't see how to do this.
>
> Has anybody thought about this yet?
>
> Thanks,
>
> Kevin D. Butt
> SCSI & Fibre Channel Architect, Tape Firmware
> MS 6TYA, 9000 S. Rita Rd., Tucson, AZ 85744
> Tel: 520-799-5280
> Fax: 520-799-2723 (T/L:321)
> Email address: kdbutt at us.ibm.com
> http://www-03.ibm.com/servers/storage/ 
*
* For T10 Reflector information, send a message with
* 'info t10' (no quotes) in the message body to majordomo at t10.org



More information about the T10 mailing list