Protecting data in buffer with an SA
Kevin D Butt
kdbutt at us.ibm.com
Tue Mar 3 16:28:29 PST 2009
Formatted message: <a href="http://www.t10.org/cgi-bin/ac.pl?t=r&f=r0903036_f.htm">HTML-formatted message</a>
Thanks for the response. Does it help to restate my question as this:
How can the device server know which SA the application client wants the
device server to use to protect the data-in buffer using ESP-SCSI?
A device server shall transfer ESP-SCSI parameter data descriptors in a
data-in buffer only in response to a
request that specifies an SA using the AC_SAI SA parameter and DS_SAI SA
parameter values (see 220.127.116.11). If
the specified combination of AC_SAI and DS_SAI values in a command that
requests the transfer of ESP-SCSI
parameter data descriptors is not known to the device server, the command
shall be terminated with CHECK
CONDITION status, with the sense key set to ILLEGAL REQUEST, the
additional sense code set to INVALID
FIELD IN PARAMETER LIST or to INVALID FIELD IN CDB, the SKSV bit set to
one, and SENSE KEY SPECIFIC field
set as defined in 18.104.22.168.2.
How is this line in the above fulfilled "only in response to a request
that specifies an SA using the AC_SAI SA parameter and DS_SAI SA parameter
values". How can the request (i.e., a CDB) specify an SA?
Kevin D. Butt
SCSI & Fibre Channel Architect, Tape Firmware
MS 6TYA, 9000 S. Rita Rd., Tucson, AZ 85744
Fax: 520-799-2723 (T/L:321)
Email address: kdbutt at us.ibm.com
Ralph Weber <roweber at IEEE.org>
t10 at t10.org
03/03/2009 05:06 PM
Re: Protecting data in buffer with an SA
* From the T10 Reflector (t10 at t10.org), posted by:
* Ralph Weber <roweber at ieee.org>
I am having difficulty parsing everything that follows, "There
is an ESP-SCSI defined for parameter in data but no method for
selecting which SA to use to protect it" in the original message.
Every ESP-SCSI format that I have checked contains an SAI
(Security Association Index) -- either DS_SAI or AC_SAI --
that identifies the SA to be applied when protecting the data.
Perhaps my confusion over the other questions will be clarified
when the inability of SAIs to identify SAs is explained.
All the best,
Kevin D Butt wrote:
> IBM is looking at what would be required to protect a data in buffer
> with an SA. There is an ESP-SCSI defined for parameter in data but no
> method for selecting which SA to use to protect it. How does the
> application client tell the device server which SA to use? Since
> there are no SAI fields in the CDB's for the commands that request the
> data we are looking to protect, we don't see how to do this.
> Has anybody thought about this yet?
> Kevin D. Butt
> SCSI & Fibre Channel Architect, Tape Firmware
> MS 6TYA, 9000 S. Rita Rd., Tucson, AZ 85744
> Tel: 520-799-5280
> Fax: 520-799-2723 (T/L:321)
> Email address: kdbutt at us.ibm.com
* For T10 Reflector information, send a message with
* 'info t10' (no quotes) in the message body to majordomo at t10.org
More information about the T10