git.baikalelectronics.ru Git - kernel.git/commit

author	Stefan Metzmacher <metze@samba.org>
	Wed, 1 Feb 2023 15:21:41 +0000 (16:21 +0100)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 10 Mar 2023 08:34:05 +0000 (09:34 +0100)
commit	5864003ae07c41282e8699bf6e3a247d441be7df
tree	c862b68de7f43e7820f939004c5066ab9af18b7d	tree \| snapshot
parent	c5dbc633f6b285d980c1daa34225e449cb417344	commit \| diff

cifs: don't try to use rdma offload on encrypted connections

commit 5f29d235f1959278381e8efa0fdd04ab723d8977 upstream.

The aim of using encryption on a connection is to keep
the data confidential, so we must not use plaintext rdma offload
for that data!

It seems that current windows servers and ksmbd would allow
this, but that's no reason to expose the users data in plaintext!
And servers hopefully reject this in future.

Note modern windows servers support signed or encrypted offload,
see MS-SMB2 2.2.3.1.6 SMB2_RDMA_TRANSFORM_CAPABILITIES, but we don't
support that yet.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Cc: Steve French <smfrench@gmail.com>
Cc: Tom Talpey <tom@talpey.com>
Cc: Long Li <longli@microsoft.com>
Cc: Namjae Jeon <linkinjeon@kernel.org>
Cc: David Howells <dhowells@redhat.com>
Cc: linux-cifs@vger.kernel.org
Cc: stable@vger.kernel.org
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>