Message ID | cover.1675264648.git.metze@samba.org |
---|---|
Headers | show |
Series | avoid plaintext rdma offload if encryption is required | expand |
Tentatively merged into cifs-2.6.git for-next pending review and testing On Wed, Feb 1, 2023 at 9:21 AM Stefan Metzmacher <metze@samba.org> wrote: > > I think it is a security problem to send confidential data in plaintext > over the wire, so we should avoid doing that even if rdma is in use. > > We already have a similar check to prevent data integrity problems > for rdma offload. > > Modern Windows servers support signed and encrypted rdma offload, > but we don't support this yet... > > Changes v2: > - Added missing Cc: list on commit 2/3 > > Stefan Metzmacher (3): > cifs: introduce cifs_io_parms in smb2_async_writev() > cifs: split out smb3_use_rdma_offload() helper > cifs: don't try to use rdma offload on encrypted connections > > fs/cifs/smb2pdu.c | 89 +++++++++++++++++++++++++++++++++++++---------- > 1 file changed, 70 insertions(+), 19 deletions(-) > > -- > 2.34.1 >