[0/3] avoid plaintext rdma offset if encryption is required

Message ID	cover.1675252643.git.metze@samba.org (mailing list archive)
Headers	show Return-Path: <linux-cifs-owner@vger.kernel.org> From: Stefan Metzmacher <metze@samba.org> To: linux-cifs@vger.kernel.org Cc: Stefan Metzmacher <metze@samba.org>, Steve French <smfrench@gmail.com>, Tom Talpey <tom@talpey.com>, Long Li <longli@microsoft.com>, Namjae Jeon <linkinjeon@kernel.org>, David Howells <dhowells@redhat.com>, stable@vger.kernel.org Subject: [PATCH 0/3] avoid plaintext rdma offset if encryption is required Date: Wed, 1 Feb 2023 13:04:40 +0100 Message-Id: <cover.1675252643.git.metze@samba.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	avoid plaintext rdma offset if encryption is required \| expand [0/3] avoid plaintext rdma offset if encryption is required [1/3] cifs: introduce cifs_io_parms in smb2_async_writev() [2/3] cifs: split out smb3_use_rdma_offload() helper [3/3] cifs: don't try to use rdma offload on encrypted connections

Message ID

cover.1675252643.git.metze@samba.org (mailing list archive)

Headers

From: Stefan Metzmacher <metze@samba.org>
To: linux-cifs@vger.kernel.org
Cc: Stefan Metzmacher <metze@samba.org>,
        Steve French <smfrench@gmail.com>, Tom Talpey <tom@talpey.com>,
        Long Li <longli@microsoft.com>,
        Namjae Jeon <linkinjeon@kernel.org>,
        David Howells <dhowells@redhat.com>, stable@vger.kernel.org
Subject: [PATCH 0/3] avoid plaintext rdma offset if encryption is required
Date: Wed,  1 Feb 2023 13:04:40 +0100
Message-Id: <cover.1675252643.git.metze@samba.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

avoid plaintext rdma offset if encryption is required | expand

Message

Stefan Metzmacher Feb. 1, 2023, 12:04 p.m. UTC

I think it is a security problem to send confidential data in plaintext
over the wire, so we should avoid doing that even if rdma is in use.

We already have a similar check to prevent data integrity problems
for rdma offload.

Modern Windows servers support signed and encrypted rdma offload,
but we don't support this yet...

Stefan Metzmacher (3):
  cifs: introduce cifs_io_parms in smb2_async_writev()
  cifs: split out smb3_use_rdma_offload() helper
  cifs: don't try to use rdma offload on encrypted connections

 fs/cifs/smb2pdu.c | 89 +++++++++++++++++++++++++++++++++++++----------
 1 file changed, 70 insertions(+), 19 deletions(-)

Comments

Christoph Hellwig Feb. 1, 2023, 1:39 p.m. UTC | #1

On Wed, Feb 01, 2023 at 01:04:40PM +0100, Stefan Metzmacher wrote:
> I think it is a security problem to send confidential data in plaintext
> over the wire, so we should avoid doing that even if rdma is in use.

Yep.

> Modern Windows servers support signed and encrypted rdma offload,
> but we don't support this yet...

There is a series out on the list for encryption offload to mlx5
hardware, whch is one way to handle this.  If not you need to bounce
buffer.

Stefan Metzmacher Feb. 1, 2023, 1:52 p.m. UTC | #2

Am 01.02.23 um 14:39 schrieb Christoph Hellwig:
> On Wed, Feb 01, 2023 at 01:04:40PM +0100, Stefan Metzmacher wrote:
>> I think it is a security problem to send confidential data in plaintext
>> over the wire, so we should avoid doing that even if rdma is in use.
> 
> Yep.
> 
>> Modern Windows servers support signed and encrypted rdma offload,
>> but we don't support this yet...
> 
> There is a series out on the list for encryption offload to mlx5
> hardware, whch is one way to handle this.  If not you need to bounce
> buffer.

Yes, I saw that, but I don't think it's usable, windows is using
aes-{128,256}-{gcm,ccm}...

metze