git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Namjae Jeon <linkinjeon@kernel.org>
	Sun, 31 Dec 2023 07:12:21 +0000 (16:12 +0900)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 5 Jan 2024 14:18:27 +0000 (15:18 +0100)
commit	343d667deee178829cd586d875bab482db66981c
tree	c9988f102845ebe04b0d0da30a82494696ea1cf0	tree
parent	ab69d3e8f7a02596ee9575bf36d8dd213fea8b2b	commit \| diff

ksmbd: set SMB2_SESSION_FLAG_ENCRYPT_DATA when enforcing data encryption for this share

[ Upstream commit 37ba7b005a7a4454046bd8659c7a9c5330552396 ]

Currently, SMB2_SESSION_FLAG_ENCRYPT_DATA is always set session setup
response. Since this forces data encryption from the client, there is a
problem that data is always encrypted regardless of the use of the cifs
seal mount option. SMB2_SESSION_FLAG_ENCRYPT_DATA should be set according
to KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION flags, and in case of
KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION_OFF, encryption mode is turned off for
all connections.

Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

fs/smb/server/ksmbd_netlink.h		diff \| blob \| blame \| history
fs/smb/server/smb2ops.c		diff \| blob \| blame \| history
fs/smb/server/smb2pdu.c		diff \| blob \| blame \| history