git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Namjae Jeon <linkinjeon@kernel.org>
	Mon, 18 Dec 2023 15:33:25 +0000 (00:33 +0900)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Sat, 23 Dec 2023 09:41:53 +0000 (10:41 +0100)
commit	8263acd267f76170c170099c9cb3cd8861a48e7f
tree	7e860c8432588b0addf5f397ff7d1050d984171c	tree
parent	64b4d72c596a3722b6fe8a6aca74faf424db0499	commit \| diff

ksmbd: set SMB2_SESSION_FLAG_ENCRYPT_DATA when enforcing data encryption for this share

[ Upstream commit 37ba7b005a7a4454046bd8659c7a9c5330552396 ]

Currently, SMB2_SESSION_FLAG_ENCRYPT_DATA is always set session setup
response. Since this forces data encryption from the client, there is a
problem that data is always encrypted regardless of the use of the cifs
seal mount option. SMB2_SESSION_FLAG_ENCRYPT_DATA should be set according
to KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION flags, and in case of
KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION_OFF, encryption mode is turned off for
all connections.

Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

fs/ksmbd/ksmbd_netlink.h		diff \| blob \| blame \| history
fs/ksmbd/smb2ops.c		diff \| blob \| blame \| history
fs/ksmbd/smb2pdu.c		diff \| blob \| blame \| history