diff options
| author |   Olga Kornievskaia <kolga@netapp.com> | 2024-02-20 18:25:34 -0500 |
|---|---|---|
| committer |   Trond Myklebust <trond.myklebust@hammerspace.com> | 2024-03-09 09:14:51 -0500 |
| commit | a35518cae4b325632840bc8c3aa9ad9bac430038 (patch) | |
| tree | 63d8c4b98703e5ca21b93d216422aafcd0c8ff04 /scripts/generate_rust_analyzer.py | |
| parent | NFS: Fix an off by one in root_nfs_cat() (diff) | |
| download | linux-rng-a35518cae4b325632840bc8c3aa9ad9bac430038.tar.xz linux-rng-a35518cae4b325632840bc8c3aa9ad9bac430038.zip | |
NFSv4.1/pnfs: fix NFS with TLS in pnfs
Currently, even though xprtsec=tls is specified and used for operations
to MDS, any operations that go to DS travel over unencrypted connection.
Or additionally, if more than 1 DS can serve the data, then trunked
connections are also done unencrypted.
IN GETDEVINCEINFO, we get an entry for the DS which carries a protocol
type (which is TCP), then nfs4_set_ds_client() gets called with TCP
instead of TCP with TLS.
Currently, each trunked connection is created and uses clp->cl_hostname
value which if TLS is used would get passed up in the handshake upcall,
but instead we need to pass in the appropriate trunked address value.
Fixes: c8407f2e560c ("NFS: Add an "xprtsec=" NFS mount option")
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Diffstat (limited to 'scripts/generate_rust_analyzer.py')
0 files changed, 0 insertions, 0 deletions