Re: [PATCH 0/3] avoid plaintext rdma offset if encryption is required

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am 01.02.23 um 14:39 schrieb Christoph Hellwig:
On Wed, Feb 01, 2023 at 01:04:40PM +0100, Stefan Metzmacher wrote:
I think it is a security problem to send confidential data in plaintext
over the wire, so we should avoid doing that even if rdma is in use.

Yep.

Modern Windows servers support signed and encrypted rdma offload,
but we don't support this yet...

There is a series out on the list for encryption offload to mlx5
hardware, whch is one way to handle this.  If not you need to bounce
buffer.

Yes, I saw that, but I don't think it's usable, windows is using
aes-{128,256}-{gcm,ccm}...

metze




[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux