smb3.1.1: add new module load parm enable_gcm_256

Add new module load parameter enable_gcm_256. If set, then add AES-256-GCM (strongest encryption type) to the list of encryption types requested. Put it in the list as the second choice (since AES-128-GCM is faster and much more broadly supported by SMB3 servers). To make this stronger encryption type, GCM-256, required (the first and only choice, you would use module parameter "require_gcm_256." Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com> Signed-off-by: Steve French <stfrench@microsoft.com>
author: Steve French <stfrench@microsoft.com> 2020-10-14 20:24:09 -0500
committer: Steve French <stfrench@microsoft.com> 2020-10-15 23:58:15 -0500
commit: 29e279230413cdd5e00fb5d269cae1099184ab85 (patch)
tree: 8556337d076697bdbaba24dc949bdf2f33b3d179 /fs/cifs/cifsglob.h
parent: fbfd0b46afa9a8b50a061b0f28204fc94c7bddcf (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h
index ec21af833749..a1a1a16acb38 100644
--- a/fs/cifs/cifsglob.h
+++ b/fs/cifs/cifsglob.h
@@ -1956,6 +1956,7 @@ extern bool lookupCacheEnabled;
 extern unsigned int global_secflags;	/* if on, session setup sent
 				with more secure ntlmssp2 challenge/resp */
 extern unsigned int sign_CIFS_PDUs;  /* enable smb packet signing */
+extern bool enable_gcm_256; /* allow optional negotiate of strongest signing (aes-gcm-256) */
 extern bool require_gcm_256; /* require use of strongest signing (aes-gcm-256) */
 extern bool linuxExtEnabled;/*enable Linux/Unix CIFS extensions*/
 extern unsigned int CIFSMaxBufSize;  /* max size not including hdr */
author	Steve French <stfrench@microsoft.com>	2020-10-14 20:24:09 -0500
committer	Steve French <stfrench@microsoft.com>	2020-10-15 23:58:15 -0500
commit	29e279230413cdd5e00fb5d269cae1099184ab85 (patch)
tree	8556337d076697bdbaba24dc949bdf2f33b3d179 /fs/cifs/cifsglob.h
parent	fbfd0b46afa9a8b50a061b0f28204fc94c7bddcf (diff)