summaryrefslogtreecommitdiff
path: root/Documentation
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2018-04-05 00:09:27 +0300
committerLinus Torvalds <torvalds@linux-foundation.org>2018-04-05 00:09:27 +0300
commita8f8e8ac766ddb8702ef9baf01b7ae4f8d3a940c (patch)
treec1fb03d543dc85acf972e245eaaa39a23cdffcbd /Documentation
parent2bd99df54f43b659ddaab8922adbaf3bcf3753ed (diff)
parent07108d0e7c7fbbf9c6d76c0af2f1813e4f3f0800 (diff)
downloadlinux-a8f8e8ac766ddb8702ef9baf01b7ae4f8d3a940c.tar.xz
Merge tag '4.17-SMB3-Fixes' of git://git.samba.org/sfrench/cifs-2.6
Pull cifs updates from Steve French: "Includes SMB3.11 security improvements, as well as various fixes for stable and some debugging improvements" * tag '4.17-SMB3-Fixes' of git://git.samba.org/sfrench/cifs-2.6: cifs: Add minor debug message during negprot smb3: Fix root directory when server returns inode number of zero cifs: fix sparse warning on previous patch in a few printks cifs: add server->vals->header_preamble_size cifs: smbd: disconnect transport on RDMA errors cifs: smbd: avoid reconnect lockup Don't log confusing message on reconnect by default Don't log expected error on DFS referral request fs: cifs: Replace _free_xid call in cifs_root_iget function SMB3.1.1 dialect is no longer experimental Tree connect for SMB3.1.1 must be signed for non-encrypted shares fix smb3-encryption breakage when CONFIG_DEBUG_SG=y CIFS: fix sha512 check in cifs_crypto_secmech_release CIFS: implement v3.11 preauth integrity CIFS: add sha512 secmech CIFS: refactor crypto shash/sdesc allocation&free Update README file for cifs.ko Update TODO list for cifs.ko cifs: fix memory leak in SMB2_open() CIFS: SMBD: fix spelling mistake: "faield" and "legnth"
Diffstat (limited to 'Documentation')
-rw-r--r--Documentation/filesystems/cifs/README29
-rw-r--r--Documentation/filesystems/cifs/TODO25
2 files changed, 27 insertions, 27 deletions
diff --git a/Documentation/filesystems/cifs/README b/Documentation/filesystems/cifs/README
index a9da51553ba3..99ce3d25003d 100644
--- a/Documentation/filesystems/cifs/README
+++ b/Documentation/filesystems/cifs/README
@@ -11,13 +11,14 @@ Information Foundation. CIFS and now SMB3 has now become a defacto
standard for interoperating between Macs and Windows and major NAS appliances.
Please see
+ MS-SMB2 (for detailed SMB2/SMB3/SMB3.1.1 protocol specification)
http://protocolfreedom.org/ and
http://samba.org/samba/PFIF/
for more details.
For questions or bug reports please contact:
- sfrench@samba.org (sfrench@us.ibm.com)
+ smfrench@gmail.com
See the project page at: https://wiki.samba.org/index.php/LinuxCIFS_utils
@@ -37,15 +38,15 @@ Installation instructions:
=========================
If you have built the CIFS vfs as module (successfully) simply
type "make modules_install" (or if you prefer, manually copy the file to
-the modules directory e.g. /lib/modules/2.4.10-4GB/kernel/fs/cifs/cifs.o).
+the modules directory e.g. /lib/modules/2.4.10-4GB/kernel/fs/cifs/cifs.ko).
If you have built the CIFS vfs into the kernel itself, follow the instructions
for your distribution on how to install a new kernel (usually you
would simply type "make install").
-If you do not have the utility mount.cifs (in the Samba 3.0 source tree and on
-the CIFS VFS web site) copy it to the same directory in which mount.smbfs and
-similar files reside (usually /sbin). Although the helper software is not
+If you do not have the utility mount.cifs (in the Samba 4.x source tree and on
+the CIFS VFS web site) copy it to the same directory in which mount helpers
+reside (usually /sbin). Although the helper software is not
required, mount.cifs is recommended. Most distros include a "cifs-utils"
package that includes this utility so it is recommended to install this.
@@ -118,10 +119,13 @@ this can become unwieldy when potential mount targets include many
or unpredictable UNC names.
Samba Considerations
-====================
-To get the maximum benefit from the CIFS VFS, we recommend using a server that
-supports the SNIA CIFS Unix Extensions standard (e.g. Samba 2.2.5 or later or
-Samba 3.0) but the CIFS vfs works fine with a wide variety of CIFS servers.
+====================
+Most current servers support SMB2.1 and SMB3 which are more secure,
+but there are useful protocol extensions for the older less secure CIFS
+dialect, so to get the maximum benefit if mounting using the older dialect
+(CIFS/SMB1), we recommend using a server that supports the SNIA CIFS
+Unix Extensions standard (e.g. almost any version of Samba ie version
+2.2.5 or later) but the CIFS vfs works fine with a wide variety of CIFS servers.
Note that uid, gid and file permissions will display default values if you do
not have a server that supports the Unix extensions for CIFS (such as Samba
2.2.5 or later). To enable the Unix CIFS Extensions in the Samba server, add
@@ -603,11 +607,6 @@ Stats Lists summary resource usage information as well as per
in the kernel configuration.
Configuration pseudo-files:
-PacketSigningEnabled If set to one, cifs packet signing is enabled
- and will be used if the server requires
- it. If set to two, cifs packet signing is
- required even if the server considers packet
- signing optional. (default 1)
SecurityFlags Flags which control security negotiation and
also packet signing. Authentication (may/must)
flags (e.g. for NTLM and/or NTLMv2) may be combined with
@@ -666,8 +665,6 @@ traceSMB If set to one, debug information is logged to the
LookupCacheEnable If set to one, inode information is kept cached
for one second improving performance of lookups
(default 1)
-OplockEnabled If set to one, safe distributed caching enabled.
- (default 1)
LinuxExtensionsEnabled If set to one then the client will attempt to
use the CIFS "UNIX" extensions which are optional
protocol enhancements that allow CIFS servers
diff --git a/Documentation/filesystems/cifs/TODO b/Documentation/filesystems/cifs/TODO
index 396ecfd6ff4a..c5adf149b57f 100644
--- a/Documentation/filesystems/cifs/TODO
+++ b/Documentation/filesystems/cifs/TODO
@@ -1,4 +1,4 @@
-Version 2.04 September 13, 2017
+Version 2.11 September 13, 2017
A Partial List of Missing Features
==================================
@@ -8,10 +8,10 @@ for visible, important contributions to this module. Here
is a partial list of the known problems and missing features:
a) SMB3 (and SMB3.02) missing optional features:
- - RDMA (started)
- - multichannel (started)
+ - multichannel (started), integration with RDMA
- directory leases (improved metadata caching)
- - T10 copy offload (copy chunk is only mechanism supported)
+ - T10 copy offload (copy chunk, and "Duplicate Extents" ioctl
+ currently the only two server side copy mechanisms supported)
b) improved sparse file support
@@ -21,9 +21,8 @@ using Directory Leases
d) quota support (needs minor kernel change since quota calls
to make it to network filesystems or deviceless filesystems)
-e) Better optimize open to reduce redundant opens (using reference
-counts more) and to improve use of compounding in SMB3 to reduce
-number of roundtrips.
+e) Compounding (in progress) to reduce number of roundtrips, and also
+better optimize open to reduce redundant opens (using reference counts more).
f) Finish inotify support so kde and gnome file list windows
will autorefresh (partially complete by Asser). Needs minor kernel
@@ -35,7 +34,8 @@ the CIFS statistics (started)
h) implement support for security and trusted categories of xattrs
(requires minor protocol extension) to enable better support for SELINUX
-i) Implement O_DIRECT flag on open (already supported on mount)
+i) Add support for tree connect contexts (see MS-SMB2) a new SMB3.1.1 protocol
+ feature (may be especially useful for virtualization).
j) Create UID mapping facility so server UIDs can be mapped on a per
mount or a per server basis to client UIDs or nobody if no mapping
@@ -53,13 +53,16 @@ viewing them.
o) mount helper GUI (to simplify the various configuration options on mount)
-p) autonegotiation of dialects (offering more than one dialect ie SMB3.02,
-SMB3, SMB2.1 not just SMB3).
+p) Add support for witness protocol (perhaps ioctl to cifs.ko from user space
+ tool listening on witness protocol RPC) to allow for notification of share
+ move, server failover, and server adapter changes. And also improve other
+ failover scenarios, e.g. when client knows multiple DFS entries point to
+ different servers, and the server we are connected to has gone down.
q) Allow mount.cifs to be more verbose in reporting errors with dialect
or unsupported feature errors.
-r) updating cifs documentation, and user guid.
+r) updating cifs documentation, and user guide.
s) Addressing bugs found by running a broader set of xfstests in standard
file system xfstest suite.