Commit b0dd940e582b6a6 ("cifs: fail i/o on soft mounts if sessionsetup errors out")
didn't fix the whole problem. New i/o requests still try reconnects on the wire.
But we need to avoid that in order to avoid locking out the user account.
The first patches consolidate the retry/reconnect handling between SMB1
and SMB2/3.
Then we map STATUS_ACCOUNT_LOCKED_OUT also to -EACCES, as it's the
follow up of STATUS_LOGON_FAILURE when the wrong password was used too
often.
Finally if we get -EACCES for a session setup on a soft mount, we'll
turn the session into a CifsInvalidCredentials state and return
-EKEYREVOKED for all i/o on the session, without trying to reconnect
the network connection.
In future we could add ways to recover such sessions.
cifs_demultiplex_thread() is already prepared for that.
I tested this with a trivial /proc/fs/cifs/ResetInvalidCredentials
to reset all sessions, but I don't think that's something that
should be used in production.
For now the only way out is 'umount' (as before).
metze
