On Tue, Feb 13, 2024 at 12:23 PM Steve French <smfrench@xxxxxxxxx> wrote: > > cifs: Work-in-progress patch to allow changing password > during remount > > There are cases where a session is disconnected but we can > not reconnect successfully since the user's password has changed > on the server (or expired) and this case currently can not be fixed > without unmount and mounting again which is not always realistic to do. > This patch allows remount to change the password when the session > is disconnected. > > This patch needs to be tested for cases where you have multiuser mounts > and to make sure that there are no cases where we are changing > passwords for a different user than the one for the master tcon's > session (cifs_sb->tcon->ses->username) > > Future patches should also allow us to setup the keyring (cifscreds) > to have an "alternate password" so we would be able to change > the password before the session drops (without the risk of races > between when the password changes and the disconnect occurs - > ie cases where the old password is still needed because the new > password has not fully rolled out to all servers yet). > > See attached patch > > > -- > Thanks, > > Steve need_recon would also be true in other cases, for example when the network is temporarily disconnected. This patch will allow changing of password even then. We could setup a special flag when the server returns a STATUS_LOGON_FAILURE for SessionSetup. We can make the check for that flag and then allow password change on remount. Another option is to extend the multiuser keyring mechanism for single user use case as well, and use that for password update. Ideally, we should be able to setup multiple passwords in that keyring and iterate through them once to see if SessionSetup goes through. It'll be a bigger change than this though. -- Regards, Shyam
