[PATCH 00/15] cifs: implement multisession mounts (RFC)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: Jeff Layton <jlayton@xxxxxxxxxx>

This patchset is a prototype of a scheme to implement multisession (aka
multiuser mounts). CIFS already implements multiuser mounts of a sort
(via the switch in /proc/fs/cifs/MultiuserMount). This set implements a
this in an entirely different and more usable way.

The idea here is to have the kernel transparently spawn a new session
with the server whenever one is needed. Obviously, we can't prompt
for a password from the kernel, so for now this is limited to using
krb5 authentication. We could extend this to other authtypes, but
we'd probably need to come up with a way to stash username and
password or NTLM hashes in the kernel keyring.

The patchset is still a prototype, but is basically functional now. The
main "to-do" item is to fix the decision making about what authtype
to use. For now, this patchset adds a nasty hack to get around that.
There's also no pruning of unused sessions/tcons, so a user that walks
into the mount once will have a server session indefinitely.

To use this, you'll need to have root mount the server using sec=krb5 or
krb5i. Then, any user who wants to access the mount will need a valid
krb5 ticket. If they don't have one, then they'll probably get back a
-EKEYEXPIRED error on the syscall (and that's another to-do -- fix the
error return so that this error doesn't bubble up to syscalls that don't
expect it).

The set is only lightly tested, but seems to work properly so far. It's
not ready for prime-time yet though, so consider this a RFC for now.

To be honest, I have doubts anyway about whether we should take this
patch into what seems to be considered a legacy codebase these days.
It's rather difficult to bolt this functionality onto the existing CIFS
codebase. It's probably more suited to putting into the newer SMB2
codebase. That said, it'll probably be just as difficult to do this
there since most of that code was copied from CIFS.

I think we should consider multisession mounts a requirement for any
SMB2 filesystem that gets merged into mainline however. It shouldn't
be a "feature" either, but should be designed in such that it's the
default behavior of the fs (just my opinion on the matter).

Comments/suggestions are welcome...

Jeff Layton (15):
  cifs: remove unused list_head from cifs_sb_info
  cifs: add function to get a tcon from cifs_sb
  cifs: track local_nls in volume info
  cifs: move SMB session creation code into separate function
  cifs: move tcon find/create into separate function
  cifs: add tcon field to cifsFileInfo struct
  cifs: make various routines use the cifsFileInfo->tcon pointer
  cifs: have find_readable/writable_file filter by fsuid
  cifs: fix cifs_show_options to show "username=" or "multises"
  cifs: move secType to the SMB session
  cifs: have cifs_new_fileinfo take a tcon arg
  cifs: build sessions and tcons on the fly
  cifs: on multises mount, set ownership to current_fsuid/current_fsgid
  cifs: add "multises" mount option
  cifs: temporary hack -- set secType to Kerberos

 fs/cifs/cifs_dfs_ref.c |   10 +-
 fs/cifs/cifs_fs_sb.h   |   11 +-
 fs/cifs/cifs_spnego.c  |    4 +-
 fs/cifs/cifsacl.c      |   36 +++-
 fs/cifs/cifsfs.c       |   85 +++-----
 fs/cifs/cifsglob.h     |    4 +-
 fs/cifs/cifsproto.h    |    9 +-
 fs/cifs/cifssmb.c      |   20 +-
 fs/cifs/connect.c      |  543 +++++++++++++++++++++++++++++++++++-------------
 fs/cifs/dir.c          |   71 ++++---
 fs/cifs/file.c         |   95 +++++----
 fs/cifs/inode.c        |  168 +++++++++++----
 fs/cifs/ioctl.c        |   19 +--
 fs/cifs/link.c         |   19 ++-
 fs/cifs/misc.c         |    2 +-
 fs/cifs/readdir.c      |   30 ++--
 fs/cifs/sess.c         |    2 +-
 fs/cifs/xattr.c        |   29 +++-
 18 files changed, 779 insertions(+), 378 deletions(-)

--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]
  Powered by Linux