cifsd: update cifsd.rst document (04bee6e3) · Commits · git / linux-nf

Documentation/filesystems/cifs/cifsd.rst

+70 −26

Original line number	Diff line number	Diff line
		@@ -10,6 +10,34 @@ for sharing files over network.
		CIFSD architecture
		==================

		\|--- ...
		--------\|--- ksmbd/3 - Client 3
		\|-------\|--- ksmbd/2 - Client 2
		\| \| ____________________________________________________
		\| \| \|- Client 1 \|
		<--- Socket ---\|--- ksmbd/1 <<= Authentication : NTLM/NTLM2, Kerberos \|
		\| \| \| \| <<= SMB engine : SMB2, SMB2.1, SMB3, SMB3.0.2, \|
		\| \| \| \| SMB3.1.1 \|
		\| \| \| \|____________________________________________________\|
		\| \| \|
		\| \| \|--- VFS --- Local Filesystem
		\| \|
		KERNEL \|--- ksmbd/0(forker kthread)
		---------------\|\|---------------------------------------------------------------
		USER \|\|
		\|\| communication using NETLINK
		\|\| ______________________________________________
		\|\| \| \|
		ksmbd.mountd <<= DCE/RPC(srvsvc, wkssvc, smar, lsarpc) \|
		^ \| <<= configure shares setting, user accounts \|
		\| \|______________________________________________\|
		\|
		\|------ smb.conf(config file)
		\|
		\|------ ksmbdpwd.db(user account/password file)
		^
		ksmbd.adduser ---------------\|

		The subset of performance related operations belong in kernelspace and
		the other subset which belong to operations which are not really related with
		performance in userspace. So, DCE/RPC management that has historically resulted
		@@ -59,32 +87,48 @@ dozen) that are most important for file server from NetShareEnum and
		NetServerGetInfo. Complete DCE/RPC response is prepared from the user space
		and passed over to the associated kernel thread for the client.

		Key Features
		============

		The supported features are:
		* SMB3 protocols for basic file sharing
		* Auto negotiation
		* Compound requests
		* Oplock/Lease
		* Large MTU
		* NTLM/NTLMv2
		* HMAC-SHA256 Signing
		* Secure negotiate
		* Signing Update
		* Pre-authentication integrity(SMB 3.1.1)
		* SMB3 encryption(CCM, GCM)
		* SMB direct(RDMA)
		* SMB3.1.1 POSIX extension support
		* ACLs
		* Kerberos

		The features that are planned or not supported:
		* SMB3 Multi-channel
		* Durable handle v1,v2
		* Persistent handles
		* Directory lease
		* SMB2 notify

		CIFSD Feature Status
		====================

		============================== =================================================
		Feature name Status
		============================== =================================================
		Dialects Supported. SMB2.1 SMB3.0, SMB3.1.1 dialects
		excluding security vulnerable SMB1.
		Auto Negotiation Supported.
		Compound Request Supported.
		Oplock Cache Mechanism Supported.
		SMB2 leases(v1 lease) Supported.
		Directory leases(v2 lease) Planned for future.
		Multi-credits Supported.
		NTLM/NTLMv2 Supported.
		HMAC-SHA256 Signing Supported.
		Secure negotiate Supported.
		Signing Update Supported.
		Pre-authentication integrity Supported.
		SMB3 encryption(CCM, GCM) Supported.
		SMB direct(RDMA) Partial Supported. SMB3 Multi-channel is required
		to connect to Windows client.
		SMB3 Multi-channel In Progress.
		SMB3.1.1 POSIX extension Supported.
		ACLs Partial Supported. only DACLs available, SACLs is
		planned for future. ksmbd generate random subauth
		values(then store it to disk) and use uid/gid
		get from inode as RID for local domain SID.
		The current acl implementation is limited to
		standalone server, not a domain member.
		Kerberos Supported.
		Durable handle v1,v2 Planned for future.
		Persistent handle Planned for future.
		SMB2 notify Planned for future.
		Sparse file support Supported.
		DCE/RPC support Partial Supported. a few calls(NetShareEnumAll,
		NetServerGetInfo, SAMR, LSARPC) that needed as
		file server via netlink interface from
		ksmbd.mountd.
		============================== =================================================


		How to run
		==========