CIFSD architecture
==================
+ |--- ...
+ --------|--- ksmbd/3 - Client 3
+ |-------|--- ksmbd/2 - Client 2
+ | | ____________________________________________________
+ | | |- Client 1 |
+<--- Socket ---|--- ksmbd/1 <<= Authentication : NTLM/NTLM2, Kerberos |
+ | | | | <<= SMB engine : SMB2, SMB2.1, SMB3, SMB3.0.2, |
+ | | | | SMB3.1.1 |
+ | | | |____________________________________________________|
+ | | |
+ | | |--- VFS --- Local Filesystem
+ | |
+KERNEL |--- ksmbd/0(forker kthread)
+---------------||---------------------------------------------------------------
+USER ||
+ || communication using NETLINK
+ || ______________________________________________
+ || | |
+ ksmbd.mountd <<= DCE/RPC(srvsvc, wkssvc, smar, lsarpc) |
+ ^ | <<= configure shares setting, user accounts |
+ | |______________________________________________|
+ |
+ |------ smb.conf(config file)
+ |
+ |------ ksmbdpwd.db(user account/password file)
+ ^
+ ksmbd.adduser ---------------|
+
The subset of performance related operations belong in kernelspace and
the other subset which belong to operations which are not really related with
performance in userspace. So, DCE/RPC management that has historically resulted
NetServerGetInfo. Complete DCE/RPC response is prepared from the user space
and passed over to the associated kernel thread for the client.
-Key Features
-============
-
-The supported features are:
- * SMB3 protocols for basic file sharing
- * Auto negotiation
- * Compound requests
- * Oplock/Lease
- * Large MTU
- * NTLM/NTLMv2
- * HMAC-SHA256 Signing
- * Secure negotiate
- * Signing Update
- * Pre-authentication integrity(SMB 3.1.1)
- * SMB3 encryption(CCM, GCM)
- * SMB direct(RDMA)
- * SMB3.1.1 POSIX extension support
- * ACLs
- * Kerberos
-
-The features that are planned or not supported:
- * SMB3 Multi-channel
- * Durable handle v1,v2
- * Persistent handles
- * Directory lease
- * SMB2 notify
+
+CIFSD Feature Status
+====================
+
+============================== =================================================
+Feature name Status
+============================== =================================================
+Dialects Supported. SMB2.1 SMB3.0, SMB3.1.1 dialects
+ excluding security vulnerable SMB1.
+Auto Negotiation Supported.
+Compound Request Supported.
+Oplock Cache Mechanism Supported.
+SMB2 leases(v1 lease) Supported.
+Directory leases(v2 lease) Planned for future.
+Multi-credits Supported.
+NTLM/NTLMv2 Supported.
+HMAC-SHA256 Signing Supported.
+Secure negotiate Supported.
+Signing Update Supported.
+Pre-authentication integrity Supported.
+SMB3 encryption(CCM, GCM) Supported.
+SMB direct(RDMA) Partial Supported. SMB3 Multi-channel is required
+ to connect to Windows client.
+SMB3 Multi-channel In Progress.
+SMB3.1.1 POSIX extension Supported.
+ACLs Partial Supported. only DACLs available, SACLs is
+ planned for future. ksmbd generate random subauth
+ values(then store it to disk) and use uid/gid
+ get from inode as RID for local domain SID.
+ The current acl implementation is limited to
+ standalone server, not a domain member.
+Kerberos Supported.
+Durable handle v1,v2 Planned for future.
+Persistent handle Planned for future.
+SMB2 notify Planned for future.
+Sparse file support Supported.
+DCE/RPC support Partial Supported. a few calls(NetShareEnumAll,
+ NetServerGetInfo, SAMR, LSARPC) that needed as
+ file server via netlink interface from
+ ksmbd.mountd.
+============================== =================================================
+
How to run
==========
projects / platform / kernel / linux-starfive.git / commitdiff