cifsd: update cifsd.rst document

Add work flow of cifsd and feature stats table. Signed-off-by: Namjae Jeon <namjae.jeon@samsung.com> Signed-off-by: Steve French <stfrench@microsoft.com>
2021-03-20 16:06:59 +09:00 · 2021-03-20 16:06:59 +09:00 · 04bee6e336
parent 50355b0b20
commit 04bee6e336
1 changed files with 68 additions and 24 deletions
--- a/Documentation/filesystems/cifs/cifsd.rst
+++ b/Documentation/filesystems/cifs/cifsd.rst
@ -10,6 +10,34 @@ for sharing files over network.
 CIFSD architecture
 ==================

+               |--- ...
+       --------|--- ksmbd/3 - Client 3
+       |-------|--- ksmbd/2 - Client 2
+       |       |         ____________________________________________________
+       |       |        |- Client 1                                          |
+<--- Socket ---|--- ksmbd/1   <<= Authentication : NTLM/NTLM2, Kerberos      |
+       |       |      | |     <<= SMB engine : SMB2, SMB2.1, SMB3, SMB3.0.2, |
+       |       |      | |                SMB3.1.1                            |
+       |       |      | |____________________________________________________|
+       |       |      |
+       |       |      |--- VFS --- Local Filesystem
+       |       |
+KERNEL |--- ksmbd/0(forker kthread)
+---------------||---------------------------------------------------------------
+USER           ||
+               || communication using NETLINK
+               ||  ______________________________________________
+               || |                                              |
+        ksmbd.mountd <<= DCE/RPC(srvsvc, wkssvc, smar, lsarpc)   |
+               ^  |  <<= configure shares setting, user accounts |
+               |  |______________________________________________|
+               |
+               |------ smb.conf(config file)
+               |
+               |------ ksmbdpwd.db(user account/password file)
+                            ^
+  ksmbd.adduser ---------------|
+
 The subset of performance related operations belong in kernelspace and
 the other subset which belong to operations which are not really related with
 performance in userspace. So, DCE/RPC management that has historically resulted
@ -59,32 +87,48 @@ dozen) that are most important for file server from NetShareEnum and
 NetServerGetInfo. Complete DCE/RPC response is prepared from the user space
 and passed over to the associated kernel thread for the client.

-Key Features
-============

-The supported features are:
- * SMB3 protocols for basic file sharing
- * Auto negotiation
- * Compound requests
- * Oplock/Lease
- * Large MTU
- * NTLM/NTLMv2
- * HMAC-SHA256 Signing
- * Secure negotiate
- * Signing Update
- * Pre-authentication integrity(SMB 3.1.1)
- * SMB3 encryption(CCM, GCM)
- * SMB direct(RDMA)
- * SMB3.1.1 POSIX extension support
- * ACLs
- * Kerberos
+CIFSD Feature Status
+====================
+
+============================== =================================================
+Feature name                   Status
+============================== =================================================
+Dialects                       Supported. SMB2.1 SMB3.0, SMB3.1.1 dialects
+                               excluding security vulnerable SMB1.
+Auto Negotiation               Supported.
+Compound Request               Supported.
+Oplock Cache Mechanism         Supported.
+SMB2 leases(v1 lease)          Supported.
+Directory leases(v2 lease)     Planned for future.
+Multi-credits                  Supported.
+NTLM/NTLMv2                    Supported.
+HMAC-SHA256 Signing            Supported.
+Secure negotiate               Supported.
+Signing Update                 Supported.
+Pre-authentication integrity   Supported.
+SMB3 encryption(CCM, GCM)      Supported.
+SMB direct(RDMA)               Partial Supported. SMB3 Multi-channel is required
+                               to connect to Windows client.
+SMB3 Multi-channel             In Progress.
+SMB3.1.1 POSIX extension       Supported.
+ACLs                           Partial Supported. only DACLs available, SACLs is
+                               planned for future. ksmbd generate random subauth
+                               values(then store it to disk) and use uid/gid
+                               get from inode as RID for local domain SID.
+                               The current acl implementation is limited to
+                               standalone server, not a domain member.
+Kerberos                       Supported.
+Durable handle v1,v2           Planned for future.
+Persistent handle              Planned for future.
+SMB2 notify                    Planned for future.
+Sparse file support            Supported.
+DCE/RPC support                Partial Supported. a few calls(NetShareEnumAll,
+                               NetServerGetInfo, SAMR, LSARPC) that needed as
+                               file server via netlink interface from
+                               ksmbd.mountd.
+============================== =================================================

-The features that are planned or not supported:
- * SMB3 Multi-channel
- * Durable handle v1,v2
- * Persistent handles
- * Directory lease
- * SMB2 notify

 How to run
 ==========