1 .. SPDX-License-Identifier: GPL-2.0
2
3 ==========================
4 KSMBD - SMB3 Kernel Server
5 ==========================
6
7 KSMBD is a linux kernel server which implement
8 for sharing files over network.
9
10 KSMBD architecture
11 ==================
12
13 The subset of performance related operations b
14 the other subset which belong to operations wh
15 performance in userspace. So, DCE/RPC manageme
16 into a number of buffer overflow issues and da
17 account management are implemented in user spa
18 File operations that are related with performa
19 in kernel space (ksmbd). This also allows for
20 interface for all file operations.
21
22 ksmbd (kernel daemon)
23 ---------------------
24
25 When the server daemon is started, It starts u
26 (ksmbd/interface name) at initialization time
27 for listening to SMB requests. Whenever new cl
28 thread will accept the client connection and f
29 communication channel between the client and t
30 processing of SMB requests(commands) from clie
31 clients to make new connections. Each instance
32 to indicate connected clients. Depending on th
33 thread can decide to pass through the commands
34 currently DCE/RPC commands are identified to b
35 To further utilize the linux kernel, it has be
36 as workitems and to be executed in the handler
37 It allows for multiplexing of the handlers as
38 extra worker threads if the load is increased
39 decreased it destroys the extra worker threads
40 established with the client. Dedicated ksmbd/1
41 ownership of receiving/parsing of SMB commands
42 in parallel i.e., there can be multiple client
43 parallel. After receiving each command a separ
44 for each command which is further queued to be
45 So, each SMB workitem is queued to the kworker
46 sharing to be managed optimally by the default
47 performance by handling client commands in par
48
49 ksmbd.mountd (user space daemon)
50 --------------------------------
51
52 ksmbd.mountd is a userspace process to, transf
53 are registered using ksmbd.adduser (part of ut
54 allows sharing information parameters that are
55 kernel. For the execution part it has a daemon
56 and connected to the kernel interface using ne
57 requests (dcerpc and share/user info). It hand
58 dozen) that are most important for file server
59 NetServerGetInfo. Complete DCE/RPC response is
60 and passed over to the associated kernel threa
61
62
63 KSMBD Feature Status
64 ====================
65
66 ============================== ===============
67 Feature name Status
68 ============================== ===============
69 Dialects Supported. SMB2
70 (intentionally
71 dialect).
72 Auto Negotiation Supported.
73 Compound Request Supported.
74 Oplock Cache Mechanism Supported.
75 SMB2 leases(v1 lease) Supported.
76 Directory leases(v2 lease) Supported.
77 Multi-credits Supported.
78 NTLM/NTLMv2 Supported.
79 HMAC-SHA256 Signing Supported.
80 Secure negotiate Supported.
81 Signing Update Supported.
82 Pre-authentication integrity Supported.
83 SMB3 encryption(CCM, GCM) Supported. (CCM
84 SMB direct(RDMA) Supported.
85 SMB3 Multi-channel Partially Suppo
86 replay/retry me
87 Receive Side Scaling mode Supported.
88 SMB3.1.1 POSIX extension Supported.
89 ACLs Partially Suppo
90 (auditing) is p
91 ownership (SIDs
92 values(then sto
93 get from inode
94 The current acl
95 standalone serv
96 Integration wit
97 to allow future
98 member.
99 Kerberos Supported.
100 Durable handle v1,v2 Planned for fut
101 Persistent handle Planned for fut
102 SMB2 notify Planned for fut
103 Sparse file support Supported.
104 DCE/RPC support Partially Suppo
105 NetServerGetInf
106 for file server
107 from ksmbd.moun
108 Samba tools and
109 investigated to
110 DCE/RPC managem
111 for Witness pro
112 ksmbd/nfsd interoperability Planned for fut
113 support are Lea
114 SMB3.1.1 Compression Planned for fut
115 SMB3.1.1 over QUIC Planned for fut
116 Signing/Encryption over RDMA Planned for fut
117 SMB3.1.1 GMAC signing support Planned for fut
118 ============================== ===============
119
120
121 How to run
122 ==========
123
124 1. Download ksmbd-tools(https://github.com/cif
125 compile them.
126
127 - Refer to README(https://github.com/cifsd-
128 to know how to use ksmbd.mountd/adduser/a
129
130 $ ./autogen.sh
131 $ ./configure --with-rundir=/run
132 $ make && sudo make install
133
134 2. Create /usr/local/etc/ksmbd/ksmbd.conf file
135
136 - Refer to ksmbd.conf.example in ksmbd-util
137 for details to configure shares.
138
139 $ man ksmbd.conf
140
141 3. Create user/password for SMB share.
142
143 - See ksmbd.adduser manpage.
144
145 $ man ksmbd.adduser
146 $ sudo ksmbd.adduser -a <Enter USERNAME f
147
148 4. Insert the ksmbd.ko module after you build
149 if ksmbd is built into the kernel.
150
151 - Set ksmbd in menuconfig(e.g. $ make menuc
152 [*] Network File Systems --->
153 <M> SMB3 server support (EXPERIMENT
154
155 $ sudo modprobe ksmbd.ko
156
157 5. Start ksmbd user space daemon
158
159 $ sudo ksmbd.mountd
160
161 6. Access share from Windows or Linux using SM
162
163 Shutdown KSMBD
164 ==============
165
166 1. kill user and kernel space daemon
167 # sudo ksmbd.control -s
168
169 How to turn debug print on
170 ==========================
171
172 Each layer
173 /sys/class/ksmbd-control/debug
174
175 1. Enable all component prints
176 # sudo ksmbd.control -d "all"
177
178 2. Enable one of the components (smb, auth, vf
179 # sudo ksmbd.control -d "smb"
180
181 3. Show what prints are enabled.
182 # cat /sys/class/ksmbd-control/debug
183 [smb] auth vfs oplock ipc conn [rdma
184
185 4. Disable prints:
186 If you try the selected component once
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.