LinuxCIFSKernel

From SambaWiki
Jump to: navigation, search

Linux Kernel SMB3/CIFS Client

The Linux cifs kernel client has been included in the kernel since kernel version 2.5.42. For improved security and performance, SMB3 is the now the default dialect (SMB3.02/SMB3/SMB2.1 dialects are requested by default). CIFS protocol (and other old dialects) can be selected (by specifying "vers=1.0" or "vers=2.02" in the mount options for example). The newest, most secure dialect, SMB3.11 can also be requested (vers=3.1.1).

If you want to try current SMB3 support on an older kernel, full backports of all SMB3/CIFS fixes to earlier kernel versions can be found at: https://github.com/smfrench/smb3-cifs-linux-stable-backports.git

Changes by release

4.17 Kernel (in progress)

SMB3.1.1 support (most secure authentication). Bug fixes.

4.16 Kernel (66 changesets)

RDMA support (SMB Direct, limited to one adapter). sendfile (and splice write) performance improvement. Bug fixes.

4.15 Kernel (5 changesets)

Bug fixes.

4.14 Kernel (32 changesets)

Add support for getting and setting xattrs over SMB3. Multidialect support now the default (SMB2.1 and later, SMB3, SMB3.02). Bugfixes (including more improvements to reconnection scenarios. Fixes for "validate negotiate" SMB3 security feature).

4.13 Kernel (24 changesets)

Default dialect changed to SMB3 (from CIFS). SMB3 support added for "cifsacl" mount option (and can now emulate retrieving mode from ACL in SMB3). Bug fixes.

4.12 Kernel (30 changesets)

SMB3 mapping of illegal (in SMB3/Windows but legal in POSIX) characters improved. Improved AIO support. Add support for enumerating snapshots. Misc. bug fixes.

4.11 Kernel (47 changesets) VERY IMPORTANT update

SMB3 Reconnect improvements (persistent and durable handle fixes). Much higher reliability when server crashes while I/O in flight or cached. Server side copy enabled in more cases (clone file range and "cp --reflink" now support the commonly implemented "copychunk" API not just servers which support "duplicate extents"). SMB3 DFS support added (global name space). SMB3 Encryption support added (can mount encrypted shares).

4.10 Kernel (14 changesets)

Misc. bug fixes

4.9 Kernel (32 changesets)

Various reconnect improvements (e.g. sends "echo" request sooner after socket reconnect to better tell when server comes back up). Add way to query file attributes (cifs.dosattrib) and creation time (cifs.creationtime) via Linux xattrs. New mount option "idsfromsid" to let cifs.ko retrieve the uid and gid owner fields from special sids (in the ACL). Can override number of credits (new mount option "max_credits"). Various bug fixes (including DFS fix).

4.8 Kernel (14 changesets)

Allow mounts with prefixpath where top of share unaccessible. Fix for file create when existing directory of the same name exists. Add mfsymlink support for SMB2/SMB3 (symlink emulation, also used by the Mac). Various bug fixes.

4.7 Kernel (44 changesets)

Fix badlock regression for guest mounts (mount with -o guest can fail to Samba servers when patched for badlock). Cifs.ko version updated to 2.09. Minor fixes: including NetApp DFSpathname issue and SPNEGO fix. Persistent handle reconnect fixes

4.6 Kernel

Minor bug fixes

4.5 Kernel

Minor bug fixes. clone_file_range added to vfs, cifs support for clone_file_range changed ("cp --reflink ..." now requires duplicate_extents support in server e.g. Windows 2016 REFS, and the older ioct, used e.g. by the "cloner" tool, can use the more broadly supported "CopyChunk"). Allow file open O_DIRECT with cache=loose. Make echo interval tunable (to improve server failure detection in unusual network configurations). First phase of SMB3 per-share encryption support begun (not complete in 4.5).

4.4 Kernel

Allow copy offload across shares. Add resilient and persistent handle mount options ("-o resilienthandles" and "-o persistenthandles") and support for the create context (durable v2)

4.3 Kernel

Minor bug fixes (including Mac authentication issue when timestamps differ too much on server/client). Add krb5 support for smb3 (mount sec=krb5 for SMB3 e.g. vers=3.02, not just for cifs). Cifs.ko version updated to 2.08. Added ioctl to query detailed fs info on mounted share

4.2 Kernel

Partial support for SMB 3.1.1 (Windows 10) dialect support (will improve security when complete). Faster copy offload (REFLINK, duplicate_extents) added for Windows Server 2016 when target file system is REFS (cp --reflink to REFS exported shares is much faster).

4.1 Kernel

Mapchars fix, fix to allow Unicode surrogate pairs (improved character conversion for some Asian languages), DFS fix, inode number reuse fix

4.0 Kernel

Fix copy offload (clone range) bug, and find_writable_file bug

3.19 Kernel (cifs.ko module version 2.06)

Fix Oplock bug, inode caching bug and ioctl clone bug Fix conflicts between SecurityFlags (which allowed CONFIG_MUST_LANMAN and CONFIG_MUST_PLNTXT to get cleared when set to non-default values)

3.18 Kernel

Add mfsymlink (emulated symlink) support for SMB3 mounts Add optional support for "sfu" style FIFO and device file emulation for SMB3 (when "sfu" is specific on an SMB3 mount) By default support mapchars ('SFM' style remapping, ie the same way the Mac remaps them) for the seven reserved characters (*, ?, : etc.) when mounting with SMB3. Workaround Unix Extensions problem on cifs mounts to Mac servers.

3.17 Kernel

SMB3 large read/write support much faster (including SMB3 multicredit support) Many SMB3 stability fixes directio allowed on "cache=strict" mounts Added fallocate/sparse file support for SMB3 Fixed SMB2.1 mounts to MacOS servers

3.16 Kernel

Allow multiple mounts to the same server with different dialects Rewrote authentication support to improve GSSAPI support Fix mapchars (which allows use of reserved characters like ':' ion paths) to work over SMB3, not just cifs, mounts

3.15 Kernel

Bug fixes (aio/write, append, xattrs, metadata caching)

3.14

Bug Fixes (including SMB3 large write fix, and fix DFS refererals when mounted to Samba with Unix Extensions). Security fix for illegal aio write request

3.13

Added support for setting/getting per-file compression ("chattr +c /mnt/filename") CIFS and SMB2/SMB3 CopyChunk (server side copy offload support added) Support for O_DIRECT on "cache=none" mounts (specsfs support) Secure negotiate support (SMB3 downgrade attack protection)

3.12

Multiuser SMB3 signing now possible SMB2/SMB3 symlinks SMB2.1 Lease (client caching) == 3.11 SMB3 signing (not multiuser) Authentication overhaul SMB2 Durable handle (improved data integrity) SMB3.02 dialect added

3.10

cifs.ko module size reduced nosharesock mount option added

3.9

Bug fixes (rename fix, dfs security fix)

3.8

default authentication mechanism strengthened, moved to ntlmv2 (ntlmv2 in ntlmssp) smb2.02 support added

3.7

SMB2.1 support added

3.5

"cache=" mount option needed (making forcedirectio and strictcache mount options obsolete)

3.4

'Faster read ahead performance'. Also can allow many more requests in flight for cifs dialect (if server sets maximum multiplex requests above the default, client will now honor it even if more than 50 at one time). Support for "sloppy" mount option.