8 ==== SMB3 features in Samba ====
14 # SMB 3.0 (Win8 / 2012):
15 #* new crypto (sign/encrypt) [4.0]
16 #* secure negotiation [4.0]
17 #* durable handles v2 [4.0]
18 #* persistent file handles [WIP/tracer]
19 #* '''_red_Multi-Channel_''' [WIP+]
20 #* SMB direct [designing/starting]
21 #* cluster features [designing]
23 #* storage features [WIP]
24 # SMB 3.0.2 (Win8.1 / 2012R2): [master]
25 # SMB 3.1.1 (Win10 / 2014):
26 #* negotiate contexts, preauth: [master]
29 %<<<durable-crop-colormod-1024,width=.9\textwidth>>>
30 <<<smb-auto-crop1,width=\textwidth>>>
37 %%% <[block]{implemented}
39 %%% * negotiate contexts
40 %%% * preauthentication integrity
41 %%% * encryption improvements (choose cipher) \\ %
42 %%% AES-128-CCM --> AES-128-GCM
45 %%% <[block]{not implemented}
46 %%% * cluster dialect fencing
47 %%% * cluster client failover v2 (client)
66 ==== Multi-Channel - General ====
68 * bind multiple transport connections to one session
69 * increase throughput and fault tolerance
71 ==== Multi-Channel - Windows/Protocol ====
73 # establish initial session on TCP connection
74 # find interfaces with interface discovery: \\ %
75 @FSCTL\_QUERY\_NETWORK\_INTERFACE\_INFO@
76 # bind additional TCP (or RDMA) connection (channel) to established SMB3 session (session bind)
77 # windows: uses connections of same (and best quality)
78 # windows: binds only to a single node
79 # replay / retry mechanisms, epoch numbers
81 ==== Multi-Channel - Samba ====
83 <[block]{samba/smbd: multi-process}
84 * '''Currently:''' process $\Leftrightarrow$ TCP connection
85 * '''Idea:''' transfer new TPC connection to existing smbd
86 * '''How?''' ==> use fd-passing (sendmsg/recvmsg)
88 ** ''Natural choice'': at SessionSetup (Bind)
89 ** !Idea!: as early as possible, based on ClientGUID \\ %
90 ==> per ClientGUID single process model
93 ==== Multi-Channel - Samba : daemons ====
96 <<<smb3-mc-daemons-n1.png,width=.9\textwidth>>>
99 ==== Multi-Channel - Samba : daemons ====
102 <<<smb3-mc-daemons-n2.png,width=.9\textwidth>>>
105 ==== Multi-Channel - Samba : daemons ====
108 <<<smb3-mc-daemons-n3.png,width=.9\textwidth>>>
111 ==== Multi-Channel - Samba ====
113 <[block]{samba/smbd: multi-process}
114 * '''Currently:''' process $\Leftrightarrow$ TCP connection
115 * '''Idea:''' transfer new TPC connection to existing smbd
116 * '''How?''' ==> use fd-passing (sendmsg/recvmsg)
118 ** ''Natural choice'': at SessionSetup (Bind)
119 ** !Idea!: as early as possible, based on ClientGUID \\ %
120 ==> per ClientGUID single process model
124 ==== Multi-Channel - Samba : original ====
127 %%<<<smb3-mc-samba_exp.png,height=.9\textheight>>>
128 <<<smb3-mc-samba.png,height=.9\textheight>>>
131 ==== The relevance of the ClientGUID ====
134 <[block]{Assumption was:}
135 * All channels in a session have the same ClientGUID
136 * The server enforces that
141 <[block]{Evidence from [MS-SMB2]:}
142 * 3.3.5.9 Receiving an SMB2 CREATE Request:
143 ** Sets Open.ClientGuid to Connection.ClientGuid
144 ** Replay detection checks \\ %
145 Open.ClientGuid == Connection.ClientGuid
146 * 3.3.5.9.7/12 Durable (v2) Reconnect Create Context:
147 ** check Open.ClientGuid == Connection.ClientGuid
151 ==== Multi-Channel - Samba : modified ====
154 <<<smb3-mc-samba-v2.png,height=.9\textheight>>>
158 ==== Multi-Channel - Samba ====
161 messaging rewrite using unix dgm sockets with sendmsg [DONE,4.2]
162 # add fd-passing to messaging [DONE,4.2]
163 # preparations in internal structures [DONE]
164 # prepare code to cope with multiple channels [DONE]
165 # implement smbd message to pass a tcp connection [ess.DONE]
166 # transfer connection in Negotiate (by ClientGUID) [largely DONE]
167 # transfer connection in Session Bind (by SessionID) [WIP]
168 # implement session bind [ess.DONE]
169 # implement channel epoch numbers [WIP]
170 # implement interface discovery [WIP]
171 # implement test case [WIP(isn't it always...)]
174 ==== @MSG\_SMBXSRV\_CONNECTION\_PASS@ ====
176 <[block]{from smbXsrv.idl}
179 NTTIME initial_connect_time;
182 DATA_BLOB negotiate_request;
183 } smbXsrv_connection_pass0;
187 ==== Internal Structures (smbXsrv) ====
192 smbXsrv_session->smbXsrv_connection
198 smbXsrv_session->smbXsrv_client->smbXsrv_connections
210 shell breakout to browse code/diff
226 '''Outlook: SMB Direct'''
233 ==== SMB Direct (RDMA) ====
236 ** requires multi-channel
237 ** start with TCP, bind an RDMA channel
238 ** reads and writes use RDMA write/read
239 ** protocol/metadata via send/receive
241 * wireshark dissector: [DONE]
244 ** prereq: multi-channel / fd-passing
245 ** buffer / transport abstractions [TODO]
246 ** _red_problem_: libraries: not fork safe and no fd-passing \\ %
247 ==> central daemon (or kernel module) to serve as RDMA "proxy"
249 ==== SMB Direct (RDMA) - Plan ====
252 <<<smb3-rdma-samba-v2.png,height=.9\textheight>>>
256 ==== SMB features in Samba ====
260 @https://wiki.samba.org/index.php/Samba3/SMB3@
268 ==== Thanks for your attention! ====[plain]
294 <<<feet-sand-1280.png,height=.8\textheight>>>
295 %<<<samba-chilli-flavour-crop-bright-1280.jpg,height=.8\textheight>>>