From: Paulo Alcantara <pc@manguebit.com>
To: Shyam Prasad N <nspmangalore@gmail.com>
Cc: meetakshisetiyaoss@gmail.com, smfrench@gmail.com,
sfrench@samba.org, lsahlber@redhat.com, sprasad@microsoft.com,
tom@talpey.com, linux-cifs@vger.kernel.org,
bharathsm.hsk@gmail.com, Meetakshi Setiya <msetiya@microsoft.com>
Subject: Re: [PATCH 2/2] cifs: support mounting with alternate password to allow password rotation
Date: Fri, 08 Nov 2024 12:20:53 -0300 [thread overview]
Message-ID: <cc06137a94a01901ff5cd9de6a223675@manguebit.com> (raw)
In-Reply-To: <CANT5p=qJ+zAU_0bMx=5uhsD1a5BR4Nj8Uv0KvNPOBNt9AtPs6w@mail.gmail.com>
Shyam Prasad N <nspmangalore@gmail.com> writes:
> On Fri, Nov 8, 2024 at 12:35 AM Paulo Alcantara <pc@manguebit.com> wrote:
>>
>> meetakshisetiyaoss@gmail.com writes:
>>
>> > @@ -2245,6 +2269,7 @@ struct cifs_ses *
>> > cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb3_fs_context *ctx)
>> > {
>> > int rc = 0;
>> > + int retries = 0;
>> > unsigned int xid;
>> > struct cifs_ses *ses;
>> > struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
>> > @@ -2263,6 +2288,8 @@ cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb3_fs_context *ctx)
>> > cifs_dbg(FYI, "Session needs reconnect\n");
>> >
>> > mutex_lock(&ses->session_mutex);
>> > +
>> > +retry_old_session:
>> > rc = cifs_negotiate_protocol(xid, ses, server);
>> > if (rc) {
>> > mutex_unlock(&ses->session_mutex);
>> > @@ -2275,6 +2302,13 @@ cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb3_fs_context *ctx)
>> > rc = cifs_setup_session(xid, ses, server,
>> > ctx->local_nls);
>> > if (rc) {
>> > + if (((rc == -EACCES) || (rc == -EKEYEXPIRED) ||
>> > + (rc == -EKEYREVOKED)) && !retries && ses->password2) {
>> > + retries++;
>> > + cifs_info("Session reconnect failed, retrying with alternate password\n");
>>
>> Please don't add more noisy messages over reconnect. Remember that if
>> SMB session doesn't get re-established, there will be flood enough on
>> dmesg with "Send error in SessSetup = ..." messages on every 2s that
>> already pisses off users and customers.
>>
> Perhaps we could do a cifs_dbg instead of cifs_info.
Yep, with FYI.
> But Paulo, the problem here is that we retry every 2s. I think we
> should address that instead.
> One way is to do an exponential backoff every time we retry.
Agreed, but that doesn't mean we should add more noisy messages.
> I'd also want to understand why we need the reconnect work?
I see it as an optimisation to allow next IOs to not take longer because
it needs to reconnect SMB session. If there was no prior filesystem
activity, why don't allow the client itself to reconnect the session?
Besides, SMB2_IOCTL currently doesn't call smb2_reconnect(), so
reconnect worker would be required to reconnect the session and then
allow SMB2_IOCTL to work. We'd need to change that because with recent
special file support, we need to avoid failures when creating or parsing
reparse points because the SMB session isn't re-established yet.
> Why not always do smb2_reconnect when someone does filesystem calls on
> the mount point?
We already do for most operations. SMB2_IOCTL and SMB2_TREE_CONNECT,
for instance, can't call smb2_reconnect() as they would deadlock.
next prev parent reply other threads:[~2024-11-08 15:20 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-30 14:27 [PATCH 1/2] cifs: during remount, make sure passwords are in sync meetakshisetiyaoss
2024-10-30 14:27 ` [PATCH 2/2] cifs: support mounting with alternate password to allow password rotation meetakshisetiyaoss
2024-11-07 19:05 ` Paulo Alcantara
2024-11-08 12:13 ` Shyam Prasad N
2024-11-08 15:20 ` Paulo Alcantara [this message]
2024-11-13 11:43 ` Meetakshi Setiya
2024-11-07 18:31 ` [PATCH 1/2] cifs: during remount, make sure passwords are in sync Paulo Alcantara
2024-11-08 12:17 ` Shyam Prasad N
2024-11-08 18:19 ` Shyam Prasad N
2024-11-11 12:03 ` Paulo Alcantara
[not found] ` <CAFTVevVGMfkgsr31nN35-p+2nQZEXhHK8hPPF1EhfLmdtKdw+A@mail.gmail.com>
[not found] ` <CAFTVevVa81C3u5Wdc+egz8ZbSrNKF7uy6m=6Nd5YnKfeMfo1sA@mail.gmail.com>
2024-11-13 11:48 ` Meetakshi Setiya
2024-11-13 12:20 ` Meetakshi Setiya
2024-11-13 16:51 ` Steve French
2024-11-13 17:53 ` Jeremy Allison
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cc06137a94a01901ff5cd9de6a223675@manguebit.com \
--to=pc@manguebit.com \
--cc=bharathsm.hsk@gmail.com \
--cc=linux-cifs@vger.kernel.org \
--cc=lsahlber@redhat.com \
--cc=meetakshisetiyaoss@gmail.com \
--cc=msetiya@microsoft.com \
--cc=nspmangalore@gmail.com \
--cc=sfrench@samba.org \
--cc=smfrench@gmail.com \
--cc=sprasad@microsoft.com \
--cc=tom@talpey.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox