From: Paulo Alcantara <pc@manguebit.org>
To: Maria Alexeeva <alxvmr@altlinux.org>, smfrench@gmail.com
Cc: linux-cifs@vger.kernel.org, samba-technical@lists.samba.org,
tom@talpey.com, vt@altlinux.org,
Maria Alexeeva <alxvmr@altlinux.org>,
Ivan Volchenko <ivolchenko86@gmail.com>
Subject: Re: [PATCH v3 1/1] fs/smb/client/fs_context: Add hostname option for CIFS module to work with domain-based dfs resources with Kerberos authentication
Date: Fri, 27 Feb 2026 15:46:02 -0300 [thread overview]
Message-ID: <fcfa2783d489660bd152189ed34d9ddc@manguebit.org> (raw)
In-Reply-To: <20251230164759.259346-2-alxvmr@altlinux.org>
Maria Alexeeva <alxvmr@altlinux.org> writes:
> Paths to domain-based dfs resources are defined using the domain name
> of the server in the format:
> \\<DOMAIN.NAME>\<dfsroot>\<path>
>
> The CIFS module, when requesting a TGS, uses the server name
> (<DOMAIN.NAME>) it obtained from the UNC for the initial connection.
> It then composes an SPN that does not match any entities
> in the domain because it is the domain name itself.
>
> To eliminate this behavior, a hostname option is added, which is
> the name of the server to connect to and is used in composing the SPN.
> In the future this option will be used in the cifs-utils development.
>
> Suggested-by: Ivan Volchenko <ivolchenko86@gmail.com>
> Signed-off-by: Maria Alexeeva <alxvmr@altlinux.org>
> ---
> fs/smb/client/fs_context.c | 35 +++++++++++++++++++++++++++++------
> fs/smb/client/fs_context.h | 3 +++
> 2 files changed, 32 insertions(+), 6 deletions(-)
>
> diff --git a/fs/smb/client/fs_context.c b/fs/smb/client/fs_context.c
> index d4291d3a9a48..f0d1895fe4bb 100644
> --- a/fs/smb/client/fs_context.c
> +++ b/fs/smb/client/fs_context.c
> @@ -177,6 +177,7 @@ const struct fs_parameter_spec smb3_fs_parameters[] = {
> fsparam_string("password2", Opt_pass2),
> fsparam_string("ip", Opt_ip),
> fsparam_string("addr", Opt_ip),
> + fsparam_string("hostname", Opt_hostname),
> fsparam_string("domain", Opt_domain),
> fsparam_string("dom", Opt_domain),
> fsparam_string("srcaddr", Opt_srcaddr),
> @@ -866,16 +867,23 @@ static int smb3_fs_context_validate(struct fs_context *fc)
> return -ENOENT;
> }
>
> + if (ctx->got_opt_hostname) {
> + kfree(ctx->server_hostname);
> + ctx->server_hostname = ctx->opt_hostname;
> + pr_notice("changing server hostname to name provided in hostname= option\n");
This is just too verbose. Consider using pr_notice_once() or
cifs_dbg(VFS | ONCE, ...).
> + }
> +
> if (!ctx->got_ip) {
> int len;
> - const char *slash;
>
> - /* No ip= option specified? Try to get it from UNC */
> - /* Use the address part of the UNC. */
> - slash = strchr(&ctx->UNC[2], '\\');
> - len = slash - &ctx->UNC[2];
> + /*
> + * No ip= option specified? Try to get it from server_hostname
> + * Use the address part of the UNC parsed into server_hostname
> + * or hostname= option if specified.
> + */
> + len = strlen(ctx->server_hostname);
> if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
> - &ctx->UNC[2], len)) {
> + ctx->server_hostname, len)) {
> pr_err("Unable to determine destination address\n");
> return -EHOSTUNREACH;
> }
> @@ -1591,6 +1599,21 @@ static int smb3_fs_context_parse_param(struct fs_context *fc,
> }
> ctx->got_ip = true;
> break;
> + case Opt_hostname:
> + if (strnlen(param->string, CIFS_NI_MAXHOST) == CIFS_NI_MAXHOST) {
> + pr_warn("host name too long\n");
> + goto cifs_parse_mount_err;
> + }
> +
> + kfree(ctx->opt_hostname);
> + ctx->opt_hostname = kstrdup(param->string, GFP_KERNEL);
> + if (ctx->opt_hostname == NULL) {
> + cifs_errorf(fc, "OOM when copying hostname string\n");
> + goto cifs_parse_mount_err;
> + }
No need to kstrdup() @param->string. You can simply replace it with
ctx->opt_hostname = no_free_ptr(param->string);
> + cifs_dbg(FYI, "Host name set\n");
When debugging is enabled, there will be messages logged saying that
'hostname=' has been passed, so no need for this debug message.
> + ctx->got_opt_hostname = true;
> + break;
> case Opt_domain:
> if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN)
> == CIFS_MAX_DOMAINNAME_LEN) {
> diff --git a/fs/smb/client/fs_context.h b/fs/smb/client/fs_context.h
> index 7af7cbbe4208..ff1a04661ef5 100644
> --- a/fs/smb/client/fs_context.h
> +++ b/fs/smb/client/fs_context.h
> @@ -184,6 +184,7 @@ enum cifs_param {
> Opt_pass,
> Opt_pass2,
> Opt_ip,
> + Opt_hostname,
> Opt_domain,
> Opt_srcaddr,
> Opt_iocharset,
> @@ -214,6 +215,7 @@ struct smb3_fs_context {
> bool gid_specified;
> bool sloppy;
> bool got_ip;
> + bool got_opt_hostname;
> bool got_version;
> bool got_rsize;
> bool got_wsize;
> @@ -226,6 +228,7 @@ struct smb3_fs_context {
> char *domainname;
> char *source;
> char *server_hostname;
> + char *opt_hostname;
> char *UNC;
> char *nodename;
> char workstation_name[CIFS_MAX_WORKSTATION_LEN];
You're introducing a new field to smb3_fs_context structure but forgot
to update smb3_fs_context_dup() and smb3_cleanup_fs_context_contents().
This will break automounts as well as leak
smb3_fs_context::opt_hostname.
next prev parent reply other threads:[~2026-02-27 18:46 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-05-16 15:22 [PATCH] fs/smb/client/fs_context: Add hostname option for CIFS module to work with domain-based dfs resources with Kerberos authentication Maria Alexeeva
2025-06-14 3:42 ` Vitaly Chikunov
2025-07-03 12:59 ` Maria Alexeeva
2025-07-24 22:14 ` Steve French
2025-07-24 22:50 ` Steve French
2025-07-30 16:54 ` Maria Alexeeva
2025-07-30 17:03 ` [PATCH v2] fs/smb/client/fs_context: Add dfs_domain_hostname " Maria Alexeeva
2025-07-30 17:09 ` [PATCH] mount.cifs: add support for domain-based DFS targets with Kerberos via hostname resolution Maria Alexeeva
2025-07-31 14:00 ` [PATCH] fs/smb/client/fs_context: Add hostname option for CIFS module to work with domain-based dfs resources with Kerberos authentication Steve French
2025-09-08 13:24 ` Maria Alexeeva
2025-12-30 16:47 ` [PATCH v3 0/1] Add hostname option for CIFS module Maria Alexeeva
2025-12-30 16:47 ` [PATCH v3 1/1] fs/smb/client/fs_context: Add hostname option for CIFS module to work with domain-based dfs resources with Kerberos authentication Maria Alexeeva
2026-02-23 18:02 ` Steve French
2026-02-27 18:46 ` Paulo Alcantara [this message]
[not found] ` <CAG5KTOZ6s4AjE0e66D9CMnZTP68YHzUb6p9nQKgeZeBV9ZVVBw@mail.gmail.com>
2026-02-27 21:07 ` Paulo Alcantara
2025-12-30 16:50 ` [PATCH v2] mount.cifs: add support for domain-based DFS targets with Kerberos via hostname resolution Maria Alexeeva
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=fcfa2783d489660bd152189ed34d9ddc@manguebit.org \
--to=pc@manguebit.org \
--cc=alxvmr@altlinux.org \
--cc=ivolchenko86@gmail.com \
--cc=linux-cifs@vger.kernel.org \
--cc=samba-technical@lists.samba.org \
--cc=smfrench@gmail.com \
--cc=tom@talpey.com \
--cc=vt@altlinux.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox