Kernel CIFS Module ignores USER_SESSION_DELETED PDUs and holds onto dead sessions.
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Linux |
Fix Released
|
Medium
|
|||
linux (Ubuntu) |
Triaged
|
Medium
|
Unassigned |
Bug Description
#Summary
The cifs kernel module currently ignores the nt_status USER_SESSION_
This is causing issues, as it appears that the kernel only reconnects after a delay period, during which time all IO to that network share (with that session id) results in an I/O error for the user; all the while the kernel is repeatedly resubmitting the requests in the background with the server just responding to each of them with yet more USER_SESSION_
This is contrasting to the behaviour on Windows clients - whereby if the response the client gets is USER_SESSION_
This causes massive issues multiuser mounts (as is the case for me), as if a users SMB session is deleted by the server for any reason, that user essentially loses all access to that share for extended periods, until the cifs module sees fit to treat that session as dead and renegotiate or an admin intervenes.
# Reproducing
Reproducing the issue is easily done, establish an SMB2+ mount to a Windows Server machine, open any directory on client to establish a session, then simply terminate that SMB session from the servers MMC console, if you then try and run any queries against that mountpoint on the client you will just end up with a string of I/O errors because its trying to use a session id which is dead.
For reference I'm testing using the following mount options:
vers=3.
# Affects
This affects all kernel releases that I've tested(including the kernel mainline), and hence I've reported it upstream, however I'm recording it here as well for reference purposes.
## Additional Reference Info
Current Version Sig: Ubuntu 4.4.0-78.99-generic 4.4.62
Changed in linux (Ubuntu): | |
importance: | Undecided → Medium |
status: | New → Triaged |
tags: | added: kernel-da-key |
Changed in linux: | |
importance: | Unknown → Medium |
status: | Unknown → Fix Released |
The cifs kernel module currently is currently disregarding the nt_status USER_SESSION_ DELETED packets sent to it from remote SMB2+ peers and is subsequently holding onto clearly dead SMB2+ sessions as a result.
This is causing issues as it appears that the kernel only reconnects after a delay period, during which time all IO to that network share (with that session id) results in an I/O error for the user; all the while the kernel is repeatedly resubmitting the requests in the background with the server just responding to each of them with the same error.
This is contrasting to the behaviour on Windows clients - whereby if the response the client gets is USER_SESSION_ DELETED, it will immediately dump that session and reconnect - transparently to the user.
This causes massive issues multiuser mounts (as is the case for me), as if a users SMB session is deleted by the server for any reason, that user essentially loses all access to that share for extended periods, until the cifs module sees fit to treat that session as dead and renegotiate or an admin intervenes.
Reproducing the issue is easily done, establish an SMB2+ mount to a Windows Server machine, open any directory on client to establish a session, then simply terminate that SMB session from the servers MMC console, if you then try and run any queries against that mountpoint on the client you will just end up with a string of I/O errors because its trying to use a session id which is dead.
For reference I'm testing using the following mount options: 02,multiuser, sec=ntlmsspi, file_mode= 0750,dir_ mode=0755, cache=none, credentials= /etc/smb. credentials. conf
vers=3.
Kernels 4.4 and 4.10 have extended delays until the user is able to regain access to the mountpoint, the latest rc has cut that down significantly and its only a few minutes, but even still if the session has been deleted by the server the client should at least attempt to reconnect and then resubmit the last command, rather than continue to submit packets with dead session ID's and return I/O to the user.