Announcement

Collapse
No announcement yet.

KSMBD Declared Stable - No Longer "Experimental" - In Linux 6.6

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #11
    Originally posted by Old Grouch View Post

    Kernel modules can dynamically load and unload from the kernel during runtime. So if you are not using ksmbd, you don't need to load it. Linux is not monolithic.
    They're still compiled with the kernel, run with the kernel in kernel space and will only run with that compiled kernel. Modules in Linux are only modulear in that the executable code can be loaded and unloaded on-demand, nothing really else.

    Comment


    • #12
      Originally posted by Steffo View Post

      They still operate in the kernel space.
      True, but details

      Comment


      • #13
        I want a videogame implemented in Linux kernel too, using Vulkan API at least. Please.

        Comment


        • #14
          Perhaps it would be helpful if folks complaining about KSMBD read the comments on the previous Phoronix article?
          - See https://www.phoronix.com/news/KSMBD-Lands-In-Linux-5.15
          - There was a good explanation of the performance and security advantages of KSMBD vs user space SMBD.

          Al

          Comment


          • #15
            Originally posted by Steffo View Post
            Linux is the absolute opposite of a microkernel. Not only from a technical standpoint, but also from a philosophical standpoint. Features, which have not to be implemented in the kernel, are getting implemented in the kernel. This is absolutely unnecessary!
            I remember watching a presentation from Linux Plumbers Conference where they said that Linux is now hybrid because you can add userspace modules through EBPF. But the dominant approach, of course, is monolithic.

            Comment


            • #16
              Originally posted by AlDunsmuir View Post
              Perhaps it would be helpful if folks complaining about KSMBD read the comments on the previous Phoronix article?
              - See https://www.phoronix.com/news/KSMBD-Lands-In-Linux-5.15
              - There was a good explanation of the performance and security advantages of KSMBD vs user space SMBD.

              Al
              That's not the right link. The article before that one contains the aim of KSMBD. It's probably just easier to C/P the originator's comments on the topic as to why the module is needed.

              ksmbd is a new kernel module which implements the server-side of the SMB3 protocol. The target is to provide optimized performance, GPLv2 SMB server, better lease handling (distributed caching). The bigger goal is to add new features more rapidly (e.g. RDMA aka "smbdirect", and recent encryption and signing improvements to the protocol) which are easier to develop on a smaller, more tightly optimized kernel server than for example in Samba. The Samba project is much broader in scope (tools, security services, LDAP, Active Directory Domain Controller, and a cross platform file server for a wider variety of purposes) but the user space file server portion of Samba has proved hard to optimize for some Linux workloads, including for smaller devices. This is not meant to replace Samba, but rather be an extension to allow better optimizing for Linux, and will continue to integrate well with Samba user space tools and libraries where appropriate. Working with the Samba team we have already made sure that the configuration files and xattrs are in a compatible format between the kernel and user space server. --Steve French the current CIFS/SMB3 kernel module mantainer
              While I do believe the Linux kernel has a very real problem with feature creep, and that it's sorely lacking in the security department in light of the current threat environment, there are valid arguments why KSMBD is needed. What some people apparently don't realize is that there's been a Linux kernel component to user space Samba for a very long time already.

              The guy above making a crack that he doesn't care because he uses NFS? NFS has a Linux kernel module component, too, nor is that module immune to attack. It's also a beast to properly secure. Samba is relatively easier as it defaults to user authentication, encrypted connections and it'll work with Active Directory, which is a Big Thing with corporations. Linux NFS defaults to version 3 which does neither. There's no user authentication, nor is the data securely passed from client/server. This isn't a major problem at home if all you have are Unix-like systems as long as you ignore the brittleness of Linux's version of NFS, but in most organizations it's a big no-no.

              Comment


              • #17
                Yup, really a corporate plus for having SMB in-kernel. Easier package maintenance/updates, only have to deal with kernel licensing not a third party package licensing which can evolve at a whim's notice... etc shrugs.

                Comment


                • #18
                  Linux has both kernel and user-space SMB servers. I need to decide which one I should use. But lazy me thinks leave it as it is in the user-space. For high security and performance requirements it might be better to use the KSMBD ... after some serious testing.

                  Comment


                  • #19
                    Id like to see some benchmarks of samba vs ksmb

                    Comment


                    • #20
                      Originally posted by mrg666 View Post
                      Linux has both kernel and user-space SMB servers. I need to decide which one I should use. But lazy me thinks leave it as it is in the user-space. For high security and performance requirements it might be better to use the KSMBD ... after some serious testing.
                      samba will use the kernel smb module in the future. so you won't have to decide

                      Comment

                      Working...
                      X