[cifs-protocol] SMB2 Create replay with multichannel

Stefan Metzmacher metze at samba.org
Sat May 1 14:15:24 UTC 2021 

Hi Dochelp,

I want to clarify unexpected behavior (which is also not documented)
of Windows server regarding the replay of SMB2 Create operations.

From our https://bugzilla.samba.org/show_bug.cgi?id=14449:

I think I basically know now how the create replay detection is supposed
to work with pending opens.

I found the key hint in this presentation on page
24:https://www.snia.org/sites/default/orig/SDC2011/presentations/tuesday/DavidKruseMatthewGeorge_SMB2-2_Bigger_Faster_Scalier_Parts_I_and_II_combined-v1-0.pdf
The key point is that the server should return STATUS_FILE_NOT_AVAILABLE
as long as the open is still processed and the server detects a channel
failure after the client.

The strange thing is that [MS-SMB2] doesn't document this:
https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/

My tests against Windows revealed that the server code returns
NT_STATUS_ACCESS_DENIED instead of NT_STATUS_FILE_NOT_AVAILABLE.

When SMB2 leases are not used and only oplocks, then the replay is not
detected at all and I'm getting NT_STATUS_SHARING_VIOLATION after 35 delay.

However I added test code to disconnect a connection when we get a create
without replay flag, then I delay the request by 35 seconds.
During that period I return NT_STATUS_ACCESS_DENIED to
the replay attempts from the client in order to simulate the
Windows server. The Windows client reports that ACCESS_DENIED to
the application (e.g. explorer).

I changed the server code to return NT_STATUS_FILE_NOT_AVAILABLE,
in that case the Windows client retries the operation like documented
in [MS-SMB2]:

  <152> Section 3.2.5.1: For the following error codes, Windows-based clients will retry
the operation
  up to three times and then retry the operation every 5 seconds until the count of
milliseconds
  specified by Open.ResilientTimeout is exceeded:

  - STATUS_SERVER_UNAVAILABLE

  - STATUS_FILE_NOT_AVAILABLE

  - STATUS_SHARE_UNAVAILABLE

After 35-40 seconds the client reports the successful retry to the application.
I tested that with "smb2 leases = yes" and "smb2 leases = no", in both cases
the client is happy.


Can you please document that behavior and discuss with the product team
if this intended or (as I assume) it is just a bug in Windows.

Thanks!
metze

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20210501/e87000ba/OpenPGP_signature.sig>

More information about the cifs-protocol mailing list