[RFC PATCH] smbd: resilient file handle support

Uri Simchoni uri at samba.org
Sun Feb 14 06:20:53 UTC 2016

On 02/12/2016 05:25 PM, Michael Adam wrote:
> On 2016-02-12 at 15:10 +0200, Uri Simchoni wrote:
>> On 02/12/2016 12:38 AM, Michael Adam wrote:
>>> On 2016-02-11 at 23:42 +0200, Uri Simchoni wrote:
>>>> Hi,
>>>> Attached pls find a patch for supporting resilient file
>>>> handles. Comments are welcome. It doesn't include tests yet,
>>>> but I would appreciate technical feedback and any other
>>>> feedback.
>>> Cool!
>>> A few comments up front before digging deeper into the
>>> actual patches.
>>> Note the hacked up implementation (by metze) in the
>>> master-multi-channel-obnox branch:
>>> https://git.samba.org/?p=obnox/samba/samba-obnox.git;a=commitdiff;h=8e68d390dc640ceb3aa9594c9d18d5d3d01c24f2
>>> samba.org/?p=obnox/samba/samba-obnox.git;a=shortlog;h=refs/heads/master-multi-channel-obnox
>> OK that looks like a "fake resilient" implementation.
>>> <snip>
>>> One main difference is that while durable handles are purely
>>> best effort, i.e. when a second client tries to open a file
>>> with a disconnected durable handle, that handle is closed
>>> and the original opener can not reconnect it. For resilient
>>> handles, there are iirc (need to look up the exact details),
>>> certain weak guarantees where new openers are blocked for
>>> a short disconnected time. The same is true for persistent
>>> handles, but with stronger guarantees and you can also get
>>> them without oplocks, on a scale-out share.
>>> I think implementing these guarantees is the major challenge
>>> in implementing resilient and durable handles.
>>> <snip>
>>> Cheers - Michael
>> Thanks so much for summarizing what resilient handles are in technical terms
>> - I could not find such a concise description anywhere so I tried to dig it
>> from [MS-SMB2].
>> It looks like I got the differences-from-durable right (in my a-b-c list),
>> but may be way off-base claiming that Samba's durable handles are already
>> "resilient in disguise" (in that the original opener of a Samba durable
>> handle can reconnect to it if someone else has opened the file while being
>> disconnected).
> Right, if there is a second attempt to open a file, while a durable
> handle on this file is disconnected, the durable is closed /
> destroyed and the new opener is afterwards the only opener of the
> file. This like this in the doc (MS-SMB2) and in samba code.
> (Will point out the corresponding code sections later.)
> As you described, it is different with resilient handles.
> Michael

OK, I'll sit back and wait then, as Metze had suggested. I can implement 
"fake resilient" on a forked tree and get rid of it later, because I 
have a way of guaranteeing that shares in which I enable "fake 
resilient" are only being used for backup (and not HyperV).

What lead me to think that Samba durable handles are "resilient in 
disguise" is that I didn't spot any deletion of the smbXsrv_open_global0 
associated with the open upon oplock break.


More information about the samba-technical mailing list