This article is more than 1 year old
Linux 6.6's in-kernel SMB networking server graduates
Samsung's KSMBD server hitting primetime has several significant implications
The next release of the Linux kernel, 6.6, has hit release candidate status. As usual, it contains a number of new features, but we think one has more potential ramifications than all the others put together.
Linus Torvalds announced kernel 6.6-rc1 last night, and it includes the KSMBD in-kernel server for the SMB networking protocol, developed by Samsung's Namjae Jeon. We've covered his work a few times on The Reg, including as a possible stand-in maintainer for NTFS3 as well as maintaining support for Microsoft's exFAT disk format.
Samsung is a significant force in the storage market, and Reg sister site Blocks & Files often covers what the chaebŏl is up to. Samsung alone represents some 17 percent of South Korean GDP.
KSMBD has been around for a while. Just before it was first merged into kernel 5.15, LWN offered a good explainer on how the new module worked. Kernel 5.15 itself was a significant release for its NTFS support. The very next month, on Christmas eve of 2022, Linux sysadmins got to enjoy KSMBD's first security exploit. What's changed now is that it has faced considerable security testing and as a result it is no longer marked as experimental.
It's been developed with the assistance of the Samba team, which itself documents how to use it. It's compatible with existing Samba configuration files. As the team says:
It is not meant to replace the existing Samba fileserver "smbd", but rather be an extension and will integrate with Samba in the future.
One significant difference that results from including this as part of the kernel, though, is it means that KSMBD therefore is covered by version 2 of the GNU Public licence, or GPL2 for short. Samba itself uses GPL version 3, of which Torvalds is not an admirer.
GPL 3 places tighter restrictions on how code can be used in commercial products. When Samba switched to GPL 3, one result was that Apple dropped Samba from Mac OS X and replaced it with its own, in-house server called SMBX.
This was a significant move, because over time, Mac OS X (as the Reg FOSS desk still tends to call it) has gradually been made more and more reliant on SMB for its network connections. In the release before OS X "Lion," 2009's Mac OS X 10.6, Apple had removed the AppleTalk network protocol, although the separate AppleTalk Filing Protocol (AFP) over TCP/IP remained. In Mac OS X 10.9, Apple switched to using SMB by default.
Most recently, in 2020, Apple removed the ability to share volumes over the AFP from macOS 11.
So even though macOS is a Unix, and includes support for Unix's own native file-sharing protocol, NFS, the Network File System, it defaults to Microsoft's so-called Common Internet File System instead. With CIFS SMB right inside the Linux kernel, it is conceivable that over time this might happen over in Linux-land as well.
KSMBD is also important in that placing such core server functionality right inside the kernel represents a significant potential attack surface for crackers. As one comment on Hacker News said "Unless this is formally proven or rewritten in a safer language, you'll have to pay me in solid gold to use such a CVE factory waiting to happen."
- Linus Torvalds couldn't find an excuse to hold back Linux 6.5, so here it is
- Fed-up Torvalds suggests disabling AMD's 'stupid' performance-killing fTPM RNG
- Linux has nearly half of the desktop OS Linux market
- Debian dev to the rescue after proposal to remove Itanium from Linux kernel
An ideal candidate for rewriting it in Rust, then, to use the exciting new support. The new bcachefs file system will not be going into kernel 6.6, and its developer is not happy. Perhaps he should hurry up its Rust rewrite, too.
Linux isn't the first Unix to get an in-kernel SMB server, though. OpenSolaris did the same back in 2007, and it's doing fin— Oh wait. Well, not-so-open Solaris is still around, anyway. ®
Bootnote
Current versions of macOS can still connect to AFP shares on other computers, and just as this vulture was writing the paragraph about the removal of AFP sharing support, his TrueNAS box started quietly burbling as Time Machine began making a backup on the server's ZFS RAIDZ, shared over AFP. However, that too is deprecated and will disappear at some point.