[RFC PATCH v2 0/9] smb: support security and trusted xattrs over EAs

From: Ze Tan

Date: Thu Jul 16 2026 - 23:40:22 EST


The CIFS client and ksmbd currently expose SMB extended attributes
mainly through the Linux user.* namespace. This causes security and
trusted xattr names carried through SMB EAs to be stored with an
additional user. prefix on the server.

For example, security.xfstests can be stored as
user.security.xfstests instead of security.xfstests. This also prevents
security.capability from being handled as a file capability.

generic/093 exercises these namespaces through several commands:

- setcap and getcap use security.capability;
- _require_attrs security uses security.xfstests;
- setfattr and getfattr use trusted.name.

This RFC adds end-to-end handling for the xattrs required by those
operations. The client passes security.capability,
security.xfstests and trusted.* names through SMB EAs without adding
the user. prefix. When SMB3 POSIX extensions are available, ksmbd maps
the same names to their native backing filesystem xattr namespaces for
set, get and list operations.

The security namespace is deliberately restricted to
security.capability and security.xfstests. Other security.* xattrs are
not exposed by this series. trusted.* names are supported while
internal POSIX ACL xattrs remain filtered.

The series also avoids an oplock self-deadlock found while running
generic/093. An EA or metadata-only reopen from the same SMB session
can otherwise break an oplock held by that session and wait for the
same client. Oplock breaks from other sessions and opens with share
conflicts continue to use the normal break path.

Patches 1-3 add the CIFS client support. Patches 4-5 refactor the ksmbd
EA name conversion paths without changing behavior. Patches 6-8 add
the corresponding ksmbd mappings. Patch 9 handles the same-session
oplock case.

The series touches both the CIFS client and ksmbd. It is sent as one
RFC so that the end-to-end name mapping and protocol behavior can be
reviewed together. It can be split into client and server patchsets
for merging after the approach is agreed.

Testing:

generic/093 was run with the CIFS test mount mapped to the fsgqa uid
and gid. Both xfstests mount option variables were configured as
follows:

export CIFS_OPTS="-o username=fsgqa,password=<password>"
export CIFS_OPTS="${CIFS_OPTS},uid=1001,gid=1001"
export TEST_FS_MOUNT_OPTS="${CIFS_OPTS}"
export MOUNT_OPTIONS="${CIFS_OPTS}"
cd ~/xfstests/
./check -d generic/093

generic/093 passed.

Changelog
---------------

rfc v2: Rebase the patch series onto the for-next branch and resubmit it to avoid "Failed to apply" errors.

rfc: https://lore.kernel.org/all/20260715074908.641940-1-tanze@xxxxxxxxxx/

Ze Tan (9):
smb: client: support security.capability over EAs
smb: client: support security.xfstests over EAs
smb: client: support trusted xattrs over EAs
ksmbd: extract SMB EA backing xattr name mapping
ksmbd: extract SMB EA response name handling
ksmbd: support security.capability EAs
ksmbd: support security.xfstests EAs
ksmbd: support trusted EAs
ksmbd: avoid self oplock breaks for EA opens

fs/smb/client/smb2ops.c | 34 ++++++++-
fs/smb/client/xattr.c | 109 ++++++++++++++++++++++++--
fs/smb/server/oplock.c | 49 ++++++++++++
fs/smb/server/smb2pdu.c | 165 +++++++++++++++++++++++++++++++---------
4 files changed, 311 insertions(+), 46 deletions(-)


base-commit: fce2dfa773ced15f27dd27cd0b482a7473cdcf2a
--
2.43.0