smb: client: Add tracepoint for krb5 auth

Add tracepoint to help debugging krb5 auth failures.

Example:

$ trace-cmd record -e smb3_kerberos_auth
$ mount.cifs ...
$ trace-cmd report
mount.cifs-1667 [003] .....  5810.668549: smb3_kerberos_auth: vers=2
host=w22-dc1.zelda.test ip=192.168.124.30:445 sec=krb5 uid=0 cruid=0
user=root pid=1667 upcall_target=app err=-126

Signed-off-by: Paulo Alcantara (Red Hat) <pc@manguebit.org>
Reviewed-by: David Howells <dhowells@redhat.com>
Cc: Pierguido Lambri <plambri@redhat.com>
Cc: linux-cifs@vger.kernel.org
Signed-off-by: Steve French <stfrench@microsoft.com>

diff --git a/fs/smb/client/cifs_spnego.c b/fs/smb/client/cifs_spnego.c
index da935bd1ce8781596c9ffb491de05f2f9b51a765..3a41bbada04c763a4137f0e8af3b8eb967d55ba7 100644 (file)
--- a/fs/smb/client/cifs_spnego.c
+++ b/fs/smb/client/cifs_spnego.c
@@ -159,6 +159,7 @@ cifs_get_spnego_key(struct cifs_ses *sesInfo,
        cifs_dbg(FYI, "key description = %s\n", description);
        scoped_with_creds(spnego_cred)
                spnego_key = request_key(&cifs_spnego_key_type, description, "");
+       trace_smb3_kerberos_auth(server, sesInfo, PTR_ERR_OR_ZERO(spnego_key));
 
 #ifdef CONFIG_CIFS_DEBUG2
        if (cifsFYI && !IS_ERR(spnego_key)) {

diff --git a/fs/smb/client/smb2pdu.c b/fs/smb/client/smb2pdu.c
index c9f437cd29a2110cb34cd183c8ebd9ef27dac17a..5d57c895ca37a787cc8edb448a1d9244ea9d3204 100644 (file)
--- a/fs/smb/client/smb2pdu.c
+++ b/fs/smb/client/smb2pdu.c
@@ -1695,8 +1695,6 @@ SMB2_auth_kerberos(struct SMB2_sess_data *sess_data)
        spnego_key = cifs_get_spnego_key(ses, server);
        if (IS_ERR(spnego_key)) {
                rc = PTR_ERR(spnego_key);
-               if (rc == -ENOKEY)
-                       cifs_dbg(VFS, "Verify user has a krb5 ticket and keyutils is installed\n");
                spnego_key = NULL;
                goto out;
        }

diff --git a/fs/smb/client/trace.c b/fs/smb/client/trace.c
index 16b0e719731fd0493833ad2611123c787261cf38..8a99b68d0c71e61a5697e3e7acaf28090f39659b 100644 (file)
--- a/fs/smb/client/trace.c
+++ b/fs/smb/client/trace.c
@@ -5,5 +5,6 @@
  *   Author(s): Steve French <stfrench@microsoft.com>
  */
 #include "cifsglob.h"
+#include "cifs_spnego.h"
 #define CREATE_TRACE_POINTS
 #include "trace.h"

diff --git a/fs/smb/client/trace.h b/fs/smb/client/trace.h
index 252073352e797b26c20adc7f0a296949a7ec8904..b0fbc2df642e9b60329ef4d2df1b2779116054c0 100644 (file)
--- a/fs/smb/client/trace.h
+++ b/fs/smb/client/trace.h
@@ -1692,6 +1692,49 @@ DEFINE_SMB3_CREDIT_EVENT(waitff_credits);
 DEFINE_SMB3_CREDIT_EVENT(overflow_credits);
 DEFINE_SMB3_CREDIT_EVENT(set_credits);
 
+TRACE_EVENT(smb3_kerberos_auth,
+               TP_PROTO(struct TCP_Server_Info *server,
+                        struct cifs_ses *ses,
+                        int rc),
+               TP_ARGS(server, ses, rc),
+               TP_STRUCT__entry(
+                       __field(pid_t, pid)
+                       __field(uid_t, uid)
+                       __field(uid_t, cruid)
+                       __string(host, server->hostname)
+                       __string(user, ses->user_name)
+                       __array(__u8, addr, sizeof(struct sockaddr_storage))
+                       __array(char, sec, sizeof("ntlmsspi"))
+                       __array(char, upcall_target, sizeof("mount"))
+                       __field(int, rc)
+               ),
+               TP_fast_assign(
+                       __entry->pid = current->pid;
+                       __entry->uid = from_kuid_munged(&init_user_ns, ses->linux_uid);
+                       __entry->cruid = from_kuid_munged(&init_user_ns, ses->cred_uid);
+                       __assign_str(host);
+                       __assign_str(user);
+                       memcpy(__entry->addr, &server->dstaddr, sizeof(__entry->addr));
+
+                       if (server->sec_kerberos)
+                               memcpy(__entry->sec, "krb5", sizeof("krb5"));
+                       else if (server->sec_mskerberos)
+                               memcpy(__entry->sec, "mskrb5", sizeof("mskrb5"));
+                       else if (server->sec_iakerb)
+                               memcpy(__entry->sec, "iakerb", sizeof("iakerb"));
+                       else
+                               memcpy(__entry->sec, "krb5", sizeof("krb5"));
+
+                       if (ses->upcall_target == UPTARGET_MOUNT)
+                               memcpy(__entry->upcall_target, "mount", sizeof("mount"));
+                       else
+                               memcpy(__entry->upcall_target, "app", sizeof("app"));
+                       __entry->rc = rc;
+               ),
+               TP_printk("vers=%d host=%s ip=%pISpsfc sec=%s uid=%d cruid=%d user=%s pid=%d upcall_target=%s err=%d",
+                         CIFS_SPNEGO_UPCALL_VERSION, __get_str(host), __entry->addr,
+                         __entry->sec, __entry->uid, __entry->cruid, __get_str(user),
+                         __entry->pid, __entry->upcall_target, __entry->rc))
 
 TRACE_EVENT(smb3_tcon_ref,
            TP_PROTO(unsigned int tcon_debug_id, int ref,