From owner-soc-status@freebsd.org  Mon Aug 10 18:40:14 2020
Return-Path: <owner-soc-status@freebsd.org>
Delivered-To: soc-status@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 89CCC3AC0BF
 for <soc-status@mailman.nyi.freebsd.org>; Mon, 10 Aug 2020 18:40:14 +0000 (UTC)
 (envelope-from shivankgarg98@gmail.com)
Received: from mail-ed1-f41.google.com (mail-ed1-f41.google.com
 [209.85.208.41])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (2048 bits) client-digest SHA256)
 (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4BQPsT6pB1z4fwJ;
 Mon, 10 Aug 2020 18:40:13 +0000 (UTC)
 (envelope-from shivankgarg98@gmail.com)
Received: by mail-ed1-f41.google.com with SMTP id m20so7149073eds.2;
 Mon, 10 Aug 2020 11:40:13 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc;
 bh=2FaqN8MRRFQaqkmh9mGLgVvzSxj7Am+42XLYeZlfq9U=;
 b=QhDn4cfgRDuEJFpIGk1WFhNqBND7od7SQ35uLCAOUjVB8H/zAxyQn15/iIdxI3IfUq
 pBqg6mwJ59w3yOAYJjH/nV2ovUZqqeeDklgcN+XZvAEXPWvYizcev1DbhIGCfBi/LIUa
 yzKtKPgqnhy344X7Hk2dDB88Ksp82PlwmERsjB25w7eVoSeiwjsp85Jp6m/AXkR4zJOq
 dkjtFpxKIXMFLuaozImUj4MXCWIszFJk89YyOlnIQFR2pJ5XziyB/v5Pne/12XLcrJVO
 HoJlGnFRIH4BdyqXF4YHGbQCpZ4jWPrMEvy1QframQNOjm+dg1KZ1s/yZKo4Lt7pTOsg
 3Q1Q==
X-Gm-Message-State: AOAM533RszRXhgXRA+FFHw3ArQX+SLo+DJ23Moq+MX9naCOLScKw9gTC
 zfco7LudpB6zBllS6NYg6VRUZcKJAts=
X-Google-Smtp-Source: ABdhPJx71c2xFnIRq4Kycm88lrM9nR4iWUvWxesRYJh+MfJPgbOWhtjppqiZNORE1Ie31clcHCR0/Q==
X-Received: by 2002:a50:e0cb:: with SMTP id j11mr22437129edl.159.1597084811938; 
 Mon, 10 Aug 2020 11:40:11 -0700 (PDT)
Received: from mail-ej1-f49.google.com (mail-ej1-f49.google.com.
 [209.85.218.49])
 by smtp.gmail.com with ESMTPSA id c20sm12903736edy.40.2020.08.10.11.40.11
 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
 Mon, 10 Aug 2020 11:40:11 -0700 (PDT)
Received: by mail-ej1-f49.google.com with SMTP id m22so10411250eje.10;
 Mon, 10 Aug 2020 11:40:11 -0700 (PDT)
X-Received: by 2002:a17:907:2115:: with SMTP id
 qn21mr23762984ejb.157.1597084811553; 
 Mon, 10 Aug 2020 11:40:11 -0700 (PDT)
MIME-Version: 1.0
From: Shivank Garg <shivank@freebsd.org>
Date: Tue, 11 Aug 2020 00:09:55 +0530
X-Gmail-Original-Message-ID: <CAOVCmzG1JTm-Xqe6JJxB=f9gyQQf-Csg1k+Tqw4-dUnbAXE3_w@mail.gmail.com>
Message-ID: <CAOVCmzG1JTm-Xqe6JJxB=f9gyQQf-Csg1k+Tqw4-dUnbAXE3_w@mail.gmail.com>
Subject: [GSoC'20 Weekly Update] Adding audit(4) support to NFS
To: soc-status@freebsd.org
Cc: Alan Somers <asomers@freebsd.org>
X-Rspamd-Queue-Id: 4BQPsT6pB1z4fwJ
X-Spamd-Bar: -
Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none;
 spf=pass (mx1.freebsd.org: domain of shivankgarg98@gmail.com designates
 209.85.208.41 as permitted sender) smtp.mailfrom=shivankgarg98@gmail.com
X-Spamd-Result: default: False [-1.88 / 15.00]; RCVD_TLS_ALL(0.00)[];
 RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[];
 FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[];
 TO_MATCH_ENVRCPT_ALL(0.00)[];
 R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17];
 MIME_GOOD(-0.10)[multipart/alternative,text/plain];
 DMARC_NA(0.00)[freebsd.org]; NEURAL_HAM_LONG(-0.89)[-0.893];
 RCVD_COUNT_THREE(0.00)[4]; NEURAL_HAM_MEDIUM(-0.84)[-0.841];
 NEURAL_HAM_SHORT(-0.14)[-0.144]; RCPT_COUNT_TWO(0.00)[2];
 RCVD_IN_DNSWL_NONE(0.00)[209.85.208.41:from];
 FORGED_SENDER(0.30)[shivank@freebsd.org,shivankgarg98@gmail.com];
 RWL_MAILSPIKE_POSSIBLE(0.00)[209.85.208.41:from];
 R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~];
 ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US];
 FROM_NEQ_ENVFROM(0.00)[shivank@freebsd.org,shivankgarg98@gmail.com];
 FREEMAIL_ENVFROM(0.00)[gmail.com]
Content-Type: text/plain; charset="UTF-8"
X-Content-Filtered-By: Mailman/MimeDel 2.1.33
X-BeenThere: soc-status@freebsd.org
X-Mailman-Version: 2.1.33
Precedence: list
List-Id: Summer of Code Status Reports and Discussion <soc-status.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/soc-status>,
 <mailto:soc-status-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/soc-status/>
List-Post: <mailto:soc-status@freebsd.org>
List-Help: <mailto:soc-status-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/soc-status>,
 <mailto:soc-status-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Aug 2020 18:40:14 -0000

Hi,

This project aims to add audit(4) support to NFS, which will allow
auditd(8) to just run on the NFS server and audit all activities within the
NFS network. Audit works mostly on the syscall level and NFS is implemented
within the kernel, which means the NFS RPCs don't generate any audit
records on the server.
Note that audit(4) can still be used on the NFS network but auditd(8) must
run on every NFS client.

Til this I week, I made the following progress:
* Fixed the AUDIT_NFSARG_UPATH1 to avoid unlocking/relocking of vnode for
locked vnode.
* Followed up on NFSv3 Audit(4) support revision here:
https://reviews.freebsd.org/D25869
* Started Auditing NFSv4 Sub-operations:
https://github.com/shivankgarg98/freebsd/compare/user/shivank/nfs_audit_review2...shivankgarg98:user/shivank/nfsv4_audit

Currently, I'm:
* Developing TestSuite for NFSv4 Simultaneously for audited sub-ops.
* auditing remaining NFSv4 services.

Please, do Check this project on
Github: https://github.com/shivankgarg98/freebsd/tree/user/shivank/nfs_audit
NFSv4 audit feature branch:
https://github.com/shivankgarg98/freebsd/tree/user/shivank/nfsv4_audit
Project wiki:
https://wiki.freebsd.org/SummerOfCode2020Projects/AddAuditSupportToNFS
TestSuite: https://github.com/shivankgarg98/NFSAuditTestSuite

Please feel free to share your ideas and feedback on this project.

Best Regards,
Shivank Garg