From owner-soc-status@freebsd.org Mon Jun 1 17:36:03 2020 Return-Path: Delivered-To: soc-status@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8516233D2CB; Mon, 1 Jun 2020 17:36:03 +0000 (UTC) (envelope-from shivankgarg98@gmail.com) Received: from mail-ej1-f53.google.com (mail-ej1-f53.google.com [209.85.218.53]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 49bMlk3wRsz4Jsc; Mon, 1 Jun 2020 17:36:02 +0000 (UTC) (envelope-from shivankgarg98@gmail.com) Received: by mail-ej1-f53.google.com with SMTP id a25so2788001ejg.5; Mon, 01 Jun 2020 10:36:02 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=0O1NAlIZp6A603OE01WApz3F/z+AXVY6wus9xhp2d98=; b=O853tkYujxcAUIFt0fiSJGscDoR8cr2yaT2ShMyc+ff9e1DcvmVEbklmt1MkFS3j7s 3onpGr3XHJAz+t/xvfKytgyQpKoMZQ2wRo7d0CDO0f0o+BpIcbX4rVtXlm4RjHqZUpxt StbZbQ9nmQQueIucaDFTHLlQ3M2e9/QvZAKTAAIrkgVsjHTe1hn1sdKzycbAWBSCBngt Mb1xZiWW1CFoeG38Hh0EWbNUYbjTvYrhp/H7zdZ6l3TPAqrStz/XDYMm3wDj93Oqp5e/ KE7WUUc8QU5nxUt9wZADLQvDzgk7voIOThUwJrDJsVtBb6DPAsh55AMgoRGFrqOhXaQG AFpw== X-Gm-Message-State: AOAM532r9HR0ReDILPkhd94kk9zrB7z6QtVuzbSZcUnHX5Vc8d2tDmxB lgxuuGOC2cq3UsQPVQHadav36YnJbaU= X-Google-Smtp-Source: ABdhPJyAMftgu/kb1uziIx2trnJ3tJNqKe1x94DX7JNft9PMbFnKo5YiFEqZTtoiRCCw1kGgt6eHvQ== X-Received: by 2002:a17:906:2615:: with SMTP id h21mr13558861ejc.84.1591032960644; Mon, 01 Jun 2020 10:36:00 -0700 (PDT) Received: from mail-ed1-f53.google.com (mail-ed1-f53.google.com. [209.85.208.53]) by smtp.gmail.com with ESMTPSA id dm1sm203447ejc.99.2020.06.01.10.35.59 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 01 Jun 2020 10:36:00 -0700 (PDT) Received: by mail-ed1-f53.google.com with SMTP id g9so7873329edw.10; Mon, 01 Jun 2020 10:35:59 -0700 (PDT) X-Received: by 2002:a50:c3c5:: with SMTP id i5mr429507edf.314.1591032959252; Mon, 01 Jun 2020 10:35:59 -0700 (PDT) MIME-Version: 1.0 From: Shivank Garg Date: Mon, 1 Jun 2020 23:05:46 +0530 X-Gmail-Original-Message-ID: Message-ID: Subject: [GSoC'20 Introduction] Adding audit(4) support to NFS To: freebsd-hackers@freebsd.org, soc-status@freebsd.org Cc: Alan Somers X-Rspamd-Queue-Id: 49bMlk3wRsz4Jsc X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of shivankgarg98@gmail.com designates 209.85.218.53 as permitted sender) smtp.mailfrom=shivankgarg98@gmail.com X-Spamd-Result: default: False [-2.01 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17]; DMARC_NA(0.00)[freebsd.org]; RWL_MAILSPIKE_GOOD(0.00)[209.85.218.53:from]; NEURAL_HAM_LONG(-0.96)[-0.957]; RCVD_COUNT_THREE(0.00)[4]; NEURAL_HAM_MEDIUM(-0.94)[-0.939]; NEURAL_HAM_SHORT(-0.11)[-0.114]; RCVD_IN_DNSWL_NONE(0.00)[209.85.218.53:from]; FORGED_SENDER(0.30)[shivank@freebsd.org,shivankgarg98@gmail.com]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; RCVD_TLS_ALL(0.00)[]; FROM_NEQ_ENVFROM(0.00)[shivank@freebsd.org,shivankgarg98@gmail.com] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: soc-status@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Summer of Code Status Reports and Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Jun 2020 17:36:03 -0000 Hi everyone, This project aims to add audit(4) support to NFS, which will allow auditd(8) to just run on the NFS server and audit all activities within the NFS network. Note that audit(4) can still be used on the NFS network but auditd(8) must run on every NFS client. *Mentor: *Alan Somers *Project Information/Background:* Security event auditing permits the selective and fine-grained configurable logging of security-relevant system events for the purpose of post-mortem analysis, intrusion detection, and run-time monitoring. It is intended to meet the requirements of the Common Criteria(CC)/Common Access protection profile(CAPP) evaluation. Audit works mostly on the syscall level and NFS is implemented within the kernel, which means the NFS RPCs don't generate any audit records on the server. The NFS RPC requests bypass the syscall layer and go directly to the VFS layer. The need for this support arises in case of insecure networks, where running auditd(8) on each client is not an option(the audit log on such clients can't be trusted) *Approach:* This project will require the modification in the NFS server code to allow an audit of each NFS RPC. This will auditd(8) to audit all the NFS activities within the network. The NFS RPCs code lies mostly in nfs_nfsdserv.c and nfs_nfsdsocket.c. There would need to define AUDIT_NFSRPC_ENTER and AUDIT_NFSPRC_EXIT in a similar fashion to AUDIT_SYSCALL_ENTER and AUDIT_SYSCALL_EXIT at NFS RPC level. For auditing events, within each NFS RPC, one or more AUDIT_ARG_* macros(or some modification of them) will be called. The implementation design is under the thought process. *Project Wiki and Source links:* * Project Wiki Page: https://wiki.freebsd.org/SummerOfCode2020Projects/AddAuditSupportToNFS * Github Repo link: https://github.com/shivankgarg98/freebsd/tree/user/shivank/nfs_audit * Please see this diff for all changes: https://github.com/freebsd/freebsd/compare/master...shivankgarg98:user/shivank/nfs_audit Note: I'll be updating weekly status report on soc-status@ Please feel free to share your ideas and feedback on this project. Happy Hacking! :) Best Regards, Shivank Garg Undergrad at IIT Kanpur, India From owner-soc-status@freebsd.org Tue Jun 2 17:19:48 2020 Return-Path: Delivered-To: soc-status@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 20FD82F4AB3; Tue, 2 Jun 2020 17:19:48 +0000 (UTC) (envelope-from ankur.kothiwal99@gmail.com) Received: from mail-qk1-f178.google.com (mail-qk1-f178.google.com [209.85.222.178]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 49bzLW17z6z4K9L; Tue, 2 Jun 2020 17:19:46 +0000 (UTC) (envelope-from ankur.kothiwal99@gmail.com) Received: by mail-qk1-f178.google.com with SMTP id v79so13248204qkb.10; Tue, 02 Jun 2020 10:19:46 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc :content-transfer-encoding; bh=0ZJaPpBX9kF5a3yJvUNlpg+PWeIWVrIZP9+UhJoVmwE=; b=gB+K2Gku46nV3ybaXiHnt3Ed9ebx6DiaWUnDgkEarrmwF6l1e7kfFo+IiICpizv5in 5hoQqEPN1r4MP7LXxj7Q0UiA6Xv2Zel84WZgNAaRL5+iNas9QRGi/b/Y/RIi+pfwX0J3 H+k+bbB5R9T/y9aWx+Tu7eKxGFgpHi/Ho4ldZOsLv2PllNU4i7gHNWQwkrgwAeUOt9FO B0ncW5Rls0U0nT+7gk5/NrYw5Tx3TVkh15PTzxE0JiaaDX16JGWJvNIoJZt0Thca6xOm J0D+gQ2nO4Bn8tUegmiUqhedkiyAJ0jsHONrESgQ/3lf88cg5fQRZanpvOxa1RoBIx4G HTNw== X-Gm-Message-State: AOAM533bMEpDBOBbTsHLVr7mU9823M8lvJsUy8u0/z8didDVN4Gxyk19 LF9MIr0KDsHczxQk8rV6uL+IAufI/MWPhWXE X-Google-Smtp-Source: ABdhPJygpVRcl2A0dDLRvkFekMBxXwXMoK0QHLnK7I5ZaJ91VUiZgPO52GzVqBoXNFBKzjiybaKH6g== X-Received: by 2002:a05:620a:1281:: with SMTP id w1mr2133804qki.462.1591118385581; Tue, 02 Jun 2020 10:19:45 -0700 (PDT) Received: from mail-qt1-f177.google.com (mail-qt1-f177.google.com. [209.85.160.177]) by smtp.gmail.com with ESMTPSA id w10sm3234994qtc.15.2020.06.02.10.19.44 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 02 Jun 2020 10:19:45 -0700 (PDT) Received: by mail-qt1-f177.google.com with SMTP id y1so11246729qtv.12; Tue, 02 Jun 2020 10:19:44 -0700 (PDT) X-Received: by 2002:ac8:f7b:: with SMTP id l56mr8124539qtk.127.1591118384295; Tue, 02 Jun 2020 10:19:44 -0700 (PDT) MIME-Version: 1.0 From: Ankur Kothiwal Date: Tue, 2 Jun 2020 22:49:18 +0530 X-Gmail-Original-Message-ID: Message-ID: Subject: [GSoC'20 Introduction] eBPF XDP Hook To: freebsd-hackers@freebsd.org, soc-status@freebsd.org Cc: rstone@freebsd.org, hrs@freebsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Queue-Id: 49bzLW17z6z4K9L X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of ankurkothiwal99@gmail.com designates 209.85.222.178 as permitted sender) smtp.mailfrom=ankurkothiwal99@gmail.com X-Spamd-Result: default: False [-2.03 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_NEQ_ENVFROM(0.00)[ankur@freebsd.org,ankurkothiwal99@gmail.com]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17:c]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; DMARC_NA(0.00)[freebsd.org]; RCVD_TLS_ALL(0.00)[]; NEURAL_HAM_LONG(-0.98)[-0.980]; RCVD_COUNT_THREE(0.00)[4]; NEURAL_HAM_MEDIUM(-0.82)[-0.823]; NEURAL_HAM_SHORT(-0.22)[-0.225]; RCVD_IN_DNSWL_NONE(0.00)[209.85.222.178:from]; FORGED_SENDER(0.30)[ankur@freebsd.org,ankurkothiwal99@gmail.com]; RWL_MAILSPIKE_POSSIBLE(0.00)[209.85.222.178:from]; R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; MIME_TRACE(0.00)[0:+]; TAGGED_FROM(0.00)[] X-BeenThere: soc-status@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Summer of Code Status Reports and Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Jun 2020 17:19:48 -0000 Hello everyone, Project: Implement eBPF XDP for FreeBSD by extending VirtIO ethernet driver if_vtnet The goal of this project is to extend an existing FreeBSD network driver ,VirtIO if_vtnet to be able to call into an eBPF program when processing a newly received packet. The driver will perform the basic actions of XDP like PASS, DROP, TX or REDIRECT the packet as specified by the program. The project will also implement new map type and other eBPF helper functions.The aim of this project is to add new probe sites into the kernel that will call eBPF functions Mentors: Ryan Stone and Hiroki Sato Approach for the project: The project aims to extend the NIC driver =E2=80=9Cif_vtnet=E2=80=9D to sup= port XDP. The approach is to write a XDP hook as a pfil (packet filter) hook (https://svnweb.freebsd.org/changeset/base/356613) in the vtnet_rxq_eof() function which is the function that deals with receiving the packets from the driver. This approach will help the XDP hook to work on any driver that supports pfil (like mlx5en). The function will take XDP actions (like PASS, DROP etc) on the packet which will further be processed by the eBPF program. Project GSoC Wiki: https://wiki.freebsd.org/SummerOfCodeIdeas#eBPF_XDP_Hook= s Github Repo for the code: https://github.com/rysto32/freebsd/tree/ebpf-import FreeBSD Wiki Student: https://wiki.freebsd.org/AnkurKothiwal Project: https://wiki.freebsd.org/SummerOfCode2020Projects/eBPFXDPHooks Thank you for giving your time to read. Please feel free to share your feedback and suggestion. Thanks and Regards Ankur Kothiwal