From owner-soc-status@freebsd.org Tue Jul 28 03:47:08 2020 Return-Path: Delivered-To: soc-status@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 40DA837B3B0 for ; Tue, 28 Jul 2020 03:47:08 +0000 (UTC) (envelope-from ankur.kothiwal99@gmail.com) Received: from mail-qk1-f180.google.com (mail-qk1-f180.google.com [209.85.222.180]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BG2fz374xz3XTQ; Tue, 28 Jul 2020 03:47:07 +0000 (UTC) (envelope-from ankur.kothiwal99@gmail.com) Received: by mail-qk1-f180.google.com with SMTP id g26so17515064qka.3; Mon, 27 Jul 2020 20:47:07 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=wGjHfsG1+YR8k8GYGgVjXoe07iNSqvUzREPH9o6Wm7I=; b=kokCZelvQz6mTl/WubNsj9XhnPj12DtWlIabK8zysedKR/vrku+Wak7bTDIzTJfDJt V/zXmbM+hDN7Lxjh73cNxlkMnvbhQ9vQ7c2kSM1p9r8eYQKqifnnmuEG/21xlRqOY1pI vTQ6Uwr0fq+v4aQrDtn0v92p8iney/IUp4t+BdM5+WlCZbiDoMJU8CjgLuYnzp3SWtE9 0Jof0TX6Vr/VST7tNFwuUwEbC5jnnI/0j8z9B+u1TrBGL+qmirw9Ai7PR3MfXifQ+tmE FHLjlEwed8SE/FRhNYpBO5z0fE0OyBcwuRwDv8qp/Lk9vm1BfY4g1vw/foZoDOezYkHH NawQ== X-Gm-Message-State: AOAM530e4XsJH5w5Ttrz1f0dPOSpwMYz51GJ/XMRdsyFhRE8APyTKjmg i5S1D5MnVADYtey5nwl2NyIWyiOZc7w= X-Google-Smtp-Source: ABdhPJw1FQBjRoWV7udKgL2Cp1a12rp8y3+D5Z0MQCobEE6PL/0Z01AAxRAaQQL6fAnScqxU8RluFQ== X-Received: by 2002:a05:620a:16c4:: with SMTP id a4mr7157954qkn.333.1595908026182; Mon, 27 Jul 2020 20:47:06 -0700 (PDT) Received: from mail-qk1-f182.google.com (mail-qk1-f182.google.com. [209.85.222.182]) by smtp.gmail.com with ESMTPSA id t65sm20044510qkf.119.2020.07.27.20.47.05 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 27 Jul 2020 20:47:05 -0700 (PDT) Received: by mail-qk1-f182.google.com with SMTP id b14so15769362qkn.4; Mon, 27 Jul 2020 20:47:05 -0700 (PDT) X-Received: by 2002:a05:620a:164b:: with SMTP id c11mr25405885qko.91.1595908025691; Mon, 27 Jul 2020 20:47:05 -0700 (PDT) MIME-Version: 1.0 From: Ankur Kothiwal Date: Tue, 28 Jul 2020 09:16:33 +0530 X-Gmail-Original-Message-ID: Message-ID: Subject: [GSoC'20 Weekly Update - Week 7] eBPF XDP Hook To: soc-status@freebsd.org, rstone@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 4BG2fz374xz3XTQ X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of ankurkothiwal99@gmail.com designates 209.85.222.180 as permitted sender) smtp.mailfrom=ankurkothiwal99@gmail.com X-Spamd-Result: default: False [-1.66 / 15.00]; FROM_NEQ_ENVFROM(0.00)[ankur@freebsd.org,ankurkothiwal99@gmail.com]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_TLS_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; ARC_NA(0.00)[]; DMARC_NA(0.00)[freebsd.org]; NEURAL_HAM_LONG(-0.85)[-0.854]; RCVD_COUNT_THREE(0.00)[4]; NEURAL_HAM_MEDIUM(-0.37)[-0.371]; NEURAL_HAM_SHORT(-0.43)[-0.433]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[209.85.222.180:from]; FORGED_SENDER(0.30)[ankur@freebsd.org,ankurkothiwal99@gmail.com]; RWL_MAILSPIKE_POSSIBLE(0.00)[209.85.222.180:from]; R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; MIME_TRACE(0.00)[0:+]; TAGGED_FROM(0.00)[] X-BeenThere: soc-status@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Summer of Code Status Reports and Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jul 2020 03:47:08 -0000 Hi all, Project: Implement eBPF XDP for FreeBSD by extending VirtIO ethernet driver if_vtnet The goal of this project is to extend an existing FreeBSD network driver,VirtIO if_vtnet to be able to call into an eBPF program when processing a newly received packet. The driver will perform the basic actions of XDP like PASS and DROP the packet as specified by the program. The project will also implement new map type and other eBPF helper functions.The aim of this project is to add new probe sites into the kernel that will call eBPF functions. Mentor: Ryan Stone and Hiroki Sato Progress made this week: - register the xdp hook and link it to the head - create a xdp_rx function which will pass the received packets to the ebpf program where the packets can be further processed. This function will return XDP actions like DROP and PASS. Currently: - write an eBPF program to process ICMP traffic Project GSoC Wiki: https://wiki.freebsd.org/SummerOfCodeIdeas#eBPF_XDP_Hooks Github repo including the changes : https://github.com/Ankurk99/freebsd/tree/ebpf-import Github Repo for the original code: https://github.com/rysto32/freebsd/tree/ebpf-import Thank you for reading. Please feel free to share feedback. Thanks and Regards Ankur Kothiwal From owner-soc-status@freebsd.org Fri Jul 31 18:35:49 2020 Return-Path: Delivered-To: soc-status@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id F229E37F71E for ; Fri, 31 Jul 2020 18:35:49 +0000 (UTC) (envelope-from shivankgarg98@gmail.com) Received: from mail-ed1-f54.google.com (mail-ed1-f54.google.com [209.85.208.54]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BJGF114npz3Yrw; Fri, 31 Jul 2020 18:35:49 +0000 (UTC) (envelope-from shivankgarg98@gmail.com) Received: by mail-ed1-f54.google.com with SMTP id c15so13333391edj.3; Fri, 31 Jul 2020 11:35:49 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=nCcbe8SacoLsTt1+ZMAW328bFXN1K8dfYCODdKhlPiQ=; b=giff5aGhd4zWVm8Bal4ZvJJHDWS8GoYYTPx+k2p72TB06wdpwiRI4cpNtLHWO9uhJ5 p17a1gdveYWb0TPlk6KYTuddbfyfTyxx+xSQDkBSHbx2CDvqO7mk4S4IwEgjDi/QwhY7 m12tQMX0UHWxucabqiJZnJPVi/kx8FPmHuObVhK2qcRY8osVJ5yAxzjtxZUrWVv+h8wD Y8XYQs7+xjXRFaUNSxUWI9QqYQy2QKsiGDpYcnTb2S6deFtUQosy+UdwlKqdmR1zMP6j vs1EY/bTT0owvUgxK4kLPLXqrpsyiRIGBLVy7oIGCZajSA2e15YTR/F+JUnm7LQnX/s+ kBUw== X-Gm-Message-State: AOAM53109G4GvMeFr2/6vr2dZxzeuZJXxZSkLZb9ajEwS/79vQTy7n4I N02Zd8+WnEWOjm/Iqf1xoTEY8ggf1m0= X-Google-Smtp-Source: ABdhPJzc7aRzOP6OqKkv6QmqkLoexr/+Azm1+cF+hCXacr4jAywRCPmraDHjhidNOilj5IUFCbysvw== X-Received: by 2002:aa7:d1cc:: with SMTP id g12mr5272820edp.385.1596220547564; Fri, 31 Jul 2020 11:35:47 -0700 (PDT) Received: from mail-ed1-f52.google.com (mail-ed1-f52.google.com. [209.85.208.52]) by smtp.gmail.com with ESMTPSA id v21sm1917236ejx.26.2020.07.31.11.35.47 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 31 Jul 2020 11:35:47 -0700 (PDT) Received: by mail-ed1-f52.google.com with SMTP id q4so19784840edv.13; Fri, 31 Jul 2020 11:35:47 -0700 (PDT) X-Received: by 2002:aa7:d84d:: with SMTP id f13mr4941367eds.155.1596220547030; Fri, 31 Jul 2020 11:35:47 -0700 (PDT) MIME-Version: 1.0 From: Shivank Garg Date: Sat, 1 Aug 2020 00:05:31 +0530 X-Gmail-Original-Message-ID: Message-ID: Subject: [GSoC'20 Weekly Update] Adding audit(4) support to NFS To: soc-status@freebsd.org Cc: Alan Somers X-Rspamd-Queue-Id: 4BJGF114npz3Yrw X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of shivankgarg98@gmail.com designates 209.85.208.54 as permitted sender) smtp.mailfrom=shivankgarg98@gmail.com X-Spamd-Result: default: False [-1.60 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_TLS_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17:c]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; DMARC_NA(0.00)[freebsd.org]; NEURAL_HAM_LONG(-0.40)[-0.402]; RCVD_COUNT_THREE(0.00)[4]; NEURAL_HAM_MEDIUM(-0.89)[-0.886]; NEURAL_HAM_SHORT(-0.31)[-0.312]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[209.85.208.54:from]; FORGED_SENDER(0.30)[shivank@freebsd.org,shivankgarg98@gmail.com]; RWL_MAILSPIKE_POSSIBLE(0.00)[209.85.208.54:from]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; FROM_NEQ_ENVFROM(0.00)[shivank@freebsd.org,shivankgarg98@gmail.com]; FREEMAIL_ENVFROM(0.00)[gmail.com] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: soc-status@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Summer of Code Status Reports and Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 Jul 2020 18:35:50 -0000 Hi, This project aims to add audit(4) support to NFS, which will allow auditd(8) to just run on the NFS server and audit all activities within the NFS network. Audit works mostly on the syscall level and NFS is implemented within the kernel, which means the NFS RPCs don't generate any audit records on the server. Note that audit(4) can still be used on the NFS network but auditd(8) must run on every NFS client. This week I made the following progress: * make the TestSuite and /sys code ready for review. * Created a diff revision on phabricator for NFSv3 /sys code - https://reviews.freebsd.org/D25869 * Followed up on the suggested changes. Currently, I'm: * Fixing the AUDIT_NFSARG_UPATH1 to avoid unlocking/relocking of vnode for locked vnode, as it may cause problems. * Reading the NFSv4 code and RFC for the adding audit support to it. Please, do Check this project on Github: https://github.com/shivankgarg98/freebsd/tree/user/shivank/nfs_audit Project wiki: https://wiki.freebsd.org/SummerOfCode2020Projects/AddAuditSupportToNFS TestSuite: https://github.com/shivankgarg98/NFSAuditTestSuite Please feel free to share your ideas and feedback on this project. Best Regards, Shivank Garg