Date: Thu, 27 Aug 2020 18:37:09 +0530 From: Shivank Garg <shivank@freebsd.org> To: soc-status@freebsd.org Cc: Alan Somers <asomers@freebsd.org> Subject: [GSoC'20 Weekly Update] Adding audit(4) support to NFS Message-ID: <CAOVCmzGrOfbz06=jurP4JWDj-tYBzgKFZOVJZ1KZFEALMKhFBA@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi, This project aims to add audit(4) support to NFS, which will allow auditd(8) to just run on the NFS server and audit all activities within the NFS network. Audit works mostly on the syscall level and NFS is implemented within the kernel, which means the NFS RPCs don't generate any audit records on the server. Note that audit(4) can still be used on the NFS network but auditd(8) must run on every NFS client. In this final week, I wish to update the summary of my 3-month GSoC project: Work Done: * familiarised me with FreeBSD audit and NFS code, the net/libnfs library for writing testsuite, and NFS RFCs. * Added audit support to NFSv2/v3 RPC. * Wrote Test Suite(using net/libnfs) for NFSv3 Audit support. * Added audit support to NFSv4(4, 4.1, 4.2) RPC and Sub-ops. * Wrote Skeleton for NFSv4 TestSuite and success/failure tests for ~20 Operations. With time, I got a glimpse of dealing with bugs, kernel panics, etc. And still learning how to deal with them. Work Remaining: * To add tests for the remaining NFSv4 operation. * Fix bugs in NFSv4 audit (especially, to found out why nfsrvd_open fails with NFSERR_GRACE?(ideally it should start working after 2-3 mins if it's in recovery) * enhance NFSAuditTestSuite (like adding more variety of Test-cases, finding and fixing bugs) * add NFS error code database to audit for return tokens. * enhancing audit support to NFS (like more adding more tokens of relevant info) This GSoC period has taught me awesome things about FreeBSD kernel, security, NFS, and OS in general. I'm very thankful to asomers@, rmacklem@uoguelph.ca, org-admins, and the FreeBSD community for constant help and support. Thanks, It feels great to be part of this community :) Happy Hacking! Please, do Check this project on Github: https://github.com/shivankgarg98/freebsd/tree/user/shivank/nfs_audit NFSv4 audit feature branch: https://github.com/shivankgarg98/freebsd/tree/user/shivank/nfsv4_audit Project wiki: https://wiki.freebsd.org/SummerOfCode2020Projects/AddAuditSupportToNFS TestSuite: https://github.com/shivankgarg98/NFSAuditTestSuite Please feel free to share your ideas and feedback on this project. Best Regards, Shivank Garg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOVCmzGrOfbz06=jurP4JWDj-tYBzgKFZOVJZ1KZFEALMKhFBA>