From owner-freebsd-current@freebsd.org Thu May 21 21:02:00 2020 Return-Path: Delivered-To: freebsd-current@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9A3382F50E2 for ; Thu, 21 May 2020 21:02:00 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) Received: from CAN01-TO1-obe.outbound.protection.outlook.com (mail-eopbgr670068.outbound.protection.outlook.com [40.107.67.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "GlobalSign Organization Validation CA - SHA256 - G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 49ShrR3jNLz4LWj for ; Thu, 21 May 2020 21:01:59 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Vu+bwUkAhm+QZBAp5Zi1WVc41fH8gi2kuCk1dVGAypyFX9IdZ31RUOZrLjFlTrMaFsVg+xg0RQNM05dcHrROT8lLursd2rzrpsNtT3PEAX3UXUOgkKPj8OY5gxSrgvnoiD1lsY9YSYDD+AhtVO0krIlfuXhRMHVDPSscX6nL6XPYENRI8uJck9pUOYGMWyAJkfUiW81kBv/Rk1F1RsC3MAczLRV0iYk1yJItnyhqTy3m7R4nNC8XpjaK/0aB4FTtd7TGkHKnEZMjkGr22R4iabHMC2lWZHuhTWBhQTgAIJu82+p0nFVJUpCfo4Oc/Khms/lnZOpc4Yu1PZUf/QE4tw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nZxj1B306/WYaagKlHxlDfjvDOrB9nVxRteCBEEhjYI=; b=k23Jp1DFquwJMr9YAsiGT2sbpW8oQxGUdNCf4Ox06saIKElgnk5XbjcvmUbjiV+ZKf6q8aVXyl4KYPWlXJSM3S1IzKBPp3AESRFIQMwV8Xl7fG3AtmSLs3ypSCJmjsBtfv/qAyOY/XbwUBbI3OB3m4QiNaonCT114kFhhcTCm/N41UYzwkn0L9/gfPc5eIryUHK+5H6MjQlm1hHAw+WqrttMz/bcHgoOhzaYPnwfOLApCTVlalQpyvK4l4gipD46VorSel+abofpSuhL1N/ea/5zcZEsqM7N+CtHejbh9q+93iq6y3Gf5BR5MQNpa86WSCB7yllOa8eXi1ziapTIAQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=uoguelph.ca; dmarc=pass action=none header.from=uoguelph.ca; dkim=pass header.d=uoguelph.ca; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=uoguelph.ca; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nZxj1B306/WYaagKlHxlDfjvDOrB9nVxRteCBEEhjYI=; b=Dl6Pw6Z6vmqMch0ACl2kG5fchncHqV3sz+twR+XuewcZrP4RZdY/dKQxCabbnEtufSRwMrCZB39OH7IcFsmYiTRucdWaIWH84B7lDXyQniHSqMEwld+Cqn/LD0n40zJi/urd6Jlhpq4aPdJqKA1tRrcHOnTbmXkZ37sLhzc8G9TfGQJvyLEC7yB7YVpdyG8yZAkJzGHF3K32bNr305sGtlZQNEJN6+2oK4xhjuHyyHgPRxPlORxIPN+/hF/8gHyunQE3gEbLmy3YQWZiBjRbQwZSCp5nWAdScMd37pMq1xh7JlfenO0fZ05QfZofYXuIFzSmDI49nIZCAfNNVFw8jA== Received: from QB1PR01MB3649.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:c00:32::26) by QB1PR01MB3026.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:c00:3b::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3021.23; Thu, 21 May 2020 21:01:57 +0000 Received: from QB1PR01MB3649.CANPRD01.PROD.OUTLOOK.COM ([fe80::dd96:945c:b6ee:ffa2]) by QB1PR01MB3649.CANPRD01.PROD.OUTLOOK.COM ([fe80::dd96:945c:b6ee:ffa2%6]) with mapi id 15.20.3021.027; Thu, 21 May 2020 21:01:48 +0000 From: Rick Macklem To: "freebsd-current@FreeBSD.org" Subject: RFC: merging nfs-over-tls changes into head/sys Thread-Topic: RFC: merging nfs-over-tls changes into head/sys Thread-Index: AQHWL7DSVvlRzqq+nkOycfyzzN7vIA== Date: Thu, 21 May 2020 21:01:48 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: fdc7e953-7bff-46e4-f5da-08d7fdca2d4a x-ms-traffictypediagnostic: QB1PR01MB3026: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:7691; x-forefront-prvs: 041032FF37 x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 8AECIcIezLXlbWMfiw/jPde7k16+EVFpbRgnAF/DCAl1iGOr/r/2ukRJFGLmXejGwtPLc/TcSpoAoS/3uxX4ACkAhQSVpXgRBHEanf9xJDUl3QDbSs6bpoO4Ql9z5lax/hRiejYhEbiWs6l4twQjiFLImBX/WFEXCNoTNaaRpUKT5dqmFMUy+OUqiaBl+/NZzd5Nyg1KZjER55qo0Bp/+9Bh1oRrzIVOT8U9tImHLvVoUJvk2ltqD3R/yHuAFmqGJ2F90ZtLnDI6+agbj/zyJsxF/m6EJh2qBK+Tmo8/5T4lrRgnCTc7TZu+OKfvISQoTY6M9HGaBu8pvb7ykQ9rqg== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:QB1PR01MB3649.CANPRD01.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFTY:; SFS:(396003)(346002)(136003)(39860400002)(376002)(366004)(64756008)(66574014)(8676002)(8936002)(5660300002)(86362001)(71200400001)(9686003)(55016002)(66446008)(6916009)(66476007)(6506007)(478600001)(52536014)(66946007)(186003)(76116006)(2906002)(786003)(316002)(66556008)(91956017)(33656002)(7696005); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata: VLDmbfXFRF1p67YZ7p4oJm72WqvomGO5v6LUkP7Y5JWG1apbU2zya1tPVT15EmHxR/YqUB7VyBBeFxFaS9h6Ue8iA7iLur0lPFJf8jCgn7n3O7sLeeEjJKsAJgzLH0X39tgeqXFPMFxdtlrGLHktdTYZNZtFRI73IZ6gNfVSUiXZvMo5tV+2v4Hcg2fhxY2bXLpJQuQ+J7F5d2/cr7w89IJ4WxMQRs0PLmDqTL39IFQEO675xStB4/545g3JNsNuT2+pGd+c1shSmV9TFDocdeJJywsAJnFrugnSPHUCxjPTJ3RXEgcHALH/5KNzJEHOgrpK3ChTn5MlFNfcGwq5sSOf/X5NPcVjnwcdMWoRvTjZ+eLuigFARy24XzhYq+Ramg2H7bmOk5o2ifOiidhZdis1fvdOJ9xZekCE0itmXmakekaDWUGYRiCxu5qagFFlKjXZAiYx0NT6Gl1WW2/KsPEkGExR7ut5fwJj+ytQqpFADAluVeknPTgw9aQ3xBpLMyPMZGU0KuOSUku8A5hbIidSd/snkGRt/3HkYblrhDQ= x-ms-exchange-transport-forked: True Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: uoguelph.ca X-MS-Exchange-CrossTenant-Network-Message-Id: fdc7e953-7bff-46e4-f5da-08d7fdca2d4a X-MS-Exchange-CrossTenant-originalarrivaltime: 21 May 2020 21:01:48.0563 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: be62a12b-2cad-49a1-a5fa-85f4f3156a7d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: IHFk9HwhGR2JcgOnHoxDXuqWxc57iFTNWxCbODiQ/HMAdaZbtfM8hf9wbyZ8AOZVW4ICQsK2PN8atG8J0/fP5w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: QB1PR01MB3026 X-Rspamd-Queue-Id: 49ShrR3jNLz4LWj X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=uoguelph.ca header.s=selector1 header.b=Dl6Pw6Z6; dmarc=none; spf=pass (mx1.freebsd.org: domain of rmacklem@uoguelph.ca designates 40.107.67.68 as permitted sender) smtp.mailfrom=rmacklem@uoguelph.ca X-Spamd-Result: default: False [-5.52 / 15.00]; NEURAL_HAM_MEDIUM(-1.05)[-1.049]; R_DKIM_ALLOW(-0.20)[uoguelph.ca:s=selector1]; RCVD_IN_DNSWL_LOW(-0.10)[40.107.67.68:from]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:40.107.0.0/16]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[uoguelph.ca]; NEURAL_HAM_LONG(-1.01)[-1.013]; RCPT_COUNT_ONE(0.00)[1]; DWL_DNSWL_LOW(-1.00)[uoguelph.ca:dkim]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[uoguelph.ca:+]; NEURAL_HAM_SHORT(-0.86)[-0.858]; TO_DN_EQ_ADDR_ALL(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:8075, ipnet:40.64.0.0/10, country:US]; ARC_ALLOW(-1.00)[microsoft.com:s=arcselector9901:i=1]; RWL_MAILSPIKE_POSSIBLE(0.00)[40.107.67.68:from] X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 May 2020 21:02:00 -0000 Hi,=0A= =0A= I have now completed changes to the code in projects/nfs-over-tls, which=0A= implements TLS encryption of NFS RPC messages. (This roughly conforms=0A= to the internet draft "Towards Remote Procedure Call Encryption By Default"= ,=0A= which should soon become an RFC. For now, TLS1.2 is used instead of TLS1.3,= =0A= since FreeBSD's KERN_TLS does not yet implement TLS1.3.)=0A= =0A= I'd like to start merging some of the kernel changes into head/sys.=0A= =0A= The first of these would be creation of the syscall used by the daemons.=0A= (The code in projects/nfs-over-tls cheats and uses the syscall for the gssd= ,=0A= but it needs to have its own syscall so that the gssd daemon can run concu= rrently=0A= with it. I didn't want testers to need to build userland just to get a sys= call stub=0A= in libc.)=0A= =0A= After this, there are a bunch of changes to the NFS code to add support for= =0A= ext_pgs mbufs (these are significant patches, but should not affect the=0A= non-ext_pgs mbuf case, since they'll be conditional on ND_EXTPGS/M_EXTPGS).= =0A= =0A= Does this sound ok to do?=0A= =0A= Please let me know if you see problems with me doing this?=0A= =0A= Thanks, rick=0A=