From owner-soc-status@freebsd.org  Wed Jul  1 19:18:22 2020
Return-Path: <owner-soc-status@freebsd.org>
Delivered-To: soc-status@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 05E11359F36
 for <soc-status@mailman.nyi.freebsd.org>; Wed,  1 Jul 2020 19:18:22 +0000 (UTC)
 (envelope-from shivankgarg98@gmail.com)
Received: from mail-ej1-x629.google.com (mail-ej1-x629.google.com
 [IPv6:2a00:1450:4864:20::629])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (2048 bits) client-digest SHA256)
 (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 49xrbw6fvvz4tth;
 Wed,  1 Jul 2020 19:18:20 +0000 (UTC)
 (envelope-from shivankgarg98@gmail.com)
Received: by mail-ej1-x629.google.com with SMTP id ga4so26131186ejb.11;
 Wed, 01 Jul 2020 12:18:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:from:date:message-id:subject:to:cc;
 bh=Jti5q3oC4bZaZTAv6enTM2TMxHKYvea/Zw7Jmovn25I=;
 b=O0L8pxAZNVakOnoSRZlQu2dCTZiVC5E8yYiX8k6p7Tf/Ja1xlKAQUZ4gJlmlDPfVBB
 bDhHbT30DiPrVKP/jafcwFFcRwSefyLGE5n4/DDg/FBDdefP3rQwczH3i3D6bemlEYsn
 hBfe8IGwSC8N3PoTothRwg5rsCnXuqmC3e2KJ2uckkungAFGcDlTAhkyFQIR5bMJb3ZV
 ih0CEli98cK9/trx1+ylti3SDr7eLeP9c2IdgGZlr6WqLeQQ9Cj42umoe25tce85Wack
 jhErxcD6H786Uu8zW+A9Y1Kp/sM+dDPu4jeAZdz3atouiXODXIwf5VrdLif5JNgcdyv+
 u0cA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc;
 bh=Jti5q3oC4bZaZTAv6enTM2TMxHKYvea/Zw7Jmovn25I=;
 b=dvAU5kmMaeTZ+wFx4ppIQMvyGOA2CQ8B3X/a5/CxEgdrdtJqaIHxW0X750Kr5HfqlR
 yIbiS5dRBr5xgOnOXgvGEtbMwY/bTpxLTkhNj7waCfm11zuY94ofo3YFQJleJiRa7W42
 dBha+qDL4b2PNKXp/OG80dckDXf6Vu/33KnjJjBPUy5+mn8JRf7/810ajMuuMcAQNfc+
 lxN+J4CqcYnigq051dLlRDKo4lKBNRYbcRjnZV8NsjKQhq5Ah2mxZV5g6t3LiFGNEHp2
 fuujejM58VLu7RNP9FETZRu/xIvBjKK6t86bi5jL9k0cgkh8Pcsi2JlYWtXooRIRUHzo
 pBjA==
X-Gm-Message-State: AOAM531qM0l28+tAFClGWf5RRwzi4OHcfCnygIFzgOXVDZi4S/6scMgM
 1CgDDFSXPu8qEED6IDthk1L+y4Iis2UzmE8i1uaoq/eJncQ=
X-Google-Smtp-Source: ABdhPJwMFrn2ozWf67ZrKZGiGRqLboCEl899IN7qE5knK+Utqt5S7zezAjSRcDrlOHqKlPFyfPsx3kpFsP6mKBUrCxM=
X-Received: by 2002:a17:906:1f52:: with SMTP id
 d18mr12557289ejk.84.1593631098447; 
 Wed, 01 Jul 2020 12:18:18 -0700 (PDT)
MIME-Version: 1.0
From: Shivank Garg <shivankgarg98@gmail.com>
Date: Thu, 2 Jul 2020 00:48:02 +0530
Message-ID: <CAOVCmzFWyVJzTJ1uBwwmdJAq+v-CNs9bRWF0zGTYxQ9era_QfQ@mail.gmail.com>
Subject: [GSoC'20 Weekly Update] Adding audit(4) support to NFS
To: soc-status@freebsd.org
Cc: Alan Somers <asomers@freebsd.org>
X-Rspamd-Queue-Id: 49xrbw6fvvz4tth
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org;
 dkim=pass header.d=gmail.com header.s=20161025 header.b=O0L8pxAZ;
 dmarc=pass (policy=none) header.from=gmail.com;
 spf=pass (mx1.freebsd.org: domain of shivankgarg98@gmail.com designates
 2a00:1450:4864:20::629 as permitted sender)
 smtp.mailfrom=shivankgarg98@gmail.com
X-Spamd-Result: default: False [-2.30 / 15.00]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-1.04)[-1.039];
 R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[];
 TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com];
 TO_MATCH_ENVRCPT_ALL(0.00)[];
 MIME_GOOD(-0.10)[multipart/alternative,text/plain];
 R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36];
 NEURAL_HAM_LONG(-0.99)[-0.990]; NEURAL_SPAM_SHORT(0.73)[0.730];
 DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2];
 RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::629:from];
 DMARC_POLICY_ALLOW(-0.50)[gmail.com,none];
 FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~];
 FREEMAIL_ENVFROM(0.00)[gmail.com];
 ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US];
 RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[];
 DWL_DNSWL_NONE(0.00)[gmail.com:dkim]
Content-Type: text/plain; charset="UTF-8"
X-Content-Filtered-By: Mailman/MimeDel 2.1.33
X-BeenThere: soc-status@freebsd.org
X-Mailman-Version: 2.1.33
Precedence: list
List-Id: Summer of Code Status Reports and Discussion <soc-status.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/soc-status>,
 <mailto:soc-status-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/soc-status/>
List-Post: <mailto:soc-status@freebsd.org>
List-Help: <mailto:soc-status-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/soc-status>,
 <mailto:soc-status-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Jul 2020 19:18:22 -0000

Hi,

This project aims to add audit(4) support to NFS, which will allow
auditd(8) to just run on the NFS server and audit all activities within the
NFS network. Audit works mostly on the syscall level and NFS is implemented
within the kernel, which means the NFS RPCs don't generate any audit
records on the server.
Note that audit(4) can still be used on the NFS network but auditd(8) must
run on every NFS client.

This week I made the following progress:
* generate record trail for most of the NFSv3 RPCs.
* insert NFS RPC audit entries to audit_bsm_db.
* fix bugs/issues related to audit preselection.

Currently, I'm:
* refining the tokens and audit remaining NFSv3 RPCs.
* write tests for the same.

Please, do Check this project on
Github: https://github.com/shivankgarg98/freebsd/tree/user/shivank/nfs_audit
Project wiki:
https://wiki.freebsd.org/SummerOfCode2020Projects/AddAuditSupportToNFS

Please feel free to share your ideas and feedback on this project.

Best Regards,
Shivank Garg