Date: Fri, 22 May 2020 14:58:34 -0700 From: John Baldwin <jhb@FreeBSD.org> To: Rick Macklem <rmacklem@uoguelph.ca>, "freebsd-current@FreeBSD.org" <freebsd-current@FreeBSD.org> Subject: Re: RFC: merging nfs-over-tls changes into head/sys Message-ID: <6387cc78-c483-6271-7108-bf19a935dc01@FreeBSD.org> In-Reply-To: <QB1PR01MB36494A667E54EC90C07F97DBDDB70@QB1PR01MB3649.CANPRD01.PROD.OUTLOOK.COM> References: <QB1PR01MB36494A667E54EC90C07F97DBDDB70@QB1PR01MB3649.CANPRD01.PROD.OUTLOOK.COM>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5/21/20 2:01 PM, Rick Macklem wrote: > Hi, > > I have now completed changes to the code in projects/nfs-over-tls, which > implements TLS encryption of NFS RPC messages. (This roughly conforms > to the internet draft "Towards Remote Procedure Call Encryption By Default", > which should soon become an RFC. For now, TLS1.2 is used instead of TLS1.3, > since FreeBSD's KERN_TLS does not yet implement TLS1.3.) > > I'd like to start merging some of the kernel changes into head/sys. > > The first of these would be creation of the syscall used by the daemons. > (The code in projects/nfs-over-tls cheats and uses the syscall for the gssd, > but it needs to have its own syscall so that the gssd daemon can run concurrently > with it. I didn't want testers to need to build userland just to get a syscall stub > in libc.) > > After this, there are a bunch of changes to the NFS code to add support for > ext_pgs mbufs (these are significant patches, but should not affect the > non-ext_pgs mbuf case, since they'll be conditional on ND_EXTPGS/M_EXTPGS). > > Does this sound ok to do? > > Please let me know if you see problems with me doing this? I don't see any problems, per se, but I still need to do some changes on my end for software KTLS RX before it's ready to merge (I'm hoping to kill the iovecs in the kthreads entirely). -- John Baldwin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6387cc78-c483-6271-7108-bf19a935dc01>