Re: [PATCH v2 00/11] client-side RPC-with-TLS

Linux NFS development
 help / color / mirror / Atom feed

From: Jeff Layton <jlayton@kernel.org>
To: Chuck Lever <cel@kernel.org>,
	anna.schumaker@netapp.com, trondmy@hammerspace.com
Cc: Chuck Lever <chuck.lever@oracle.com>,
	linux-nfs@vger.kernel.org, kernel-tls-handshake@lists.linux.dev
Subject: Re: [PATCH v2 00/11] client-side RPC-with-TLS
Date: Wed, 24 May 2023 15:30:39 -0400	[thread overview]
Message-ID: <4dafe5e56ac269bad9fc45dfee2f2bdcada0876d.camel@kernel.org> (raw)
In-Reply-To: <168485183242.6613.7025123558596119858.stgit@oracle-102.nfsv4bat.org>

On Tue, 2023-05-23 at 10:29 -0400, Chuck Lever wrote:
> Let's have a look at what is needed to support NFS in-transit
> confidentiality in the Linux NFS client. These apply to net-next
> but previously they've been tested at multiple NFS bake-a-thon
> events.
> 

Why net-next? Aren't the necessary non-NFS/RPC bits now in mainline at
this point? What's missing?

> This series is also available in the topic-rpc-with-tls-upcall
> branch at
> 
>   https://git.kernel.org/pub/scm/linux/kernel/git/cel/linux.git
> 
> Changes since RFC:
> - Add an rpc_authops method to send TLS probes
> 
> ---
> 
> Chuck Lever (11):
>       NFS: Improvements for fs_context-related tracepoints
>       SUNRPC: Plumb an API for setting transport layer security
>       SUNRPC: Trace the rpc_create_args
>       SUNRPC: Add RPC client support for the RPC_AUTH_TLS auth flavor
>       SUNRPC: Ignore data_ready callbacks during TLS handshakes
>       SUNRPC: Capture CMSG metadata on client-side receive
>       SUNRPC: Add a connect worker function for TLS
>       SUNRPC: Add RPC-with-TLS support to xprtsock.c
>       SUNRPC: Add RPC-with-TLS tracepoints
>       NFS: Have struct nfs_client carry a TLS policy field
>       NFS: Add an "xprtsec=" NFS mount option
> 
> 
>  fs/nfs/client.c                 |   7 +
>  fs/nfs/fs_context.c             |  55 +++++
>  fs/nfs/internal.h               |   2 +
>  fs/nfs/nfs3client.c             |   1 +
>  fs/nfs/nfs4client.c             |  18 +-
>  fs/nfs/super.c                  |  12 ++
>  include/linux/nfs_fs_sb.h       |   3 +-
>  include/linux/sunrpc/auth.h     |   2 +
>  include/linux/sunrpc/clnt.h     |   2 +
>  include/linux/sunrpc/xprt.h     |  17 ++
>  include/linux/sunrpc/xprtsock.h |   3 +
>  include/trace/events/sunrpc.h   |  96 ++++++++-
>  net/sunrpc/Makefile             |   2 +-
>  net/sunrpc/auth.c               |   2 +-
>  net/sunrpc/auth_tls.c           | 175 ++++++++++++++++
>  net/sunrpc/clnt.c               |   9 +-
>  net/sunrpc/xprtsock.c           | 343 +++++++++++++++++++++++++++++++-
>  17 files changed, 727 insertions(+), 22 deletions(-)
>  create mode 100644 net/sunrpc/auth_tls.c
> 
> --
> Chuck Lever
> 

-- 
Jeff Layton <jlayton@kernel.org>

next prev parent reply	other threads:[~2023-05-24 19:30 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-05-23 14:29 [PATCH v2 00/11] client-side RPC-with-TLS Chuck Lever
2023-05-23 14:30 ` [PATCH v2 01/11] NFS: Improvements for fs_context-related tracepoints Chuck Lever
2023-05-23 14:30 ` [PATCH v2 02/11] SUNRPC: Plumb an API for setting transport layer security Chuck Lever
2023-05-23 14:30 ` [PATCH v2 03/11] SUNRPC: Trace the rpc_create_args Chuck Lever
2023-05-23 14:31 ` [PATCH v2 04/11] SUNRPC: Add RPC client support for the RPC_AUTH_TLS auth flavor Chuck Lever
2023-05-23 14:31 ` [PATCH v2 05/11] SUNRPC: Ignore data_ready callbacks during TLS handshakes Chuck Lever
2023-05-23 14:32 ` [PATCH v2 06/11] SUNRPC: Capture CMSG metadata on client-side receive Chuck Lever
2023-05-23 14:32 ` [PATCH v2 07/11] SUNRPC: Add a connect worker function for TLS Chuck Lever
2023-05-23 14:33 ` [PATCH v2 08/11] SUNRPC: Add RPC-with-TLS support to xprtsock.c Chuck Lever
2023-05-23 14:33 ` [PATCH v2 09/11] SUNRPC: Add RPC-with-TLS tracepoints Chuck Lever
2023-05-23 14:33 ` [PATCH v2 10/11] NFS: Have struct nfs_client carry a TLS policy field Chuck Lever
2023-05-23 14:34 ` [PATCH v2 11/11] NFS: Add an "xprtsec=" NFS mount option Chuck Lever
2023-05-24 19:30 ` Jeff Layton [this message]
2023-05-24 19:38   ` [PATCH v2 00/11] client-side RPC-with-TLS Chuck Lever III

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4dafe5e56ac269bad9fc45dfee2f2bdcada0876d.camel@kernel.org \
    --to=jlayton@kernel.org \
    --cc=anna.schumaker@netapp.com \
    --cc=cel@kernel.org \
    --cc=chuck.lever@oracle.com \
    --cc=kernel-tls-handshake@lists.linux.dev \
    --cc=linux-nfs@vger.kernel.org \
    --cc=trondmy@hammerspace.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox