From nobody Fri Oct 29 15:27:27 2021 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id C13D7181B755 for ; Fri, 29 Oct 2021 15:27:34 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: from mail-io1-xd32.google.com (mail-io1-xd32.google.com [IPv6:2607:f8b0:4864:20::d32]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4HgmWp4fMFz3KvD for ; Fri, 29 Oct 2021 15:27:34 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: by mail-io1-xd32.google.com with SMTP id g8so11666993iob.10 for ; Fri, 29 Oct 2021 08:27:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hardenedbsd.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=yLrSCfndzw6iL8fIz0Vz+7b1zPlbw2di7kmyVEOrQO0=; b=VqXiuUrC4RhC5pSqOMuQlIYpXrFEts7K4eZPYTdn8cwKrs5ysZ/ilEKv5E76mYTT0z b1/zQwFhoFzHHx0MQNM0VYgBKbxivjYtw7ZvLwxhDI41Zi6M1kUuTjxaO5vLY4J5psVV cJTmy1jp2BZkKvpDVg98YHdOsjn/RCq9BUfty/5DYDFvoOE4kf/UfO+uX/ZsCeQ4cRLK 2/mMWzz+u+ckrPmf0eg9WlEVi9DxZE06/WR2hROQ8AUor90yEyMQbAA5OTg+N+2pVg3t P2cqqKK/T1SYSm9/wW8gMgMb8GaakmV24u2bagoFz5BwUXcnzgAQ8XvfG2ZjnXhhQ5nr 9giw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=yLrSCfndzw6iL8fIz0Vz+7b1zPlbw2di7kmyVEOrQO0=; b=UeodlpJTjA5Ejj6lj0LWaZiNiak5sh+JFXZa8kzOExOz6GBsGELX+vWG+T6cTAlZUF qiBYLPE9EDLxDGgzEK4jrccOBfzQ0b4b2VkBthPqQQToXV/m/rvgPw16ERtMOZ0TtXkD 8hQmb49PV4EoRrVSKCEoZ9VEvKo723AWjny6j5k+9aqwwJZVwDmtDYXdlucdB9+0148S 5qwvQnLRZr9TQIHUzRNUVZBQy3aJctXOEX7HbvlnJXwa8VCWeX0U/bJa4rUd2OJ/JniL nBqNSel94qGnlzlo/4Rt+wt8yxh6vcCFWvVCRSX/rrth9EG1Qa2Qtz2Aua62tu1zN47U MKvA== X-Gm-Message-State: AOAM531O3GAznavfpXjwye0b5h9wf0F79xrA5AoYhRuibjy49mtrlq4W RiL54qqwHYDMBPQtutBQTSakvQIqkmvqcfnU X-Google-Smtp-Source: ABdhPJwaNJZ3bhRx+Gbl53AU72ttrHliF2mRNVLpTcwutPghRZS/ca0y9xm06rkKdmk44LubMDWhzQ== X-Received: by 2002:a05:6602:342a:: with SMTP id n42mr8431906ioz.136.1635521248423; Fri, 29 Oct 2021 08:27:28 -0700 (PDT) Received: from mutt-hbsd ([38.140.209.220]) by smtp.gmail.com with ESMTPSA id r14sm2625795iov.14.2021.10.29.08.27.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 29 Oct 2021 08:27:27 -0700 (PDT) Date: Fri, 29 Oct 2021 11:27:27 -0400 From: Shawn Webb To: David Chisnall Cc: freebsd-current@freebsd.org Subject: Re: Deprecating smbfs(5) and removing it before FreeBSD 14 Message-ID: <20211029152727.z2spglz42epu3ftm@mutt-hbsd> X-Operating-System: FreeBSD mutt-hbsd 14.0-CURRENT-HBSD FreeBSD 14.0-CURRENT-HBSD X-PGP-Key: https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/blob/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc References: <20211028152642.ejvwewkztewotln4@mutt-hbsd> <157d6222-0a89-230d-8e54-ec0b785af6a3@FreeBSD.org> List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@freebsd.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="4z55ztnv2sz7wolt" Content-Disposition: inline In-Reply-To: <157d6222-0a89-230d-8e54-ec0b785af6a3@FreeBSD.org> X-Rspamd-Queue-Id: 4HgmWp4fMFz3KvD X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] X-ThisMailContainsUnwantedMimeParts: N --4z55ztnv2sz7wolt Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Oct 29, 2021 at 11:59:40AM +0100, David Chisnall wrote: > On 28/10/2021 16:26, Shawn Webb wrote: > > I wonder if providing a 9pfs client would be > > a good step in helping deprecate smbfs. >=20 > Note: WSL2 uses 9p-over-VMBus, but most of the Linux world is moving away > from 9p-over-VirtIO to FUSE-over-VirtIO. This has a few big advantages: >=20 > - The kernel already has solid FUSE support so this isn't a completely n= ew > code path. >=20 > - FUSE is designed around POSIX filesystem semantics, 9p isn't and this > mismatch causes problems in places. >=20 > - FUSE filesystems can be exposed almost directly to the guest. For > example, if you have a networked filesystem you can run the FUSE FS in an > unprivileged userspace process and remove the entire host kernel storage > stack from the attack surface for the guest. >=20 > - FUSE allows exposing buffer cache pages. The FUSE-over-VirtIO mechani= sm > makes it fairly easy to expose read-only root filesystem images to guests. >=20 > The last point is especially important for container workloads where you = may > have hundreds of containers in lightweight VMs on a single node all using > the same base layer. That's really cool. I hadn't heard about FUSE-over-VirtIO before. Thanks for the info! --=20 Shawn Webb Cofounder / Security Engineer HardenedBSD https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A= 4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc --4z55ztnv2sz7wolt Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEA6TL67gupaZ9nzhT/y5nonf44foFAmF8Et0ACgkQ/y5nonf4 4fqmZg/9GFPjdFgnYtr5jS0dvtsTTDdCSg53ZibB+5FGN0+kcixMWn59yeKjZ+uu gho1XaXPeggyirJOGlF8nvvLepBXMvfYWrzEgHhWjNWRygvlDa8ljFwJcrr/D4VM m7ngg4bKGcQwQJ1A65XEVmTBBEPQbOxFE/2aUpHIZYX+K2/a+CGHQ4lJk0jVXJyF cpIS5n6/u9ZNxjF3T9ASOgRoRbodj1sVIRUiP/bcNVMAE8FzFh2poCW3OJI1wTdm F2nSFofwqGaRUg53x66T0ZmI256pE/5hRrHZS48S7YqSHfh8IifA13SORZPkZcq6 xOePWNwaEUZNR9+PpCLEnKDbaGt3vx/e472Wac285iIf2Skwl744aioRkLQlhHau QaPe0/WMGomfoAhDwPVyFBO28rxILAAtm6tQr8GYQA1q32L6dG8B/m0n0ZYo+dzK vgNwN5RNC6roI88NhZt3ppMjZ9+BVguJN/7wk5sfGeaRGnnAl3ocerZFAl/HrPcH sqOjHziOIewPaQxNW6x0iCS/u3iA8of7ubYm/PRXhmYg6xQ/aE8YG7FZmLwq7KnZ 57DFRA12BkxoMfoS7Dp3KGz++RkKKrrxTobfBAF6i5CPBEn5x38rITBfmxyeq/GZ 2ShHqTvnjwmR/0x0XMCc+1kV+0YKtYUuv0+uSqu6dMLYUdrfDiY= =wzY0 -----END PGP SIGNATURE----- --4z55ztnv2sz7wolt--