Linux 6.3 NFSD Adds AES-SHA2 Encryption, Memory Safety Improvements
The Network File-System (NFS) client and server changes have landed for the in-development Linux 6.3 kernel.
When it comes to the NFSD changes with Linux 6.3 there is an overhaul to the RPC header encoding/decoding to make it more memory-safe. Additionally, there is Kerberos AES-SHA2-based encryption types added for both NFS clients and servers. This AES-SHA2 support will help deprecate and remove prior encryption types based on DES and SA-1. There are also NFSD fixes, support to handle crossing into an auto-mounted mount point on an exported NFS mount, and RPC metrics have been converted to use per-CPU variables. With the per-CPU variables use it helps with reducing unnecessary cross-CPU and cross-node memory bus traffic and reduces noise in particular whne the Kernel Concurrency Sanitizer (KCSAN) is active.
Meanwhile the NFS client updates include converting the read and write paths to make use of folios. There are also NFS client fixes to disable swap files and other random fixes.