Date: Mon, 27 Apr 2026 16:12:07 +0000 From: Gleb Smirnoff <glebius@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: b5f4d40951c3 - stable/15 - kgss: de-virtualize kgss_gssd_handle Message-ID: <69ef8ad7.4459e.7a6c90cc@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch stable/15 has been updated by glebius: URL: https://cgit.FreeBSD.org/src/commit/?id=b5f4d40951c302cf803d3b7c18a17f9bc0f1c3f0 commit b5f4d40951c302cf803d3b7c18a17f9bc0f1c3f0 Author: Gleb Smirnoff <glebius@FreeBSD.org> AuthorDate: 2026-04-25 02:55:55 +0000 Commit: Gleb Smirnoff <glebius@FreeBSD.org> CommitDate: 2026-04-27 16:11:51 +0000 kgss: de-virtualize kgss_gssd_handle The RPC client is more of a class rather than an instance. RPCs from different VNETs are served by the same client. This makes the kgss layer fully transparent to VIMAGE and not even required to be aware of it. It is responsibility of the rpcsec_gss module to have curvnet set on the calling thread when doing RPC calls via kgssapi. This change should enable proper operation of an NFS server with gssd(8) in a VIMAGE jail. PR: 294501 Reviewed by: rmacklem Differential Revision: https://reviews.freebsd.org/D56562 (cherry picked from commit 4602d45eb3b1d33e0ea0d97c4d18033af95d7fca) --- sys/kgssapi/gss_impl.c | 24 +++++------------------- 1 file changed, 5 insertions(+), 19 deletions(-) diff --git a/sys/kgssapi/gss_impl.c b/sys/kgssapi/gss_impl.c index e7e0e5d00118..97b85a034071 100644 --- a/sys/kgssapi/gss_impl.c +++ b/sys/kgssapi/gss_impl.c @@ -28,7 +28,6 @@ */ #include <sys/param.h> -#include <sys/jail.h> #include <sys/kernel.h> #include <sys/kobj.h> #include <sys/lock.h> @@ -52,7 +51,7 @@ MALLOC_DEFINE(M_GSSAPI, "GSS-API", "GSS-API"); struct kgss_mech_list kgss_mechs; struct mtx kgss_gssd_lock; -VNET_DEFINE(CLIENT *, kgss_gssd_handle) = NULL; +CLIENT *kgss_gssd_handle; static int kgss_load(void) @@ -79,11 +78,9 @@ kgss_load(void) */ clnt_control(cl, CLSET_WAITCHAN, "gssd"); - CURVNET_SET_QUIET(TD_TO_VNET(curthread)); mtx_lock(&kgss_gssd_lock); - VNET(kgss_gssd_handle) = cl; + kgss_gssd_handle = cl; mtx_unlock(&kgss_gssd_lock); - CURVNET_RESTORE(); return (0); } @@ -93,9 +90,7 @@ static void kgss_unload(void) { - CURVNET_SET_QUIET(TD_TO_VNET(curthread)); - clnt_destroy(VNET(kgss_gssd_handle)); - CURVNET_RESTORE(); + clnt_destroy(kgss_gssd_handle); } #endif @@ -207,16 +202,9 @@ kgss_transfer_context(gss_ctx_id_t ctx, void *lctx) return (maj_stat); } - CURVNET_SET_QUIET(TD_TO_VNET(curthread)); - if (!VNET(kgss_gssd_handle)) { - CURVNET_RESTORE(); - return (GSS_S_FAILURE); - } - args.ctx = ctx->handle; bzero(&res, sizeof(res)); - stat = gssd_export_sec_context_1(&args, &res, VNET(kgss_gssd_handle)); - CURVNET_RESTORE(); + stat = gssd_export_sec_context_1(&args, &res, kgss_gssd_handle); if (stat != RPC_SUCCESS) { return (GSS_S_FAILURE); } @@ -250,13 +238,11 @@ kgss_gssd_client(void) { CLIENT *cl; - CURVNET_SET_QUIET(TD_TO_VNET(curthread)); mtx_lock(&kgss_gssd_lock); - cl = VNET(kgss_gssd_handle); + cl = kgss_gssd_handle; if (cl != NULL) CLNT_ACQUIRE(cl); mtx_unlock(&kgss_gssd_lock); - CURVNET_RESTORE(); return (cl); }home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69ef8ad7.4459e.7a6c90cc>