Date: Sat, 25 Apr 2026 02:56:15 +0000 From: Gleb Smirnoff <glebius@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 4602d45eb3b1 - main - kgss: de-virtualize kgss_gssd_handle Message-ID: <69ec2d4f.343f5.71d3f46a@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by glebius: URL: https://cgit.FreeBSD.org/src/commit/?id=4602d45eb3b1d33e0ea0d97c4d18033af95d7fca commit 4602d45eb3b1d33e0ea0d97c4d18033af95d7fca Author: Gleb Smirnoff <glebius@FreeBSD.org> AuthorDate: 2026-04-25 02:55:55 +0000 Commit: Gleb Smirnoff <glebius@FreeBSD.org> CommitDate: 2026-04-25 02:55:55 +0000 kgss: de-virtualize kgss_gssd_handle The RPC client is more of a class rather than an instance. RPCs from different VNETs are served by the same client. This makes the kgss layer fully transparent to VIMAGE and not even required to be aware of it. It is responsibility of the rpcsec_gss module to have curvnet set on the calling thread when doing RPC calls via kgssapi. This change should enable proper operation of an NFS server with gssd(8) in a VIMAGE jail. PR: 294501 Reviewed by: rmacklem Differential Revision: https://reviews.freebsd.org/D56562 --- sys/kgssapi/gss_impl.c | 24 +++++------------------- 1 file changed, 5 insertions(+), 19 deletions(-) diff --git a/sys/kgssapi/gss_impl.c b/sys/kgssapi/gss_impl.c index e7e0e5d00118..97b85a034071 100644 --- a/sys/kgssapi/gss_impl.c +++ b/sys/kgssapi/gss_impl.c @@ -28,7 +28,6 @@ */ #include <sys/param.h> -#include <sys/jail.h> #include <sys/kernel.h> #include <sys/kobj.h> #include <sys/lock.h> @@ -52,7 +51,7 @@ MALLOC_DEFINE(M_GSSAPI, "GSS-API", "GSS-API"); struct kgss_mech_list kgss_mechs; struct mtx kgss_gssd_lock; -VNET_DEFINE(CLIENT *, kgss_gssd_handle) = NULL; +CLIENT *kgss_gssd_handle; static int kgss_load(void) @@ -79,11 +78,9 @@ kgss_load(void) */ clnt_control(cl, CLSET_WAITCHAN, "gssd"); - CURVNET_SET_QUIET(TD_TO_VNET(curthread)); mtx_lock(&kgss_gssd_lock); - VNET(kgss_gssd_handle) = cl; + kgss_gssd_handle = cl; mtx_unlock(&kgss_gssd_lock); - CURVNET_RESTORE(); return (0); } @@ -93,9 +90,7 @@ static void kgss_unload(void) { - CURVNET_SET_QUIET(TD_TO_VNET(curthread)); - clnt_destroy(VNET(kgss_gssd_handle)); - CURVNET_RESTORE(); + clnt_destroy(kgss_gssd_handle); } #endif @@ -207,16 +202,9 @@ kgss_transfer_context(gss_ctx_id_t ctx, void *lctx) return (maj_stat); } - CURVNET_SET_QUIET(TD_TO_VNET(curthread)); - if (!VNET(kgss_gssd_handle)) { - CURVNET_RESTORE(); - return (GSS_S_FAILURE); - } - args.ctx = ctx->handle; bzero(&res, sizeof(res)); - stat = gssd_export_sec_context_1(&args, &res, VNET(kgss_gssd_handle)); - CURVNET_RESTORE(); + stat = gssd_export_sec_context_1(&args, &res, kgss_gssd_handle); if (stat != RPC_SUCCESS) { return (GSS_S_FAILURE); } @@ -250,13 +238,11 @@ kgss_gssd_client(void) { CLIENT *cl; - CURVNET_SET_QUIET(TD_TO_VNET(curthread)); mtx_lock(&kgss_gssd_lock); - cl = VNET(kgss_gssd_handle); + cl = kgss_gssd_handle; if (cl != NULL) CLNT_ACQUIRE(cl); mtx_unlock(&kgss_gssd_lock); - CURVNET_RESTORE(); return (cl); }home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69ec2d4f.343f5.71d3f46a>