kgss: de-virtualize kgss_gssd_handle
AcceptedPublic
Actions

Authored by glebius on Tue, Apr 21, 5:55 PM.

Details

Reviewers

Summary

The RPC client is more of a class rather than an instance. RPCs from
different VNETs are served by the same client. This makes the kgss layer
fully transparent to VIMAGE and not even required to be aware of it.

It is responsibility of the rpcsec_gss module to have curvnet set on the
calling thread when doing RPC calls via kgssapi.

This change should enable proper operation of an NFS server with gssd(8)
in a VIMAGE jail.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Skipped

Unit

Tests Skipped

Build Status

Buildable 72424
Build 69307: arc lint + arc unit

Event Timeline

glebius created this revision.Tue, Apr 21, 5:55 PM

Herald added a subscriber: imp. · View Herald TranscriptTue, Apr 21, 5:55 PM

glebius requested review of this revision.Tue, Apr 21, 5:55 PM

Harbormaster completed remote builds in B72424: Diff 176024.Tue, Apr 21, 5:55 PM

glebius added a parent revision: D56561: kgss: remove unnecessary CURVNET_SET() and kgss_gssd_handle checks.Tue, Apr 21, 5:55 PM

This looks fine to me.

For the old way done in FreeBSD-14, the kgss_gssd_handle
would be set NULL when the gssd daemon terminated, at least
when it happened gracefully.

I assume that, for netlink, this never happens?
(ie. Once clnt_nl_create() creates it, it lives forever.)
--> Which means checking for it being non-NULL is a waste

of time?

This revision is now accepted and ready to land.Tue, Apr 21, 10:12 PM

In D56562#1294701, @rmacklem wrote:
For the old way done in FreeBSD-14, the kgss_gssd_handle
would be set NULL when the gssd daemon terminated, at least
when it happened gracefully.

I assume that, for netlink, this never happens?
(ie. Once clnt_nl_create() creates it, it lives forever.)
--> Which means checking for it being non-NULL is a waste
of time?

We have code under #if 0 that implements module unload. It actually should set client to NULL after clnt_destroy(). That's why I left these checks as is, keeping it one change at a time.

However, I agree that we should most likely remove them. As we have rpc_gss module as a proper depend on kggsapi module, and the rpc_gss module always grabs the pointer with kgss_gssd_client() that does CLNT_ACQUIRE()we can actually implement the unload in a manner that through the module lifetime the pointer is never NULL. And module allows unload only when there are no references and no depending modules. But that's definitely a separate patch not to be mixed with this one.

In D56562#1295197, @glebius wrote:
In D56562#1294701, @rmacklem wrote:
For the old way done in FreeBSD-14, the kgss_gssd_handle
would be set NULL when the gssd daemon terminated, at least
when it happened gracefully.

I assume that, for netlink, this never happens?
(ie. Once clnt_nl_create() creates it, it lives forever.)
--> Which means checking for it being non-NULL is a waste
of time?
We have code under #if 0 that implements module unload. It actually should set client to NULL after clnt_destroy(). That's why I left these checks as is, keeping it one change at a time.

However, I agree that we should most likely remove them. As we have rpc_gss module as a proper depend on kggsapi module, and the rpc_gss module always grabs the pointer with kgss_gssd_client() that does CLNT_ACQUIRE()we can actually implement the unload in a manner that through the module lifetime the pointer is never NULL. And module allows unload only when there are no references and no depending modules. But that's definitely a separate patch not to be mixed with this one.

That sounds fine to me, rick.

Revision Contents
Changeset List

Path

Size

sys/

kgssapi/

gss_impl.c

24 lines

Diff 176024

View Options

kgss: de-virtualize kgss_gssd_handleAcceptedPublicActions