Skip to content

Commit 96104ca

Browse files
glebiusglebius
committed
rpcsec_tls: do not create an RPC client per vnet
A netlink RPC client should be global. The filtering of RPC calls is done by the nl_send_group() that would distribute the call to all subscribers in the curvnet of clnt_nl_call() context. Fixes: a3a6dc2 Fixes: 42eec52
1 parent 15eed13 commit 96104ca

File tree

1 file changed

+12
-36
lines changed

1 file changed

+12
-36
lines changed

sys/rpc/rpcsec_tls/rpctls_impl.c

+12-36
Original file line numberDiff line numberDiff line change
@@ -78,8 +78,8 @@ static struct opaque_auth rpctls_null_verf;
7878
KRPC_VNET_DECLARE(uint64_t, svc_vc_tls_handshake_success);
7979
KRPC_VNET_DECLARE(uint64_t, svc_vc_tls_handshake_failed);
8080

81-
KRPC_VNET_DEFINE_STATIC(CLIENT *, rpctls_connect_handle);
82-
KRPC_VNET_DEFINE_STATIC(CLIENT *, rpctls_server_handle);
81+
static CLIENT *rpctls_connect_handle;
82+
static CLIENT *rpctls_server_handle;
8383

8484
struct upsock {
8585
RB_ENTRY(upsock) tree;
@@ -127,28 +127,6 @@ rpctls_client_nl_create(const char *group, const rpcprog_t program,
127127
return (cl);
128128
}
129129

130-
static void
131-
rpctls_vnetinit(const void *unused __unused)
132-
{
133-
134-
KRPC_VNET(rpctls_connect_handle) =
135-
rpctls_client_nl_create("tlsclnt", RPCTLSCD, RPCTLSCDVERS);
136-
KRPC_VNET(rpctls_server_handle) =
137-
rpctls_client_nl_create("tlsserv", RPCTLSSD, RPCTLSSDVERS);
138-
}
139-
VNET_SYSINIT(rpctls_vnetinit, SI_SUB_VNET_DONE, SI_ORDER_ANY,
140-
rpctls_vnetinit, NULL);
141-
142-
static void
143-
rpctls_cleanup(void *unused __unused)
144-
{
145-
146-
clnt_destroy(KRPC_VNET(rpctls_connect_handle));
147-
clnt_destroy(KRPC_VNET(rpctls_server_handle));
148-
}
149-
VNET_SYSUNINIT(rpctls_cleanup, SI_SUB_VNET_DONE, SI_ORDER_ANY,
150-
rpctls_cleanup, NULL);
151-
152130
int
153131
rpctls_init(void)
154132
{
@@ -163,6 +141,10 @@ rpctls_init(void)
163141
rpctls_null_verf.oa_flavor = AUTH_NULL;
164142
rpctls_null_verf.oa_base = RPCTLS_START_STRING;
165143
rpctls_null_verf.oa_length = strlen(RPCTLS_START_STRING);
144+
rpctls_connect_handle = rpctls_client_nl_create("tlsclnt",
145+
RPCTLSCD, RPCTLSCDVERS);
146+
rpctls_server_handle = rpctls_client_nl_create("tlsserv",
147+
RPCTLSSD, RPCTLSSDVERS);
166148
return (0);
167149
}
168150

@@ -271,7 +253,6 @@ rpctls_connect(CLIENT *newclient, char *certname, struct socket *so,
271253
.cl = newclient,
272254
.server = false,
273255
};
274-
CLIENT *cl = KRPC_VNET(rpctls_connect_handle);
275256

276257
/* First, do the AUTH_TLS NULL RPC. */
277258
memset(&ext, 0, sizeof(ext));
@@ -298,7 +279,7 @@ rpctls_connect(CLIENT *newclient, char *certname, struct socket *so,
298279
} else
299280
arg.certname.certname_len = 0;
300281
arg.socookie = (uint64_t)so;
301-
stat = rpctlscd_connect_2(&arg, &res, cl);
282+
stat = rpctlscd_connect_2(&arg, &res, rpctls_connect_handle);
302283
if (stat == RPC_SUCCESS)
303284
*reterr = res.reterr;
304285
else
@@ -323,11 +304,10 @@ rpctls_cl_handlerecord(void *socookie, uint32_t *reterr)
323304
struct rpctlscd_handlerecord_arg arg;
324305
struct rpctlscd_handlerecord_res res;
325306
enum clnt_stat stat;
326-
CLIENT *cl = KRPC_VNET(rpctls_connect_handle);
327307

328308
/* Do the handlerecord upcall. */
329309
arg.socookie = (uint64_t)socookie;
330-
stat = rpctlscd_handlerecord_2(&arg, &res, cl);
310+
stat = rpctlscd_handlerecord_2(&arg, &res, rpctls_connect_handle);
331311
if (stat == RPC_SUCCESS)
332312
*reterr = res.reterr;
333313
return (stat);
@@ -339,11 +319,10 @@ rpctls_srv_handlerecord(void *socookie, uint32_t *reterr)
339319
struct rpctlssd_handlerecord_arg arg;
340320
struct rpctlssd_handlerecord_res res;
341321
enum clnt_stat stat;
342-
CLIENT *cl = KRPC_VNET(rpctls_server_handle);
343322

344323
/* Do the handlerecord upcall. */
345324
arg.socookie = (uint64_t)socookie;
346-
stat = rpctlssd_handlerecord_2(&arg, &res, cl);
325+
stat = rpctlssd_handlerecord_2(&arg, &res, rpctls_server_handle);
347326
if (stat == RPC_SUCCESS)
348327
*reterr = res.reterr;
349328
return (stat);
@@ -356,11 +335,10 @@ rpctls_cl_disconnect(void *socookie, uint32_t *reterr)
356335
struct rpctlscd_disconnect_arg arg;
357336
struct rpctlscd_disconnect_res res;
358337
enum clnt_stat stat;
359-
CLIENT *cl = KRPC_VNET(rpctls_connect_handle);
360338

361339
/* Do the disconnect upcall. */
362340
arg.socookie = (uint64_t)socookie;
363-
stat = rpctlscd_disconnect_2(&arg, &res, cl);
341+
stat = rpctlscd_disconnect_2(&arg, &res, rpctls_connect_handle);
364342
if (stat == RPC_SUCCESS)
365343
*reterr = res.reterr;
366344
return (stat);
@@ -372,11 +350,10 @@ rpctls_srv_disconnect(void *socookie, uint32_t *reterr)
372350
struct rpctlssd_disconnect_arg arg;
373351
struct rpctlssd_disconnect_res res;
374352
enum clnt_stat stat;
375-
CLIENT *cl = KRPC_VNET(rpctls_server_handle);
376353

377354
/* Do the disconnect upcall. */
378355
arg.socookie = (uint64_t)socookie;
379-
stat = rpctlssd_disconnect_2(&arg, &res, cl);
356+
stat = rpctlssd_disconnect_2(&arg, &res, rpctls_server_handle);
380357
if (stat == RPC_SUCCESS)
381358
*reterr = res.reterr;
382359
return (stat);
@@ -393,7 +370,6 @@ rpctls_server(SVCXPRT *xprt, uint32_t *flags, uid_t *uid, int *ngrps,
393370
.xp = xprt,
394371
.server = true,
395372
};
396-
CLIENT *cl = KRPC_VNET(rpctls_server_handle);
397373
struct rpctlssd_connect_arg arg;
398374
struct rpctlssd_connect_res res;
399375
gid_t *gidp;
@@ -407,7 +383,7 @@ rpctls_server(SVCXPRT *xprt, uint32_t *flags, uid_t *uid, int *ngrps,
407383
/* Do the server upcall. */
408384
res.gid.gid_val = NULL;
409385
arg.socookie = (uint64_t)xprt->xp_socket;
410-
stat = rpctlssd_connect_2(&arg, &res, cl);
386+
stat = rpctlssd_connect_2(&arg, &res, rpctls_server_handle);
411387
if (stat == RPC_SUCCESS) {
412388
*flags = res.flags;
413389
if ((*flags & (RPCTLS_FLAGS_CERTUSER |

0 commit comments

Comments
 (0)