D48561.diff
No OneTemporary
Actions

Size

17 KB

Referenced Files

None

Subscribers

None

D48561.diff
View Options

	diff --git a/sys/rpc/rpcsec_tls.h b/sys/rpc/rpcsec_tls.h
	--- a/sys/rpc/rpcsec_tls.h
	+++ b/sys/rpc/rpcsec_tls.h
	@@ -30,10 +30,7 @@

	/* Operation values for rpctls syscall. */
	#define RPCTLS_SYSC_CLSOCKET 2
	-#define RPCTLS_SYSC_SRVSETPATH 4
	#define RPCTLS_SYSC_SRVSOCKET 5
	-#define RPCTLS_SYSC_SRVSHUTDOWN 6
	-#define RPCTLS_SYSC_SRVSTARTUP 7

	/* Max nprocs for SRV startup */
	#define RPCTLS_SRV_MAXNPROCS 16
	diff --git a/sys/rpc/rpcsec_tls/rpctls_impl.c b/sys/rpc/rpcsec_tls/rpctls_impl.c
	--- a/sys/rpc/rpcsec_tls/rpctls_impl.c
	+++ b/sys/rpc/rpcsec_tls/rpctls_impl.c
	@@ -72,25 +72,21 @@
	SYSCALL_INIT_LAST
	};

	-static struct mtx rpctls_connect_lock;
	-static struct mtx rpctls_server_lock;
	static struct opaque_auth rpctls_null_verf;

	KRPC_VNET_DECLARE(uint64_t, svc_vc_tls_handshake_success);
	KRPC_VNET_DECLARE(uint64_t, svc_vc_tls_handshake_failed);

	KRPC_VNET_DEFINE_STATIC(CLIENT *, rpctls_connect_handle);
	-KRPC_VNET_DEFINE_STATIC(CLIENT **, rpctls_server_handle);
	-KRPC_VNET_DEFINE_STATIC(struct socket *, rpctls_server_so) = NULL;
	-KRPC_VNET_DEFINE_STATIC(SVCXPRT *, rpctls_server_xprt) = NULL;
	-KRPC_VNET_DEFINE_STATIC(bool, rpctls_srv_newdaemon) = false;
	-KRPC_VNET_DEFINE_STATIC(int, rpctls_srv_prevproc) = 0;
	-KRPC_VNET_DEFINE_STATIC(bool *, rpctls_server_busy);
	+KRPC_VNET_DEFINE_STATIC(CLIENT *, rpctls_server_handle);

	struct upsock {
	RB_ENTRY(upsock) tree;
	struct socket *so;
	- CLIENT *cl;
	+ union {
	+ CLIENT *cl;
	+ SVCXPRT *xp;
	+ };
	};

	static RB_HEAD(upsock_t, upsock) upcall_sockets;
	@@ -100,27 +96,20 @@
	return ((intptr_t)((uintptr_t)a->so/2 - (uintptr_t)b->so/2));
	}
	RB_GENERATE_STATIC(upsock_t, upsock, tree, upsock_compare);
	+static struct mtx rpctls_lock;

	-static CLIENT *rpctls_server_client(int procpos);
	static enum clnt_stat rpctls_server(SVCXPRT xprt, struct socket so,
	uint32_t flags, uint64_t sslp,
	uid_t uid, int ngrps, gid_t **gids,
	int *procposp);

	-static void
	-rpctls_vnetinit(const void *unused __unused)
	+static CLIENT *
	+rpctls_client_nl_create(const char *group, const rpcprog_t program,
	+ const rpcvers_t version)
	{
	CLIENT *cl;
	- int i;

	- KRPC_VNET(rpctls_server_handle) = malloc(sizeof(CLIENT )
	- RPCTLS_SRV_MAXNPROCS, M_RPC, M_WAITOK \| M_ZERO);
	- KRPC_VNET(rpctls_server_busy) = malloc(sizeof(bool) *
	- RPCTLS_SRV_MAXNPROCS, M_RPC, M_WAITOK \| M_ZERO);
	- for (i = 0; i < RPCTLS_SRV_MAXNPROCS; i++)
	- KRPC_VNET(rpctls_server_busy)[i] = false;
	-
	- cl = client_nl_create("tlsclnt", RPCTLSCD, RPCTLSCDVERS);
	+ cl = client_nl_create(group, program, version);
	KASSERT(cl, ("%s: netlink client already exist", __func__));
	/*
	* Set the try_count to 1 so that no retries of the RPC occur. Since
	@@ -133,8 +122,19 @@
	*/
	clnt_control(cl, CLSET_RETRIES, &(int){1});
	clnt_control(cl, CLSET_TIMEOUT, &(struct timeval){.tv_sec = 15});
	- clnt_control(cl, CLSET_WAITCHAN, "tlsclntd");
	- KRPC_VNET(rpctls_connect_handle) = cl;
	+ clnt_control(cl, CLSET_WAITCHAN, __DECONST(char *, group));
	+
	+ return (cl);
	+}
	+
	+static void
	+rpctls_vnetinit(const void *unused __unused)
	+{
	+
	+ KRPC_VNET(rpctls_connect_handle) =
	+ rpctls_client_nl_create("tlsclnt", RPCTLSCD, RPCTLSCDVERS);
	+ KRPC_VNET(rpctls_server_handle) =
	+ rpctls_client_nl_create("tlsserv", RPCTLSSD, RPCTLSSDVERS);
	}
	VNET_SYSINIT(rpctls_vnetinit, SI_SUB_VNET_DONE, SI_ORDER_ANY,
	rpctls_vnetinit, NULL);
	@@ -143,8 +143,8 @@
	rpctls_cleanup(void *unused __unused)
	{

	- free(KRPC_VNET(rpctls_server_handle), M_RPC);
	- free(KRPC_VNET(rpctls_server_busy), M_RPC);
	+ clnt_destroy(KRPC_VNET(rpctls_connect_handle));
	+ clnt_destroy(KRPC_VNET(rpctls_server_handle));
	}
	VNET_SYSUNINIT(rpctls_cleanup, SI_SUB_VNET_DONE, SI_ORDER_ANY,
	rpctls_cleanup, NULL);
	@@ -159,10 +159,7 @@
	printf("rpctls_init: cannot register syscall\n");
	return (error);
	}
	- mtx_init(&rpctls_connect_lock, "rpctls_connect_lock", NULL,
	- MTX_DEF);
	- mtx_init(&rpctls_server_lock, "rpctls_server_lock", NULL,
	- MTX_DEF);
	+ mtx_init(&rpctls_lock, "rpctls lock", NULL, MTX_DEF);
	rpctls_null_verf.oa_flavor = AUTH_NULL;
	rpctls_null_verf.oa_base = RPCTLS_START_STRING;
	rpctls_null_verf.oa_length = strlen(RPCTLS_START_STRING);
	@@ -172,20 +169,10 @@
	int
	sys_rpctls_syscall(struct thread td, struct rpctls_syscall_args uap)
	{
	- struct sockaddr_un sun;
	- struct netconfig *nconf;
	struct file *fp;
	- struct socket *so;
	struct upsock *ups;
	- SVCXPRT *xprt;
	- char path[MAXPATHLEN];
	- int fd = -1, error, i, try_count;
	- CLIENT cl, oldcl[RPCTLS_SRV_MAXNPROCS];
	+ int fd = -1, error;
	uint64_t ssl[3];
	- struct timeval timeo;
	-#ifdef KERN_TLS
	- u_int maxlen;
	-#endif

	error = priv_check(td, PRIV_NFS_DAEMON);
	if (error != 0)
	@@ -193,183 +180,48 @@

	KRPC_CURVNET_SET(KRPC_TD_TO_VNET(td));
	switch (uap->op) {
	- case RPCTLS_SYSC_SRVSTARTUP:
	- if (jailed(curthread->td_ucred) &&
	- !prison_check_nfsd(curthread->td_ucred))
	- error = EPERM;
	- if (error == 0) {
	- /* Get rid of all old CLIENTs. */
	- mtx_lock(&rpctls_server_lock);
	- for (i = 0; i < RPCTLS_SRV_MAXNPROCS; i++) {
	- oldcl[i] = KRPC_VNET(rpctls_server_handle)[i];
	- KRPC_VNET(rpctls_server_handle)[i] = NULL;
	- KRPC_VNET(rpctls_server_busy)[i] = false;
	- }
	- KRPC_VNET(rpctls_srv_newdaemon) = true;
	- KRPC_VNET(rpctls_srv_prevproc) = 0;
	- mtx_unlock(&rpctls_server_lock);
	- for (i = 0; i < RPCTLS_SRV_MAXNPROCS; i++) {
	- if (oldcl[i] != NULL) {
	- CLNT_CLOSE(oldcl[i]);
	- CLNT_RELEASE(oldcl[i]);
	- }
	- }
	- }
	- break;
	- case RPCTLS_SYSC_SRVSETPATH:
	- if (jailed(curthread->td_ucred) &&
	- !prison_check_nfsd(curthread->td_ucred))
	- error = EPERM;
	- if (error == 0)
	- error = copyinstr(uap->path, path, sizeof(path), NULL);
	- if (error == 0) {
	- error = ENXIO;
	-#ifdef KERN_TLS
	- if (rpctls_getinfo(&maxlen, false, false))
	- error = 0;
	-#endif
	- }
	- if (error == 0 && (strlen(path) + 1 > sizeof(sun.sun_path) \|\|
	- strlen(path) == 0))
	- error = EINVAL;
	-
	- cl = NULL;
	- if (error == 0) {
	- sun.sun_family = AF_LOCAL;
	- strlcpy(sun.sun_path, path, sizeof(sun.sun_path));
	- sun.sun_len = SUN_LEN(&sun);
	-
	- nconf = getnetconfigent("local");
	- cl = clnt_reconnect_create(nconf,
	- (struct sockaddr *)&sun, RPCTLSSD, RPCTLSSDVERS,
	- RPC_MAXDATASIZE, RPC_MAXDATASIZE);
	- /*
	- * The number of retries defaults to INT_MAX, which
	- * effectively means an infinite, uninterruptable loop.
	- * Set the try_count to 1 so that no retries of the
	- * RPC occur. Since it is an upcall to a local daemon,
	- * requests should not be lost and doing one of these
	- * RPCs multiple times is not correct.
	- * Set a timeout (currently 15sec) and assume that
	- * the daemon is hung if a timeout occurs.
	- */
	- if (cl != NULL) {
	- try_count = 1;
	- CLNT_CONTROL(cl, CLSET_RETRIES, &try_count);
	- timeo.tv_sec = 15;
	- timeo.tv_usec = 0;
	- CLNT_CONTROL(cl, CLSET_TIMEOUT, &timeo);
	- } else
	- error = EINVAL;
	- }
	-
	- for (i = 0; i < RPCTLS_SRV_MAXNPROCS; i++)
	- oldcl[i] = NULL;
	- mtx_lock(&rpctls_server_lock);
	- if (KRPC_VNET(rpctls_srv_newdaemon)) {
	- /*
	- * For a new daemon, the rpctls_srv_handles have
	- * already been cleaned up by RPCTLS_SYSC_SRVSTARTUP.
	- * Scan for an available array entry to use.
	- */
	- for (i = 0; i < RPCTLS_SRV_MAXNPROCS; i++) {
	- if (KRPC_VNET(rpctls_server_handle)[i] == NULL)
	- break;
	- }
	- if (i == RPCTLS_SRV_MAXNPROCS && error == 0)
	- error = ENXIO;
	- } else {
	- /* For an old daemon, clear out old CLIENTs. */
	- for (i = 0; i < RPCTLS_SRV_MAXNPROCS; i++) {
	- oldcl[i] = KRPC_VNET(rpctls_server_handle)[i];
	- KRPC_VNET(rpctls_server_handle)[i] = NULL;
	- KRPC_VNET(rpctls_server_busy)[i] = false;
	- }
	- i = 0; /* Set to use rpctls_server_handle[0]. */
	- }
	- if (error == 0)
	- KRPC_VNET(rpctls_server_handle)[i] = cl;
	- mtx_unlock(&rpctls_server_lock);
	-
	- for (i = 0; i < RPCTLS_SRV_MAXNPROCS; i++) {
	- if (oldcl[i] != NULL) {
	- CLNT_CLOSE(oldcl[i]);
	- CLNT_RELEASE(oldcl[i]);
	- }
	- }
	- break;
	- case RPCTLS_SYSC_SRVSHUTDOWN:
	- mtx_lock(&rpctls_server_lock);
	- for (i = 0; i < RPCTLS_SRV_MAXNPROCS; i++) {
	- oldcl[i] = KRPC_VNET(rpctls_server_handle)[i];
	- KRPC_VNET(rpctls_server_handle)[i] = NULL;
	- }
	- KRPC_VNET(rpctls_srv_newdaemon) = false;
	- mtx_unlock(&rpctls_server_lock);
	-
	- for (i = 0; i < RPCTLS_SRV_MAXNPROCS; i++) {
	- if (oldcl[i] != NULL) {
	- CLNT_CLOSE(oldcl[i]);
	- CLNT_RELEASE(oldcl[i]);
	- }
	- }
	- break;
	case RPCTLS_SYSC_CLSOCKET:
	- mtx_lock(&rpctls_connect_lock);
	+ case RPCTLS_SYSC_SRVSOCKET:
	+ mtx_lock(&rpctls_lock);
	ups = RB_FIND(upsock_t, &upcall_sockets,
	&(struct upsock){
	.so = __DECONST(struct socket *, uap->path) });
	if (__predict_true(ups != NULL))
	RB_REMOVE(upsock_t, &upcall_sockets, ups);
	- mtx_unlock(&rpctls_connect_lock);
	+ mtx_unlock(&rpctls_lock);
	if (ups == NULL) {
	printf("%s: socket lookup failed\n", __func__);
	error = EPERM;
	break;
	}
	- error = falloc(td, &fp, &fd, 0);
	- if (error == 0) {
	+ if ((error = falloc(td, &fp, &fd, 0)) != 0)
	+ break;
	+ soref(ups->so);
	+ switch (uap->op) {
	+ case RPCTLS_SYSC_CLSOCKET:
	/*
	* Set ssl refno so that clnt_vc_destroy() will
	* not close the socket and will leave that for
	* the daemon to do.
	*/
	- soref(ups->so);
	ssl[0] = ssl[1] = 0;
	ssl[2] = RPCTLS_REFNO_HANDSHAKE;
	CLNT_CONTROL(ups->cl, CLSET_TLS, ssl);
	- finit(fp, FREAD \| FWRITE, DTYPE_SOCKET, ups->so,
	- &socketops);
	- fdrop(fp, td); /* Drop fp reference. */
	- td->td_retval[0] = fd;
	+ break;
	+ case RPCTLS_SYSC_SRVSOCKET:
	+ /*
	+ * Once this file descriptor is associated
	+ * with the socket, it cannot be closed by
	+ * the server side krpc code (svc_vc.c).
	+ */
	+ sx_xlock(&ups->xp->xp_lock);
	+ ups->xp->xp_tls = RPCTLS_FLAGS_HANDSHFAIL;
	+ sx_xunlock(&ups->xp->xp_lock);
	+ break;
	}
	- break;
	- case RPCTLS_SYSC_SRVSOCKET:
	- mtx_lock(&rpctls_server_lock);
	- so = KRPC_VNET(rpctls_server_so);
	- KRPC_VNET(rpctls_server_so) = NULL;
	- xprt = KRPC_VNET(rpctls_server_xprt);
	- KRPC_VNET(rpctls_server_xprt) = NULL;
	- mtx_unlock(&rpctls_server_lock);
	- if (so != NULL) {
	- error = falloc(td, &fp, &fd, 0);
	- if (error == 0) {
	- /*
	- * Once this file descriptor is associated
	- * with the socket, it cannot be closed by
	- * the server side krpc code (svc_vc.c).
	- */
	- soref(so);
	- sx_xlock(&xprt->xp_lock);
	- xprt->xp_tls = RPCTLS_FLAGS_HANDSHFAIL;
	- sx_xunlock(&xprt->xp_lock);
	- finit(fp, FREAD \| FWRITE, DTYPE_SOCKET, so,
	- &socketops);
	- fdrop(fp, td); /* Drop fp reference. */
	- td->td_retval[0] = fd;
	- }
	- } else
	- error = EPERM;
	+ finit(fp, FREAD \| FWRITE, DTYPE_SOCKET, ups->so, &socketops);
	+ fdrop(fp, td); /* Drop fp reference. */
	+ td->td_retval[0] = fd;
	break;
	default:
	error = EINVAL;
	@@ -379,25 +231,6 @@
	return (error);
	}

	-/*
	- * Acquire the rpctls_server_handle and return it with a reference count,
	- * if it is available.
	- */
	-static CLIENT *
	-rpctls_server_client(int procpos)
	-{
	- CLIENT *cl;
	-
	- KRPC_CURVNET_SET_QUIET(KRPC_TD_TO_VNET(curthread));
	- mtx_lock(&rpctls_server_lock);
	- cl = KRPC_VNET(rpctls_server_handle)[procpos];
	- if (cl != NULL)
	- CLNT_ACQUIRE(cl);
	- mtx_unlock(&rpctls_server_lock);
	- KRPC_CURVNET_RESTORE();
	- return (cl);
	-}
	-
	/* Do an upcall for a new socket connect using TLS. */
	enum clnt_stat
	rpctls_connect(CLIENT newclient, char certname, struct socket *so,
	@@ -428,9 +261,9 @@
	if (stat != RPC_SUCCESS)
	return (RPC_SYSTEMERROR);

	- mtx_lock(&rpctls_connect_lock);
	+ mtx_lock(&rpctls_lock);
	RB_INSERT(upsock_t, &upcall_sockets, &ups);
	- mtx_unlock(&rpctls_connect_lock);
	+ mtx_unlock(&rpctls_lock);

	/* Temporarily block reception during the handshake upcall. */
	val = 1;
	@@ -455,12 +288,12 @@
	*sslp = res.ssl;
	}
	} else {
	- mtx_lock(&rpctls_connect_lock);
	+ mtx_lock(&rpctls_lock);
	if (RB_FIND(upsock_t, &upcall_sockets, &ups)) {
	struct upsock *removed __diagused;

	removed = RB_REMOVE(upsock_t, &upcall_sockets, &ups);
	- mtx_unlock(&rpctls_connect_lock);
	+ mtx_unlock(&rpctls_lock);
	MPASS(removed == &ups);
	/*
	* Do a shutdown on the socket, since the daemon is
	@@ -475,7 +308,7 @@
	* The daemon has taken the socket from the tree, but
	* failed to do the handshake.
	*/
	- mtx_unlock(&rpctls_connect_lock);
	+ mtx_unlock(&rpctls_lock);
	}
	}

	@@ -513,20 +346,13 @@
	struct rpctlssd_handlerecord_arg arg;
	struct rpctlssd_handlerecord_res res;
	enum clnt_stat stat;
	- CLIENT *cl;
	-
	- cl = rpctls_server_client(procpos);
	- if (cl == NULL) {
	- *reterr = RPCTLSERR_NOSSL;
	- return (RPC_SUCCESS);
	- }
	+ CLIENT *cl = KRPC_VNET(rpctls_server_handle);

	/* Do the handlerecord upcall. */
	arg.sec = sec;
	arg.usec = usec;
	arg.ssl = ssl;
	stat = rpctlssd_handlerecord_1(&arg, &res, cl);
	- CLNT_RELEASE(cl);
	if (stat == RPC_SUCCESS)
	*reterr = res.reterr;
	return (stat);
	@@ -559,20 +385,13 @@
	struct rpctlssd_disconnect_arg arg;
	struct rpctlssd_disconnect_res res;
	enum clnt_stat stat;
	- CLIENT *cl;
	-
	- cl = rpctls_server_client(procpos);
	- if (cl == NULL) {
	- *reterr = RPCTLSERR_NOSSL;
	- return (RPC_SUCCESS);
	- }
	+ CLIENT *cl = KRPC_VNET(rpctls_server_handle);

	/* Do the disconnect upcall. */
	arg.sec = sec;
	arg.usec = usec;
	arg.ssl = ssl;
	stat = rpctlssd_disconnect_1(&arg, &res, cl);
	- CLNT_RELEASE(cl);
	if (stat == RPC_SUCCESS)
	*reterr = res.reterr;
	return (stat);
	@@ -584,54 +403,33 @@
	uid_t uid, int ngrps, gid_t *gids, int procposp)
	{
	enum clnt_stat stat;
	- CLIENT *cl;
	+ struct upsock ups = {
	+ .so = so,
	+ .xp = xprt,
	+ };
	+ CLIENT *cl = KRPC_VNET(rpctls_server_handle);
	+ struct rpctlssd_connect_arg arg;
	struct rpctlssd_connect_res res;
	gid_t *gidp;
	uint32_t *gidv;
	- int i, procpos;
	-
	- KRPC_CURVNET_SET_QUIET(KRPC_TD_TO_VNET(curthread));
	- cl = NULL;
	- procpos = -1;
	- mtx_lock(&rpctls_server_lock);
	- for (i = (KRPC_VNET(rpctls_srv_prevproc) + 1) % RPCTLS_SRV_MAXNPROCS;
	- i != KRPC_VNET(rpctls_srv_prevproc);
	- i = (i + 1) % RPCTLS_SRV_MAXNPROCS) {
	- if (KRPC_VNET(rpctls_server_handle)[i] != NULL)
	- break;
	- }
	- if (i == KRPC_VNET(rpctls_srv_prevproc)) {
	- if (KRPC_VNET(rpctls_server_handle)[i] != NULL)
	- procpos = i;
	- } else
	- KRPC_VNET(rpctls_srv_prevproc) = procpos = i;
	- mtx_unlock(&rpctls_server_lock);
	- if (procpos >= 0)
	- cl = rpctls_server_client(procpos);
	- if (cl == NULL) {
	- KRPC_CURVNET_RESTORE();
	- return (RPC_SYSTEMERROR);
	- }
	+ int i;

	- /* Serialize the server upcalls. */
	- mtx_lock(&rpctls_server_lock);
	- while (KRPC_VNET(rpctls_server_busy)[procpos])
	- msleep(&KRPC_VNET(rpctls_server_busy)[procpos],
	- &rpctls_server_lock, PVFS, "rtlssn", 0);
	- KRPC_VNET(rpctls_server_busy)[procpos] = true;
	- KRPC_VNET(rpctls_server_so) = so;
	- KRPC_VNET(rpctls_server_xprt) = xprt;
	- mtx_unlock(&rpctls_server_lock);
	+ mtx_lock(&rpctls_lock);
	+ RB_INSERT(upsock_t, &upcall_sockets, &ups);
	+ mtx_unlock(&rpctls_lock);

	/* Do the server upcall. */
	res.gid.gid_val = NULL;
	- stat = rpctlssd_connect_1(NULL, &res, cl);
	+ arg.socookie = (uintptr_t)so;
	+ stat = rpctlssd_connect_1(&arg, &res, cl);
	if (stat == RPC_SUCCESS) {
	+#ifdef INVARIANTS
	+ MPASS((RB_FIND(upsock_t, &upcall_sockets, &ups) == NULL));
	+#endif
	*flags = res.flags;
	*sslp++ = res.sec;
	*sslp++ = res.usec;
	*sslp = res.ssl;
	- *procposp = procpos;
	if ((*flags & (RPCTLS_FLAGS_CERTUSER \|
	RPCTLS_FLAGS_DISABLED)) == RPCTLS_FLAGS_CERTUSER) {
	*ngrps = res.gid.gid_len;
	@@ -641,27 +439,32 @@
	for (i = 0; i < *ngrps; i++)
	gidp++ = gidv++;
	}
	- } else if (stat == RPC_TIMEDOUT) {
	- /*
	- * Do a shutdown on the socket, since the daemon is probably
	- * stuck in SSL_accept() trying to read the socket.
	- * Do not soclose() the socket, since the daemon will close()
	- * the socket after SSL_accept() returns an error.
	- */
	- soshutdown(so, SHUT_RD);
	+ } else {
	+ mtx_lock(&rpctls_lock);
	+ if (RB_FIND(upsock_t, &upcall_sockets, &ups)) {
	+ struct upsock *removed __diagused;
	+
	+ removed = RB_REMOVE(upsock_t, &upcall_sockets, &ups);
	+ mtx_unlock(&rpctls_lock);
	+ MPASS(removed == &ups);
	+ /*
	+ * Do a shutdown on the socket, since the daemon is
	+ * probably stuck in SSL_accept() trying to read the
	+ * socket. Do not soclose() the socket, since the
	+ * daemon will close() the socket after SSL_accept()
	+ * returns an error.
	+ */
	+ soshutdown(so, SHUT_RD);
	+ } else {
	+ /*
	+ * The daemon has taken the socket from the tree, but
	+ * failed to do the handshake.
	+ */
	+ mtx_unlock(&rpctls_lock);
	+ }
	}
	- CLNT_RELEASE(cl);
	mem_free(res.gid.gid_val, 0);

	- /* Once the upcall is done, the daemon is done with the fp and so. */
	- mtx_lock(&rpctls_server_lock);
	- KRPC_VNET(rpctls_server_so) = NULL;
	- KRPC_VNET(rpctls_server_xprt) = NULL;
	- KRPC_VNET(rpctls_server_busy)[procpos] = false;
	- wakeup(&KRPC_VNET(rpctls_server_busy)[procpos]);
	- mtx_unlock(&rpctls_server_lock);
	- KRPC_CURVNET_RESTORE();
	-
	return (stat);
	}

	@@ -789,13 +592,6 @@
	&maxlen, &siz, NULL, 0, NULL, 0);
	if (error != 0)
	return (false);
	- KRPC_CURVNET_SET_QUIET(KRPC_TD_TO_VNET(curthread));
	- if (rpctlssd_run && KRPC_VNET(rpctls_server_handle)[0] == NULL) {
	- KRPC_CURVNET_RESTORE();
	- return (false);
	- }
	- KRPC_CURVNET_RESTORE();
	*maxlenp = maxlen;
	return (enable);
	}
	-
	diff --git a/sys/rpc/rpcsec_tls/rpctlssd.x b/sys/rpc/rpcsec_tls/rpctlssd.x
	--- a/sys/rpc/rpcsec_tls/rpctlssd.x
	+++ b/sys/rpc/rpcsec_tls/rpctlssd.x
	@@ -27,6 +27,9 @@

	/* Modified from gssd.x for the server side of RPC-over-TLS. */

	+struct rpctlssd_connect_arg {
	+ uint64_t socookie;
	+};

	struct rpctlssd_connect_res {
	uint32_t flags;
	@@ -62,7 +65,7 @@
	void RPCTLSSD_NULL(void) = 0;

	rpctlssd_connect_res
	- RPCTLSSD_CONNECT(void) = 1;
	+ RPCTLSSD_CONNECT(rpctlssd_connect_arg) = 1;

	rpctlssd_handlerecord_res
	RPCTLSSD_HANDLERECORD(rpctlssd_handlerecord_arg) = 2;

File Metadata

Mime Type: text/plain
Expires: Sun, Feb 2, 1:24 PM (9 h, 28 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 16401549
Default Alt Text: D48561.diff (17 KB)

D48561.diffNo OneTemporaryActions

D48561.diffView Options

File Metadata

Event Timeline

D48561.diff
No OneTemporary
Actions

D48561.diff
View Options