path: root/net/dns_resolver
diff options
authorDavid Howells <dhowells@redhat.com>2019-05-03 18:26:55 +0100
committerDavid Howells <dhowells@redhat.com>2019-05-15 17:35:54 +0100
commitd0660f0b3b7d1760d1ab60ec8e9d0de52e885207 (patch)
tree9ab40b7b55492fbaeede2311afb643c5cadf2b75 /net/dns_resolver
parentafs: Fix afs_cell records to always have a VL server list record (diff)
dns_resolver: Allow used keys to be invalidated
Allow used DNS resolver keys to be invalidated after use if the caller is doing its own caching of the results. This reduces the amount of resources required. Fix AFS to invalidate DNS results to kill off permanent failure records that get lodged in the resolver keyring and prevent future lookups from happening. Fixes: 0a5143f2f89c ("afs: Implement VL server rotation") Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat (limited to 'net/dns_resolver')
1 files changed, 5 insertions, 1 deletions
diff --git a/net/dns_resolver/dns_query.c b/net/dns_resolver/dns_query.c
index 19aa32fc1802..2d260432b3be 100644
--- a/net/dns_resolver/dns_query.c
+++ b/net/dns_resolver/dns_query.c
@@ -54,6 +54,7 @@
* @options: Request options (or NULL if no options)
* @_result: Where to place the returned data (or NULL)
* @_expiry: Where to store the result expiry time (or NULL)
+ * @invalidate: Always invalidate the key after use
* The data will be returned in the pointer at *result, if provided, and the
* caller is responsible for freeing it.
@@ -69,7 +70,8 @@
* Returns the size of the result on success, -ve error code otherwise.
int dns_query(const char *type, const char *name, size_t namelen,
- const char *options, char **_result, time64_t *_expiry)
+ const char *options, char **_result, time64_t *_expiry,
+ bool invalidate)
struct key *rkey;
struct user_key_payload *upayload;
@@ -157,6 +159,8 @@ int dns_query(const char *type, const char *name, size_t namelen,
ret = len;
+ if (invalidate)
+ key_invalidate(rkey);
kleave(" = %d", ret);