grpc 1.55.0 → 1.56.2

data/src/core/ext/filters/client_channel/subchannel.cc

@@ -24,21 +24,21 @@
 #include <algorithm>
 #include <memory>
 #include <new>
+#include <string>
 #include <utility>
 
 #include "absl/status/statusor.h"
 #include "absl/strings/cord.h"
 #include "absl/strings/str_cat.h"
 #include "absl/strings/string_view.h"
+#include "absl/types/optional.h"
 
 #include <grpc/grpc.h>
 #include <grpc/slice.h>
 #include <grpc/status.h>
 #include <grpc/support/log.h>
 
-#include "src/core/ext/filters/client_channel/health/health_check_client.h"
 #include "src/core/ext/filters/client_channel/subchannel_pool_interface.h"
-#include "src/core/ext/filters/client_channel/subchannel_stream_client.h"
 #include "src/core/lib/address_utils/sockaddr_utils.h"
 #include "src/core/lib/backoff/backoff.h"
 #include "src/core/lib/channel/channel_args.h"
@@ -374,176 +374,6 @@ void Subchannel::ConnectivityStateWatcherList::NotifyLocked(
   }
 }
 
-//
-// Subchannel::HealthWatcherMap::HealthWatcher
-//
-
-// State needed for tracking the connectivity state with a particular
-// health check service name.
-class Subchannel::HealthWatcherMap::HealthWatcher
-    : public AsyncConnectivityStateWatcherInterface {
- public:
-  HealthWatcher(WeakRefCountedPtr<Subchannel> c,
-                std::string health_check_service_name)
-      : subchannel_(std::move(c)),
-        health_check_service_name_(std::move(health_check_service_name)),
-        state_(subchannel_->state_ == GRPC_CHANNEL_READY
-                   ? GRPC_CHANNEL_CONNECTING
-                   : subchannel_->state_),
-        watcher_list_(subchannel_.get()) {
-    // If the subchannel is already connected, start health checking.
-    if (subchannel_->state_ == GRPC_CHANNEL_READY) StartHealthCheckingLocked();
-  }
-
-  ~HealthWatcher() override {
-    subchannel_.reset(DEBUG_LOCATION, "health_watcher");
-  }
-
-  const std::string& health_check_service_name() const {
-    return health_check_service_name_;
-  }
-
-  grpc_connectivity_state state() const { return state_; }
-
-  void AddWatcherLocked(
-      RefCountedPtr<Subchannel::ConnectivityStateWatcherInterface> watcher) {
-    subchannel_->work_serializer_.Schedule(
-        [watcher = watcher->Ref(), state = state_, status = status_]() {
-          watcher->OnConnectivityStateChange(state, status);
-        },
-        DEBUG_LOCATION);
-    watcher_list_.AddWatcherLocked(std::move(watcher));
-  }
-
-  void RemoveWatcherLocked(
-      Subchannel::ConnectivityStateWatcherInterface* watcher) {
-    watcher_list_.RemoveWatcherLocked(watcher);
-  }
-
-  bool HasWatchers() const { return !watcher_list_.empty(); }
-
-  void NotifyLocked(grpc_connectivity_state state, const absl::Status& status)
-      ABSL_EXCLUSIVE_LOCKS_REQUIRED(subchannel_->mu_) {
-    if (state == GRPC_CHANNEL_READY) {
-      // If we had not already notified for CONNECTING state, do so now.
-      // (We may have missed this earlier, because if the transition
-      // from IDLE to CONNECTING to READY was too quick, the connected
-      // subchannel may not have sent us a notification for CONNECTING.)
-      if (state_ != GRPC_CHANNEL_CONNECTING) {
-        state_ = GRPC_CHANNEL_CONNECTING;
-        status_ = status;
-        watcher_list_.NotifyLocked(state_, status);
-      }
-      // If we've become connected, start health checking.
-      StartHealthCheckingLocked();
-    } else {
-      state_ = state;
-      status_ = status;
-      watcher_list_.NotifyLocked(state_, status);
-      // We're not connected, so stop health checking.
-      health_check_client_.reset();
-    }
-  }
-
-  void Orphan() override {
-    watcher_list_.Clear();
-    health_check_client_.reset();
-    Unref();
-  }
-
- private:
-  void OnConnectivityStateChange(grpc_connectivity_state new_state,
-                                 const absl::Status& status) override {
-    {
-      MutexLock lock(&subchannel_->mu_);
-      if (new_state != GRPC_CHANNEL_SHUTDOWN &&
-          health_check_client_ != nullptr) {
-        state_ = new_state;
-        status_ = status;
-        watcher_list_.NotifyLocked(new_state, status);
-      }
-    }
-    // Drain any connectivity state notifications after releasing the mutex.
-    subchannel_->work_serializer_.DrainQueue();
-  }
-
-  void StartHealthCheckingLocked()
-      ABSL_EXCLUSIVE_LOCKS_REQUIRED(subchannel_->mu_) {
-    GPR_ASSERT(health_check_client_ == nullptr);
-    health_check_client_ = MakeHealthCheckClient(
-        health_check_service_name_, subchannel_->connected_subchannel_,
-        subchannel_->pollset_set_, subchannel_->channelz_node_, Ref());
-  }
-
-  WeakRefCountedPtr<Subchannel> subchannel_;
-  std::string health_check_service_name_;
-  OrphanablePtr<SubchannelStreamClient> health_check_client_;
-  grpc_connectivity_state state_;
-  absl::Status status_;
-  ConnectivityStateWatcherList watcher_list_;
-};
-
-//
-// Subchannel::HealthWatcherMap
-//
-
-void Subchannel::HealthWatcherMap::AddWatcherLocked(
-    WeakRefCountedPtr<Subchannel> subchannel,
-    const std::string& health_check_service_name,
-    RefCountedPtr<ConnectivityStateWatcherInterface> watcher) {
-  // If the health check service name is not already present in the map,
-  // add it.
-  auto it = map_.find(health_check_service_name);
-  HealthWatcher* health_watcher;
-  if (it == map_.end()) {
-    auto w = MakeOrphanable<HealthWatcher>(std::move(subchannel),
-                                           health_check_service_name);
-    health_watcher = w.get();
-    map_.emplace(health_check_service_name, std::move(w));
-  } else {
-    health_watcher = it->second.get();
-  }
-  // Add the watcher to the entry.
-  health_watcher->AddWatcherLocked(std::move(watcher));
-}
-
-void Subchannel::HealthWatcherMap::RemoveWatcherLocked(
-    const std::string& health_check_service_name,
-    ConnectivityStateWatcherInterface* watcher) {
-  auto it = map_.find(health_check_service_name);
-  GPR_ASSERT(it != map_.end());
-  it->second->RemoveWatcherLocked(watcher);
-  // If we just removed the last watcher for this service name, remove
-  // the map entry.
-  if (!it->second->HasWatchers()) map_.erase(it);
-}
-
-void Subchannel::HealthWatcherMap::NotifyLocked(grpc_connectivity_state state,
-                                                const absl::Status& status) {
-  for (const auto& p : map_) {
-    p.second->NotifyLocked(state, status);
-  }
-}
-
-grpc_connectivity_state
-Subchannel::HealthWatcherMap::CheckConnectivityStateLocked(
-    Subchannel* subchannel, const std::string& health_check_service_name) {
-  auto it = map_.find(health_check_service_name);
-  if (it == map_.end()) {
-    // If the health check service name is not found in the map, we're
-    // not currently doing a health check for that service name.  If the
-    // subchannel's state without health checking is READY, report
-    // CONNECTING, since that's what we'd be in as soon as we do start a
-    // watch.  Otherwise, report the channel's state without health checking.
-    return subchannel->state_ == GRPC_CHANNEL_READY ? GRPC_CHANNEL_CONNECTING
-                                                    : subchannel->state_;
-  }
-  HealthWatcher* health_watcher = it->second.get();
-  return health_watcher->state();
-}
-
-void Subchannel::HealthWatcherMap::ShutdownLocked() { map_.clear(); }
-
 //
 // Subchannel
 //
@@ -689,7 +519,6 @@ channelz::SubchannelNode* Subchannel::channelz_node() {
 }
 
 void Subchannel::WatchConnectivityState(
-    const absl::optional<std::string>& health_check_service_name,
     RefCountedPtr<ConnectivityStateWatcherInterface> watcher) {
   {
     MutexLock lock(&mu_);
@@ -697,25 +526,18 @@ void Subchannel::WatchConnectivityState(
     if (interested_parties != nullptr) {
       grpc_pollset_set_add_pollset_set(pollset_set_, interested_parties);
     }
-    if (!health_check_service_name.has_value()) {
-      work_serializer_.Schedule(
-          [watcher = watcher->Ref(), state = state_, status = status_]() {
-            watcher->OnConnectivityStateChange(state, status);
-          },
-          DEBUG_LOCATION);
-      watcher_list_.AddWatcherLocked(std::move(watcher));
-    } else {
-      health_watcher_map_.AddWatcherLocked(
-          WeakRef(DEBUG_LOCATION, "health_watcher"), *health_check_service_name,
-          std::move(watcher));
-    }
+    work_serializer_.Schedule(
+        [watcher = watcher->Ref(), state = state_, status = status_]() {
+          watcher->OnConnectivityStateChange(state, status);
+        },
+        DEBUG_LOCATION);
+    watcher_list_.AddWatcherLocked(std::move(watcher));
   }
   // Drain any connectivity state notifications after releasing the mutex.
   work_serializer_.DrainQueue();
 }
 
 void Subchannel::CancelConnectivityStateWatch(
-    const absl::optional<std::string>& health_check_service_name,
     ConnectivityStateWatcherInterface* watcher) {
   {
     MutexLock lock(&mu_);
@@ -723,12 +545,7 @@ void Subchannel::CancelConnectivityStateWatch(
     if (interested_parties != nullptr) {
       grpc_pollset_set_del_pollset_set(pollset_set_, interested_parties);
     }
-    if (!health_check_service_name.has_value()) {
-      watcher_list_.RemoveWatcherLocked(watcher);
-    } else {
-      health_watcher_map_.RemoveWatcherLocked(*health_check_service_name,
-                                              watcher);
-    }
+    watcher_list_.RemoveWatcherLocked(watcher);
   }
   // Drain any connectivity state notifications after releasing the mutex.
   // (Shouldn't actually be necessary in this case, but better safe than sorry.)
@@ -778,7 +595,6 @@ void Subchannel::Orphan() {
     shutdown_ = true;
     connector_.reset();
     connected_subchannel_.reset();
-    health_watcher_map_.ShutdownLocked();
   }
   // Drain any connectivity state notifications after releasing the mutex.
   work_serializer_.DrainQueue();
@@ -828,10 +644,8 @@ void Subchannel::SetConnectivityStateLocked(grpc_connectivity_state state,
             ConnectivityStateName(state),
             status.ok() ? "" : absl::StrCat(": ", status_.ToString()))));
   }
-  // Notify non-health watchers.
+  // Notify watchers.
   watcher_list_.NotifyLocked(state, status_);
-  // Notify health watchers.
-  health_watcher_map_.NotifyLocked(state, status_);
 }
 
 void Subchannel::OnRetryTimer() {

data/src/core/ext/filters/client_channel/subchannel.h

@@ -24,11 +24,9 @@
 #include <functional>
 #include <map>
 #include <memory>
-#include <string>
 
 #include "absl/base/thread_annotations.h"
 #include "absl/status/status.h"
-#include "absl/types/optional.h"
 
 #include <grpc/event_engine/event_engine.h>
 #include <grpc/impl/connectivity_state.h>
@@ -221,15 +219,13 @@ class Subchannel : public DualRefCounted<Subchannel> {
   // The watcher will be destroyed either when the subchannel is
   // destroyed or when CancelConnectivityStateWatch() is called.
   void WatchConnectivityState(
-      const absl::optional<std::string>& health_check_service_name,
       RefCountedPtr<ConnectivityStateWatcherInterface> watcher)
       ABSL_LOCKS_EXCLUDED(mu_);
 
   // Cancels a connectivity state watch.
   // If the watcher has already been destroyed, this is a no-op.
-  void CancelConnectivityStateWatch(
-      const absl::optional<std::string>& health_check_service_name,
-      ConnectivityStateWatcherInterface* watcher) ABSL_LOCKS_EXCLUDED(mu_);
+  void CancelConnectivityStateWatch(ConnectivityStateWatcherInterface* watcher)
+      ABSL_LOCKS_EXCLUDED(mu_);
 
   RefCountedPtr<ConnectedSubchannel> connected_subchannel()
       ABSL_LOCKS_EXCLUDED(mu_) {
@@ -296,40 +292,6 @@ class Subchannel : public DualRefCounted<Subchannel> {
         watchers_;
   };
 
-  // A map that tracks ConnectivityStateWatcherInterfaces using a particular
-  // health check service name.
-  //
-  // There is one entry in the map for each health check service name.
-  // Entries exist only as long as there are watchers using the
-  // corresponding service name.
-  //
-  // A health check client is maintained only while the subchannel is in
-  // state READY.
-  class HealthWatcherMap {
-   public:
-    void AddWatcherLocked(
-        WeakRefCountedPtr<Subchannel> subchannel,
-        const std::string& health_check_service_name,
-        RefCountedPtr<ConnectivityStateWatcherInterface> watcher);
-    void RemoveWatcherLocked(const std::string& health_check_service_name,
-                             ConnectivityStateWatcherInterface* watcher);
-
-    // Notifies the watcher when the subchannel's state changes.
-    void NotifyLocked(grpc_connectivity_state state, const absl::Status& status)
-        ABSL_EXCLUSIVE_LOCKS_REQUIRED(&Subchannel::mu_);
-
-    grpc_connectivity_state CheckConnectivityStateLocked(
-        Subchannel* subchannel, const std::string& health_check_service_name)
-        ABSL_EXCLUSIVE_LOCKS_REQUIRED(&Subchannel::mu_);
-
-    void ShutdownLocked();
-
-   private:
-    class HealthWatcher;
-
-    std::map<std::string, OrphanablePtr<HealthWatcher>> map_;
-  };
-
   class ConnectedSubchannelStateWatcher;
 
   // Sets the subchannel's connectivity state to \a state.
@@ -382,10 +344,8 @@ class Subchannel : public DualRefCounted<Subchannel> {
   // - TRANSIENT_FAILURE: connection attempt failed, retry timer pending
   grpc_connectivity_state state_ ABSL_GUARDED_BY(mu_) = GRPC_CHANNEL_IDLE;
   absl::Status status_ ABSL_GUARDED_BY(mu_);
-  // The list of watchers without a health check service name.
+  // The list of connectivity state watchers.
   ConnectivityStateWatcherList watcher_list_ ABSL_GUARDED_BY(mu_);
-  // The map of watchers with health check service names.
-  HealthWatcherMap health_watcher_map_ ABSL_GUARDED_BY(mu_);
   // Used for sending connectivity state notifications.
   WorkSerializer work_serializer_;
 

data/src/core/ext/filters/http/message_compress/compression_filter.cc

@@ -49,7 +49,7 @@
 #include "src/core/lib/promise/latch.h"
 #include "src/core/lib/promise/pipe.h"
 #include "src/core/lib/promise/poll.h"
-#include "src/core/lib/promise/race.h"
+#include "src/core/lib/promise/prioritized_race.h"
 #include "src/core/lib/resource_quota/arena.h"
 #include "src/core/lib/slice/slice_buffer.h"
 #include "src/core/lib/surface/call.h"
@@ -273,8 +273,8 @@ ArenaPromise<ServerMetadataHandle> ClientCompressionFilter::MakeCallPromise(
         return std::move(*r);
       });
   // Run the next filter, and race it with getting an error from decompression.
-  return Race(decompress_err->Wait(),
-              next_promise_factory(std::move(call_args)));
+  return PrioritizedRace(decompress_err->Wait(),
+                         next_promise_factory(std::move(call_args)));
 }
 
 ArenaPromise<ServerMetadataHandle> ServerCompressionFilter::MakeCallPromise(
@@ -316,8 +316,8 @@ ArenaPromise<ServerMetadataHandle> ServerCompressionFilter::MakeCallPromise(
         return CompressMessage(std::move(message), *compression_algorithm);
       });
   // Run the next filter, and race it with getting an error from decompression.
-  return Race(decompress_err->Wait(),
-              next_promise_factory(std::move(call_args)));
+  return PrioritizedRace(decompress_err->Wait(),
+                         next_promise_factory(std::move(call_args)));
 }
 
 }  // namespace grpc_core

data/src/core/ext/filters/rbac/rbac_service_config_parser.cc

@@ -20,21 +20,29 @@
 
 #include <cstdint>
 #include <map>
+#include <memory>
 #include <string>
 
 #include "absl/status/status.h"
 #include "absl/status/statusor.h"
+#include "absl/strings/str_cat.h"
 #include "absl/types/optional.h"
 
+#include <grpc/grpc_audit_logging.h>
+
 #include "src/core/lib/channel/channel_args.h"
 #include "src/core/lib/json/json_args.h"
 #include "src/core/lib/json/json_object_loader.h"
 #include "src/core/lib/matchers/matchers.h"
+#include "src/core/lib/security/authorization/audit_logging.h"
 
 namespace grpc_core {
 
 namespace {
 
+using experimental::AuditLoggerFactory;
+using experimental::AuditLoggerRegistry;
+
 // RbacConfig: one or more RbacPolicy structs
 struct RbacConfig {
   // RbacPolicy: optional Rules
@@ -179,20 +187,40 @@ struct RbacConfig {
         static const JsonLoaderInterface* JsonLoader(const JsonArgs&);
       };
 
+      // AuditLogger: the name of logger and its config in json
+      struct AuditLogger {
+        std::string name;
+        Json::Object config;
+
+        AuditLogger() = default;
+        AuditLogger(const AuditLogger&) = delete;
+        AuditLogger& operator=(const AuditLogger&) = delete;
+        AuditLogger(AuditLogger&&) = default;
+        AuditLogger& operator=(AuditLogger&&) = default;
+
+        static const JsonLoaderInterface* JsonLoader(const JsonArgs&);
+        void JsonPostLoad(const Json&, const JsonArgs&,
+                          ValidationErrors* errors);
+      };
+
       int action;
       std::map<std::string, Policy> policies;
+      // Defaults to kNone since its json field is optional.
+      Rbac::AuditCondition audit_condition = Rbac::AuditCondition::kNone;
+      std::vector<std::unique_ptr<AuditLoggerFactory::Config>> logger_configs;
 
-      Rules() = default;
+      Rules() {}
       Rules(const Rules&) = delete;
       Rules& operator=(const Rules&) = delete;
       Rules(Rules&&) = default;
       Rules& operator=(Rules&&) = default;
 
-      Rbac TakeAsRbac();
+      Rbac TakeAsRbac(std::string name);
       static const JsonLoaderInterface* JsonLoader(const JsonArgs&);
       void JsonPostLoad(const Json&, const JsonArgs&, ValidationErrors* errors);
     };
 
+    std::string name;
     absl::optional<Rules> rules;
 
     Rbac TakeAsRbac();
@@ -715,21 +743,51 @@ const JsonLoaderInterface* RbacConfig::RbacPolicy::Rules::Policy::JsonLoader(
   return loader;
 }
 
+//
+// RbacConfig::RbacPolicy::Rules::AuditLogger
+//
+
+const JsonLoaderInterface*
+RbacConfig::RbacPolicy::Rules::AuditLogger::JsonLoader(const JsonArgs&) {
+  // All fields handled in JsonPostLoad().
+  static const auto* loader = JsonObjectLoader<AuditLogger>().Finish();
+  return loader;
+}
+
+void RbacConfig::RbacPolicy::Rules::AuditLogger::JsonPostLoad(
+    const Json& json, const JsonArgs& args, ValidationErrors* errors) {
+  // Should have exactly one field as the logger name.
+  if (json.object().size() != 1) {
+    errors->AddError("audit logger should have exactly one field");
+    return;
+  }
+  name = json.object().begin()->first;
+  auto config_or =
+      LoadJsonObjectField<Json::Object>(json.object(), args, name, errors);
+  if (config_or.has_value()) {
+    config = std::move(*config_or);
+  }
+}
+
 //
 // RbacConfig::RbacPolicy::Rules
 //
 
-Rbac RbacConfig::RbacPolicy::Rules::TakeAsRbac() {
+Rbac RbacConfig::RbacPolicy::Rules::TakeAsRbac(std::string name) {
   Rbac rbac;
+  rbac.name = std::move(name);
   rbac.action = static_cast<Rbac::Action>(action);
+  rbac.audit_condition = audit_condition;
   for (auto& p : policies) {
     rbac.policies.emplace(p.first, p.second.TakeAsRbacPolicy());
   }
+  rbac.logger_configs = std::move(logger_configs);
   return rbac;
 }
 
 const JsonLoaderInterface* RbacConfig::RbacPolicy::Rules::JsonLoader(
     const JsonArgs&) {
+  // Audit logger configs handled in post load.
   static const auto* loader = JsonObjectLoader<Rules>()
                                   .Field("action", &Rules::action)
                                   .OptionalField("policies", &Rules::policies)
@@ -737,7 +795,8 @@ const JsonLoaderInterface* RbacConfig::RbacPolicy::Rules::JsonLoader(
   return loader;
 }
 
-void RbacConfig::RbacPolicy::Rules::JsonPostLoad(const Json&, const JsonArgs&,
+void RbacConfig::RbacPolicy::Rules::JsonPostLoad(const Json& json,
+                                                 const JsonArgs& args,
                                                  ValidationErrors* errors) {
   // Validate action field.
   auto rbac_action = static_cast<Rbac::Action>(action);
@@ -746,6 +805,40 @@ void RbacConfig::RbacPolicy::Rules::JsonPostLoad(const Json&, const JsonArgs&,
     ValidationErrors::ScopedField field(errors, ".action");
     errors->AddError("unknown action");
   }
+  // Parse and validate audit_condition field.
+  auto condition = LoadJsonObjectField<int>(json.object(), args,
+                                            "audit_condition", errors, false);
+  if (condition.has_value()) {
+    switch (*condition) {
+      case static_cast<int>(Rbac::AuditCondition::kNone):
+      case static_cast<int>(Rbac::AuditCondition::kOnAllow):
+      case static_cast<int>(Rbac::AuditCondition::kOnDeny):
+      case static_cast<int>(Rbac::AuditCondition::kOnDenyAndAllow):
+        audit_condition = static_cast<Rbac::AuditCondition>(*condition);
+        break;
+      default: {
+        ValidationErrors::ScopedField field(errors, ".audit_condition");
+        errors->AddError("unknown audit condition");
+      }
+    }
+  }
+  // Parse and validate audit logger configs.
+  auto configs = LoadJsonObjectField<std::vector<AuditLogger>>(
+      json.object(), args, "audit_loggers", errors, false);
+  if (configs.has_value()) {
+    for (size_t i = 0; i < configs->size(); ++i) {
+      auto& logger = (*configs)[i];
+      auto config = AuditLoggerRegistry::ParseConfig(
+          logger.name, Json::FromObject(std::move(logger.config)));
+      if (!config.ok()) {
+        ValidationErrors::ScopedField field(
+            errors, absl::StrCat(".audit_loggers[", i, "]"));
+        errors->AddError(config.status().message());
+        continue;
+      }
+      logger_configs.push_back(std::move(*config));
+    }
+  }
 }
 
 //
@@ -756,14 +849,15 @@ Rbac RbacConfig::RbacPolicy::TakeAsRbac() {
   if (!rules.has_value()) {
     // No enforcing to be applied. An empty deny policy with an empty map
     // is equivalent to no enforcing.
-    return Rbac(Rbac::Action::kDeny, {});
+    return Rbac(std::move(name), Rbac::Action::kDeny, {});
   }
-  return rules->TakeAsRbac();
+  return rules->TakeAsRbac(std::move(name));
 }
 
 const JsonLoaderInterface* RbacConfig::RbacPolicy::JsonLoader(const JsonArgs&) {
   static const auto* loader = JsonObjectLoader<RbacPolicy>()
                                   .OptionalField("rules", &RbacPolicy::rules)
+                                  .Field("filter_name", &RbacPolicy::name)
                                   .Finish();
   return loader;
 }

data/src/core/ext/filters/server_config_selector/server_config_selector_filter.cc

@@ -38,6 +38,7 @@
 #include "src/core/lib/promise/context.h"
 #include "src/core/lib/promise/promise.h"
 #include "src/core/lib/resource_quota/arena.h"
+#include "src/core/lib/service_config/service_config.h"
 #include "src/core/lib/service_config/service_config_call_data.h"
 #include "src/core/lib/transport/transport.h"
 
@@ -139,14 +140,11 @@ ArenaPromise<ServerMetadataHandle> ServerConfigSelectorFilter::MakeCallPromise(
         absl::UnavailableError(StatusToString(call_config.status()))));
     return std::move(r);
   }
-  auto& ctx = GetContext<
-      grpc_call_context_element>()[GRPC_CONTEXT_SERVICE_CONFIG_CALL_DATA];
-  ctx.value = GetContext<Arena>()->New<ServiceConfigCallData>(
-      std::move(call_config->service_config), call_config->method_configs,
-      ServiceConfigCallData::CallAttributes{});
-  ctx.destroy = [](void* p) {
-    static_cast<ServiceConfigCallData*>(p)->~ServiceConfigCallData();
-  };
+  auto* service_config_call_data =
+      GetContext<Arena>()->New<ServiceConfigCallData>(
+          GetContext<Arena>(), GetContext<grpc_call_context_element>());
+  service_config_call_data->SetServiceConfig(
+      std::move(call_config->service_config), call_config->method_configs);
   return next_promise_factory(std::move(call_args));
 }
 

data/src/core/ext/filters/stateful_session/stateful_session_filter.cc

@@ -59,7 +59,7 @@ namespace grpc_core {
 
 TraceFlag grpc_stateful_session_filter_trace(false, "stateful_session_filter");
 
-UniqueTypeName XdsOverrideHostTypeName() {
+UniqueTypeName XdsOverrideHostAttribute::TypeName() {
   static UniqueTypeName::Factory kFactory("xds_override_host");
   return kFactory.Create();
 }
@@ -160,8 +160,8 @@ ArenaPromise<ServerMetadataHandle> StatefulSessionFilter::MakeCallPromise(
     }
     // We have a valid cookie, so add the call attribute to be used by the
     // xds_override_host LB policy.
-    service_config_call_data->SetCallAttribute(XdsOverrideHostTypeName(),
-                                               *cookie_value);
+    service_config_call_data->SetCallAttribute(
+        GetContext<Arena>()->New<XdsOverrideHostAttribute>(*cookie_value));
   }
   // Intercept server initial metadata.
   call_args.server_initial_metadata->InterceptAndMap(

data/src/core/ext/filters/stateful_session/stateful_session_filter.h

@@ -30,11 +30,26 @@
 #include "src/core/lib/channel/promise_based_filter.h"
 #include "src/core/lib/gprpp/unique_type_name.h"
 #include "src/core/lib/promise/arena_promise.h"
+#include "src/core/lib/service_config/service_config_call_data.h"
 #include "src/core/lib/transport/transport.h"
 
 namespace grpc_core {
 
-UniqueTypeName XdsOverrideHostTypeName();
+class XdsOverrideHostAttribute
+    : public ServiceConfigCallData::CallAttributeInterface {
+ public:
+  static UniqueTypeName TypeName();
+
+  explicit XdsOverrideHostAttribute(absl::string_view host_name)
+      : host_name_(host_name) {}
+
+  absl::string_view host_name() const { return host_name_; }
+
+ private:
+  UniqueTypeName type() const override { return TypeName(); }
+
+  absl::string_view host_name_;
+};
 
 // A filter to provide cookie-based stateful session affinity.
 class StatefulSessionFilter : public ChannelFilter {