1a8bc2299f
The test cases for destroying sockets mirror the intended usages of the bpf_sock_destroy kfunc using iterators. The destroy helpers set `ECONNABORTED` error code that we can validate in the test code with client sockets. But UDP sockets have an overriding error code from `disconnect()` called during abort, so the error code validation is only done for TCP sockets. The failure test cases validate that the `bpf_sock_destroy` kfunc is not allowed from program attach types other than BPF trace iterator, and such programs fail to load. Signed-off-by: Aditi Ghag <aditi.ghag@isovalent.com> Link: https://lore.kernel.org/r/20230519225157.760788-10-aditi.ghag@isovalent.com Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>
22 lines
480 B
C
22 lines
480 B
C
// SPDX-License-Identifier: GPL-2.0
|
|
|
|
#include "vmlinux.h"
|
|
#include <bpf/bpf_tracing.h>
|
|
#include <bpf/bpf_helpers.h>
|
|
|
|
#include "bpf_misc.h"
|
|
|
|
char _license[] SEC("license") = "GPL";
|
|
|
|
int bpf_sock_destroy(struct sock_common *sk) __ksym;
|
|
|
|
SEC("tp_btf/tcp_destroy_sock")
|
|
__failure __msg("calling kernel function bpf_sock_destroy is not allowed")
|
|
int BPF_PROG(trace_tcp_destroy_sock, struct sock *sk)
|
|
{
|
|
/* should not load */
|
|
bpf_sock_destroy((struct sock_common *)sk);
|
|
|
|
return 0;
|
|
}
|
|
|