This patch adds the capability to destroy sockets in BPF. We plan to use the capability in Cilium to force client sockets to reconnect when their remote load-balancing backends are deleted. The other use case is on-the-fly policy enforcement where existing socket connections prevented by policies need to be terminated. The use cases, and more details around the selected approach was presented at LPC 2022 - https://lpc.events/event/16/contributions/1358/. RFC discussion - https://lore.kernel.org/netdev/CABG=zsBEh-P4NXk23eBJw7eajB5YJeRS7oPXnTAzs=yob4EMoQ@xxxxxxxxxxxxxx/T/#u. Notes to the reviewers: - We evaluated different approaches to allow the `diag_destroy` handlers to acquire/skip locks from the BPF iterator programs. The commit description has all the details. The selected work queue approach was discussed with Daniel Borkmann. - We previously discussed the possibility of using sockmap to store sockets to be destroyed as an optimization, so that users may not need to iterate over all the host-wide sockets. This approach needs more discussion on the TCP side, as we may need to extend the logic that checks for certain TCP states while inserting sockets in a sockmap. So I've skipped those self test cases involving sockmap from the patch. Aditi Ghag (2): bpf: Add socket destroy capability selftests/bpf: Add tests for bpf_sock_destroy include/linux/bpf.h | 1 + include/uapi/linux/bpf.h | 17 +++ kernel/bpf/core.c | 1 + kernel/trace/bpf_trace.c | 2 + net/core/filter.c | 70 ++++++++++ tools/include/uapi/linux/bpf.h | 17 +++ .../selftests/bpf/prog_tests/sock_destroy.c | 131 ++++++++++++++++++ .../selftests/bpf/progs/sock_destroy_prog.c | 96 +++++++++++++ 8 files changed, 335 insertions(+) create mode 100644 tools/testing/selftests/bpf/prog_tests/sock_destroy.c create mode 100644 tools/testing/selftests/bpf/progs/sock_destroy_prog.c base-commit: 0e43662e61f2569500ab83b8188c065603530785 -- 2.34.1
