On 2/23/23 1:53 PM, Aditi Ghag wrote:
+/* bpf_sock_destroy: Destroy the given socket with ECONNABORTED error code.
+ *
+ * The helper expects a non-NULL pointer to a full socket. It invokes
+ * the protocol specific socket destroy handlers.
+ *
+ * The helper can only be called from BPF contexts that have acquired the socket
+ * locks.
+ *
+ * Parameters:
+ * @sock: Pointer to socket to be destroyed
+ *
+ * Return:
+ * On error, may return EPROTONOSUPPORT, EINVAL.
+ * EPROTONOSUPPORT if protocol specific destroy handler is not implemented.
+ * 0 otherwise
+ */
+int bpf_sock_destroy(struct sock_common *sock)
+{
+ /* Validates the socket can be type casted to a full socket. */
+ struct sock *sk = sk_to_full_sk((struct sock *)sock);
If sk != sock, sk is not locked.
Does it have to do sk_to_full_sk()? From looking at tcp_abort(), it can handle
TCP_NEW_SYN_RECV and TCP_TIME_WAIT. The bpf-tcp-iter is iterating the hashtables
that may have sk in different states. Ideally, bpf-tcp-iter should be able to
use bpf_sock_destroy() to abort the sk in different states also.
Otherwise, the bpf_sock_destroy kfunc is aborting the listener while the bpf
prog expects to abort a req_sk.
+
+ if (!sk)
+ return -EINVAL;
+
+ /* The locking semantics that allow for synchronous execution of the
+ * destroy handlers are only supported for TCP and UDP.
+ */
+ if (!sk->sk_prot->diag_destroy || sk->sk_protocol == IPPROTO_RAW)
+ return -EOPNOTSUPP;
+
+ return sk->sk_prot->diag_destroy(sk, ECONNABORTED);
+}
+
+__diag_pop()
