New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bpf: Return better error codes from hooked syscalls #22965
Conversation
/test Job 'Cilium-PR-K8s-1.16-kernel-4.9' hit: #22578 (98.61% similarity) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code changes look good to me, but could you explain the rationale behind the two error codes?
|
Could you add that information to the commit description? |
When a syscall is rejected in BPF, by default the error code returned is -EPERM. Set more appropriate codes explicitly in the remaining places. The new error codes are chosen according to the documented possible return values of connect() and bind() syscalls in their corresponding man pages. When there is no health service to connect, ECONNREFUSED is returned. When map_update_elem returns an error (should only happen if max_entries is exceeded), ENOBUFS is returned, which is the closest error from the man page that indicates some internal error of the implementation: `Insufficient resources were available to complete the call`. Signed-off-by: Maxim Mikityanskiy <maxim@isovalent.com>
27ecbab
to
d6d98d5
Compare
Done. |
/test |
When a syscall is rejected in BPF, by default the error code returned is -EPERM. Set more appropriate codes explicitly in the remaining places.
Signed-off-by: Maxim Mikityanskiy maxim@isovalent.com