Stream Parser return type and Stream Verdict requirement #1411
Description
I have a quick question about programs marked as #[stream_parser]. I was trying to make a test program to just log some things, but let packets through without actually performing any extra action on them. In Aya, programs of this type require a return type of u32 but this seems to not correspond to the eBPF documentation (https://docs.ebpf.io/linux/program-type/BPF_PROG_TYPE_SK_SKB/) that says:
The return value is interpreted as follows:
- 0 - indicates length of successfully parsed message
- 0 - indicates more data must be received to parse the message
- -ESTRPIPE - current message should not be processed by the kernel, return control of the socket to userspace which can proceed to read the messages itself
- other < 0 - Error in parsing, give control back to userspace assuming that synchronization is lost and the stream is unrecoverable (application expected to close TCP socket)
In Aya it seems I cannot return -ESTRPIPE or any other negative value. I have tried to convert -ESTRPIPE to a u32 (twos complement) but this does not work either. In fact the only thing that seems to yield the behavior I'm looking for is returning sk_action::SK_PASS (aka 1), but this doesn't make sense as it should mean I have successfully parsed the message and it has length 1 (which is not the case).
sk_action::SK_PASS and sk_action::SK_DROP should only be relevant in other types of programs such as stream_verdict where it is the expected return.
It also seems that I must have a stream_parser program and a stream_verdict program together in order for them to be called. Having only a stream_parser program attached to my SockHash seems to result in my program never being called. I haven't been able to find if this is an eBPF requirement, or perhaps if it is linked to Aya. I'm curious if it is the intended behavior