SockOps attach invalid parameter for new Linux kernels.

Hello,

I updated to the latest version of aya recently, and I notice that the attach method of SockOps has added a new parameter. That parameter can only be CAttachGroup::Single since it is being copied to the BPF_CREATE_LINK's flags, that must be zero (see kernel code) .

Code snippets from Aya:

// Snippet from sock_ops.rs
 pub fn attach<T: AsFd>(
        &mut self,
        cgroup: T,
        mode: CgroupAttachMode,
    ) -> Result<SockOpsLinkId, ProgramError> {
   ...
        let attach_type = BPF_CGROUP_SOCK_OPS;
        if KernelVersion::current().unwrap() >= KernelVersion::new(5, 7, 0) {
            let link_fd = bpf_link_create(
                prog_fd,
                LinkTarget::Fd(cgroup_fd),
                attach_type,
                None,
                mode.into(), // <- Notice this is CgroupAttachMode
                None,
            )
           ...
        } else {
            let link = ProgAttachLink::attach(prog_fd, cgroup_fd, attach_type, mode)?;
    ...
        }
    }

// Snippet from bpf.rs
pub(crate) fn bpf_link_create(
    prog_fd: BorrowedFd<'_>,
    target: LinkTarget<'_>,
    attach_type: bpf_attach_type,
    btf_id: Option<u32>,
    flags: u32,
    link_ref: Option<&LinkRef>,
) -> SysResult<crate::MockableFd> {
...
    attr.link_create.flags = flags;
...
    unsafe { fd_sys_bpf(bpf_cmd::BPF_LINK_CREATE, &mut attr) }
}

As a consequence, If I want to work with kernel versions <5.7 and allow multiple BPF programs, I need to have something like this on my code:

 fn get_attach_mode() -> CgroupAttachMode {
     if KernelVersion::current().unwrap() >= KernelVersion::new(5, 7, 0) {
         CgroupAttachMode::Single
     } else {
        CgroupAttachMode::AllowMultiple
     }
 }

Is that the expected behavior?

This can be avoided by setting bpf_link_create's flags to zero, since is the only valid value.

aya-rs / aya

SockOps attach invalid parameter for new Linux kernels. #1060