refactor open, re-use some code

author: Paul Buetow <paul@buetow.org> 2024-02-19 12:19:11 +0200
committer: Paul Buetow <paul@buetow.org> 2024-02-19 12:19:11 +0200
commit: 4950710f87d8fe65e00d855760ea4b3f71de73e5 (patch)
tree: 4a706891b2068740dafbb1fc479c99b710836a2e
parent: db553759bbc60cf6e0ed1c1e40e7567b5838cc61 (diff)
4 files changed, 39 insertions, 16 deletions
diff --git a/internal/c/tracepoints/open.c b/internal/c/tracepoints/open.c
index b405c0e..7e15f85 100644
--- a/internal/c/tracepoints/open.c
+++ b/internal/c/tracepoints/open.c
@@ -1,7 +1,6 @@
 //+build ignore
 
-SEC("tracepoint/syscalls/sys_enter_openat")
-int handle_enter_openat(struct trace_event_raw_sys_enter *ctx) {
+static __always_inline int _handle_enter_open(struct trace_event_raw_sys_enter *ctx, __u32 op_id) {
     if (filter())
         return 0;
 
@@ -9,10 +8,11 @@ int handle_enter_openat(struct trace_event_raw_sys_enter *ctx) {
     if (!ev)
         return 0;
 
-    ev->op_id = OPENAT_ENTER_OP_ID;
+    ev->op_id = op_id;
     ev->pid_tgid = bpf_get_current_pid_tgid();
     ev->time = bpf_ktime_get_ns();
 
+    // Reset memory, as structure is re-used (ringbuffer)
     __builtin_memset(&(ev->filename), 0, sizeof(ev->filename) + sizeof(ev->comm));
     bpf_probe_read_user_str(ev->filename, sizeof(ev->filename), (void *)ctx->args[1]);
     bpf_get_current_comm(&ev->comm, sizeof(ev->comm));
@@ -21,8 +21,7 @@ int handle_enter_openat(struct trace_event_raw_sys_enter *ctx) {
     return 0;
 }
 
-SEC("tracepoint/syscalls/sys_exit_openat")
-int handle_exit_openat(struct trace_event_raw_sys_exit *ctx) {
+static __always_inline int _handle_exit_open(struct trace_event_raw_sys_exit *ctx, __u32 op_id) {
     if (filter())
         return 0;
 
@@ -30,7 +29,7 @@ int handle_exit_openat(struct trace_event_raw_sys_exit *ctx) {
     if (!ev)
         return 0;
 
-    ev->op_id = OPENAT_EXIT_OP_ID;
+    ev->op_id = op_id;
     ev->pid_tgid = bpf_get_current_pid_tgid();
     ev->time = bpf_ktime_get_ns();
     ev->fd = ctx->ret;
@@ -40,13 +39,22 @@ int handle_exit_openat(struct trace_event_raw_sys_exit *ctx) {
     return 0;
 }
 
+SEC("tracepoint/syscalls/sys_enter_openat")
+int handle_enter_openat(struct trace_event_raw_sys_enter *ctx) {
+    return _handle_enter_open(ctx, OPENAT_ENTER_OP_ID);
+}
+
+SEC("tracepoint/syscalls/sys_exit_openat")
+int handle_exit_openat(struct trace_event_raw_sys_exit *ctx) {
+    return _handle_exit_open(ctx, OPENAT_EXIT_OP_ID);
+}
+
 SEC("tracepoint/syscalls/sys_enter_open")
 int handle_enter_open(struct trace_event_raw_sys_enter *ctx) {
-    return handle_enter_openat(ctx);
+    return _handle_enter_open(ctx, OPEN_ENTER_OP_ID);
 }
 
 SEC("tracepoint/syscalls/sys_exit_open")
 int handle_exit_open(struct trace_event_raw_sys_exit *ctx) {
-    return handle_exit_openat(ctx);
+    return _handle_exit_open(ctx, OPEN_EXIT_OP_ID);
 }
-
diff --git a/internal/c/types.h b/internal/c/types.h
index 25cfcd8..9f0ddd5 100644
--- a/internal/c/types.h
+++ b/internal/c/types.h
@@ -7,12 +7,16 @@
 
 #define OPENAT_ENTER_OP_ID 1
 #define OPENAT_EXIT_OP_ID 2
-#define CLOSE_ENTER_OP_ID 3
-#define CLOSE_EXIT_OP_ID 4
-#define WRITE_ENTER_OP_ID 5
-#define WRITE_EXIT_OP_ID 6
-#define WRITEV_ENTER_OP_ID 7
-#define WRITEV_EXIT_OP_ID 8
+#define OPEN_ENTER_OP_ID 3
+#define OPEN_EXIT_OP_ID 4
+
+#define CLOSE_ENTER_OP_ID 5
+#define CLOSE_EXIT_OP_ID 6
+
+#define WRITE_ENTER_OP_ID 7
+#define WRITE_EXIT_OP_ID 8
+#define WRITEV_ENTER_OP_ID 9
+#define WRITEV_EXIT_OP_ID 10
 
 struct null_event {
     __u32 op_id;
diff --git a/internal/ioriotng.go b/internal/ioriotng.go
index 97b46ea..9b7ec2d 100644
--- a/internal/ioriotng.go
+++ b/internal/ioriotng.go
@@ -62,10 +62,14 @@ func Run(flags flags.Flags) {
 	for raw := range ch {
 		switch OpId(raw[0]) {
 		case OPENAT_ENTER_OP_ID:
+			fallthrough
+		case OPEN_ENTER_OP_ID:
 			ev := readRaw(raw, syncpool.OpenEnterEvent.Get().(*OpenatEnterEvent))
 			enterOpen[ev.PidTGid] = ev
 
 		case OPENAT_EXIT_OP_ID:
+			fallthrough
+		case OPEN_EXIT_OP_ID:
 			ev := readRaw(raw, syncpool.FdEvent.Get().(*FdEvent))
 			enterEv, ok := enterOpen[ev.PidTGid]
 			if !ok {
@@ -117,7 +121,8 @@ func Run(flags flags.Flags) {
 
 func readRaw[T any](raw []byte, ev *T) *T {
 	if err := binary.Read(bytes.NewReader(raw), binary.LittleEndian, ev); err != nil {
-		panic(err)
+		fmt.Println(ev, raw, len(raw), err)
+		panic(raw)
 	}
 	return ev
 }
diff --git a/internal/types/types.go b/internal/types/types.go
index dc209ea..6756ed9 100644
--- a/internal/types/types.go
+++ b/internal/types/types.go
@@ -15,6 +15,8 @@ const (
 const (
 	OPENAT_ENTER_OP_ID OpId = iota + 1
 	OPENAT_EXIT_OP_ID
+	OPEN_ENTER_OP_ID
+	OPEN_EXIT_OP_ID
 	CLOSE_ENTER_OP_ID
 	CLOSE_EXIT_OP_ID
 	WRITE_ENTER_OP_ID
@@ -29,6 +31,10 @@ func (id OpId) String() string {
 		return "openat:enter"
 	case OPENAT_EXIT_OP_ID:
 		return "openat:exit"
+	case OPEN_ENTER_OP_ID:
+		return "open:enter"
+	case OPEN_EXIT_OP_ID:
+		return "open:exit"
 	case CLOSE_ENTER_OP_ID:
 		return "close:enter"
 	case CLOSE_EXIT_OP_ID:
author	Paul Buetow <paul@buetow.org>	2024-02-19 12:19:11 +0200
committer	Paul Buetow <paul@buetow.org>	2024-02-19 12:19:11 +0200
commit	4950710f87d8fe65e00d855760ea4b3f71de73e5 (patch)
tree	4a706891b2068740dafbb1fc479c99b710836a2e
parent	db553759bbc60cf6e0ed1c1e40e7567b5838cc61 (diff)