diff options
| author | Paul Buetow <paul@buetow.org> | 2024-02-27 09:52:36 +0200 |
|---|---|---|
| committer | Paul Buetow <paul@buetow.org> | 2024-02-27 09:52:36 +0200 |
| commit | 2745f74f3db314a94ae181fb53963bf853db3833 (patch) | |
| tree | 143cf8557089835906e3d899c8b18fcb00023cac /internal/c | |
| parent | d8441fff4bbf2739cc0e6c046035bf176158954a (diff) | |
use generated tracepoints.c
Diffstat (limited to 'internal/c')
| -rw-r--r-- | internal/c/generated/tracepoints.c | 208 | ||||
| -rw-r--r-- | internal/c/generated/tracepoints.raku | 6 | ||||
| -rw-r--r-- | internal/c/ioriotng.bpf.c | 5 | ||||
| -rw-r--r-- | internal/c/tracepoints/close.c | 15 | ||||
| -rw-r--r-- | internal/c/tracepoints/open.c | 21 | ||||
| -rw-r--r-- | internal/c/tracepoints/write.c | 4 | ||||
| -rw-r--r-- | internal/c/types.h | 21 |
7 files changed, 139 insertions, 141 deletions
diff --git a/internal/c/generated/tracepoints.c b/internal/c/generated/tracepoints.c index da49afe..168518d 100644 --- a/internal/c/generated/tracepoints.c +++ b/internal/c/generated/tracepoints.c @@ -54,7 +54,7 @@ #define SYS_ENTER_IO_URING_ENTER 1371 SEC("tracepoint/syscalls/sys_exit_cachestat") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_cachestat(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -63,7 +63,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_CACHESTAT; + ev->syscall_id = SYS_EXIT_CACHESTAT; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -74,7 +74,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_cachestat") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_cachestat(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -83,7 +83,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_CACHESTAT; + ev->syscall_id = SYS_ENTER_CACHESTAT; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -94,7 +94,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_close_range") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_close_range(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -103,7 +103,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_CLOSE_RANGE; + ev->syscall_id = SYS_EXIT_CLOSE_RANGE; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -114,7 +114,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_close_range") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_close_range(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -123,7 +123,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_CLOSE_RANGE; + ev->syscall_id = SYS_ENTER_CLOSE_RANGE; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -134,7 +134,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_close") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_close(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -143,7 +143,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_CLOSE; + ev->syscall_id = SYS_EXIT_CLOSE; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -154,7 +154,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_close") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_close(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -163,7 +163,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_CLOSE; + ev->syscall_id = SYS_ENTER_CLOSE; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -174,7 +174,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_fchown") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_fchown(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -183,7 +183,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_FCHOWN; + ev->syscall_id = SYS_EXIT_FCHOWN; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -194,7 +194,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_fchown") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_fchown(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -203,7 +203,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_FCHOWN; + ev->syscall_id = SYS_ENTER_FCHOWN; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -214,7 +214,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_fchmod") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_fchmod(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -223,7 +223,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_FCHMOD; + ev->syscall_id = SYS_EXIT_FCHMOD; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -234,7 +234,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_fchmod") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_fchmod(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -243,7 +243,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_FCHMOD; + ev->syscall_id = SYS_ENTER_FCHMOD; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -254,7 +254,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_fchdir") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_fchdir(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -263,7 +263,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_FCHDIR; + ev->syscall_id = SYS_EXIT_FCHDIR; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -274,7 +274,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_fchdir") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_fchdir(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -283,7 +283,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_FCHDIR; + ev->syscall_id = SYS_ENTER_FCHDIR; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -294,7 +294,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_ftruncate") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_ftruncate(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -303,7 +303,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_FTRUNCATE; + ev->syscall_id = SYS_EXIT_FTRUNCATE; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -314,7 +314,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_ftruncate") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_ftruncate(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -323,7 +323,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_FTRUNCATE; + ev->syscall_id = SYS_ENTER_FTRUNCATE; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -334,7 +334,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_copy_file_range") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_copy_file_range(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -343,7 +343,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_COPY_FILE_RANGE; + ev->syscall_id = SYS_EXIT_COPY_FILE_RANGE; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -354,7 +354,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_copy_file_range") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_copy_file_range(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -363,7 +363,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_COPY_FILE_RANGE; + ev->syscall_id = SYS_ENTER_COPY_FILE_RANGE; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -374,7 +374,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_pwrite64") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_pwrite64(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -383,7 +383,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_PWRITE64; + ev->syscall_id = SYS_EXIT_PWRITE64; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -394,7 +394,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_pwrite64") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_pwrite64(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -403,7 +403,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_PWRITE64; + ev->syscall_id = SYS_ENTER_PWRITE64; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -414,7 +414,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_pread64") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_pread64(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -423,7 +423,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_PREAD64; + ev->syscall_id = SYS_EXIT_PREAD64; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -434,7 +434,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_pread64") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_pread64(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -443,7 +443,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_PREAD64; + ev->syscall_id = SYS_ENTER_PREAD64; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -454,7 +454,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_write") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_write(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -463,7 +463,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_WRITE; + ev->syscall_id = SYS_EXIT_WRITE; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -474,7 +474,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_write") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_write(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -483,7 +483,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_WRITE; + ev->syscall_id = SYS_ENTER_WRITE; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -494,7 +494,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_read") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_read(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -503,7 +503,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_READ; + ev->syscall_id = SYS_EXIT_READ; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -514,7 +514,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_read") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_read(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -523,7 +523,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_READ; + ev->syscall_id = SYS_ENTER_READ; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -534,7 +534,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_lseek") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_lseek(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -543,7 +543,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_LSEEK; + ev->syscall_id = SYS_EXIT_LSEEK; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -554,7 +554,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_lseek") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_lseek(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -563,7 +563,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_LSEEK; + ev->syscall_id = SYS_ENTER_LSEEK; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -574,7 +574,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_newfstat") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_newfstat(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -583,7 +583,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_NEWFSTAT; + ev->syscall_id = SYS_EXIT_NEWFSTAT; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -594,7 +594,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_newfstat") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_newfstat(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -603,7 +603,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_NEWFSTAT; + ev->syscall_id = SYS_ENTER_NEWFSTAT; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -614,7 +614,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_fcntl") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_fcntl(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -623,7 +623,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_FCNTL; + ev->syscall_id = SYS_EXIT_FCNTL; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -634,7 +634,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_fcntl") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_fcntl(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -643,7 +643,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_FCNTL; + ev->syscall_id = SYS_ENTER_FCNTL; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -654,7 +654,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_ioctl") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_ioctl(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -663,7 +663,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_IOCTL; + ev->syscall_id = SYS_EXIT_IOCTL; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -674,7 +674,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_ioctl") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_ioctl(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -683,7 +683,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_IOCTL; + ev->syscall_id = SYS_ENTER_IOCTL; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -694,7 +694,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_getdents64") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_getdents64(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -703,7 +703,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_GETDENTS64; + ev->syscall_id = SYS_EXIT_GETDENTS64; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -714,7 +714,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_getdents64") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_getdents64(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -723,7 +723,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_GETDENTS64; + ev->syscall_id = SYS_ENTER_GETDENTS64; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -734,7 +734,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_getdents") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_getdents(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -743,7 +743,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_GETDENTS; + ev->syscall_id = SYS_EXIT_GETDENTS; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -754,7 +754,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_getdents") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_getdents(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -763,7 +763,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_GETDENTS; + ev->syscall_id = SYS_ENTER_GETDENTS; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -774,7 +774,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_sync_file_range") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_sync_file_range(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -783,7 +783,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_SYNC_FILE_RANGE; + ev->syscall_id = SYS_EXIT_SYNC_FILE_RANGE; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -794,7 +794,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_sync_file_range") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_sync_file_range(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -803,7 +803,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_SYNC_FILE_RANGE; + ev->syscall_id = SYS_ENTER_SYNC_FILE_RANGE; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -814,7 +814,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_fdatasync") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_fdatasync(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -823,7 +823,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_FDATASYNC; + ev->syscall_id = SYS_EXIT_FDATASYNC; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -834,7 +834,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_fdatasync") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_fdatasync(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -843,7 +843,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_FDATASYNC; + ev->syscall_id = SYS_ENTER_FDATASYNC; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -854,7 +854,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_fsync") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_fsync(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -863,7 +863,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_FSYNC; + ev->syscall_id = SYS_EXIT_FSYNC; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -874,7 +874,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_fsync") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_fsync(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -883,7 +883,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_FSYNC; + ev->syscall_id = SYS_ENTER_FSYNC; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -894,7 +894,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_fstatfs") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_fstatfs(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -903,7 +903,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_FSTATFS; + ev->syscall_id = SYS_EXIT_FSTATFS; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -914,7 +914,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_fstatfs") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_fstatfs(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -923,7 +923,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_FSTATFS; + ev->syscall_id = SYS_ENTER_FSTATFS; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -934,7 +934,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_flock") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_flock(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -943,7 +943,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_FLOCK; + ev->syscall_id = SYS_EXIT_FLOCK; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -954,7 +954,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_flock") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_flock(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -963,7 +963,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_FLOCK; + ev->syscall_id = SYS_ENTER_FLOCK; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -974,7 +974,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_quotactl_fd") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_quotactl_fd(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -983,7 +983,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_QUOTACTL_FD; + ev->syscall_id = SYS_EXIT_QUOTACTL_FD; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -994,7 +994,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_quotactl_fd") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_quotactl_fd(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -1003,7 +1003,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_QUOTACTL_FD; + ev->syscall_id = SYS_ENTER_QUOTACTL_FD; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -1014,7 +1014,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_io_uring_register") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_io_uring_register(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -1023,7 +1023,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_IO_URING_REGISTER; + ev->syscall_id = SYS_EXIT_IO_URING_REGISTER; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -1034,7 +1034,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_io_uring_register") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_io_uring_register(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -1043,7 +1043,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_IO_URING_REGISTER; + ev->syscall_id = SYS_ENTER_IO_URING_REGISTER; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -1054,7 +1054,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { } SEC("tracepoint/syscalls/sys_exit_io_uring_enter") -int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { +int handle_sys_exit_io_uring_enter(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -1063,7 +1063,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = SYS_EXIT_IO_URING_ENTER; + ev->syscall_id = SYS_EXIT_IO_URING_ENTER; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -1074,7 +1074,7 @@ int handle_enter_write(struct trace_event_raw_sys_exit *ctx) { } SEC("tracepoint/syscalls/sys_enter_io_uring_enter") -int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { +int handle_sys_enter_io_uring_enter(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -1083,7 +1083,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = SYS_ENTER_IO_URING_ENTER; + ev->syscall_id = SYS_ENTER_IO_URING_ENTER; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; diff --git a/internal/c/generated/tracepoints.raku b/internal/c/generated/tracepoints.raku index 18060ac..1164acf 100644 --- a/internal/c/generated/tracepoints.raku +++ b/internal/c/generated/tracepoints.raku @@ -3,6 +3,8 @@ use v6.d; #use Grammar::Debugger; +my Str @excluded = <SYS_ENTER_WRITE SYS_EXIT_WRITE>; + grammar SysTraceFormat { rule TOP { <wholeformatsection>* } rule wholeformatsection { <name> <id> <format> <print-fmt> } @@ -54,7 +56,7 @@ class Format { qq:to/END/; SEC("tracepoint/syscalls/{$!name}") - int handle_enter_write(struct {ctx-struct} *ctx) \{ + int handle_{$!name.lc}(struct {ctx-struct} *ctx) \{ __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -63,7 +65,7 @@ class Format { if (!ev) return 0; - ev->op_id = {$!name.uc}; + ev->syscall_id = {$!name.uc}; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; diff --git a/internal/c/ioriotng.bpf.c b/internal/c/ioriotng.bpf.c index e1ef51d..902bfad 100644 --- a/internal/c/ioriotng.bpf.c +++ b/internal/c/ioriotng.bpf.c @@ -14,12 +14,13 @@ */ #include "filter.c" +// Auto-generated tracepoints. +#include "generated/tracepoints.c" + // Tracepoints with custom handling. #include "tracepoints/open.c" #include "tracepoints/close.c" #include "tracepoints/write.c" -// More tracepoints, but auto-generated. May lack per-syscall special case handling. -// #include "generated/tracepoints.c" char LICENSE[] SEC("license") = "Dual BSD/GPL"; diff --git a/internal/c/tracepoints/close.c b/internal/c/tracepoints/close.c index 9d0b866..f099554 100644 --- a/internal/c/tracepoints/close.c +++ b/internal/c/tracepoints/close.c @@ -1,6 +1,7 @@ //+build ignore -SEC("tracepoint/syscalls/sys_enter_close") +// SEC("tracepoint/syscalls/sys_enter_close") +/* int handle_enter_close(struct trace_event_raw_sys_enter *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) @@ -10,7 +11,7 @@ int handle_enter_close(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = CLOSE_ENTER_OP_ID; + ev->syscall_id = SYS_ENTER_CLOSE; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -19,8 +20,10 @@ int handle_enter_close(struct trace_event_raw_sys_enter *ctx) { bpf_ringbuf_submit(ev, 0); return 0; } +*/ -SEC("tracepoint/syscalls/sys_exit_close") +// SEC("tracepoint/syscalls/sys_exit_close") +/* int handle_exit_close(struct trace_event_raw_sys_exit *ctx) { __u32 pid, tid; if (filter(&pid, &tid)) @@ -30,13 +33,13 @@ int handle_exit_close(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = CLOSE_EXIT_OP_ID; + ev->syscall_id = SYS_EXIT_CLOSE; ev->pid = pid; ev->tid = tid; - ev->time = bpf_ktime_get_ns() / 1000; + ev->time = bpf_ktime_get_ns() / 1000000; bpf_ringbuf_submit(ev, 0); return 0; } - +*/ diff --git a/internal/c/tracepoints/open.c b/internal/c/tracepoints/open.c index fa0fbf3..0b5d825 100644 --- a/internal/c/tracepoints/open.c +++ b/internal/c/tracepoints/open.c @@ -1,6 +1,11 @@ //+build ignore -static __always_inline int _handle_enter_open(struct trace_event_raw_sys_enter *ctx, __u32 op_id) { +#define SYS_ENTER_OPEN 1 +#define SYS_EXIT_OPEN 2 +#define SYS_ENTER_OPENAT 3 +#define SYS_EXIT_OPENAT 4 + +static __always_inline int _handle_enter_open(struct trace_event_raw_sys_enter *ctx, __u32 syscall_id) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -9,7 +14,7 @@ static __always_inline int _handle_enter_open(struct trace_event_raw_sys_enter * if (!ev) return 0; - ev->op_id = op_id; + ev->syscall_id = syscall_id; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -23,7 +28,7 @@ static __always_inline int _handle_enter_open(struct trace_event_raw_sys_enter * return 0; } -static __always_inline int _handle_exit_open(struct trace_event_raw_sys_exit *ctx, __u32 op_id) { +static __always_inline int _handle_exit_open(struct trace_event_raw_sys_exit *ctx, __u32 syscall_id) { __u32 pid, tid; if (filter(&pid, &tid)) return 0; @@ -32,7 +37,7 @@ static __always_inline int _handle_exit_open(struct trace_event_raw_sys_exit *ct if (!ev) return 0; - ev->op_id = op_id; + ev->syscall_id = syscall_id; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -45,20 +50,20 @@ static __always_inline int _handle_exit_open(struct trace_event_raw_sys_exit *ct SEC("tracepoint/syscalls/sys_enter_openat") int handle_enter_openat(struct trace_event_raw_sys_enter *ctx) { - return _handle_enter_open(ctx, OPENAT_ENTER_OP_ID); + return _handle_enter_open(ctx, SYS_ENTER_OPENAT); } SEC("tracepoint/syscalls/sys_exit_openat") int handle_exit_openat(struct trace_event_raw_sys_exit *ctx) { - return _handle_exit_open(ctx, OPENAT_EXIT_OP_ID); + return _handle_exit_open(ctx, SYS_EXIT_OPENAT); } SEC("tracepoint/syscalls/sys_enter_open") int handle_enter_open(struct trace_event_raw_sys_enter *ctx) { - return _handle_enter_open(ctx, OPEN_ENTER_OP_ID); + return _handle_enter_open(ctx, SYS_ENTER_OPEN); } SEC("tracepoint/syscalls/sys_exit_open") int handle_exit_open(struct trace_event_raw_sys_exit *ctx) { - return _handle_exit_open(ctx, OPEN_EXIT_OP_ID); + return _handle_exit_open(ctx, SYS_EXIT_OPEN); } diff --git a/internal/c/tracepoints/write.c b/internal/c/tracepoints/write.c index 9771193..9d737f7 100644 --- a/internal/c/tracepoints/write.c +++ b/internal/c/tracepoints/write.c @@ -10,7 +10,7 @@ int handle_enter_write(struct trace_event_raw_sys_enter *ctx) { if (!ev) return 0; - ev->op_id = WRITE_ENTER_OP_ID; + ev->syscall_id = SYS_ENTER_WRITE; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; @@ -30,7 +30,7 @@ int handle_exit_write(struct trace_event_raw_sys_exit *ctx) { if (!ev) return 0; - ev->op_id = WRITE_EXIT_OP_ID; + ev->syscall_id = SYS_EXIT_WRITE; ev->pid = pid; ev->tid = tid; ev->time = bpf_ktime_get_ns() / 1000; diff --git a/internal/c/types.h b/internal/c/types.h index abec562..35ddbd7 100644 --- a/internal/c/types.h +++ b/internal/c/types.h @@ -3,28 +3,15 @@ #define MAX_FILENAME_LENGTH 256 #define MAX_PROGNAME_LENGTH 16 -#define OPENAT_ENTER_OP_ID 1 -#define OPENAT_EXIT_OP_ID 2 -#define OPEN_ENTER_OP_ID 3 -#define OPEN_EXIT_OP_ID 4 - -#define CLOSE_ENTER_OP_ID 5 -#define CLOSE_EXIT_OP_ID 6 - -#define WRITE_ENTER_OP_ID 7 -#define WRITE_EXIT_OP_ID 8 -#define WRITEV_ENTER_OP_ID 9 -#define WRITEV_EXIT_OP_ID 10 - struct null_event { - __u32 op_id; + __u32 syscall_id; __u32 pid; __u32 tid; __u32 time; }; struct fd_event { - __u32 op_id; + __u32 syscall_id; __u32 pid; __u32 tid; __u32 time; @@ -32,7 +19,7 @@ struct fd_event { }; struct rw_event { - __u32 op_id; + __u32 syscall_id; __u32 pid; __u32 tid; __u32 time; @@ -40,7 +27,7 @@ struct rw_event { }; struct open_enter_event { - __u32 op_id; + __u32 syscall_id; __u32 pid; __u32 tid; __u32 time; |