also catch enter openat syscall

author: Paul Buetow <paul@buetow.org> 2024-02-09 00:32:11 +0200
committer: Paul Buetow <paul@buetow.org> 2024-02-09 00:32:11 +0200
commit: f1d915931ca1e0f5fb4007c9cab59fd460a25c6c (patch)
tree: fe05c819a315d98bce1073ef6d39736a06352f3f /main.go
parent: 05fd16ccde0dea9848e8c0140e14dd1854631fc6 (diff)
1 files changed, 6 insertions, 11 deletions
diff --git a/main.go b/main.go
index 3faa0e8..1d1a99c 100644
--- a/main.go
+++ b/main.go
@@ -9,6 +9,8 @@ import (
 	"os"
 	"runtime"
 
+	"ioriotng/internal/tracepoints"
+
 	bpf "github.com/aquasecurity/libbpfgo"
 )
 
@@ -59,19 +61,12 @@ func main() {
 	err = bpfModule.BPFLoadObject()
 	if err != nil {
 		fmt.Fprintf(os.Stderr, "Failed to load BPF object: %v\n", err)
-		return
+		os.Exit(-1)
 	}
 
-	// Attach to tracepoint
-	prog, err := bpfModule.GetProgram("handle_openat")
-	if err != nil {
-		fmt.Fprintf(os.Stderr, "Failed to get BPF program: %v\n", err)
-		os.Exit(1)
-	}
-	_, err = prog.AttachTracepoint("syscalls", "sys_exit_openat")
-	if err != nil {
-		fmt.Fprintf(os.Stderr, "Failed to attach to sys_exit_openat tracepoint: %v\n", err)
-		return
+	if err := tracepoints.AttachSyscalls(bpfModule, "enter_openat", "exit_openat"); err != nil {
+		fmt.Fprintf(os.Stderr, err.Error())
+		os.Exit(-1)
 	}
 
 	testerMap, err := bpfModule.GetMap("tester")
author	Paul Buetow <paul@buetow.org>	2024-02-09 00:32:11 +0200
committer	Paul Buetow <paul@buetow.org>	2024-02-09 00:32:11 +0200
commit	f1d915931ca1e0f5fb4007c9cab59fd460a25c6c (patch)
tree	fe05c819a315d98bce1073ef6d39736a06352f3f /main.go
parent	05fd16ccde0dea9848e8c0140e14dd1854631fc6 (diff)