diff options
| author | Paul Buetow <paul@buetow.org> | 2024-02-16 00:39:50 +0200 |
|---|---|---|
| committer | Paul Buetow <paul@buetow.org> | 2024-02-16 00:39:50 +0200 |
| commit | 5818548de594c17e4b6f5cfc3cf25ae0702e2e3d (patch) | |
| tree | 3bc8a3d2ab0d5e7dcef9ab40f144917e841c638f /maps.bpf.h | |
| parent | 064c2499e887637e270a420a92e17f326c2ab268 (diff) | |
update Go types
Diffstat (limited to 'maps.bpf.h')
| -rw-r--r-- | maps.bpf.h | 43 |
1 files changed, 4 insertions, 39 deletions
@@ -1,48 +1,13 @@ //+build ignore -#define TEMP_MAP_SIZES 1024 // Adjust size as needed -#define MAX_FILENAME_LENGTH 256 -#define MAX_PROGNAME_LENGTH 16 - -struct flags { - __u32 uid_filter; -}; +struct { + __uint(type, BPF_MAP_TYPE_RINGBUF); + __uint(max_entries, 1 << 24); +} event_map SEC(".maps"); -// To pass command line flags from userspace to BPF kernel space. struct { __uint(type, BPF_MAP_TYPE_HASH); __type(key, u32); __type(value, struct flags); __uint(max_entries, 1 << 24); } flags_map SEC(".maps"); - -#define OPENAT_ENTER_OP_ID 1 -#define OPENAT_EXIT_OP_ID 2 -#define CLOSE_ENTER_OP_ID 1 -#define CLOSE_EXIT_OP_ID 2 - -struct openat_enter_event { - __u32 op_id; - __u32 tid; - __u64 time; - char filename[MAX_FILENAME_LENGTH]; - char comm[MAX_PROGNAME_LENGTH]; -}; - -struct fd_event { - __u32 op_id; - __u32 tid; - __u64 time; - __s32 fd; -}; - -struct null_event { - __u32 op_id; - __u32 tid; - __u64 time; -}; - -struct { - __uint(type, BPF_MAP_TYPE_RINGBUF); - __uint(max_entries, 1 << 24); -} event_map SEC(".maps"); |