summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--internal/event.go8
-rw-r--r--internal/eventloop.go22
-rw-r--r--internal/generated/nqc.raku4
-rw-r--r--internal/generated/types/types.go16
4 files changed, 34 insertions, 16 deletions
diff --git a/internal/event.go b/internal/event.go
index 7de9307..e05a048 100644
--- a/internal/event.go
+++ b/internal/event.go
@@ -12,11 +12,13 @@ type event interface {
GetPid() uint32
GetTid() uint32
GetTime() uint32
+ GetRet() (int64, bool)
Recycle()
}
type enterExitEvent struct {
enterEv, exitEv event
+ filePath string
}
func (e enterExitEvent) String() string {
@@ -25,9 +27,15 @@ func (e enterExitEvent) String() string {
duration := e.exitEv.GetTime() - e.enterEv.GetTime()
sb.WriteString(fmt.Sprintf("%08d µs", duration))
+ sb.WriteString(fmt.Sprintf(" %v.%v", e.enterEv.GetPid(), e.enterEv.GetTid()))
+
sb.WriteString(" ")
sb.WriteString(e.enterEv.GetSyscallId().Name())
+ if ret, ok := e.exitEv.GetRet(); ok {
+ sb.WriteString(fmt.Sprintf(" => %v", ret))
+ }
+
return sb.String()
}
diff --git a/internal/eventloop.go b/internal/eventloop.go
index 765345d..6163ebf 100644
--- a/internal/eventloop.go
+++ b/internal/eventloop.go
@@ -10,13 +10,12 @@ import (
bpf "github.com/aquasecurity/libbpfgo"
)
-type openFile struct {
- fd int32
- path string
-}
-
-func (o openFile) String() string {
- return fmt.Sprintf("(%d) %s", o.fd, o.path)
+func eventLoop(bpfModule *bpf.Module, rawCh <-chan []byte) {
+ for ev := range events(rawCh) {
+ fmt.Println(ev)
+ ev.recycle()
+ }
+ fmt.Println("Good bye")
}
func events(rawCh <-chan []byte) <-chan enterExitEvent {
@@ -64,12 +63,3 @@ func events(rawCh <-chan []byte) <-chan enterExitEvent {
return evCh
}
-
-func eventLoop(bpfModule *bpf.Module, rawCh <-chan []byte) {
- for ev := range events(rawCh) {
- fmt.Println(ev.dump())
- ev.recycle()
- }
-
- fmt.Println("Good bye")
-}
diff --git a/internal/generated/nqc.raku b/internal/generated/nqc.raku
index f53f34e..536e893 100644
--- a/internal/generated/nqc.raku
+++ b/internal/generated/nqc.raku
@@ -122,6 +122,10 @@ class NQCToGoActions {
func ($self-ref *{$<identifier>.made}) GetTime() uint32 \{
return $self-ref.Time
\}
+
+ func ($self-ref *{$<identifier>.made}) GetRet() (int64, bool) \{
+ return {$<identifier>.made eq 'RetEvent' ?? "$self-ref.Ret, true" !! '0, false' }
+ \}
END
}
diff --git a/internal/generated/types/types.go b/internal/generated/types/types.go
index 6f520e5..85350ca 100644
--- a/internal/generated/types/types.go
+++ b/internal/generated/types/types.go
@@ -294,6 +294,10 @@ func (o *OpenEnterEvent) GetTime() uint32 {
return o.Time
}
+func (o *OpenEnterEvent) GetRet() (int64, bool) {
+ return 0, false
+}
+
var poolOfOpenEnterEvents = sync.Pool{
New: func() interface{} { return &OpenEnterEvent{} },
}
@@ -343,6 +347,10 @@ func (n *NullEvent) GetTime() uint32 {
return n.Time
}
+func (n *NullEvent) GetRet() (int64, bool) {
+ return 0, false
+}
+
var poolOfNullEvents = sync.Pool{
New: func() interface{} { return &NullEvent{} },
}
@@ -393,6 +401,10 @@ func (f *FdEvent) GetTime() uint32 {
return f.Time
}
+func (f *FdEvent) GetRet() (int64, bool) {
+ return 0, false
+}
+
var poolOfFdEvents = sync.Pool{
New: func() interface{} { return &FdEvent{} },
}
@@ -443,6 +455,10 @@ func (r *RetEvent) GetTime() uint32 {
return r.Time
}
+func (r *RetEvent) GetRet() (int64, bool) {
+ return r.Ret, true
+}
+
var poolOfRetEvents = sync.Pool{
New: func() interface{} { return &RetEvent{} },
}
generated by cgit v1.2.3 (git 2.25.1) at 2026-06-16 15:56:26 +0000