summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--internal/flags/flags.go12
-rw-r--r--internal/ior.go11
2 files changed, 20 insertions, 3 deletions
diff --git a/internal/flags/flags.go b/internal/flags/flags.go
index 4d375fc..3f07847 100644
--- a/internal/flags/flags.go
+++ b/internal/flags/flags.go
@@ -3,11 +3,11 @@ package flags
import (
"flag"
"fmt"
+ "strings"
bpf "github.com/aquasecurity/libbpfgo"
)
-// TODO: Filter by syscall (tracepoint names)
type Flags struct {
PidFilter int
TidFilter int
@@ -17,6 +17,7 @@ type Flags struct {
PprofEnable bool
FlamegraphEnable bool
Duration int
+ TracepointNames map[string]struct{}
}
func New() (flags Flags) {
@@ -24,12 +25,21 @@ func New() (flags Flags) {
flag.IntVar(&flags.TidFilter, "tid", -1, "Filter for thread ID")
flag.IntVar(&flags.EventMapSize, "mapSize", 4096*16, "BPF FD event ring buffer map size")
flag.IntVar(&flags.Duration, "duration", 60, "Probe duration in seconds")
+
flag.StringVar(&flags.CommFilter, "comm", "", "Command to filter for")
flag.StringVar(&flags.PathFilter, "path", "", "Path to filter for")
+
flag.BoolVar(&flags.PprofEnable, "pprof", false, "Enable profiling")
flag.BoolVar(&flags.FlamegraphEnable, "flamegraph", false, "Enable flamegraph builder")
+
+ tracepointNames := flag.String("tracepoints", "", "Comma separated list of tracepoints (empty: trace all)")
flag.Parse()
+ flags.TracepointNames = make(map[string]struct{}, len(*tracepointNames))
+ for _, name := range strings.Split(*tracepointNames, ",") {
+ flags.TracepointNames[name] = struct{}{}
+ }
+
return flags
}
diff --git a/internal/ior.go b/internal/ior.go
index 51ce2d1..f9635e5 100644
--- a/internal/ior.go
+++ b/internal/ior.go
@@ -17,8 +17,15 @@ import (
bpf "github.com/aquasecurity/libbpfgo"
)
-func attachTracepoints(bpfModule *bpf.Module) error {
+func attachTracepoints(bpfModule *bpf.Module, tracepointNames map[string]struct{}) error {
+ attachAll := len(tracepointNames) == 0
+
for _, name := range tracepoints.List {
+ if _, ok := tracepointNames[name]; !ok && !attachAll {
+ // Not attaching tracepoint
+ continue
+ }
+
prog, err := bpfModule.GetProgram(fmt.Sprintf("handle_%s", name))
if err != nil {
return fmt.Errorf("Failed to get BPF program handle_%s: %v", name, err)
@@ -55,7 +62,7 @@ func Run(flags flags.Flags) {
panic(err)
}
- if err := attachTracepoints(bpfModule); err != nil {
+ if err := attachTracepoints(bpfModule, flags.TracepointNames); err != nil {
panic(err)
}
generated by cgit v1.2.3 (git 2.25.1) at 2026-06-16 18:16:20 +0000