summaryrefslogtreecommitdiff
path: root/internal/c
diff options
context:
space:
mode:
Diffstat (limited to 'internal/c')
-rw-r--r--internal/c/generated_tracepoints.c40
-rw-r--r--internal/c/generated_tracepoints_result.txt8
2 files changed, 32 insertions, 16 deletions
diff --git a/internal/c/generated_tracepoints.c b/internal/c/generated_tracepoints.c
index 4385d16..8e66d2a 100644
--- a/internal/c/generated_tracepoints.c
+++ b/internal/c/generated_tracepoints.c
@@ -11935,7 +11935,7 @@ int handle_sys_exit_swapon(struct syscall_trace_exit *ctx) {
return 0;
}
-/// sys_enter_madvise is a struct null_event (kind=null)
+/// sys_enter_madvise is a struct mem_event (kind=mem)
SEC("tracepoint/syscalls/sys_enter_madvise")
int handle_sys_enter_madvise(struct syscall_trace_enter *ctx) {
__u32 pid, tid;
@@ -11945,15 +11945,19 @@ int handle_sys_enter_madvise(struct syscall_trace_enter *ctx) {
if (!ior_on_syscall_enter(tid, SYS_ENTER_MADVISE))
return 0;
- struct null_event *ev = bpf_ringbuf_reserve(&event_map, sizeof(struct null_event), 0);
+ struct mem_event *ev = bpf_ringbuf_reserve(&event_map, sizeof(struct mem_event), 0);
if (!ev)
return 0;
- ev->event_type = ENTER_NULL_EVENT;
+ ev->event_type = ENTER_MEM_EVENT;
ev->trace_id = SYS_ENTER_MADVISE;
ev->pid = pid;
ev->tid = tid;
ev->time = bpf_ktime_get_boot_ns();
+ ev->addr = (__u64)ctx->args[0];
+ ev->length = (__u64)ctx->args[1];
+ ev->length2 = 0;
+ ev->flags = (__u64)ctx->args[2];
bpf_ringbuf_submit(ev, 0);
return 0;
@@ -12293,7 +12297,7 @@ int handle_sys_exit_mremap(struct syscall_trace_exit *ctx) {
return 0;
}
-/// sys_enter_mprotect is a struct null_event (kind=null)
+/// sys_enter_mprotect is a struct mem_event (kind=mem)
SEC("tracepoint/syscalls/sys_enter_mprotect")
int handle_sys_enter_mprotect(struct syscall_trace_enter *ctx) {
__u32 pid, tid;
@@ -12303,15 +12307,19 @@ int handle_sys_enter_mprotect(struct syscall_trace_enter *ctx) {
if (!ior_on_syscall_enter(tid, SYS_ENTER_MPROTECT))
return 0;
- struct null_event *ev = bpf_ringbuf_reserve(&event_map, sizeof(struct null_event), 0);
+ struct mem_event *ev = bpf_ringbuf_reserve(&event_map, sizeof(struct mem_event), 0);
if (!ev)
return 0;
- ev->event_type = ENTER_NULL_EVENT;
+ ev->event_type = ENTER_MEM_EVENT;
ev->trace_id = SYS_ENTER_MPROTECT;
ev->pid = pid;
ev->tid = tid;
ev->time = bpf_ktime_get_boot_ns();
+ ev->addr = (__u64)ctx->args[0];
+ ev->length = (__u64)ctx->args[1];
+ ev->length2 = 0;
+ ev->flags = (__u64)ctx->args[2];
bpf_ringbuf_submit(ev, 0);
return 0;
@@ -12343,7 +12351,7 @@ int handle_sys_exit_mprotect(struct syscall_trace_exit *ctx) {
return 0;
}
-/// sys_enter_pkey_mprotect is a struct null_event (kind=null)
+/// sys_enter_pkey_mprotect is a struct mem_event (kind=mem)
SEC("tracepoint/syscalls/sys_enter_pkey_mprotect")
int handle_sys_enter_pkey_mprotect(struct syscall_trace_enter *ctx) {
__u32 pid, tid;
@@ -12353,15 +12361,19 @@ int handle_sys_enter_pkey_mprotect(struct syscall_trace_enter *ctx) {
if (!ior_on_syscall_enter(tid, SYS_ENTER_PKEY_MPROTECT))
return 0;
- struct null_event *ev = bpf_ringbuf_reserve(&event_map, sizeof(struct null_event), 0);
+ struct mem_event *ev = bpf_ringbuf_reserve(&event_map, sizeof(struct mem_event), 0);
if (!ev)
return 0;
- ev->event_type = ENTER_NULL_EVENT;
+ ev->event_type = ENTER_MEM_EVENT;
ev->trace_id = SYS_ENTER_PKEY_MPROTECT;
ev->pid = pid;
ev->tid = tid;
ev->time = bpf_ktime_get_boot_ns();
+ ev->addr = (__u64)ctx->args[0];
+ ev->length = (__u64)ctx->args[1];
+ ev->length2 = (__u64)ctx->args[3];
+ ev->flags = (__u64)ctx->args[2];
bpf_ringbuf_submit(ev, 0);
return 0;
@@ -12493,7 +12505,7 @@ int handle_sys_exit_pkey_free(struct syscall_trace_exit *ctx) {
return 0;
}
-/// sys_enter_brk is a struct null_event (kind=null)
+/// sys_enter_brk is a struct mem_event (kind=mem)
SEC("tracepoint/syscalls/sys_enter_brk")
int handle_sys_enter_brk(struct syscall_trace_enter *ctx) {
__u32 pid, tid;
@@ -12503,15 +12515,19 @@ int handle_sys_enter_brk(struct syscall_trace_enter *ctx) {
if (!ior_on_syscall_enter(tid, SYS_ENTER_BRK))
return 0;
- struct null_event *ev = bpf_ringbuf_reserve(&event_map, sizeof(struct null_event), 0);
+ struct mem_event *ev = bpf_ringbuf_reserve(&event_map, sizeof(struct mem_event), 0);
if (!ev)
return 0;
- ev->event_type = ENTER_NULL_EVENT;
+ ev->event_type = ENTER_MEM_EVENT;
ev->trace_id = SYS_ENTER_BRK;
ev->pid = pid;
ev->tid = tid;
ev->time = bpf_ktime_get_boot_ns();
+ ev->addr = (__u64)ctx->args[0];
+ ev->length = 0;
+ ev->length2 = 0;
+ ev->flags = 0;
bpf_ringbuf_submit(ev, 0);
return 0;
diff --git a/internal/c/generated_tracepoints_result.txt b/internal/c/generated_tracepoints_result.txt
index 1db0ddf..4a1f137 100644
--- a/internal/c/generated_tracepoints_result.txt
+++ b/internal/c/generated_tracepoints_result.txt
@@ -8,7 +8,7 @@ sys_enter_alarm is a struct null_event (kind=null)
sys_enter_arch_prctl is a struct null_event (kind=null)
sys_enter_bind is a struct fd_event (kind=fd)
sys_enter_bpf is a struct null_event (kind=bpf)
-sys_enter_brk is a struct null_event (kind=null)
+sys_enter_brk is a struct mem_event (kind=mem)
sys_enter_cachestat is a struct fd_event (kind=fd)
sys_enter_capget is a struct null_event (kind=null)
sys_enter_capset is a struct null_event (kind=null)
@@ -153,7 +153,7 @@ sys_enter_lsetxattr is a struct path_event (kind=pathname)
sys_enter_lsm_get_self_attr is a struct null_event (kind=null)
sys_enter_lsm_list_modules is a struct null_event (kind=null)
sys_enter_lsm_set_self_attr is a struct null_event (kind=null)
-sys_enter_madvise is a struct null_event (kind=null)
+sys_enter_madvise is a struct mem_event (kind=mem)
sys_enter_map_shadow_stack is a struct mem_event (kind=mem)
sys_enter_mbind is a struct null_event (kind=null)
sys_enter_membarrier is a struct null_event (kind=null)
@@ -174,7 +174,7 @@ sys_enter_mount is a struct path_event (kind=pathname)
sys_enter_mount_setattr is a struct path_event (kind=pathname)
sys_enter_move_mount is a struct two_fd_event (kind=two-fd)
sys_enter_move_pages is a struct null_event (kind=null)
-sys_enter_mprotect is a struct null_event (kind=null)
+sys_enter_mprotect is a struct mem_event (kind=mem)
sys_enter_mq_getsetattr is a struct fd_event (kind=fd)
sys_enter_mq_notify is a struct fd_event (kind=fd)
sys_enter_mq_open is a struct open_event (kind=mq-open)
@@ -215,7 +215,7 @@ sys_enter_pipe2 is a struct pipe_event (kind=pipe)
sys_enter_pivot_root is a struct path_event (kind=pathname)
sys_enter_pkey_alloc is a struct null_event (kind=null)
sys_enter_pkey_free is a struct null_event (kind=null)
-sys_enter_pkey_mprotect is a struct null_event (kind=null)
+sys_enter_pkey_mprotect is a struct mem_event (kind=mem)
sys_enter_poll is a struct poll_event (kind=poll)
sys_enter_ppoll is a struct poll_event (kind=poll)
sys_enter_prctl is a struct null_event (kind=null)
generated by cgit v1.2.3 (git 2.25.1) at 2026-06-16 15:14:41 +0000