summaryrefslogtreecommitdiff
path: root/internal/eventloop_runtime.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/eventloop_runtime.go')
-rw-r--r--internal/eventloop_runtime.go25
1 files changed, 25 insertions, 0 deletions
diff --git a/internal/eventloop_runtime.go b/internal/eventloop_runtime.go
index 9a818e3..334fa63 100644
--- a/internal/eventloop_runtime.go
+++ b/internal/eventloop_runtime.go
@@ -250,6 +250,7 @@ func (e *eventLoop) initRawHandlers() {
e.registerTwoFdHandlers()
e.registerMemoryHandlers()
e.registerSleepHandlers()
+ e.registerSecurityHandlers()
}
// registerOpenHandlers wires enter/exit handlers for open-family events.
@@ -482,6 +483,30 @@ func (e *eventLoop) registerSleepHandlers() {
}
}
+func (e *eventLoop) registerSecurityHandlers() {
+ e.rawHandlers[types.ENTER_KEYCTL_EVENT] = func(raw []byte, _ chan<- *event.Pair) {
+ keyctlEv, ok := decodeRawEvent(e, types.ENTER_KEYCTL_EVENT, raw, types.NewKeyctlEventFast)
+ if !ok {
+ return
+ }
+ e.tracepointEntered(keyctlEv)
+ }
+ e.rawHandlers[types.ENTER_PTRACE_EVENT] = func(raw []byte, _ chan<- *event.Pair) {
+ ptraceEv, ok := decodeRawEvent(e, types.ENTER_PTRACE_EVENT, raw, types.NewPtraceEventFast)
+ if !ok {
+ return
+ }
+ e.tracepointEntered(ptraceEv)
+ }
+ e.rawHandlers[types.ENTER_PERF_OPEN_EVENT] = func(raw []byte, _ chan<- *event.Pair) {
+ perfOpenEv, ok := decodeRawEvent(e, types.ENTER_PERF_OPEN_EVENT, raw, types.NewPerfOpenEventFast)
+ if !ok {
+ return
+ }
+ e.tracepointEntered(perfOpenEv)
+ }
+}
+
func decodeRawEvent[T any](e *eventLoop, eventType types.EventType, raw []byte, decode func([]byte) *T) (*T, bool) {
decoded := decode(raw)
if decoded == nil {
generated by cgit v1.2.3 (git 2.25.1) at 2026-06-16 03:01:08 +0000