From 38a1666d39d834a2d2bd69662291afd9a63b2fd6 Mon Sep 17 00:00:00 2001
From: Paul Buetow <paul@buetow.org>
Date: Sun, 11 Feb 2024 22:52:30 +0200
Subject: rename c file

---
 build.sh             |  2 +-
 cmd/ioriotng/main.go |  2 +-
 ioriotng.bpf.c       | 88 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 main.bpf.c           | 88 ----------------------------------------------------
 4 files changed, 90 insertions(+), 90 deletions(-)
 create mode 100644 ioriotng.bpf.c
 delete mode 100644 main.bpf.c

diff --git a/build.sh b/build.sh
index e0b1df9..cb26319 100755
--- a/build.sh
+++ b/build.sh
@@ -9,7 +9,7 @@ echo 'package main' > internal/opids.go
 echo >> internal/opids.go
 sed -E 's/#define (.*) ([0-9]+)/const \1 = \2/' opids.h >> internal/opids.go
 
-clang -g -O2 -Wall -fpie -I../libbpfgo/selftest/common -target bpf -D__TARGET_ARCH_amd64 -I../libbpfgo/output -I../libbpfgo/selftest/common -c main.bpf.c -o main.bpf.o
+clang -g -O2 -Wall -fpie -I../libbpfgo/selftest/common -target bpf -D__TARGET_ARCH_amd64 -I../libbpfgo/output -I../libbpfgo/selftest/common -c ioriotng.bpf.c -o ioriotng.bpf.o
 
 export CC=clang
 export CGO_CFLAGS="-I$LIBBPFGO/output -I$LIBBPFGO/selftest/common"
diff --git a/cmd/ioriotng/main.go b/cmd/ioriotng/main.go
index 54b3c85..eb4d222 100644
--- a/cmd/ioriotng/main.go
+++ b/cmd/ioriotng/main.go
@@ -71,7 +71,7 @@ func main() {
 	// To consider for implementation!
 	log.Println(debugfs.TracepointsWithFd())
 
-	bpfModule, err := bpf.NewModuleFromFile("main.bpf.o")
+	bpfModule, err := bpf.NewModuleFromFile("ioriotng.bpf.o")
 	if err != nil {
 		log.Fatal(err)
 	}
diff --git a/ioriotng.bpf.c b/ioriotng.bpf.c
new file mode 100644
index 0000000..d9b0f5a
--- /dev/null
+++ b/ioriotng.bpf.c
@@ -0,0 +1,88 @@
+//+build ignore
+
+#include "vmlinux.h"
+#include "opids.h"
+#include <bpf/bpf_helpers.h>
+#include "maps.bpf.h"
+
+// TODO: Split out this file into several *.bpf.c programs.
+
+// TODO: Make UID_FILTER configurable via a flag from the userland part.
+// For now, this is set to my own user for development purposes.
+#define UID_FILTER 1001 
+
+SEC("tracepoint/syscalls/sys_enter_open")
+int handle_enter_open(struct trace_event_raw_sys_enter *ctx) {
+    if ((bpf_get_current_uid_gid() & 0xFFFFFFFF) != UID_FILTER)
+        return 0;
+
+    u32 tid = bpf_get_current_pid_tgid();
+    struct open_event event = {
+        .op_id = OPEN,
+    };
+
+    bpf_probe_read_user_str(event.filename, sizeof(event.filename), (void *)ctx->args[0]);
+    bpf_get_current_comm(&event.comm, sizeof(event.comm));
+    event.tid = tid;
+    bpf_map_update_elem(&open_event_temp_map, &tid, &event, BPF_ANY);
+
+    return 0;
+}
+
+SEC("tracepoint/syscalls/sys_exit_open")
+int handle_exit_open(struct trace_event_raw_sys_exit *ctx) {
+    if ((bpf_get_current_uid_gid() & 0xFFFFFFFF) != UID_FILTER)
+        return 0;
+
+    u32 tid = bpf_get_current_pid_tgid();
+    struct open_event *eventp = bpf_map_lookup_elem(&open_event_temp_map, &tid);
+    if (!eventp) {
+        return 0;
+    }
+    eventp->fd = ctx->ret;
+    bpf_perf_event_output(ctx, &open_event_map, BPF_F_CURRENT_CPU, eventp, sizeof(struct open_event));
+    bpf_map_delete_elem(&open_event_temp_map, &tid);
+
+    return 0;
+}
+
+SEC("tracepoint/syscalls/sys_enter_openat")
+int handle_enter_openat(struct trace_event_raw_sys_enter *ctx) {
+    if ((bpf_get_current_uid_gid() & 0xFFFFFFFF) != UID_FILTER)
+        return 0;
+
+    u32 tid = bpf_get_current_pid_tgid();
+    struct open_event event = { .op_id = OPEN_AT };
+
+    bpf_probe_read_user_str(event.filename, sizeof(event.filename), (void *)ctx->args[1]);
+    bpf_get_current_comm(&event.comm, sizeof(event.comm));
+    event.tid = tid;
+    bpf_map_update_elem(&open_event_temp_map, &tid, &event, BPF_ANY);
+
+    return 0;
+}
+
+SEC("tracepoint/syscalls/sys_exit_openat")
+int handle_exit_openat(struct trace_event_raw_sys_exit *ctx) {
+    if ((bpf_get_current_uid_gid() & 0xFFFFFFFF) != UID_FILTER)
+        return 0;
+
+    return handle_exit_open(ctx);
+}
+
+SEC("tracepoint/syscalls/sys_enter_close")
+int handle_enter_close(struct trace_event_raw_sys_enter *ctx) {
+    if ((bpf_get_current_uid_gid() & 0xFFFFFFFF) != UID_FILTER)
+        return 0;
+
+    struct fd_event event = {
+        .fd = (int)ctx->args[0],
+        .op_id = CLOSE,
+        .tid = bpf_get_current_pid_tgid(),
+    };
+    bpf_perf_event_output(ctx, &fd_event_map, BPF_F_CURRENT_CPU, &event, sizeof(struct fd_event));
+
+    return 0;
+}
+
+char LICENSE[] SEC("license") = "Dual BSD/GPL";
diff --git a/main.bpf.c b/main.bpf.c
deleted file mode 100644
index d9b0f5a..0000000
--- a/main.bpf.c
+++ /dev/null
@@ -1,88 +0,0 @@
-//+build ignore
-
-#include "vmlinux.h"
-#include "opids.h"
-#include <bpf/bpf_helpers.h>
-#include "maps.bpf.h"
-
-// TODO: Split out this file into several *.bpf.c programs.
-
-// TODO: Make UID_FILTER configurable via a flag from the userland part.
-// For now, this is set to my own user for development purposes.
-#define UID_FILTER 1001 
-
-SEC("tracepoint/syscalls/sys_enter_open")
-int handle_enter_open(struct trace_event_raw_sys_enter *ctx) {
-    if ((bpf_get_current_uid_gid() & 0xFFFFFFFF) != UID_FILTER)
-        return 0;
-
-    u32 tid = bpf_get_current_pid_tgid();
-    struct open_event event = {
-        .op_id = OPEN,
-    };
-
-    bpf_probe_read_user_str(event.filename, sizeof(event.filename), (void *)ctx->args[0]);
-    bpf_get_current_comm(&event.comm, sizeof(event.comm));
-    event.tid = tid;
-    bpf_map_update_elem(&open_event_temp_map, &tid, &event, BPF_ANY);
-
-    return 0;
-}
-
-SEC("tracepoint/syscalls/sys_exit_open")
-int handle_exit_open(struct trace_event_raw_sys_exit *ctx) {
-    if ((bpf_get_current_uid_gid() & 0xFFFFFFFF) != UID_FILTER)
-        return 0;
-
-    u32 tid = bpf_get_current_pid_tgid();
-    struct open_event *eventp = bpf_map_lookup_elem(&open_event_temp_map, &tid);
-    if (!eventp) {
-        return 0;
-    }
-    eventp->fd = ctx->ret;
-    bpf_perf_event_output(ctx, &open_event_map, BPF_F_CURRENT_CPU, eventp, sizeof(struct open_event));
-    bpf_map_delete_elem(&open_event_temp_map, &tid);
-
-    return 0;
-}
-
-SEC("tracepoint/syscalls/sys_enter_openat")
-int handle_enter_openat(struct trace_event_raw_sys_enter *ctx) {
-    if ((bpf_get_current_uid_gid() & 0xFFFFFFFF) != UID_FILTER)
-        return 0;
-
-    u32 tid = bpf_get_current_pid_tgid();
-    struct open_event event = { .op_id = OPEN_AT };
-
-    bpf_probe_read_user_str(event.filename, sizeof(event.filename), (void *)ctx->args[1]);
-    bpf_get_current_comm(&event.comm, sizeof(event.comm));
-    event.tid = tid;
-    bpf_map_update_elem(&open_event_temp_map, &tid, &event, BPF_ANY);
-
-    return 0;
-}
-
-SEC("tracepoint/syscalls/sys_exit_openat")
-int handle_exit_openat(struct trace_event_raw_sys_exit *ctx) {
-    if ((bpf_get_current_uid_gid() & 0xFFFFFFFF) != UID_FILTER)
-        return 0;
-
-    return handle_exit_open(ctx);
-}
-
-SEC("tracepoint/syscalls/sys_enter_close")
-int handle_enter_close(struct trace_event_raw_sys_enter *ctx) {
-    if ((bpf_get_current_uid_gid() & 0xFFFFFFFF) != UID_FILTER)
-        return 0;
-
-    struct fd_event event = {
-        .fd = (int)ctx->args[0],
-        .op_id = CLOSE,
-        .tid = bpf_get_current_pid_tgid(),
-    };
-    bpf_perf_event_output(ctx, &fd_event_map, BPF_F_CURRENT_CPU, &event, sizeof(struct fd_event));
-
-    return 0;
-}
-
-char LICENSE[] SEC("license") = "Dual BSD/GPL";
-- 
cgit v1.2.3