From fe024ec9fc47b96b5cc9b3301ebf311510568fda Mon Sep 17 00:00:00 2001
From: Paul Buetow <paul@buetow.org>
Date: Sun, 11 Feb 2024 22:28:41 +0200
Subject: initial timestamps

---
 build.sh   |  2 +-
 main.bpf.c |  4 +++-
 main.go    | 20 ++++++++++++--------
 maps.bpf.h |  4 ++++
 4 files changed, 20 insertions(+), 10 deletions(-)

diff --git a/build.sh b/build.sh
index 8e49c9c..5198090 100755
--- a/build.sh
+++ b/build.sh
@@ -17,4 +17,4 @@ export CGO_LDFLAGS="-lelf -lzstd $LIBBPFGO/output/libbpf.a"
 export GOOS=linux
 export GOARCH=amd64
 
-go build -race -tags netgo -ldflags '-w -extldflags "-static"' -o ioriotng ./main.go
+go build -race -tags netgo -ldflags '-w -extldflags "-static"' -o ioriotng ./cmd/ioriotng/main.go
diff --git a/main.bpf.c b/main.bpf.c
index c162775..d9b0f5a 100644
--- a/main.bpf.c
+++ b/main.bpf.c
@@ -17,7 +17,9 @@ int handle_enter_open(struct trace_event_raw_sys_enter *ctx) {
         return 0;
 
     u32 tid = bpf_get_current_pid_tgid();
-    struct open_event event = { .op_id = OPEN };
+    struct open_event event = {
+        .op_id = OPEN,
+    };
 
     bpf_probe_read_user_str(event.filename, sizeof(event.filename), (void *)ctx->args[0]);
     bpf_get_current_comm(&event.comm, sizeof(event.comm));
diff --git a/main.go b/main.go
index 5930763..54b3c85 100644
--- a/main.go
+++ b/main.go
@@ -22,11 +22,13 @@ type BpfMapper interface {
 }
 
 type openEvent struct {
-	FD       int32
-	OpID     int32
-	TID      uint32
-	Filename [256]byte
-	Comm     [16]byte
+	FD        int32
+	OpID      int32
+	TID       uint32
+	EnterTime int64
+	ExitTime  int64
+	Filename  [256]byte
+	Comm      [16]byte
 }
 
 func (e openEvent) String() string {
@@ -37,9 +39,11 @@ func (e openEvent) String() string {
 }
 
 type fdEvent struct {
-	FD   int32
-	OpID int32
-	TID  uint32
+	FD        int32
+	OpID      int32
+	TID       uint32
+	EnterTime int64
+	ExitTime  int64
 }
 
 func (e fdEvent) String() string {
diff --git a/maps.bpf.h b/maps.bpf.h
index afa1064..3cdfe25 100644
--- a/maps.bpf.h
+++ b/maps.bpf.h
@@ -4,6 +4,8 @@ struct open_event {
     int fd;
     int op_id;
     u32 tid;
+    long enter_time;
+    long exit_time;
     char filename[256];
     char comm[16];
 };
@@ -26,6 +28,8 @@ struct fd_event {
     int fd;
     int op_id;
     u32 tid;
+    long enter_time;
+    long exit_time;
 };
 
 struct {
-- 
cgit v1.2.3