^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) // SPDX-License-Identifier: GPL-2.0-only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2) /* Copyright (c) 2017 Facebook
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) #include <uapi/linux/bpf.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5) #include <bpf/bpf_helpers.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7) struct syscalls_enter_open_args {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8) unsigned long long unused;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) long syscall_nr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) long filename_ptr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) long flags;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) long mode;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) struct syscalls_exit_open_args {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) unsigned long long unused;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) long syscall_nr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) long ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) struct {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) __uint(type, BPF_MAP_TYPE_ARRAY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) __type(key, u32);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) __type(value, u32);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) __uint(max_entries, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) } enter_open_map SEC(".maps");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) struct {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) __uint(type, BPF_MAP_TYPE_ARRAY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) __type(key, u32);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) __type(value, u32);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) __uint(max_entries, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) } exit_open_map SEC(".maps");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) static __always_inline void count(void *map)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) u32 key = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) u32 *value, init_val = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) value = bpf_map_lookup_elem(map, &key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) if (value)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) *value += 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) bpf_map_update_elem(map, &key, &init_val, BPF_NOEXIST);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) SEC("tracepoint/syscalls/sys_enter_open")
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) int trace_enter_open(struct syscalls_enter_open_args *ctx)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) count(&enter_open_map);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) SEC("tracepoint/syscalls/sys_enter_openat")
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) int trace_enter_open_at(struct syscalls_enter_open_args *ctx)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) count(&enter_open_map);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) SEC("tracepoint/syscalls/sys_exit_open")
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) int trace_enter_exit(struct syscalls_exit_open_args *ctx)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) count(&exit_open_map);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68) SEC("tracepoint/syscalls/sys_exit_openat")
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) int trace_enter_exit_at(struct syscalls_exit_open_args *ctx)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) count(&exit_open_map);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) }
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags