From 050bc2c9690fd5932c83e8ed2750d5e4b72b5906 Mon Sep 17 00:00:00 2001 From: Baitinq Date: Wed, 31 Jan 2024 00:25:30 +0100 Subject: cleanup --- fs-tracer-ebpf/src/syscalls/write.rs | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'fs-tracer-ebpf/src/syscalls/write.rs') diff --git a/fs-tracer-ebpf/src/syscalls/write.rs b/fs-tracer-ebpf/src/syscalls/write.rs index 28ea858..d9745a4 100644 --- a/fs-tracer-ebpf/src/syscalls/write.rs +++ b/fs-tracer-ebpf/src/syscalls/write.rs @@ -1,3 +1,6 @@ +use core::ffi::c_size_t; +use aya_bpf::{cty::{c_char, c_uint}, helpers::{bpf_probe_read_kernel_str_bytes, bpf_probe_read_user_str_bytes}}; + use crate::*; pub fn handle_sys_write(ctx: TracePointContext, syscall_type: SyscallType) -> Result { @@ -11,11 +14,11 @@ unsafe fn handle_sys_write_enter(ctx: TracePointContext) -> Result(&ctx, 16).unwrap_unchecked(); + let args = ctx.read_at::(16)?; // if fd is stdout, stderr or stdin, ignore if args.fd <= 2 { @@ -23,7 +26,7 @@ unsafe fn handle_sys_write_enter(ctx: TracePointContext) -> Result Result Result { //info!(&ctx, "handle_sys_write_exit start"); - let ret = *ptr_at::(&ctx, 16).unwrap_unchecked(); //TODO: We cant use unwrap, thats why we couldnt use the aya helper fns + let ret = ctx.read_at::(16)?; //TODO: We cant use unwrap, thats why we couldnt use the aya helper fns let tgid = ctx.tgid(); if let Some(syscall) = SYSCALL_ENTERS.get(&tgid) { -- cgit 1.4.1