From 0efc6222753d9f318f796ee3b3aee2401b23cd66 Mon Sep 17 00:00:00 2001 From: Baitinq Date: Sat, 20 Jan 2024 20:10:31 +0100 Subject: Use common SyscallInfo enum to transfer data --- fs-tracer-ebpf/src/main.rs | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'fs-tracer-ebpf') diff --git a/fs-tracer-ebpf/src/main.rs b/fs-tracer-ebpf/src/main.rs index 14b3a51..772fe1f 100644 --- a/fs-tracer-ebpf/src/main.rs +++ b/fs-tracer-ebpf/src/main.rs @@ -1,8 +1,6 @@ #![no_std] #![no_main] -use core::ffi::c_void; - use aya_bpf::helpers::{bpf_probe_read_kernel_str_bytes, bpf_probe_read_user_str_bytes}; use aya_bpf::maps::HashMap; use aya_bpf::{ @@ -12,10 +10,10 @@ use aya_bpf::{ BpfContext, }; use aya_log_ebpf::info; -use fs_tracer_common::WriteSyscallBPF; +use fs_tracer_common::{SyscallInfo, WriteSyscallBPF}; #[map] -static EVENTS: PerfEventArray = PerfEventArray::with_max_entries(1024, 0); +static EVENTS: PerfEventArray = PerfEventArray::with_max_entries(1024, 0); #[map] static SYSCALLENTERS: HashMap = HashMap::with_max_entries(1024, 0); @@ -152,9 +150,9 @@ fn handle_sys_write_exit(ctx: TracePointContext) -> Result { let tgid = ctx.tgid(); if let Some(&syscall) = unsafe { SYSCALLENTERS.get(&tgid) } { - let mut newsyscall = syscall.clone(); + let mut newsyscall: WriteSyscallBPF = syscall; newsyscall.ret = ret; - EVENTS.output(&ctx, &newsyscall, 0); + EVENTS.output(&ctx, &SyscallInfo::Write(newsyscall), 0); } //syscall_enter.ret = ret; //EVENTS.output(&ctx, &syscall_enter, 0); -- cgit 1.4.1