retsnoop: Use bpf_probe_read_kernel() instead of bpf_probe_read()

anakryiko / retsnoop

Investigate kernel error call stacks

BSD 2-Clause "Simplified" License

186 stars 32 forks source link

Closed iii-i closed 1 year ago

iii-i commented 1 year ago

Fix retsnoop on the architectures with the overlapping kernel and user spaces, e.g., s390x.