search

elastic / ebpf

Elastic's eBPF
Other
66 stars 11 forks source link

file: support new inode struct *time fields #182

Closed mmat11 closed 9 months ago

mmat11 commented 9 months ago 
➜  ebpf git:(matt/fix-time-fields) uname -a                                                                       
Linux fedora 6.6.11-100.fc38.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Jan 10 19:23:27 UTC 2024 x86_64 GNU/Linux
➜  ebpf git:(matt/fix-time-fields) sudo ../veristat/src/veristat ./artifacts-x86_64/GPL/Events/EventProbe.bpf.o 
Processing 'EventProbe.bpf.o'...
File              Program                              Verdict  Duration (us)  Insns  States  Peak states
----------------  -----------------------------------  -------  -------------  -----  ------  -----------
EventProbe.bpf.o  fentry__commit_creds                 success            317    740      35           35
EventProbe.bpf.o  fentry__do_renameat2                 success             70     68       4            4
EventProbe.bpf.o  fentry__do_unlinkat                  success             50     50       2            2
EventProbe.bpf.o  fentry__mnt_want_write               success             52     37       3            3
EventProbe.bpf.o  fentry__taskstats_exit               success          20439  26453    1397           78
EventProbe.bpf.o  fentry__tcp_close                    success            295    474      26           26
EventProbe.bpf.o  fentry__tty_write                    success            295    561      25           25
EventProbe.bpf.o  fentry__vfs_rename                   success          40231  79651    3119          405
EventProbe.bpf.o  fentry__vfs_unlink                   success             54     37       3            3
EventProbe.bpf.o  fexit__chmod_common                  success          19311  40360    1601          226
EventProbe.bpf.o  fexit__chown_common                  success          19419  40360    1601          226
EventProbe.bpf.o  fexit__do_filp_open                  success          20984  40425    1574          245
EventProbe.bpf.o  fexit__do_truncate                   success          19138  40383    1603          228
EventProbe.bpf.o  fexit__inet_csk_accept               success            258    419      25           25
EventProbe.bpf.o  fexit__tcp_v4_connect                success            250    422      25           25
EventProbe.bpf.o  fexit__tcp_v6_connect                success            257    422      25           25
EventProbe.bpf.o  fexit__vfs_rename                    success            523   1285      43           43
EventProbe.bpf.o  fexit__vfs_unlink                    success          22590  40396    1572          244
EventProbe.bpf.o  fexit__vfs_write                     success          19173  40361    1602          227
EventProbe.bpf.o  fexit__vfs_writev                    success          19346  40361    1602          227
EventProbe.bpf.o  kprobe__chmod_common                 success             34     43       1            1
EventProbe.bpf.o  kprobe__chown_common                 success             32     41       1            1
EventProbe.bpf.o  kprobe__commit_creds                 success            298    740      35           35
EventProbe.bpf.o  kprobe__do_renameat2                 success             53     68       4            4
EventProbe.bpf.o  kprobe__do_truncate                  success             43     53       2            2
EventProbe.bpf.o  kprobe__do_unlinkat                  success             43     50       2            2
EventProbe.bpf.o  kprobe__mnt_want_write               success             39     37       3            3
EventProbe.bpf.o  kprobe__taskstats_exit               success          20446  26453    1397           78
EventProbe.bpf.o  kprobe__tcp_close                    success            276    474      26           26
EventProbe.bpf.o  kprobe__tcp_v4_connect               success             42     50       2            2
EventProbe.bpf.o  kprobe__tcp_v6_connect               success             43     50       2            2
EventProbe.bpf.o  kprobe__tty_write                    success            284    561      25           25
EventProbe.bpf.o  kprobe__vfs_rename                   success          42072  79648    3120          406
EventProbe.bpf.o  kprobe__vfs_unlink                   success             42     39       4            4
EventProbe.bpf.o  kprobe__vfs_write                    success             33     43       1            1
EventProbe.bpf.o  kprobe__vfs_writev                   success             33     43       1            1
EventProbe.bpf.o  kretprobe__chmod_common              success          19256  40370    1602          227
EventProbe.bpf.o  kretprobe__chown_common              success          19441  40370    1602          227
EventProbe.bpf.o  kretprobe__do_filp_open              success          21029  40425    1574          245
EventProbe.bpf.o  kretprobe__do_truncate               success          19249  40370    1602          227
EventProbe.bpf.o  kretprobe__inet_csk_accept           success            239    419      25           25
EventProbe.bpf.o  kretprobe__tcp_v4_connect            success            252    432      26           26
EventProbe.bpf.o  kretprobe__tcp_v6_connect            success            257    432      26           26
EventProbe.bpf.o  kretprobe__vfs_rename                success            505   1274      42           42
EventProbe.bpf.o  kretprobe__vfs_unlink                success          22040  40385    1571          243
EventProbe.bpf.o  kretprobe__vfs_write                 success          19181  40369    1602          227
EventProbe.bpf.o  kretprobe__vfs_writev                success          19316  40369    1602          227
EventProbe.bpf.o  sched_process_exec                   success          39557  67486    2987          292
EventProbe.bpf.o  sched_process_fork                   success          18227  26868    1416           99
EventProbe.bpf.o  tracepoint_syscalls_sys_exit_setsid  success            142    262      14           14
----------------  -----------------------------------  -------  -------------  -----  ------  -----------
Done. Processed 1 files, 0 programs. Skipped 50 files, 0 programs.
mmat11 commented 9 months ago

would be nice to see if you can cut the void cast

@haesbaert done and tested manually, works fine with no warnings