stanek-michal
commented
6 months ago The multi-kernel tester has a failing test with this, I didn't look into the exact cause, but this LGTM, once the tests are fixed
turned out it was a missing break in a switch block in EventsTrace that sometimes would trigger memory corruption and fail the multi-kernel tests. Fixed now and rebased, rerunning CI
haesbaert
New events added:
EBPF_EVENT_FILE_MEMFD_OPEN EBPF_EVENT_FILE_SHMEM_OPEN EBPF_EVENT_PROCESS_MEMFD_CREATE EBPF_EVENT_PROCESS_SHMGET EBPF_EVENT_PROCESS_PTRACE EBPF_EVENT_PROCESS_LOAD_MODULE
Also added new fields to process exec event