search

retis-org / retis

Tracing packets in the Linux networking stack & friends
https://retis.readthedocs.io/en/stable/
100 stars 14 forks source link

move pid/tgid to common and add comm #169

Closed vlrpl closed 1 year ago

vlrpl commented 1 year ago

implements #121

Could be split better, but should be enough to be reviewable.

vlrpl commented 1 year ago

I'm wondering if only getting the pid/tgid is enough for the user:

* It's not very practical to do the pid -> comm translation by hand.

* At post-processing (or even while reading the events sometimes) the process can no longer be there.

This might be out of scope and can be solved while adding support for retrieving 'comm' from BPF (or we could also just do our own translation using the pid when retrieving the event? Not sure that would work with ns though).

In addition the above make me wonder if a dedicated event section would make sense here (even if it's not optional for now).

Thoughts? (@amorenoz too).

One thing though is that this single patch is not the whole thing. Unfortunately, I pushed with the stack of patches popped out.

❯ stg series
> pid-tgid
- add-common-defs
- add-comm-opt
- add-comm-to-the-common-section
- test-date

The next patches include a new common map (user/kernel) and --comm flag to show optional comm

vlrpl commented 1 year ago

rebased on top of main. Please scratch the last two pushes, were done from a working outdated branch.