Linux Audio

Check our new training course

Embedded Linux Audio

Check our new training course
with Creative Commons CC-BY-SA
lecture materials

Bootlin logo

Elixir Cross Referencer

Loading...
// SPDX-License-Identifier: GPL-2.0

#include "vmlinux.h"
#include <bpf/bpf_helpers.h>
#include <bpf/bpf_tracing.h>

#define MAX_PATH_LEN		128
#define MAX_FILES		7

pid_t my_pid = 0;
__u32 cnt_stat = 0;
__u32 cnt_close = 0;
char paths_stat[MAX_FILES][MAX_PATH_LEN] = {};
char paths_close[MAX_FILES][MAX_PATH_LEN] = {};
int rets_stat[MAX_FILES] = {};
int rets_close[MAX_FILES] = {};

int called_stat = 0;
int called_close = 0;

SEC("fentry/security_inode_getattr")
int BPF_PROG(prog_stat, struct path *path, struct kstat *stat,
	     __u32 request_mask, unsigned int query_flags)
{
	pid_t pid = bpf_get_current_pid_tgid() >> 32;
	__u32 cnt = cnt_stat;
	int ret;

	called_stat = 1;

	if (pid != my_pid)
		return 0;

	if (cnt >= MAX_FILES)
		return 0;
	ret = bpf_d_path(path, paths_stat[cnt], MAX_PATH_LEN);

	rets_stat[cnt] = ret;
	cnt_stat++;
	return 0;
}

SEC("fentry/filp_close")
int BPF_PROG(prog_close, struct file *file, void *id)
{
	pid_t pid = bpf_get_current_pid_tgid() >> 32;
	__u32 cnt = cnt_close;
	int ret;

	called_close = 1;

	if (pid != my_pid)
		return 0;

	if (cnt >= MAX_FILES)
		return 0;
	ret = bpf_d_path(&file->f_path,
			 paths_close[cnt], MAX_PATH_LEN);

	rets_close[cnt] = ret;
	cnt_close++;
	return 0;
}

char _license[] SEC("license") = "GPL";