root/samples/bpf/test_overhead_kprobe_kern.c

DEFINITIONS

1. SEC
2. SEC

   1 /* Copyright (c) 2016 Facebook
   2  *
   3  * This program is free software; you can redistribute it and/or
   4  * modify it under the terms of version 2 of the GNU General Public
   5  * License as published by the Free Software Foundation.
   6  */
   7 #include <linux/version.h>
   8 #include <linux/ptrace.h>
   9 #include <uapi/linux/bpf.h>
  10 #include "bpf_helpers.h"
  11 
  12 #define _(P) ({typeof(P) val = 0; bpf_probe_read(&val, sizeof(val), &P); val;})
  13 
  14 SEC("kprobe/__set_task_comm")
  15 int prog(struct pt_regs *ctx)
  16 {
  17         struct signal_struct *signal;
  18         struct task_struct *tsk;
  19         char oldcomm[16] = {};
  20         char newcomm[16] = {};
  21         u16 oom_score_adj;
  22         u32 pid;
  23 
  24         tsk = (void *)PT_REGS_PARM1(ctx);
  25 
  26         pid = _(tsk->pid);
  27         bpf_probe_read(oldcomm, sizeof(oldcomm), &tsk->comm);
  28         bpf_probe_read(newcomm, sizeof(newcomm), (void *)PT_REGS_PARM2(ctx));
  29         signal = _(tsk->signal);
  30         oom_score_adj = _(signal->oom_score_adj);
  31         return 0;
  32 }
  33 
  34 SEC("kprobe/urandom_read")
  35 int prog2(struct pt_regs *ctx)
  36 {
  37         return 0;
  38 }
  39 
  40 char _license[] SEC("license") = "GPL";
  41 u32 _version SEC("version") = LINUX_VERSION_CODE;