Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add cgroup path to file events #184

Merged
merged 1 commit into from
Mar 12, 2024
Merged

Add cgroup path to file events #184

merged 1 commit into from
Mar 12, 2024

Conversation

mmat11
Copy link
Contributor

@mmat11 mmat11 commented Mar 12, 2024

Add cgroup path to file events

sudo ../veristat/src/veristat ./artifacts-x86_64/GPL/Events/EventProbe.bpf.o
Processing 'EventProbe.bpf.o'...
File              Program                              Verdict  Duration (us)  Insns  States  Peak states
----------------  -----------------------------------  -------  -------------  -----  ------  -----------
EventProbe.bpf.o  fentry__commit_creds                 success            339    740      35           35
EventProbe.bpf.o  fentry__do_renameat2                 success             75     68       4            4
EventProbe.bpf.o  fentry__do_unlinkat                  success             56     50       2            2
EventProbe.bpf.o  fentry__mnt_want_write               success             61     37       3            3
EventProbe.bpf.o  fentry__taskstats_exit               success          21496  26453    1397           78
EventProbe.bpf.o  fentry__tcp_close                    success            314    474      26           26
EventProbe.bpf.o  fentry__tty_write                    success            320    561      25           25
EventProbe.bpf.o  fentry__vfs_rename                   success          40785  79651    3119          405
EventProbe.bpf.o  fentry__vfs_unlink                   success             63     37       3            3
EventProbe.bpf.o  fexit__chmod_common                  success          42305  67635    3005          299
EventProbe.bpf.o  fexit__chown_common                  success          42003  67635    3005          299
EventProbe.bpf.o  fexit__do_filp_open                  success          42916  66696    2965          318
EventProbe.bpf.o  fexit__do_truncate                   success          41801  67658    3007          301
EventProbe.bpf.o  fexit__inet_csk_accept               success            267    419      25           25
EventProbe.bpf.o  fexit__tcp_v4_connect                success            265    422      25           25
EventProbe.bpf.o  fexit__tcp_v6_connect                success            266    422      25           25
EventProbe.bpf.o  fexit__vfs_rename                    success          23000  27561    1432          113
EventProbe.bpf.o  fexit__vfs_unlink                    success          45958  66704    2965          318
EventProbe.bpf.o  fexit__vfs_write                     success          41921  67636    3006          300
EventProbe.bpf.o  fexit__vfs_writev                    success          42329  67636    3006          300
EventProbe.bpf.o  kprobe__chmod_common                 success             40     43       1            1
EventProbe.bpf.o  kprobe__chown_common                 success             41     41       1            1
EventProbe.bpf.o  kprobe__commit_creds                 success            325    740      35           35
EventProbe.bpf.o  kprobe__do_renameat2                 success             62     68       4            4
EventProbe.bpf.o  kprobe__do_truncate                  success             51     53       2            2
EventProbe.bpf.o  kprobe__do_unlinkat                  success             50     50       2            2
EventProbe.bpf.o  kprobe__mnt_want_write               success             49     37       3            3
EventProbe.bpf.o  kprobe__taskstats_exit               success          21632  26453    1397           78
EventProbe.bpf.o  kprobe__tcp_close                    success            300    474      26           26
EventProbe.bpf.o  kprobe__tcp_v4_connect               success             49     50       2            2
EventProbe.bpf.o  kprobe__tcp_v6_connect               success             53     50       2            2
EventProbe.bpf.o  kprobe__tty_write                    success            303    561      25           25
EventProbe.bpf.o  kprobe__vfs_rename                   success          42744  79648    3120          406
EventProbe.bpf.o  kprobe__vfs_unlink                   success             51     39       4            4
EventProbe.bpf.o  kprobe__vfs_write                    success             39     43       1            1
EventProbe.bpf.o  kprobe__vfs_writev                   success             40     43       1            1
EventProbe.bpf.o  kretprobe__chmod_common              success          42810  67645    3006          300
EventProbe.bpf.o  kretprobe__chown_common              success          42378  67645    3006          300
EventProbe.bpf.o  kretprobe__do_filp_open              success          43470  66696    2965          318
EventProbe.bpf.o  kretprobe__do_truncate               success          42449  67645    3006          300
EventProbe.bpf.o  kretprobe__inet_csk_accept           success            245    419      25           25
EventProbe.bpf.o  kretprobe__tcp_v4_connect            success            268    432      26           26
EventProbe.bpf.o  kretprobe__tcp_v6_connect            success            263    432      26           26
EventProbe.bpf.o  kretprobe__vfs_rename                success          22421  27550    1431          112
EventProbe.bpf.o  kretprobe__vfs_unlink                success          44520  66693    2964          317
EventProbe.bpf.o  kretprobe__vfs_write                 success          42192  67644    3006          300
EventProbe.bpf.o  kretprobe__vfs_writev                success          42153  67644    3006          300
EventProbe.bpf.o  sched_process_exec                   success          40688  67486    2987          292
EventProbe.bpf.o  sched_process_fork                   success          18561  26868    1416           99
EventProbe.bpf.o  tracepoint_syscalls_sys_exit_setsid  success            150    262      14           14
----------------  -----------------------------------  -------  -------------  -----  ------  -----------
Done. Processed 1 files, 0 programs. Skipped 50 files, 0 programs.
➜  sudo ./artifacts-x86_64/non-GPL/Events/EventsTrace/EventsTrace -i --file-create
{"probes_initialized": true, "features": {"bpf_tramp": true}}
{"event_type":"FILE_CREATE",...snip...,"pids_ss_cgroup_path":"/user.slice/user-1000.slice/[email protected]/app.slice/app-gnome-firefox-2318768.scope"}

@mmat11 mmat11 requested a review from a team as a code owner March 12, 2024 14:27
@mmat11 mmat11 merged commit 4805fa0 into main Mar 12, 2024
24 of 25 checks passed
@mmat11 mmat11 deleted the matt/file-cgroup-path branch March 12, 2024 15:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants