- Configure git.
# ~/.config/git/config
[sendemail]
confirm = auto
smtpServer = smtp.gmail.com
smtpServerPort = 587
smtpEncryption = tls
smtpUser = <gmail email address>
grantseltzer grantseltzer
grantseltzer
/ GeneratedBPFProgram.c
Last active
September 5, 2024 02:16
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* SPDX-License-Identifier: (LGPL-2.1 OR BSD-2-Clause) */ | |
| #ifndef __BPF_HELPERS__ | |
| #define __BPF_HELPERS__ | |
| #ifndef __KTYPES_H__ | |
| #define __KTYPES_H__ | |
| #ifdef COMPILE_CORE | |
| #else#include <linux/types.h> |
grantseltzer
/ setup.sh
Created
February 7, 2023 01:01
— forked from earnubs/setup.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # configure LXD profile for dual nic macOS/vmware fusion set up https://gist.github.com/earnubs/eec3c6aa1e091c0a898c | |
| set -eu | |
| _UID=$(id -u) | |
| GID=$(id -g) | |
| GROUP=$(id -gn) | |
| SUBUID=root:$_UID:1 | |
| SUBGID=root:$GID:1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # v0.8.2 | |
| This release continues the trend of more frequent smaller releases. It contains mostly bug fixes and performance optimizations. | |
| # Highlights | |
| ## Breaking Changes | |
| There should be no breaking changes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # v0.3.0-libbpf-0.8.0 | |
| This release of libbpfgo now provides official support for statically/dynamically linking libbpf v0.8.0!!! | |
| Breaking Changes | |
| - `ListProgramNames` API was removed | |
| - `GetUnsafePointer` was removed | |
| New APIs | |
| - `BPFMap.SetValueSize()` (calls libbpf bpf_map__set_value_size) #156 |
grantseltzer
/ dump.txt
Created
March 25, 2022 22:47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ... | |
| Successfully built 393e75e4ad77 | |
| Successfully tagged ubuntu-tracee-make:latest | |
| docker \ | |
| run --rm --pid=host --privileged -v /etc/os-release:/etc/os-release-host:ro -v /home/rotscale/go/src/github.com/aquasecurity/tracee:/tracee -v /lib/modules:/lib/modules:ro -v /usr/src:/usr/src:ro -v /sys/kernel/security:/sys/kernel/security:ro -e LIBBPFGO_OSRELEASE_FILE=/etc/os-release-host -e STATIC=1 -e BTFHUB=1 \ | |
| ubuntu-tracee-make \ | |
| make all | |
| CC="clang" \ | |
| CFLAGS=""-fPIC"" \ | |
| LD_FLAGS="" \ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Dumping existing libbpf commit signatures... | |
| WORKDIR: /home/rotscale/libbpf | |
| LINUX REPO: /home/rotscale/linux | |
| LIBBPF REPO: /home/rotscale/libbpf | |
| TEMP DIR: /tmp/tmp.V5UQqQTpFJ | |
| SUFFIX: 2021-08-18T20-34-03.609Z | |
| BASE COMMIT: '3c3bd542ffbb ("selftests/bpf: Add exponential backoff to map_update_retriable in test_maps")' | |
| TIP COMMIT: 'd20b41115ad5 ("libbpf: Rename libbpf documentation index file")' | |
| BPF BASE COMMIT: '3776f3517ed9 ("selftests, bpf: Test that dead ldx_w insns are accepted")' | |
| BPF TIP COMMIT: '3776f3517ed9 ("selftests, bpf: Test that dead ldx_w insns are accepted")' |
grantseltzer
/ readme.md
Created
August 10, 2021 02:01
— forked from jasonkarns/readme.md
Git send-email using Gmail
CGO causes a ton of errors of the form "int not declared by package C", for every type.
There's also one error that says "could not import C (cgo preprocesseing failed (go-staticcheck))
The logs file is with gopls trace logs turned on.
The logs were created right after I hit save. The file where CGO is used is this one:
https://github.com/aquasecurity/tracee/blob/main/libbpfgo/libbpfgo.go
grantseltzer
/ bpf_prog.bpf.c
Created
March 2, 2021 19:11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SEC("kprobe/sys_mmap") | |
| int kprobe__sys_mmap(struct pt_regs *ctx) | |
| { | |
| __u64 id = bpf_get_current_pid_tgid(); | |
| __u32 tgid = id >> 32; | |
| struct process_info *process; | |
| // Reserve space on the ringbuffer for the sample | |
| process = bpf_ringbuf_reserve(&events, sizeof(struct process_info), ringbuffer_flags); | |
| if (!process) { |
grantseltzer
/ mmap-kprobe.bpf.c
Created
February 20, 2021 23:52
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include "vmlinux.h" | |
| #include <bpf/bpf_helpers.h> | |
| char LICENSE[] SEC("license") = "GPL"; | |
| struct process_info { | |
| int pid; | |
| char comm[100]; | |
| }; |
NewerOlder