bcc/src/python/bpf-run at weichunc_dev · githubsniper/bcc

executable file
96 lines (81 loc) · 2.45 KB
#!/usr/bin/env python
USAGE = """\
usage: {argv0} <opts> -p probe_func -c cmd
 -c cmd      contents of the program to run, omitting prototype (required)
 -d name     dump table <name> upon exit
 -f format   format string to apply to trace output (see python str.format())
 -n sec      run for <sec> seconds and then exit (default=-1)
 -p probe    kernel entry point to trace (required)
 -t          attach to kernel trace output
 -v          increase verbosity
 {argv0} -p sys_clone -c 'bpf_trace_printk("Hello, World!\\n");' -t\
wrapper = """
int run(void *ctx) {
    return 0;
def print_usage_and_exit(rc, msg=None):
    if rc != 0:
        sys.stdout = sys.stderr
    if msg:
        print(msg)
    print(USAGE.format(argv0=sys.argv[0]))
    sys.exit(rc)
def main():
    import getopt
    import os
    import signal
        opts, args = getopt.getopt(sys.argv[1:], "c:d:f:hn:p:tv")
    except getopt.error, msg:
        print_usage_and_exit(2, msg)
    runcmd = None
    probe_fn = None
    trace = 0
    dump_tables = []
    verbose = 0
    nsec = 0
    format_str = None
    for o, a in opts:
        if o == "-c": runcmd = a
        if o == "-d": dump_tables.append(a)
        if o == "-f": format_str = a
        if o == "-h": print_usage_and_exit(0)
        if o == "-n": nsec = int(a)
        if o == "-p": probe_fn = a
        if o == "-t": trace = 1
        if o == "-v": verbose += 1
    if not runcmd or not probe_fn:
        print_usage_and_exit(2, "Error: -p and -c arguments are required")
    from bpf import BPF
    b = BPF(text=wrapper % runcmd, debug=verbose)
    fn = b.load_func("run", BPF.KPROBE)
    BPF.attach_kprobe(fn, probe_fn)
    if nsec:
        def receive_alarm(signo, stack):
            os.kill(os.getpid(), signal.SIGINT)
        signal.signal(signal.SIGALRM, receive_alarm)
        signal.alarm(nsec)
        if trace:
            with open("/sys/kernel/debug/tracing/trace_pipe") as f:
                while True:
                    line = f.readline(128)
                    line = line.rstrip()
                    if format_str:
                        args=line.split(None, 5)
                        line = format_str.format(*args)
                    print(line)
                    sys.stdout.flush()
        elif nsec:
            signal.pause()
    except KeyboardInterrupt:
        pass
    if dump_tables:
        print("Table dump not yet implemented")
if __name__ == "__main__":
Provide feedback

Saved searches

Use saved searches to filter your results more quickly

FilesExpand file tree

bpf-run

Latest commit

History

bpf-run

File metadata and controls
