summaryrefslogtreecommitdiffstats
path: root/samples/bpf/trace_output_kern.c
diff options
context:
space:
mode:
authorDaniel T. Lee <danieltimlee@gmail.com>2020-08-23 10:53:33 +0200
committerAlexei Starovoitov <ast@kernel.org>2020-08-25 05:59:35 +0200
commit3677d0a13171bb1dc8db0af84d48dea14a899962 (patch)
tree3de96b317e44d7e1eb175a4be093101f317e88ff /samples/bpf/trace_output_kern.c
parentsamples: bpf: Cleanup bpf_load.o from Makefile (diff)
downloadlinux-3677d0a13171bb1dc8db0af84d48dea14a899962.tar.xz
linux-3677d0a13171bb1dc8db0af84d48dea14a899962.zip
samples: bpf: Refactor kprobe tracing programs with libbpf
For the problem of increasing fragmentation of the bpf loader programs, instead of using bpf_loader.o, which is used in samples/bpf, this commit refactors the existing kprobe tracing programs with libbbpf bpf loader. - For kprobe events pointing to system calls, the SYSCALL() macro in trace_common.h was used. - Adding a kprobe event and attaching a bpf program to it was done through bpf_program_attach(). - Instead of using the existing BPF MAP definition, MAP definition has been refactored with the new BTF-defined MAP format. Signed-off-by: Daniel T. Lee <danieltimlee@gmail.com> Signed-off-by: Alexei Starovoitov <ast@kernel.org> Link: https://lore.kernel.org/bpf/20200823085334.9413-3-danieltimlee@gmail.com
Diffstat (limited to 'samples/bpf/trace_output_kern.c')
-rw-r--r--samples/bpf/trace_output_kern.c15
1 files changed, 8 insertions, 7 deletions
diff --git a/samples/bpf/trace_output_kern.c b/samples/bpf/trace_output_kern.c
index 1d7d422cae6f..b64815af0943 100644
--- a/samples/bpf/trace_output_kern.c
+++ b/samples/bpf/trace_output_kern.c
@@ -2,15 +2,16 @@
#include <linux/version.h>
#include <uapi/linux/bpf.h>
#include <bpf/bpf_helpers.h>
+#include "trace_common.h"
-struct bpf_map_def SEC("maps") my_map = {
- .type = BPF_MAP_TYPE_PERF_EVENT_ARRAY,
- .key_size = sizeof(int),
- .value_size = sizeof(u32),
- .max_entries = 2,
-};
+struct {
+ __uint(type, BPF_MAP_TYPE_PERF_EVENT_ARRAY);
+ __uint(key_size, sizeof(int));
+ __uint(value_size, sizeof(u32));
+ __uint(max_entries, 2);
+} my_map SEC(".maps");
-SEC("kprobe/sys_write")
+SEC("kprobe/" SYSCALL(sys_write))
int bpf_prog1(struct pt_regs *ctx)
{
struct S {