yanguangshaonian
/
aya
mirror of https://github.com/aya-rs/aya
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
create-pull-request/codegen
create-pull-request/public-api
main
fix-verifier-blixt
linker-bindep
gh-pages
aya-v0.13.1
aya-obj-v0.2.1
aya-log-v0.2.1
aya-log-common-v0.1.15
aya-ebpf-bindings-v0.1.1
aya-ebpf-cty-v0.2.2
aya-v0.13.0
aya-obj-v0.2.0
aya-log-ebpf-v0.1.0
aya-log-ebpf-macros-v0.1.0
aya-log-parser-v0.1.13
aya-ebpf-v0.1.0
aya-ebpf-macros-v0.1.0
aya-ebpf-bindings-v0.1.0
aya-ebpf-cty-v0.2.1
aya-log-v0.2.0
aya-log-common-v0.1.14
aya-v0.12.0
aya-obj-v0.1.0
aya-log-common-v0.1.13
aya-log-v0.1.13
aya-log-common-v0.1.11
aya-log-v0.1.11
aya-log-common-v0.1.10
aya-log-v0.1.10
aya-v0.11.0
aya-log-common-v0.1.9
aya-log-v0.1.9
aya-v0.10.7
aya-v0.10.6
aya-log-v0.1.1
aya-v0.10.5
aya-v0.10.4
aya-v0.10.3
aya-v0.10.2
aya-v0.10.1
aya-v0.10.0
aya-ebpf-macros-v0.1.1
aya-ebpf-v0.1.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b14fd02445'
${ noResults }
aya/bpf/aya-bpf/src/programs/probe.rs

111 lines
3.3 KiB
Rust
Raw Blame History

use core::ffi::c_void;
use crate::{args::FromPtRegs, BpfContext};
// aarch64 uses user_pt_regs instead of pt_regs
#[cfg(not(bpf_target_arch = "aarch64"))]
use crate::bindings::pt_regs;
#[cfg(bpf_target_arch = "aarch64")]
use crate::bindings::user_pt_regs as pt_regs;
pub struct ProbeContext {
pub regs: *mut pt_regs,
}
impl ProbeContext {
pub fn new(ctx: *mut c_void) -> ProbeContext {
ProbeContext {
regs: ctx as *mut pt_regs,
}
}
/// Returns the `n`th argument to passed to the probe function, starting from 0.
///
/// # Examples
///
/// ```no_run
/// # #![allow(non_camel_case_types)]
/// # #![allow(dead_code)]
/// # use aya_bpf::{programs::ProbeContext, cty::c_int, helpers::bpf_probe_read};
/// # type pid_t = c_int;
/// # struct task_struct {
/// # pid: pid_t,
/// # }
/// unsafe fn try_kprobe_try_to_wake_up(ctx: ProbeContext) -> Result<u32, u32> {
/// let tp: *const task_struct = ctx.arg(0).ok_or(1u32)?;
/// let pid = bpf_probe_read(&(*tp).pid as *const pid_t).map_err(|_| 1u32)?;
///
/// // Do something with pid or something else with tp
///
/// Ok(0)
/// }
/// ```
pub fn arg<T: FromPtRegs>(&self, n: usize) -> Option<T> {
T::from_argument(unsafe { &*self.regs }, n)
}
/// Returns the `n`th stack argument to passed to the probe function, starting from 0.
///
/// # Examples
///
/// ```no_run
/// # # for c-function in x86_64 platform like:
/// # # void function_with_many_args(int64 a0, int64 a1, int64 a2,
/// # # int64 a3, int64 a4, int64 a5, int64 a6)
/// # #![allow(non_camel_case_types)]
/// # #![allow(dead_code)]
/// unsafe fn try_print_args(ctx: ProbeContext) -> Result<u32, u32> {
/// let a_0: i64 = ctx.arg(0).ok_or(1u32)?;
/// let a_1: i64 = ctx.arg(1).ok_or(1u32)?;
/// let a_2: i64 = ctx.arg(2).ok_or(1u32)?;
/// let a_3: i64 = ctx.arg(3).ok_or(1u32)?;
/// let a_4: i64 = ctx.arg(4).ok_or(1u32)?;
/// let a_5: i64 = ctx.arg(5).ok_or(1u32)?;
/// let a_6: i64 = ctx.stack_arg(0).ok_or(1u32)?;
/// info!(
/// &ctx,
/// "arg 0-6: {}, {}, {}, {}, {}, {}, {}",
/// a_0,
/// a_1,
/// a_2,
/// a_3,
/// a_4,
/// a_5,
/// a_6
/// );
///
/// // Do something with args
///
/// Ok(0)
/// }
/// ```
pub fn stack_arg<T: FromPtRegs>(&self, n: usize) -> Option<T> {
T::from_stack_argument(unsafe { &*self.regs }, n)
}
/// Returns the return value of the probed function.
///
/// # Examples
///
/// ```no_run
/// # #![allow(dead_code)]
/// # use aya_bpf::{programs::ProbeContext, cty::c_int};
/// unsafe fn try_kretprobe_try_to_wake_up(ctx: ProbeContext) -> Result<u32, u32> {
/// let retval: c_int = ctx.ret().ok_or(1u32)?;
///
/// // Do something with retval
///
/// Ok(0)
/// }
/// ```
pub fn ret<T: FromPtRegs>(&self) -> Option<T> {
T::from_retval(unsafe { &*self.regs })
}
}
impl BpfContext for ProbeContext {
fn as_ptr(&self) -> *mut c_void {
self.regs as *mut c_void
}
}
Reference in New Issue View Git Blame Copy Permalink