varun-r-mallya/python-bpf
1
0
Fork 0
mirror of https://github.com/varun-r-mallya/Python-BPF.git synced 2025-12-31 21:06:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add ktime

Browse Source
This commit is contained in:
Pragyansh Chaturvedi
2025-09-09 23:40:05 +05:30
parent 8ee5d03c5d
commit 3628276e08
5 changed files with 28 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
examples/c-form/ex4.bpf.c
View File

@ -33,7 +33,7 @@ long hello_again(void *ctx) {
u64 delta = bpf_ktime_get_ns() - *tsp;
if (delta < 1000000000) {
// output if time is less than 1 second
bpf_trace_printk("%d\\n", delta / 1000000);
bpf_printk("execve called within last second");
}
bpf_map_delete_elem(&last, &key);
}

6
examples/execve2.py
View File

@ -1,6 +1,6 @@
from pythonbpf.decorators import bpf, map, section, bpfglobal
from ctypes import c_void_p, c_int64, c_int32, c_uint64
from pythonbpf.helpers import bpf_ktime_get_ns
from pythonbpf.helpers import ktime
from pythonbpf.maps import HashMap
@ -9,6 +9,7 @@ from pythonbpf.maps import HashMap
def last() -> HashMap:
return HashMap(key_type=c_uint64, value_type=c_uint64, max_entries=1)
@bpf
@section("tracepoint/syscalls/sys_enter_execve")
def hello(ctx: c_void_p) -> c_int32:
@ -24,9 +25,10 @@ def hello_again(ctx: c_void_p) -> c_int64:
key = 0
tsp = last().lookup(key)
print(tsp)
ts = bpf_ktime_get_ns()
ktime()
return c_int64(0)
@bpf
@bpfglobal
def LICENSE() -> str: