varun-r-mallya/python-bpf
1
0
Fork 0
mirror of https://github.com/varun-r-mallya/Python-BPF.git synced 2026-02-09 22:50:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

janitorial

Browse Source
This commit is contained in:
varun-r-mallya
2025-09-30 20:09:04 +05:30
parent 980f2af414
commit af004cb864
10 changed files with 1 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
demo/bcc.py
View File

@ -1,46 +0,0 @@
from __future__ import print_function
from bcc import BPF
from bcc.utils import printb
# load BPF program
b = BPF(text="""
#include <uapi/linux/ptrace.h>
BPF_HASH(last);
int do_trace(struct pt_regs *ctx) {
u64 ts, *tsp, delta, key = 0;
// attempt to read stored timestamp
tsp = last.lookup(&key);
if (tsp != NULL) {
delta = bpf_ktime_get_ns() - *tsp;
if (delta < 1000000000) {
// output if time is less than 1 second
bpf_trace_printk("%d\\n", delta / 1000000);
}
last.delete(&key);
}
// update stored timestamp
ts = bpf_ktime_get_ns();
last.update(&key, &ts);
return 0;
}
""")
b.attach_kprobe(event=b.get_syscall_fnname("sync"), fn_name="do_trace")
print("Tracing for quick sync's... Ctrl-C to end")
# TODO
# format output
start = 0
while 1:
try:
(task, pid, cpu, flags, ts, ms) = b.trace_fields()
if start == 0:
start = ts
ts = ts - start
printb(b"At time %.2f s: multiple syncs detected, last %s ms ago" % (ts, ms))
except KeyboardInterrupt:
exit()

0
demo/clone-matplotlib.ipynb → examples/clone-matplotlib.ipynb
View File

12
examples/execve3.py
View File

@ -10,18 +10,10 @@ from ctypes import c_void_p, c_int64, c_int32, c_uint64
def last() -> HashMap: def last() -> HashMap:
return HashMap(key=c_uint64, value=c_uint64, max_entries=3) return HashMap(key=c_uint64, value=c_uint64, max_entries=3)
@bpf
@section("tracepoint/syscalls/sys_enter_execve")
def hello(ctx: c_void_p) -> c_int32:
print("entered")
print("multi constant support")
return c_int32(0)
@bpf @bpf
@section("tracepoint/syscalls/sys_exit_execve") @section("tracepoint/syscalls/sys_exit_execve")
def hello_again(ctx: c_void_p) -> c_int64: def hello_again(ctx: c_void_p) -> c_int64:
print("multi constant support")
print("exited") print("exited")
key = 0 key = 0
delta = 0 delta = 0
@ -45,11 +37,9 @@ def hello_again(ctx: c_void_p) -> c_int64:
return c_int64(0) return c_int64(0)
@bpf @bpf
@bpfglobal @bpfglobal
def LICENSE() -> str: def LICENSE() -> str:
return "GPL" return "GPL"
compile() compile()

1
examples/execve4.py
View File

@ -10,7 +10,6 @@ from ctypes import c_void_p, c_int64, c_int32, c_uint64
def last() -> HashMap: def last() -> HashMap:
return HashMap(key=c_uint64, value=c_uint64, max_entries=3) return HashMap(key=c_uint64, value=c_uint64, max_entries=3)
@bpf @bpf
@section("blk_start_request") @section("blk_start_request")
def trace_start(ctx: c_void_p) -> c_int32: def trace_start(ctx: c_void_p) -> c_int32:

15
examples/hello_world.py
View File

@ -1,15 +0,0 @@
# This is what it is going to look like
# pylint: disable-all# type: ignore
from pythonbpf.decorators import tracepoint, syscalls, bpfglobal, bpf
from ctypes import c_void_p, c_int32
@bpf
@tracepoint(syscalls.sys_clone)
def trace_clone(ctx: c_void_p) -> c_int32:
print("Hello, World!")
return c_int32(0)
@bpf
@bpfglobal
def LICENSE() -> str:
return "GPL"

0
demo/pybpf0.py → examples/pybpf0.py
View File

0
demo/pybpf1.py → examples/pybpf1.py
View File

0
demo/pybpf2.py → examples/pybpf2.py
View File

0
demo/pybpf3.py → examples/pybpf3.py
View File

0
demo/pybpf4.py → examples/pybpf4.py
View File