Get ex2 running

2025-12-31 21:06:25 +00:00 · 2025-09-07 19:19:58 +05:30
parent 734a49b295
commit c0559639f2
11 changed files with 72 additions and 35 deletions
--- a/examples/c-form/Makefile
+++ b/examples/c-form/Makefile
@ -1,19 +1,19 @@
 BPF_CLANG := clang
 CFLAGS := -O2 -emit-llvm -target bpf -c

-SRC := ex3.bpf.c
-OUT := ex3.bpf.ll
-OBJECT := ex3.bpf.o
+SRC := $(wildcard *.bpf.c)
+LL := $(SRC:.bpf.c=.bpf.ll)
+OBJ := $(SRC:.bpf.c=.bpf.o)

 .PHONY: all clean

-all: $(OUT)
-	
-object: $(SRC)
-	$(BPF_CLANG) -O2 -g -target bpf -c $< -o $(OBJECT)
+all: $(LL) $(OBJ)

-$(OUT): $(SRC) object
+%.bpf.o: %.bpf.c
+	$(BPF_CLANG) -O2 -target bpf -c $< -o $@
+
+%.bpf.ll: %.bpf.c
 	$(BPF_CLANG) $(CFLAGS) -S $< -o $@

 clean:
-	rm -f $(OUT) $(OBJECT)
+	rm -f $(LL) $(OBJ)
--- a/examples/c-form/ex2.bpf.c
+++ b/examples/c-form/ex2.bpf.c
@ -1,7 +1,7 @@
 #include <linux/bpf.h>
 #include <bpf/bpf_helpers.h>

-SEC("kprobe/sys_clone")
+SEC("tracepoint/syscalls/sys_enter_execve")
 int hello(struct pt_regs *ctx) {
    bpf_printk("Hello, World!\n");
    return 0;
--- a/examples/check.sh
+++ b/examples/check.sh
@ -1,2 +1,33 @@
 #!/bin/bash
-sudo bpftool prog -d load $1 /sys/fs/bpf/tmp && sudo rm -f /sys/fs/bpf/tmp
+
+PIN_PATH="/sys/fs/bpf/bpf_prog"
+FILE="$2"
+case "$1" in
+    check)
+        echo "[*] Checking $FILE"
+        echo $(sudo bpftool prog load -d "$FILE" "$PIN_PATH")
+        sudo rm -f "$PIN_PATH"
+        echo "[+] Verification succeeded"
+        ;;
+    run)
+        echo "[*] Loading and running $FILE"
+        sudo bpftool prog load "$FILE" "$PIN_PATH" autoattach
+        echo "[+] Program loaded. Press Ctrl+C to stop"
+        sudo cat /sys/kernel/debug/tracing/trace_pipe
+        sudo rm -f "$PIN_PATH"
+        echo "[+] Stopped"
+        ;;
+    stop)
+        echo "[*] Stopping program"
+        sudo rm -f "$PIN_PATH"
+        echo "[+] Stopped"
+        ;;
+    *)
+        echo "Usage: $0 <check|run|stop> <file.o>"
+        echo "Examples:"
+        echo "  $0 check program.bpf.o"
+        echo "  $0 run program.bpf.o"
+        echo "  $0 stop"
+        exit 1
+        ;;
+esac
--- a/examples/execve2.py
+++ b/examples/execve2.py
@ -1,13 +1,11 @@
 from pythonbpf.decorators import bpf, section
-# from pythonbpf.decorators import tracepoint, syscalls
 from ctypes import c_void_p, c_int32


@bpf
-@section("kprobe/sys_clone")
+@section("tracepoint/syscalls/sys_enter_execve")
 def hello(ctx: c_void_p) -> c_int32:
    print("Hello, World!")
    return c_int32(0)

-
 LICENSE = "GPL"
--- a/examples/hello_world.py
+++ b/examples/hello_world.py
@ -1,11 +1,15 @@
-from pythonbpf.decorators import tracepoint, syscalls
+# This is what it is going to look like
+# pylint: disable-all# type: ignore
+from pythonbpf.decorators import tracepoint, syscalls, bpfglobal, bpf
 from ctypes import c_void_p, c_int32

-
+@bpf
@tracepoint(syscalls.sys_clone)
 def trace_clone(ctx: c_void_p) -> c_int32:
    print("Hello, World!")
    return c_int32(0)

-
-LICENSE = "GPL"
+@bpf
+@bpfglobal
+def LICENSE() -> str:
+    return "GPL"