mirror of
https://github.com/varun-r-mallya/Python-BPF.git
synced 2025-12-31 21:06:25 +00:00
30 lines
546 B
Python
30 lines
546 B
Python
from pythonbpf import bpf, section, bpfglobal, compile, struct
|
|
from ctypes import c_void_p, c_int64, c_uint64, c_uint32
|
|
from pythonbpf.helper import probe_read
|
|
|
|
|
|
@bpf
|
|
@struct
|
|
class data_t:
|
|
pid: c_uint32
|
|
value: c_uint64
|
|
|
|
|
|
@bpf
|
|
@section("tracepoint/syscalls/sys_enter_execve")
|
|
def test_probe_read(ctx: c_void_p) -> c_int64:
|
|
"""Test bpf_probe_read helper function"""
|
|
data = data_t()
|
|
probe_read(data.value, 8, ctx)
|
|
probe_read(data.pid, 4, ctx)
|
|
return 0
|
|
|
|
|
|
@bpf
|
|
@bpfglobal
|
|
def LICENSE() -> str:
|
|
return "GPL"
|
|
|
|
|
|
compile()
|