mirror of
https://github.com/varun-r-mallya/Python-BPF.git
synced 2025-12-31 21:06:25 +00:00
37 lines
793 B
Python
37 lines
793 B
Python
from pythonbpf.decorators import bpf, map, section, bpfglobal
|
|
from ctypes import c_void_p, c_int64, c_int32, c_uint64
|
|
from pythonbpf.helpers import bpf_ktime_get_ns
|
|
from pythonbpf.maps import HashMap
|
|
|
|
|
|
@bpf
|
|
@map
|
|
def last() -> HashMap:
|
|
return HashMap(key_type=c_uint64, value_type=c_uint64, max_entries=1)
|
|
|
|
|
|
@bpf
|
|
@section("tracepoint/syscalls/sys_enter_execve")
|
|
def hello(ctx: c_void_p) -> c_int32:
|
|
print("entered")
|
|
print("multi constant support")
|
|
return c_int32(0)
|
|
|
|
|
|
@bpf
|
|
@section("tracepoint/syscalls/sys_exit_execve")
|
|
def hello_again(ctx: c_void_p) -> c_int64:
|
|
print("exited")
|
|
key = c_int64(0)
|
|
tsp = last.lookup(key)
|
|
print(tsp)
|
|
ts = bpf_ktime_get_ns()
|
|
return c_int64(0)
|
|
|
|
# @bpf
|
|
# @bpfglobal
|
|
# def LICENSE() -> str:
|
|
# return "GPL"
|
|
|
|
LICENSE = "GPL"
|