github.com/inspektor-gadget/inspektor-gadget@v0.28.1/pkg/gadgets/trace/open/tracer/bpf/opensnoop.h

github.com/inspektor-gadget/inspektor-gadget@v0.28.1/pkg/gadgets/trace/open/tracer/bpf/opensnoop.h (about)

     1  /* SPDX-License-Identifier: (LGPL-2.1 OR BSD-2-Clause) */
     2  #ifndef __OPENSNOOP_H
     3  #define __OPENSNOOP_H
     4  
     5  #define TASK_COMM_LEN 16
     6  #define NAME_MAX 255
     7  #define PATH_MAX 4096
     8  #define INVALID_UID ((uid_t)-1)
     9  
    10  struct start_t {
    11  	int flags;
    12  	__u16 mode;
    13  	__u8 fname[NAME_MAX];
    14  };
    15  
    16  // this needs to be manually kept in sync with opensnoopEventAbbrev in tracer.go (without the full_fname field)
    17  struct event {
    18  	__u64 timestamp;
    19  	/* user terminology for pid: */
    20  	__u32 pid;
    21  	__u32 uid;
    22  	__u32 gid;
    23  	__u64 mntns_id;
    24  	__s32 err;
    25  	__u32 fd;
    26  	int flags;
    27  	__u16 mode;
    28  	__u8 comm[TASK_COMM_LEN];
    29  	__u8 fname[NAME_MAX];
    30  	// Keep full_fname as the last field for optimization
    31  	__u8 full_fname[PATH_MAX];
    32  };
    33  
    34  struct prefix_key {
    35  	__u32 prefixlen;
    36  	__u8 filename[NAME_MAX];
    37  };
    38  
    39  #endif /* __OPENSNOOP_H */