blob: 12f4065fca2016607adc920ddacfd225a644294d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
// SPDX-License-Identifier: GPL-2.0
/* Copyright (c) 2023 Hengqi Chen */
#include "vmlinux.h"
#include <bpf/bpf_helpers.h>
#include <bpf/bpf_tracing.h>
pid_t my_pid = 0;
int test1_result = 0;
int test2_result = 0;
int test3_result = 0;
int test4_result = 0;
SEC("uprobe/./liburandom_read.so:urandlib_api_sameoffset")
int BPF_UPROBE(test1)
{
pid_t pid = bpf_get_current_pid_tgid() >> 32;
if (pid != my_pid)
return 0;
test1_result = 1;
return 0;
}
SEC("uprobe/./liburandom_read.so:urandlib_api_sameoffset@LIBURANDOM_READ_1.0.0")
int BPF_UPROBE(test2)
{
pid_t pid = bpf_get_current_pid_tgid() >> 32;
if (pid != my_pid)
return 0;
test2_result = 1;
return 0;
}
SEC("uretprobe/./liburandom_read.so:urandlib_api_sameoffset@@LIBURANDOM_READ_2.0.0")
int BPF_URETPROBE(test3, int ret)
{
pid_t pid = bpf_get_current_pid_tgid() >> 32;
if (pid != my_pid)
return 0;
test3_result = ret;
return 0;
}
SEC("uprobe")
int BPF_UPROBE(test4)
{
pid_t pid = bpf_get_current_pid_tgid() >> 32;
if (pid != my_pid)
return 0;
test4_result = 1;
return 0;
}
#if defined(__TARGET_ARCH_x86)
struct pt_regs regs;
SEC("uprobe")
int BPF_UPROBE(test_regs_change)
{
pid_t pid = bpf_get_current_pid_tgid() >> 32;
if (pid != my_pid)
return 0;
ctx->ax = regs.ax;
ctx->cx = regs.cx;
ctx->dx = regs.dx;
ctx->r8 = regs.r8;
ctx->r9 = regs.r9;
ctx->r10 = regs.r10;
ctx->r11 = regs.r11;
ctx->di = regs.di;
ctx->si = regs.si;
return 0;
}
unsigned long ip;
SEC("uprobe")
int BPF_UPROBE(test_regs_change_ip)
{
pid_t pid = bpf_get_current_pid_tgid() >> 32;
if (pid != my_pid)
return 0;
ctx->ip = ip;
return 0;
}
#endif
|
