Overview

File bcc-bsc1080085-import-readline-from-lib.patch of Package bcc.15364

diff --git a/tools/bashreadline.py b/tools/bashreadline.py
index 1aaaa11..8abbbdd 100755
--- a/tools/bashreadline.py
+++ b/tools/bashreadline.py
@@ -19,6 +19,7 @@ import ctypes as ct
 # load BPF program
 bpf_text = """
 #include <uapi/linux/ptrace.h>
+#include <linux/sched.h>
 
 struct str_t {
     u64 pid;
@@ -28,10 +29,14 @@ struct str_t {
 BPF_PERF_OUTPUT(events);
 
 int printret(struct pt_regs *ctx) {
+    char comm[TASK_COMM_LEN];
     struct str_t data  = {};
     u32 pid;
     if (!PT_REGS_RC(ctx))
         return 0;
+    bpf_get_current_comm(&comm, sizeof(comm));
+    if (comm[0] != 'b' || comm[1] != 'a' || comm[2] != 's' || comm[3] != 'h')
+        return 0;
     pid = bpf_get_current_pid_tgid();
     data.pid = pid;
     bpf_probe_read(&data.str, sizeof(data.str), (void *)PT_REGS_RC(ctx));
@@ -49,7 +54,7 @@ class Data(ct.Structure):
     ]
 
 b = BPF(text=bpf_text)
-b.attach_uretprobe(name="/bin/bash", sym="readline", fn_name="printret")
+b.attach_uretprobe(name="readline", sym="readline", fn_name="printret")
 
 # header
 print("%-9s %-6s %s" % ("TIME", "PID", "COMMAND"))
openSUSE Build Service is sponsored by
Places