tools: filter/display using PID intead of TID
Signed-off-by: Hengqi Chen <chenhengqi@outlook.com>
diff --git a/tools/gethostlatency.py b/tools/gethostlatency.py
index 0ba5a1e..353055d 100755
--- a/tools/gethostlatency.py
+++ b/tools/gethostlatency.py
@@ -61,14 +61,16 @@
return 0;
struct val_t val = {};
- u32 pid = bpf_get_current_pid_tgid();
+ u64 pid_tgid = bpf_get_current_pid_tgid();
+ u32 pid = pid_tgid >> 32;
+ u32 tid = (u32)pid_tgid;
if (bpf_get_current_comm(&val.comm, sizeof(val.comm)) == 0) {
bpf_probe_read_user(&val.host, sizeof(val.host),
(void *)PT_REGS_PARM1(ctx));
- val.pid = bpf_get_current_pid_tgid();
+ val.pid = pid;
val.ts = bpf_ktime_get_ns();
- start.update(&pid, &val);
+ start.update(&tid, &val);
}
return 0;
@@ -78,11 +80,12 @@
struct val_t *valp;
struct data_t data = {};
u64 delta;
- u32 pid = bpf_get_current_pid_tgid();
+ u64 pid_tgid = bpf_get_current_pid_tgid();
+ u32 tid = (u32)pid_tgid;
u64 tsp = bpf_ktime_get_ns();
- valp = start.lookup(&pid);
+ valp = start.lookup(&tid);
if (valp == 0)
return 0; // missed start
@@ -91,7 +94,7 @@
data.pid = valp->pid;
data.delta = tsp - valp->ts;
events.perf_submit(ctx, &data, sizeof(data));
- start.delete(&pid);
+ start.delete(&tid);
return 0;
}
"""
@@ -113,11 +116,11 @@
pid=args.pid)
# header
-print("%-9s %-6s %-16s %10s %s" % ("TIME", "PID", "COMM", "LATms", "HOST"))
+print("%-9s %-7s %-16s %10s %s" % ("TIME", "PID", "COMM", "LATms", "HOST"))
def print_event(cpu, data, size):
event = b["events"].event(data)
- print("%-9s %-6d %-16s %10.2f %s" % (strftime("%H:%M:%S"), event.pid,
+ print("%-9s %-7d %-16s %10.2f %s" % (strftime("%H:%M:%S"), event.pid,
event.comm.decode('utf-8', 'replace'), (float(event.delta) / 1000000),
event.host.decode('utf-8', 'replace')))
diff --git a/tools/solisten.py b/tools/solisten.py
index 71c0a29..35a8295 100755
--- a/tools/solisten.py
+++ b/tools/solisten.py
@@ -58,7 +58,7 @@
// Common structure for UDP/TCP IPv4/IPv6
struct listen_evt_t {
u64 ts_us;
- u64 pid_tgid;
+ u64 pid;
u64 backlog;
u64 netns;
u64 proto; // familiy << 16 | type
@@ -90,7 +90,7 @@
evt.proto = family << 16 | SOCK_STREAM;
// Get PID
- evt.pid_tgid = bpf_get_current_pid_tgid();
+ evt.pid = bpf_get_current_pid_tgid() >> 32;
##FILTER_PID##
@@ -130,7 +130,7 @@
# Decode event
event = b["listen_evt"].event(data)
- pid = event.pid_tgid & 0xffffffff
+ pid = event.pid
proto_family = event.proto & 0xff
proto_type = event.proto >> 16 & 0xff
@@ -151,12 +151,12 @@
# Display
if show_netns:
- printb(b"%-6d %-12.12s %-12d %-6s %-8d %-5d %-39s" % (
+ printb(b"%-7d %-12.12s %-12d %-6s %-8d %-5d %-39s" % (
pid, event.task, event.netns, protocol.encode(), event.backlog,
event.lport, address.encode(),
))
else:
- printb(b"%-6d %-12.12s %-6s %-8d %-5d %-39s" % (
+ printb(b"%-7d %-12.12s %-6s %-8d %-5d %-39s" % (
pid, event.task, protocol.encode(), event.backlog,
event.lport, address.encode(),
))
@@ -171,7 +171,7 @@
netns_filter = ""
if args.pid:
- pid_filter = "if (evt.pid_tgid != %d) return 0;" % args.pid
+ pid_filter = "if (evt.pid != %d) return 0;" % args.pid
if args.netns:
netns_filter = "if (evt.netns != %d) return 0;" % args.netns
@@ -188,10 +188,10 @@
# Print headers
if args.show_netns:
- print("%-6s %-12s %-12s %-6s %-8s %-5s %-39s" %
+ print("%-7s %-12s %-12s %-6s %-8s %-5s %-39s" %
("PID", "COMM", "NETNS", "PROTO", "BACKLOG", "PORT", "ADDR"))
else:
- print("%-6s %-12s %-6s %-8s %-5s %-39s" %
+ print("%-7s %-12s %-6s %-8s %-5s %-39s" %
("PID", "COMM", "PROTO", "BACKLOG", "PORT", "ADDR"))
# Read events
diff --git a/tools/sslsniff.py b/tools/sslsniff.py
index 0200750..02b7360 100755
--- a/tools/sslsniff.py
+++ b/tools/sslsniff.py
@@ -66,7 +66,9 @@
BPF_PERF_OUTPUT(perf_SSL_write);
int probe_SSL_write(struct pt_regs *ctx, void *ssl, void *buf, int num) {
- u32 pid = bpf_get_current_pid_tgid();
+ u64 pid_tgid = bpf_get_current_pid_tgid();
+ u32 pid = pid_tgid >> 32;
+
FILTER
struct probe_SSL_data_t __data = {0};
@@ -89,18 +91,24 @@
BPF_HASH(bufs, u32, u64);
int probe_SSL_read_enter(struct pt_regs *ctx, void *ssl, void *buf, int num) {
- u32 pid = bpf_get_current_pid_tgid();
+ u64 pid_tgid = bpf_get_current_pid_tgid();
+ u32 pid = pid_tgid >> 32;
+ u32 tid = (u32)pid_tgid;
+
FILTER
- bufs.update(&pid, (u64*)&buf);
+ bufs.update(&tid, (u64*)&buf);
return 0;
}
int probe_SSL_read_exit(struct pt_regs *ctx, void *ssl, void *buf, int num) {
- u32 pid = bpf_get_current_pid_tgid();
+ u64 pid_tgid = bpf_get_current_pid_tgid();
+ u32 pid = pid_tgid >> 32;
+ u32 tid = (u32)pid_tgid;
+
FILTER
- u64 *bufp = bufs.lookup(&pid);
+ u64 *bufp = bufs.lookup(&tid);
if (bufp == 0) {
return 0;
}
@@ -116,7 +124,7 @@
bpf_probe_read_user(&__data.v0, sizeof(__data.v0), (char *)*bufp);
}
- bufs.delete(&pid);
+ bufs.delete(&tid);
perf_SSL_read.perf_submit(ctx, &__data, sizeof(__data));
return 0;
@@ -176,7 +184,7 @@
# header
-print("%-12s %-18s %-16s %-6s %-6s" % ("FUNC", "TIME(s)", "COMM", "PID",
+print("%-12s %-18s %-16s %-7s %-6s" % ("FUNC", "TIME(s)", "COMM", "PID",
"LEN"))
# process event
@@ -213,7 +221,7 @@
e_mark = "-" * 5 + " END DATA (TRUNCATED, " + str(truncated_bytes) + \
" bytes lost) " + "-" * 5
- fmt = "%-12s %-18.9f %-16s %-6d %-6d\n%s\n%s\n%s\n\n"
+ fmt = "%-12s %-18.9f %-16s %-7d %-6d\n%s\n%s\n%s\n\n"
if args.hexdump:
unwrapped_data = binascii.hexlify(event.v0)
data = textwrap.fill(unwrapped_data.decode('utf-8', 'replace'),width=32)
diff --git a/tools/tcpdrop.py b/tools/tcpdrop.py
index f138f13..59dbf66 100755
--- a/tools/tcpdrop.py
+++ b/tools/tcpdrop.py
@@ -97,7 +97,7 @@
{
if (sk == NULL)
return 0;
- u32 pid = bpf_get_current_pid_tgid();
+ u32 pid = bpf_get_current_pid_tgid() >> 32;
// pull in details from the packet headers and the sock struct
u16 family = sk->__sk_common.skc_family;
@@ -155,7 +155,7 @@
# process event
def print_ipv4_event(cpu, data, size):
event = b["ipv4_events"].event(data)
- print("%-8s %-6d %-2d %-20s > %-20s %s (%s)" % (
+ print("%-8s %-7d %-2d %-20s > %-20s %s (%s)" % (
strftime("%H:%M:%S"), event.pid, event.ip,
"%s:%d" % (inet_ntop(AF_INET, pack('I', event.saddr)), event.sport),
"%s:%s" % (inet_ntop(AF_INET, pack('I', event.daddr)), event.dport),
@@ -167,7 +167,7 @@
def print_ipv6_event(cpu, data, size):
event = b["ipv6_events"].event(data)
- print("%-8s %-6d %-2d %-20s > %-20s %s (%s)" % (
+ print("%-8s %-7d %-2d %-20s > %-20s %s (%s)" % (
strftime("%H:%M:%S"), event.pid, event.ip,
"%s:%d" % (inet_ntop(AF_INET6, event.saddr), event.sport),
"%s:%d" % (inet_ntop(AF_INET6, event.daddr), event.dport),
@@ -188,7 +188,7 @@
stack_traces = b.get_table("stack_traces")
# header
-print("%-8s %-6s %-2s %-20s > %-20s %s (%s)" % ("TIME", "PID", "IP",
+print("%-8s %-7s %-2s %-20s > %-20s %s (%s)" % ("TIME", "PID", "IP",
"SADDR:SPORT", "DADDR:DPORT", "STATE", "FLAGS"))
# read events