rbbcc 0.5.0 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.semaphore/semaphore.yml +3 -1
- data/Gemfile.lock +2 -2
- data/examples/tools/bashreadline.rb +83 -0
- data/lib/rbbcc/bcc.rb +7 -1
- data/lib/rbbcc/version.rb +1 -1
- metadata +4 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4bfc5d3f19fd4dbfa744a6380055103b5c45a0a72d956ced238154472ae4d7b5
|
4
|
+
data.tar.gz: 160c2a313f7181c6a9dab665c265fe2760d743ecbcab4797cc25e920e00d7f11
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9e2f72abd18698c9dca81342474a38e10a2e65d88e4acc7d0bbb3d924d9019d7204639f407a14418664d49ef4eb0666729fda06e3a06f2066dd0c8bfa0cf6701
|
7
|
+
data.tar.gz: e651213860bacc705b8b3f8c51c962aba9f5f1d67cb041eab850eee64b1c8ab6d7fe71a6bd630cddc224bea2af465323c3b4ef728995d124c954f194e9cd6714
|
data/.semaphore/semaphore.yml
CHANGED
@@ -10,10 +10,12 @@ blocks:
|
|
10
10
|
jobs:
|
11
11
|
- name: ruby test
|
12
12
|
matrix:
|
13
|
+
- env_var: RUBY_VERSION
|
14
|
+
values: [ "2.6.5", "2.6.6", "2.7.1" ]
|
13
15
|
- env_var: LIBBCC_VERSION
|
14
16
|
values: [ "0.12.0", "0.11.0", "0.10.0" ]
|
15
17
|
commands:
|
16
18
|
- sem-version c 7
|
17
|
-
- sem-version ruby
|
19
|
+
- sem-version ruby $RUBY_VERSION
|
18
20
|
- checkout
|
19
21
|
- ./semaphore.sh
|
data/Gemfile.lock
CHANGED
@@ -0,0 +1,83 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
#
|
3
|
+
# bashreadline Print entered bash commands from all running shells.
|
4
|
+
# For Linux, uses BCC, eBPF. Embedded C.
|
5
|
+
#
|
6
|
+
# USAGE: bashreadline [-s SHARED]
|
7
|
+
# This works by tracing the readline() function using a uretprobe (uprobes).
|
8
|
+
# When you failed to run the script directly with error:
|
9
|
+
# `Exception: could not determine address of symbol b'readline'`,
|
10
|
+
# you may need specify the location of libreadline.so library
|
11
|
+
# with `-s` option.
|
12
|
+
#
|
13
|
+
# Original bashreadline.py:
|
14
|
+
# Copyright 2016 Netflix, Inc.
|
15
|
+
# Licensed under the Apache License, Version 2.0 (the "License")
|
16
|
+
# And Ruby version follows.
|
17
|
+
#
|
18
|
+
# 28-Jan-2016 Brendan Gregg Created bashreadline.py.
|
19
|
+
# 12-Feb-2016 Allan McAleavy migrated to BPF_PERF_OUTPUT
|
20
|
+
# 05-Jun-2020 Uchio Kondo Ported bashreadline.rb
|
21
|
+
|
22
|
+
require 'rbbcc'
|
23
|
+
require 'optparse'
|
24
|
+
include RbBCC
|
25
|
+
|
26
|
+
args = {}
|
27
|
+
opts = OptionParser.new
|
28
|
+
opts.on("-s", "--shared=LIBREADLINE_PATH"){|v| args[:shared] = v }
|
29
|
+
opts.parse!(ARGV)
|
30
|
+
|
31
|
+
name = args[:shared] || "/bin/bash"
|
32
|
+
|
33
|
+
# load BPF program
|
34
|
+
bpf_text = <<BPF
|
35
|
+
#include <uapi/linux/ptrace.h>
|
36
|
+
#include <linux/sched.h>
|
37
|
+
|
38
|
+
struct str_t {
|
39
|
+
u64 pid;
|
40
|
+
char str[80];
|
41
|
+
};
|
42
|
+
|
43
|
+
BPF_PERF_OUTPUT(events);
|
44
|
+
|
45
|
+
int printret(struct pt_regs *ctx) {
|
46
|
+
struct str_t data = {};
|
47
|
+
char comm[TASK_COMM_LEN] = {};
|
48
|
+
u32 pid;
|
49
|
+
if (!PT_REGS_RC(ctx))
|
50
|
+
return 0;
|
51
|
+
pid = bpf_get_current_pid_tgid();
|
52
|
+
data.pid = pid;
|
53
|
+
bpf_probe_read(&data.str, sizeof(data.str), (void *)PT_REGS_RC(ctx));
|
54
|
+
|
55
|
+
bpf_get_current_comm(&comm, sizeof(comm));
|
56
|
+
if (comm[0] == 'b' && comm[1] == 'a' && comm[2] == 's' && comm[3] == 'h' && comm[4] == 0 ) {
|
57
|
+
events.perf_submit(ctx,&data,sizeof(data));
|
58
|
+
}
|
59
|
+
|
60
|
+
|
61
|
+
return 0;
|
62
|
+
};
|
63
|
+
BPF
|
64
|
+
|
65
|
+
b = BCC.new(text: bpf_text)
|
66
|
+
b.attach_uretprobe(name: name, sym: "readline", fn_name: "printret")
|
67
|
+
|
68
|
+
# header
|
69
|
+
puts("%-9s %-6s %s" % ["TIME", "PID", "COMMAND"])
|
70
|
+
|
71
|
+
b["events"].open_perf_buffer do |cpu, data, size|
|
72
|
+
event = b["events"].event(data)
|
73
|
+
puts("%-9s %-6d %s" % [
|
74
|
+
Time.now.strftime("%H:%M:%S"),
|
75
|
+
event.pid,
|
76
|
+
event.str
|
77
|
+
])
|
78
|
+
end
|
79
|
+
|
80
|
+
trap(:INT) { puts; exit }
|
81
|
+
loop do
|
82
|
+
b.perf_buffer_poll
|
83
|
+
end
|
data/lib/rbbcc/bcc.rb
CHANGED
@@ -219,10 +219,16 @@ module RbBCC
|
|
219
219
|
end
|
220
220
|
|
221
221
|
# Util.debug text
|
222
|
+
cflags_p = if cflags.empty?
|
223
|
+
nil
|
224
|
+
else
|
225
|
+
cflags.pack('p*')
|
226
|
+
end
|
227
|
+
|
222
228
|
@module = Clib.bpf_module_create_c_from_string(
|
223
229
|
text,
|
224
230
|
debug,
|
225
|
-
|
231
|
+
cflags_p,
|
226
232
|
cflags.size,
|
227
233
|
allow_rlimit
|
228
234
|
)
|
data/lib/rbbcc/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rbbcc
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.6.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Uchio Kondo
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-07-17 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: BCC port for MRI. See https://github.com/iovisor/bcc
|
14
14
|
email:
|
@@ -69,6 +69,7 @@ files:
|
|
69
69
|
- examples/networking/http_filter/http-parse-simple.rb
|
70
70
|
- examples/ruby_usdt.rb
|
71
71
|
- examples/sbrk_trace.rb
|
72
|
+
- examples/tools/bashreadline.rb
|
72
73
|
- examples/tools/execsnoop.rb
|
73
74
|
- examples/tools/runqlat.rb
|
74
75
|
- examples/urandomread-explicit.rb
|
@@ -109,7 +110,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
109
110
|
- !ruby/object:Gem::Version
|
110
111
|
version: '0'
|
111
112
|
requirements: []
|
112
|
-
rubygems_version: 3.
|
113
|
+
rubygems_version: 3.1.2
|
113
114
|
signing_key:
|
114
115
|
specification_version: 4
|
115
116
|
summary: BCC port for MRI
|