Note: lists.iovisor.org will be down for maintenance on Monday, September 26th, starting at 9AM Pacific Time (4PM Monday September 26, 2022 UTC), for approximately one hour.
Re: agenda: IO Visor TSC/Dev Meeting
Hello Brenden!toggle quoted messageShow quoted text
I’m not sure if it counts as an agenda item, but I’m interested in
recording process events using tracepoints, and I would like to know
what are the best practices when attempting to do so.
Due to project goals (endpoint monitoring) one of the requirements is
to avoid losing any event data.
It is probably not a surprise given the limits imposed by the verifier,
but I’m having trouble with variadic functions and long strings.
The following are some events I would like to capture with reasonable
String padding, causing the string I need to be truncated:
bash -c “<padding whitespace> /bin/rm -rf /home”
Argument padding, causing the BPF program to not reach the last
sudo bash --verbose --verbose .. --verbose -c ‘printf
“SELINUX=disabled\nSELINUXTYPE=targeted\n” > /etc/selinux/config’
I thought about trying to (tail?) call additional BPF programs to work
around the second issue, but I’m not sure how to proceed with the first
On Mon, 2019-08-05 at 20:55 -0700, Brenden Blanco wrote: