kernel/bpf-developer-tutorial
1
0
Fork 0
mirror of https://github.com/eunomia-bpf/bpf-developer-tutorial.git synced 2026-04-08 21:30:29 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix failed to run execsnoop (#28)

Browse Source 
* Update README.md

without having initialised it, the verifier complains, because reading uninitialised memory from the kernel introduces a security risk.

* Update execsnoop.bpf.c

without having initialised it, the verifier complains, because reading uninitialised memory from the kernel introduces a security risk.
This commit is contained in:
chichina
2023-04-25 15:12:51 +08:00
committed by GitHub
parent 4343fd8e17
commit 39a0f4a1a7
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/7-execsnoop/README.md
View File

@@ -52,7 +52,7 @@ int tracepoint__syscalls__sys_enter_execve(struct trace_event_raw_sys_enter* ctx
{ {
u64 id; u64 id;
pid_t pid, tgid; pid_t pid, tgid;
struct event event; struct event event={0};
struct task_struct *task; struct task_struct *task;
uid_t uid = (u32)bpf_get_current_uid_gid(); uid_t uid = (u32)bpf_get_current_uid_gid();

2
src/7-execsnoop/execsnoop.bpf.c
View File

@@ -15,7 +15,7 @@ int tracepoint__syscalls__sys_enter_execve(struct trace_event_raw_sys_enter* ctx
{ {
u64 id; u64 id;
pid_t pid, tgid; pid_t pid, tgid;
struct event event; struct event event={0};
struct task_struct *task; struct task_struct *task;
uid_t uid = (u32)bpf_get_current_uid_gid(); uid_t uid = (u32)bpf_get_current_uid_gid();