-
Notifications
You must be signed in to change notification settings - Fork 267
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Remove dependency on BCC and leverage SysinternalsEBPF (#113)
* Check-point - First eBPF generic entry/exit programs (debug spew) functional using sysinternalsEBPF * Checkpoint * Updates * Add extraction of eBPF programs and cancellation * Checkpoint * Add auto generation of syscall table * Checkpoint * Updates * Check point * Symbol resolution at view time * Add trace (-l) switch * add libbpf tracing * Update package specs and set initial running state to running * Update man page * Add new installation instructions * Add new build instructions * Fix pre-req and disable debug mode * Update build * Update build * Update build * Update build * Update build * Update build * Update build * Update build * Update build * Update build * Update build * Update build * Update build * Update build * fix scan-build errors
- Loading branch information
1 parent
e6f9189
commit 1524451
Showing
95 changed files
with
140,157 additions
and
1,834 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| FROM mcr.microsoft.com/mirror/docker/library/rockylinux:8 | ||
|
|
||
| # Install dependencies | ||
| COPY install-rocky-dependencies.sh /usr/local/bin/install_dependencies.sh | ||
| RUN chmod +x /usr/local/bin/install_dependencies.sh && \ | ||
| /usr/local/bin/install_dependencies.sh |
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| // For format details, see https://aka.ms/devcontainer.json. For config options, see the | ||
| // README at: https://github.com/devcontainers/templates/tree/main/src/ubuntu | ||
| { | ||
| "name": "Procmon for Linux Development Container", | ||
| "build": { | ||
| // If you want to use a different docker file (such as Dockerfile_Rocky) you can specify it here | ||
| "dockerfile": "Dockerfile_Ubuntu" | ||
| }, | ||
| "customizations": { | ||
| "vscode": { | ||
| "extensions": [ | ||
| "ms-vscode.cpptools", | ||
| "ms-vscode.cpptools-extension-pack", | ||
| "ms-vscode.makefile-tools" | ||
| ] | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| #!/bin/bash | ||
|
|
||
| # install all needed packges to build .rpm packages | ||
| echo "assumeyes=1" >> /etc/yum.conf | ||
|
|
||
| # install endpoint for git > 2.0 | ||
| yum install http://opensource.wandisco.com/rhel/8/git/x86_64/wandisco-git-release-8-1.noarch.rpm | ||
|
|
||
| # Enable powertools and extra repos | ||
| dnf install dnf-plugins-core && dnf install epel-release && dnf config-manager --set-enabled powertools && dnf update | ||
|
|
||
| yum update \ | ||
| && yum install \ | ||
| gcc \ | ||
| gcc-c++ \ | ||
| make \ | ||
| cmake \ | ||
| llvm \ | ||
| clang \ | ||
| elfutils-libelf-devel \ | ||
| rpm-build \ | ||
| json-glib-devel \ | ||
| python3 \ | ||
| libxml2-devel \ | ||
| glibc-devel.i686 \ | ||
| openssl-devel \ | ||
| ncurses-devel |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,41 @@ | ||
| #!/bin/bash | ||
|
|
||
| # To make it easier for build and release pipelines to run apt-get, | ||
| # configure apt to not require confirmation (assume the -y argument by default) | ||
| DEBIAN_FRONTEND=noninteractive | ||
| echo "APT::Get::Assume-Yes \"true\";" > /etc/apt/apt.conf.d/90assumeyes | ||
|
|
||
| sudo apt-get update | ||
| sudo apt -y install software-properties-common | ||
| sudo add-apt-repository "deb http://security.ubuntu.com/ubuntu xenial-security main" | ||
| sudo apt-get update | ||
|
|
||
| sudo apt upgrade -y \ | ||
| && sudo apt-get install -y --no-install-recommends \ | ||
| build-essential \ | ||
| gcc \ | ||
| g++ \ | ||
| make \ | ||
| cmake \ | ||
| libelf-dev \ | ||
| llvm \ | ||
| clang \ | ||
| libxml2 \ | ||
| libxml2-dev \ | ||
| libzstd1 \ | ||
| git \ | ||
| libgtest-dev \ | ||
| apt-transport-https \ | ||
| dirmngr \ | ||
| libjson-glib-dev \ | ||
| libc6-dev-i386 \ | ||
| libssl-dev \ | ||
| gettext \ | ||
| libbpf-dev \ | ||
| clang-tools | ||
|
|
||
| sudo wget https://raw.githubusercontent.com/torvalds/linux/master/include/uapi/linux/openat2.h -O /usr/include/linux/openat2.h | ||
|
|
||
| # install debbuild | ||
| wget https://github.com/debbuild/debbuild/releases/download/19.5.0/debbuild_19.5.0-ascherer.ubuntu18.04_all.deb \ | ||
| && sudo dpkg -i debbuild_19.5.0-ascherer.ubuntu18.04_all.deb |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -54,4 +54,4 @@ obj/ | |
| pkgbuild/ | ||
|
|
||
| # dev env | ||
| .vscode/ | ||
| .vscode/ | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,80 @@ | ||
| # Build | ||
| Please see the history of this file for instructions for older, unsupported versions. | ||
|
|
||
| ## Prerequisites | ||
| - SysinternalsEBPF being installed: | ||
| library `libsysinternalsEBPF.so`, header `libsysinternalsEBPF.h`, plus | ||
| resource files in `/opt/sysinternalsEBPF`. These can be installed from | ||
| the | ||
| [SysinternalsEBPF](https://github.com/Sysinternals/SysinternalsEBPF) | ||
| project or via the `sysinternalsebpf` DEB package from the | ||
| _packages.microsoft.com_ repository (see [INSTALL.md](INSTALL.md)). | ||
| If you installed SysinternalsEBPF via make install, you may need to add /usr/local/lib to the loader library path (LD_LIBRARY_PATH). | ||
|
|
||
| - clang/llvm v10+ | ||
|
|
||
| ### Ubuntu 20.04+ | ||
| ``` | ||
| sudo apt update | ||
| sudo apt -y install build-essential gcc g++ make cmake libelf-dev llvm clang libxml2 libxml2-dev libzstd1 git libgtest-dev apt-transport-https dirmngr libjson-glib-dev libc6-dev-i386 libssl-dev | ||
| ``` | ||
|
|
||
| ### Rocky 9 | ||
| ``` | ||
| sudo dnf install dnf-plugins-core | ||
| sudo dnf config-manager --set-enabled crb | ||
| sudo dnf install epel-release | ||
| sudo dnf update | ||
| sudo yum install gcc gcc-c++ make cmake llvm clang elfutils-libelf-devel rpm-build json-glib-devel python3 libxml2-devel glibc-devel.i686 openssl-devel ncurses-devel | ||
| ``` | ||
|
|
||
| ### Rocky 8 | ||
| ``` | ||
| sudo dnf install dnf-plugins-core | ||
| sudo dnf install epel-release | ||
| sudo dnf config-manager --set-enabled powertools | ||
| sudo dnf update | ||
| sudo yum install gcc gcc-c++ make cmake llvm clang elfutils-libelf-devel rpm-build json-glib-devel python3 libxml2-devel glibc-devel.i686 openssl-devel ncurses-devel | ||
| ``` | ||
|
|
||
| ### Debian 11 | ||
| ``` | ||
| wget https://packages.microsoft.com/config/debian/11/packages-microsoft-prod.deb -O packages-microsoft-prod.deb | ||
| sudo dpkg -i packages-microsoft-prod.deb | ||
| rm packages-microsoft-prod.deb | ||
| sudo apt update | ||
| sudo apt -y install build-essential gcc g++ make cmake libelf-dev llvm clang libzstd1 git libjson-glib-dev libxml2 libxml2-dev libc6-dev-i386 libssl-dev | ||
| ``` | ||
|
|
||
| ## Build | ||
| ``` | ||
| cd | ||
| git clone https://github.com/Sysinternals/ProcMon-for-Linux.git | ||
| cd ProcMon-for-Linux | ||
| mkdir build | ||
| cd build | ||
| cmake .. | ||
| make | ||
| ``` | ||
|
|
||
| ## Run | ||
| ``` | ||
| sudo ./procmon | ||
| ``` | ||
|
|
||
| ## Make Packages | ||
| Packages can be generated with: | ||
| ``` | ||
| make deb | ||
| ``` | ||
| or | ||
| ``` | ||
| make rpm | ||
| ``` | ||
|
|
||
| The directories build/deb and build/rpm will be populated with the required | ||
| files. If dpkg-deb is available, the build/deb directory will be used to create | ||
| a deb package. Similarly if rpmbuild is available, the build/rpm directory will | ||
| be used to create an rpm package. |
Oops, something went wrong.