System Tap help
V.Ravikumar
ravikumar.vallabhu at gmail.com
Thu Apr 12 01:32:17 EDT 2012
On Thu, Apr 12, 2012 at 10:38 AM, V.Ravikumar
<ravikumar.vallabhu at gmail.com>wrote:
> Hi all,
> I'm probing sys_write system call using system tap to get modified file
> name along with UID.
> Here is code snippet.
>
> probe kernel.function ("vfs_write")
> {
>
> filename = user_string($file->f_dentry->d_name->name) // for
> 2.6.18 kernel.
> printf ("%d %s\n",uid,filename)
> }
> I got sample program to get inode number as below
> inode_nr = $file->f_path->dentry->d_inode->i_ino . This I changed to get
> file name, I'm getting file name as empty.
>
> With above program i'm getting file name as unknown.
> My question is does above code snippet is correct to get file name ? If
> not could somebody please let me know the correct implementation.
>
>
I got how to get file name properly.
> filename = user_string($file->f_dentry->d_name->name) // for 2.6.18
Here I need to use kernel_string instead of user_string
Regards,
Ravi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20120412/4770e93f/attachment.html
More information about the Kernelnewbies
mailing list