Skip to content

Commit

Permalink
Fix PID detection via eBPF
Browse files Browse the repository at this point in the history
  • Loading branch information
@dhaavi
dhaavi committed Jul 28, 2023
1 parent 8e9f96d commit b882b91
Show file tree
Hide file tree
Showing 5 changed files with 3 additions and 5 deletions.
1 change: 0 additions & 1 deletion firewall/interception/ebpf/connection_listener/bpf_bpfeb.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Binary file modified firewall/interception/ebpf/connection_listener/bpf_bpfeb.o
View file
Binary file not shown.
3 changes: 1 addition & 2 deletions firewall/interception/ebpf/connection_listener/bpf_bpfel.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Binary file modified firewall/interception/ebpf/connection_listener/bpf_bpfel.o
View file
Binary file not shown.
4 changes: 2 additions & 2 deletions firewall/interception/ebpf/programs/monitor.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,8 +46,8 @@ int BPF_PROG(tcp_connect, struct sock *sk) {
return 0;
}

// Read PID
tcp_info->pid = __builtin_bswap32((u32)bpf_get_current_pid_tgid());
// Read PID (Careful: This is the Thread Group ID in kernel speak!)
tcp_info->pid = __builtin_bswap32((u32)(bpf_get_current_pid_tgid() >> 32));

// Set protocol
tcp_info->protocol = TCP;
Expand Down

0 comments on commit b882b91

Please sign in to comment.