Set message types for differentiating between clone and execve messages

This commit is contained in:
Gerard Wagener 2010-01-14 15:04:16 +01:00
parent a644bbe929
commit 6c86c14a9b

View file

@ -103,7 +103,8 @@ char* aha_dump_execve(char __user *file, char __user *__user *argv,
cnt=snprintf(p,MAX_DUMP_BUF,"out/%s",r); cnt=snprintf(p,MAX_DUMP_BUF,"out/%s",r);
if ((fd = os_open_file(p,flg,mode))<0) if ((fd = os_open_file(p,flg,mode))<0)
return NULL; return NULL;
/* Set message type */
__aha_set_type_tag(fd,p,MAX_DUMP_BUF,EXECVE_MESSAGE);
/* Dump the file from execve */ /* Dump the file from execve */
if (strncpy_from_user(p,file,MAX_DUMP_BUF) > 0){ if (strncpy_from_user(p,file,MAX_DUMP_BUF) > 0){
cnt = snprintf((char*)q,MAX_DUMP_BUF,"file=%s\n",p); cnt = snprintf((char*)q,MAX_DUMP_BUF,"file=%s\n",p);
@ -211,7 +212,7 @@ void aha_record_sys_clone(int pid, int ppid)
printk("filename: %s\n",filename); printk("filename: %s\n",filename);
fd = os_open_file(buf,flg,mode); fd = os_open_file(buf,flg,mode);
if (fd > 0){ if (fd > 0){
__aha_set_type_tag(fd,(char*)&buf,buf__size,EXECVE_MESSAGE); __aha_set_type_tag(fd,(char*)&buf,buf__size,CLONE_MESSAGE);
cnt = snprintf((char*)&buf,buf__size,"pid=%d\n",pid); cnt = snprintf((char*)&buf,buf__size,"pid=%d\n",pid);
__aha_os_write_file_ck(fd,buf,buf__size,cnt); __aha_os_write_file_ck(fd,buf,buf__size,cnt);
cnt = snprintf((char*)&buf,buf__size,"ppid=%d\n",ppid); cnt = snprintf((char*)&buf,buf__size,"ppid=%d\n",ppid);