Google Git
Sign in
android / platform / external / libcap / 09a2c1d
commit09a2c1dbb88b8e8f21e83a002a4dbe62975029a9[log] [tgz]
authorAndrew G. Morgan <morgan@kernel.org>Sun Sep 18 16:56:40 2022 -0700
committerAndrew G. Morgan <morgan@kernel.org>Sun Sep 18 16:56:40 2022 -0700
tree31f9c7975172d9383766207075986a34e8ccf646
parent26e3a096a4eb4edd8bbcaab57ac8df38e6594a1d [diff]
Add an example of using BPF kprobing to trace capability use.

$ make
$ sudo go/captrace your-program

will attempt to explore what capabilities are needed to run
your program by observing when cap_capable() inside the kernel
is associated with your-program.

Other ways to invoke this are

$ sudo go/captrace --pid=<pid>
$ sudo go/captrace

The last of these traces everything running on a system.

Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
3 files changed
tree: 31f9c7975172d9383766207075986a34e8ccf646
  1. cap/
  2. contrib/
  3. doc/
  4. go/
  5. goapps/
  6. kdebug/
  7. libcap/
  8. pam_cap/
  9. progs/
  10. psx/
  11. tests/
  12. .gitignore
  13. CHANGELOG
  14. distcheck.sh
  15. gomods.sh
  16. License
  17. Make.Rules
  18. Makefile
  19. pgp.keys.asc
  20. README
  21. template.c