5
#include <bpf/bpf_helpers.h>
6
#include <bpf/bpf_core_read.h>
7
#include <bpf/bpf_tracing.h>
10
#include <gadget/mntns_filter.h>
13
const struct data_t *unuseddata __attribute__((unused));
16
__uint(type, BPF_MAP_TYPE_PERF_EVENT_ARRAY);
17
__uint(key_size, sizeof(u32));
18
__uint(value_size, sizeof(u32));
21
SEC("kprobe/oom_kill_process")
22
int BPF_KPROBE(ig_oom_kill, struct oom_control *oc, const char *message)
26
u64 uid_gid = bpf_get_current_uid_gid();
28
mntns_id = (u64)BPF_CORE_READ(oc, chosen, nsproxy, mnt_ns, ns.inum);
30
if (gadget_should_discard_mntns_id(mntns_id))
33
data.fpid = bpf_get_current_pid_tgid() >> 32;
34
data.fuid = (u32)uid_gid;
35
data.fgid = (u32)(uid_gid >> 32);
36
data.tpid = BPF_CORE_READ(oc, chosen, tgid);
37
data.pages = BPF_CORE_READ(oc, totalpages);
38
bpf_get_current_comm(&data.fcomm, sizeof(data.fcomm));
39
bpf_probe_read_kernel(&data.tcomm, sizeof(data.tcomm),
40
BPF_CORE_READ(oc, chosen, comm));
41
data.mount_ns_id = mntns_id;
42
data.timestamp = bpf_ktime_get_boot_ns();
43
bpf_perf_event_output(ctx, &events, BPF_F_CURRENT_CPU, &data,
48
char LICENSE[] SEC("license") = "GPL";