fbs/tracebpf.bt

## tracebpf.bt
#include <linux/bpf.h>

BEGIN{
	@cmd[0] = "MAP_CREATE";
	@cmd[1] = "MAP_LOOKUP_ELEM";
	@cmd[2] = "MAP_UPDATE_ELEM";
	@cmd[3] = "MAP_DELETE_ELEM";
	@cmd[4] = "MAP_GET_NEXT_KEY";
	@cmd[5] = "PROG_LOAD";
	@cmd[6] = "OBJ_PIN";
	@cmd[7] = "OBJ_GET";
	@cmd[8] = "PROG_ATTACH";
	@cmd[9] = "PROG_DETACH";
	@cmd[10] = "PROG_TEST_RUN";
	@cmd[11] = "PROG_GET_NEXT_ID";
	@cmd[12] = "MAP_GET_NEXT_ID";
	@cmd[13] = "PROG_GET_FD_BY_ID";
	@cmd[14] = "MAP_GET_FD_BY_ID";
	@cmd[15] = "OBJ_GET_INFO_BY_FD";
	@cmd[16] = "PROG_QUERY";
	@cmd[17] = "RAW_TRACEPOINT_OPEN";
	@cmd[18] = "BTF_LOAD";
	@cmd[19] = "BTF_GET_FD_BY_ID";
	@cmd[20] = "TASK_FD_QUERY";
	@cmd[21] = "MAP_LOOKUP_AND_DELETE_ELEM";
}


t:syscalls:sys_enter_bpf {
	printf("%-16s %22s", comm, @cmd[args->cmd]);
	$attrs = (bpf_attr *)args->uattr;
	if (args->cmd == 0) {
		printf(" -- type: %d, key_size: %u, value_size: %u, max_entries: %u\n",
			$attrs->map_type, $attrs->key_size,
			$attrs->value_size, $attrs->max_entries);
	}
	if (args->cmd >= 1 && args->cmd <= 3) {
		printf(" -- map: %u, key: %lx, value: %lx, flags: %lx\n",
			$attrs->map_fd, $attrs->key,
			$attrs->value, $attrs->flags);
	}
	if (args->cmd == 4 ) {
		printf(" -- map: %u, key: %lx, next_key: %lx, flags: %lx\n",
			$attrs->map_fd, $attrs->key,
			$attrs->next_key, $attrs->flags);
	}
	else {
		printf("\n");
	}
}

END { clear(@cmd) }
	#include <linux/bpf.h>

	BEGIN{
	@cmd[0] = "MAP_CREATE";
	@cmd[1] = "MAP_LOOKUP_ELEM";
	@cmd[2] = "MAP_UPDATE_ELEM";
	@cmd[3] = "MAP_DELETE_ELEM";
	@cmd[4] = "MAP_GET_NEXT_KEY";
	@cmd[5] = "PROG_LOAD";
	@cmd[6] = "OBJ_PIN";
	@cmd[7] = "OBJ_GET";
	@cmd[8] = "PROG_ATTACH";
	@cmd[9] = "PROG_DETACH";
	@cmd[10] = "PROG_TEST_RUN";
	@cmd[11] = "PROG_GET_NEXT_ID";
	@cmd[12] = "MAP_GET_NEXT_ID";
	@cmd[13] = "PROG_GET_FD_BY_ID";
	@cmd[14] = "MAP_GET_FD_BY_ID";
	@cmd[15] = "OBJ_GET_INFO_BY_FD";
	@cmd[16] = "PROG_QUERY";
	@cmd[17] = "RAW_TRACEPOINT_OPEN";
	@cmd[18] = "BTF_LOAD";
	@cmd[19] = "BTF_GET_FD_BY_ID";
	@cmd[20] = "TASK_FD_QUERY";
	@cmd[21] = "MAP_LOOKUP_AND_DELETE_ELEM";
	}


	t:syscalls:sys_enter_bpf {
	printf("%-16s %22s", comm, @cmd[args->cmd]);
	$attrs = (bpf_attr *)args->uattr;
	if (args->cmd == 0) {
	printf(" -- type: %d, key_size: %u, value_size: %u, max_entries: %u\n",
	$attrs->map_type, $attrs->key_size,
	$attrs->value_size, $attrs->max_entries);
	}
	if (args->cmd >= 1 && args->cmd <= 3) {
	printf(" -- map: %u, key: %lx, value: %lx, flags: %lx\n",
	$attrs->map_fd, $attrs->key,
	$attrs->value, $attrs->flags);
	}
	if (args->cmd == 4 ) {
	printf(" -- map: %u, key: %lx, next_key: %lx, flags: %lx\n",
	$attrs->map_fd, $attrs->key,
	$attrs->next_key, $attrs->flags);
	}
	else {
	printf("\n");
	}
	}

	END { clear(@cmd) }