Denote auto-loading with k[ret]probe__ prefix

Since kprobe functions will have a different prototype than the kernel
symbols they are attaching to, require that the user prefix the trace
function with a kprobe__ name to denote intent. kretprobe__ prefix is
also supported.

Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>

diff --git a/examples/hello_world.py b/examples/hello_world.py
index 4dbe7d6..13c6eb0 100755 (executable)
--- a/examples/hello_world.py
+++ b/examples/hello_world.py
@@ -8,4 +8,4 @@
 
 from bcc import BPF
 
-BPF(text='void sys_clone(void *ctx) { bpf_trace_printk("Hello, World!\\n"); }').trace_print()
+BPF(text='void kprobe__sys_clone(void *ctx) { bpf_trace_printk("Hello, World!\\n"); }').trace_print()

diff --git a/src/python/bcc/__init__.py b/src/python/bcc/__init__.py
index 4be9a4e..9b8fdec 100644 (file)
--- a/src/python/bcc/__init__.py
+++ b/src/python/bcc/__init__.py
@@ -609,7 +609,10 @@ class BPF(object):
         if len(open_kprobes) == 0:
             fns = self.load_funcs(BPF.KPROBE)
             for fn in fns:
-                self.attach_kprobe(event=fn.name, fn_name=fn.name)
+                if fn.name.startswith("kprobe__"):
+                    self.attach_kprobe(event=fn.name[8:], fn_name=fn.name)
+                elif fn.name.startswith("kretprobe__"):
+                    self.attach_kprobe(event=fn.name[11:], fn_name=fn.name)
 
         while True:
             if fmt: