1 /* 2 * This header was generated from the Linux kernel headers by update_headers.py, 3 * to provide necessary information from kernel to userspace, such as constants, 4 * structures, and macros, and thus, contains no copyrightable information. 5 */ 6 #ifndef _UAPICN_PROC_H 7 #define _UAPICN_PROC_H 8 #include <linux/types.h> 9 enum proc_cn_mcast_op { 10 PROC_CN_MCAST_LISTEN = 1, 11 PROC_CN_MCAST_IGNORE = 2 12 }; 13 struct proc_event { 14 enum what { 15 16 PROC_EVENT_NONE = 0x00000000, 17 PROC_EVENT_FORK = 0x00000001, 18 PROC_EVENT_EXEC = 0x00000002, 19 PROC_EVENT_UID = 0x00000004, 20 PROC_EVENT_GID = 0x00000040, 21 PROC_EVENT_SID = 0x00000080, 22 PROC_EVENT_PTRACE = 0x00000100, 23 PROC_EVENT_COMM = 0x00000200, 24 25 26 PROC_EVENT_COREDUMP = 0x40000000, 27 PROC_EVENT_EXIT = 0x80000000 28 } what; 29 __u32 cpu; 30 __u64 __attribute__((aligned(8))) timestamp_ns; 31 32 union { 33 struct { 34 __u32 err; 35 } ack; 36 struct fork_proc_event { 37 __kernel_pid_t parent_pid; 38 __kernel_pid_t parent_tgid; 39 __kernel_pid_t child_pid; 40 __kernel_pid_t child_tgid; 41 } fork; 42 struct exec_proc_event { 43 __kernel_pid_t process_pid; 44 __kernel_pid_t process_tgid; 45 } exec; 46 struct id_proc_event { 47 __kernel_pid_t process_pid; 48 __kernel_pid_t process_tgid; 49 union { 50 __u32 ruid; 51 __u32 rgid; 52 } r; 53 union { 54 __u32 euid; 55 __u32 egid; 56 } e; 57 } id; 58 struct sid_proc_event { 59 __kernel_pid_t process_pid; 60 __kernel_pid_t process_tgid; 61 } sid; 62 struct ptrace_proc_event { 63 __kernel_pid_t process_pid; 64 __kernel_pid_t process_tgid; 65 __kernel_pid_t tracer_pid; 66 __kernel_pid_t tracer_tgid; 67 } ptrace; 68 struct comm_proc_event { 69 __kernel_pid_t process_pid; 70 __kernel_pid_t process_tgid; 71 char comm[16]; 72 } comm; 73 struct coredump_proc_event { 74 __kernel_pid_t process_pid; 75 __kernel_pid_t process_tgid; 76 __kernel_pid_t parent_pid; 77 __kernel_pid_t parent_tgid; 78 } coredump; 79 struct exit_proc_event { 80 __kernel_pid_t process_pid; 81 __kernel_pid_t process_tgid; 82 __u32 exit_code, exit_signal; 83 __kernel_pid_t parent_pid; 84 __kernel_pid_t parent_tgid; 85 } exit; 86 } event_data; 87 }; 88 #endif 89