capable_example.txt - OpenGrok cross reference for /aosp_15_r20/external/bcc/tools/capable

Lines Matching full:capable
1 Demonstrations of capable, the Linux eBPF/bcc version.
4 capable traces calls to the kernel cap_capable() function, which does security
7 # ./capable.py
43 # ./capable.py -x
69 It is possible to include a kernel stack trace to the capable events by passing
72 # ./capable.py -K
96 # ./capable.py -K -U --unique
101 # ./capable.py --cgroupmap /sys/fs/bpf/test01
108 # ./capable.py -h
109 usage: capable.py [-h] [-v] [-p PID] [-K] [-U] [-x] [--cgroupmap CGROUPMAP]
127     ./capable             # trace capability checks
128     ./capable -v          # verbose: include non-audit checks
129     ./capable -p 181      # only trace PID 181
130     ./capable -K          # add kernel stacks to trace
131     ./capable -U          # add user-space stacks to trace
132     ./capable -x          # extra fields: show TID and INSETID columns
133     ./capable --unique    # don't repeat stacks for the same pid or cgroup
134     ./capable --cgroupmap mappath  # only trace cgroups in this BPF map
135     ./capable --mntnsmap mappath   # only trace mount namespaces in the map