[lttng-dev] Tracing network events in the kernel using lttng

Mathieu Desnoyers mathieu.desnoyers at efficios.com
Fri Aug 12 20:41:45 UTC 2016 

----- On Aug 12, 2016, at 12:50 AM, Adel Belkhiri <adel.belkhiri at ensi-uma.tn> wrote: 

> Hello,

> I'm, from some time, working on tracing linux kernel using lttng to get some
> information about the system' network activities. Tracing bare system calls
> (--syscall) didn't give me much information so I realized that i should first
> place some static probes in the kernel source files to be able to trace
> (mainly) TCP socket operations (bind, accept, create, ...). Running out of time
> in my project, I wonder if there are any patch for the kernel that place those
> probes in the right source files.

> My linux Kernel version is 3.2.0-4-486 and I'm using Lttng 2.7.

You'll be interested in recent commits that made their way into lttng 
master branch: 

At the networking level: 

commit e5990fd415d46da69523dfe7943bc3168664fde8 
Author: Geneviève Bastien <gbastien+lttng at versatic.net> 
Date: Mon Jul 11 09:34:02 2016 -0400 

net: Add IPv4/IPv6 header data to net_* tracepoints 

commit 9cf9736a1715a1fec4857fac2784a12596675ce2 
Author: Geneviève Bastien <gbastien+lttng at versatic.net> 
Date: Tue Jul 12 13:26:14 2016 -0400 

net: Add TCP header data to net_* tracepoints 

and for the accept and connect syscalls (in stable-2.8 and 
master): 

commit 7ca580f8aca4f8c2b9e0066ad52ebfc226b3d645 
Author: Mathieu Desnoyers <mathieu.desnoyers at efficios.com> 
Date: Thu Jul 24 12:47:46 2014 -0400 

Extract input/output arguments from accept and connect syscalls 

This is all you should need to extract the kind of information you 
want. Perhaps we should add other specialized system call 
tracepoint probe functions to get more information about the 
arguments, but it should not require any kernel modification nor 
dynamic probing. 

Hoping this helps! 

Mathieu 

> Thank very much you for your help.

> Adel Belkhiri

> _______________________________________________
> lttng-dev mailing list
> lttng-dev at lists.lttng.org
> https://lists.lttng.org/cgi-bin/mailman/listinfo/lttng-dev

-- 
Mathieu Desnoyers 
EfficiOS Inc. 
http://www.efficios.com 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.lttng.org/pipermail/lttng-dev/attachments/20160812/6ee5dce2/attachment.html>

More information about the lttng-dev mailing list