User: Password:
|
|
Subscribe / Log in / New account

Systemd gets seccomp filter support

Systemd gets seccomp filter support

Posted Jul 18, 2012 19:50 UTC (Wed) by lindi (subscriber, #53135)
In reply to: Systemd gets seccomp filter support by mezcalero
Parent article: Systemd gets seccomp filter support

strace is not ideal for passively collecting syscall usage statistics of the whole system. I personally use the following systemtap snippet:

#!/usr/bin/stap
global syscall_usage;

probe syscall.* {
    syscall_usage[execname(), probefunc()]++;
}
probe timer.ms(1000) {
    printf("==== syscall usage statistics\n");
    foreach ([e, s] in syscall_usage-) {
        printf("%s %s %d\n", e, s, syscall_usage[e, s]);
    }
}
Example output from a debian wheezy xen instance:
==== syscall usage statistics
sshd sys_rt_sigprocmask 1032
sshd sys_select 516
sshd sys_read 258
sshd sys_write 258
watchdog sys_write 98
stapio sys_read 43
stapio sys_ppoll 35
watchdog sys_open 14
watchdog sys_close 14
watchdog sys_lseek 14
watchdog sys_read 14
watchdog sys_nanosleep 14
ntpd sys_select 9
ntpd sys_ioctl 8
ntpd sys_clock_gettime 8
ntpd sys_rt_sigreturn 7
stapio sys_write 6
stapio sys_fcntl 4
ntpd sys_read 3
ntpd sys_close 2
init sys_newstat 2
stapio sys_pselect6 1
ntpd sys_socket 1
ntpd sys_open 1
ntpd sys_newfstat 1
ntpd sys_mmap_pgoff 1
ntpd sys_lseek 1
ntpd sys_munmap 1
init sys_time 1
init sys_newfstat 1
init sys_select 1


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds