v1: Dataflow graph #35
Conversation
…mparision commands and a bash in bash command using the provlog
|
Remove mode from FileNode and remove TID from process node; the threads in a process can communicate with each other, so if one of them knows the contents of a file, they all do. |
… process that contains the pthread
…rom parent process to file node when the pthread writes to the file
…ot exist in the dictionary
|
I will resolve the errors caused by pulling the latest changes, address the failing checks, and mark it for review by tomorrow. |
…ade changes to accomodate type changes in op struct
|
I've created a makeshift function to generate a cmd for the ProcessNode since it's not being recorded during the provenance. However, it doesn't handle some edge cases well. Should we consider removing cmd from ProcessNode for now? I can create a PR to add cmd later when we start recording it. |
|
I can put something in libprobe when the user does an |
that would help! |
…to identify accessmode
…d_files are empty when a new process is encountered
Shofiya2003
force-pushed
the
dataflow_graph
branch
from
3fd150d to
06cd393
Compare
|
I still think we don't need any new |
Dataflow graph consists of two nodes:
FileNode[nodeType, name, mode, version]andProcessNode[nodeType, tid, exec_epoch]Preview of the graph:
Command:
bash -c "head ../flake.nix ; head ../flake.lock"Command:
./PROBE record tests/c/createFile.exeAdditional Changes:
happens beforegraph to include edge of CloneOp node to the first occurrence of matchingpthread_idin the kernel thread instead of all the occurrences