Add probes to container_check.stp for additional capabilities checks

Probe points were added for ns_capable_noaudit, ns_capable_setid,
and file_ns_capable functions.  Before adding these probes some
capability checks were missed by the container_check.stp script.
This was observed running the script on DPDK testpmd.

diff --git a/testsuite/systemtap.examples/profiling/container_check.stp b/testsuite/systemtap.examples/profiling/container_check.stp
index 2ef43ebcc5413eaa038f46f2ca4b29b7675e68c2..217c2df90e5da593924f49c2943f1c88850d781b 100755 (executable)
--- a/testsuite/systemtap.examples/profiling/container_check.stp
+++ b/testsuite/systemtap.examples/profiling/container_check.stp
@@ -134,13 +134,33 @@ probe ns_capable = kprobe.function("ns_capable")
   cap = 1 << int_arg(2)
 }
 
+#bool ns_capable_noaudit(struct user_namespace *ns, int cap)
+probe ns_capable_noaudit = kprobe.function("ns_capable_noaudit")
+{
+  cap = 1 << int_arg(2)
+}
+
+#bool ns_capable_setid(struct user_namespace *ns, int cap)
+probe ns_capable_setid = kprobe.function("ns_capable_setid")
+{
+  cap = 1 << int_arg(2)
+}
+
 # bool capable(int cap)
 probe capable = kprobe.function("capable")
 {
   cap = 1 << int_arg(1)
 }
 
-probe ns_capable !, capable
+#bool file_ns_capable(const struct file *file, struct user_namespace *ns,
+#                   int cap)
+probe file_ns_capable = kprobe.function("file_ns_capable")
+{
+  cap = 1 << int_arg(3)
+}
+
+probe ns_capable?, ns_capable_noaudit?, ns_capable_setid?,
+      capable?, file_ns_capable?
 {
   if ((cap & badcaps) && child_of_target(task_current()))
     cap_use[tid()] |= cap