refactor: Type::WriteAndClose -> Type::WriteClose

kunai-common/src/bpf_events.rs

@@ -114,7 +114,7 @@ pub enum Type {
     #[str("file_unlink")]
     FileUnlink,
     #[str("write_close")]
-    WriteAndClose,
+    WriteClose,
 
     // specific userland events
     // those should never be used in eBPF

kunai-common/src/bpf_events/events.rs

@@ -77,11 +77,9 @@ const fn max_bpf_event_size() -> usize {
             Type::Connect => ConnectEvent::size_of(),
             Type::DnsQuery => DnsQueryEvent::size_of(),
             Type::SendData => SendEntropyEvent::size_of(),
-            Type::Read
-            | Type::ReadConfig
-            | Type::Write
-            | Type::WriteConfig
-            | Type::WriteAndClose => FileEvent::size_of(),
+            Type::Read | Type::ReadConfig | Type::Write | Type::WriteConfig | Type::WriteClose => {
+                FileEvent::size_of()
+            }
             Type::FileRename => FileRenameEvent::size_of(),
             Type::FileUnlink => UnlinkEvent::size_of(),
             Type::Error => ErrorEvent::size_of(),

kunai-ebpf/src/probes/fs.rs

@@ -412,7 +412,7 @@ pub fn fs_enter_fput_sync(ctx: ProbeContext) -> u32 {
 
 unsafe fn try_enter_fput(ctx: &ProbeContext) -> ProbeResult<()> {
     // if event is disabled we return early
-    if get_cfg!().map(|c| c.is_event_disabled(Type::WriteAndClose))? {
+    if get_cfg!().map(|c| c.is_event_disabled(Type::WriteClose))? {
         return Ok(());
     }
 
@@ -432,7 +432,7 @@ unsafe fn try_enter_fput(ctx: &ProbeContext) -> ProbeResult<()> {
 
     let event = alloc::alloc_zero::<FileEvent>()?;
 
-    event.init_from_current_task(Type::WriteAndClose)?;
+    event.init_from_current_task(Type::WriteClose)?;
 
     ignore_result!(inspect_err!(
         event.data.path.core_resolve_file(&file, MAX_PATH_DEPTH),

kunai/src/bin/main.rs

@@ -1793,17 +1793,15 @@ impl<'s> EventConsumer<'s> {
                 Err(e) => error!("failed to decode {} event: {:?}", etype, e),
             },
 
-            Type::WriteConfig
-            | Type::Write
-            | Type::ReadConfig
-            | Type::Read
-            | Type::WriteAndClose => match event!(enc_event, bpf_events::FileEvent) {
-                Ok(e) => {
-                    let mut e = self.file_event(std_info, e);
-                    self.scan_and_print(&mut e);
+            Type::WriteConfig | Type::Write | Type::ReadConfig | Type::Read | Type::WriteClose => {
+                match event!(enc_event, bpf_events::FileEvent) {
+                    Ok(e) => {
+                        let mut e = self.file_event(std_info, e);
+                        self.scan_and_print(&mut e);
+                    }
+                    Err(e) => error!("failed to decode {} event: {:?}", etype, e),
                 }
-                Err(e) => error!("failed to decode {} event: {:?}", etype, e),
-            },
+            }
 
             Type::FileUnlink => match event!(enc_event, bpf_events::UnlinkEvent) {
                 Ok(e) => {
@@ -2576,7 +2574,7 @@ impl Command {
                         | Type::Write
                         | Type::ReadConfig
                         | Type::Read
-                        | Type::WriteAndClose => {
+                        | Type::WriteClose => {
                             scan_event!(p, FileData)
                         }
                         Type::FileUnlink => scan_event!(p, UnlinkData),

kunai/src/config.rs

@@ -70,7 +70,7 @@ impl Default for Config {
             // some events get disabled by default because there are too many
             let en = !matches!(
                 v,
-                bpf_events::Type::Read | bpf_events::Type::Write | bpf_events::Type::WriteAndClose
+                bpf_events::Type::Read | bpf_events::Type::Write | bpf_events::Type::WriteClose
             );
 
             if v.is_configurable() {