getegid16¶

Intro¶

getegid16 - get real group ID for the calling process

Description¶

getegid16 returns the real group ID of the calling process, as seen by the kernel. This call is functionally identical to getegid except that it takes a 16-bit argument, and returns 16-bit.

The underlying system call returnes a 32-bit value, which is truncated and returned as a 16-bit integer. This call is mainly present on older systems, but new programs should rather use the getegid call if possible.

Arguments¶

This syscall does not take any arguments.

Available Tags¶

N/A

Hooks¶

The sys_getegid16 function can be hooked.

sys_getegid16¶

Type¶

Kprobes

Purpose¶

Kprobes provide the highest level of kernel instrumentation and can measure time at any byte-code level in any part of the kernel. By hooking into this function, it is possible to measure the kernel execution time for system calls.

Example Use Case¶

For example, this call can be used for measuring the latency of the system call in an embedded system or a system under high load.

Issues¶

N/A

getegid - returns the real group ID of the calling process.

This document was automatically generated by OpenAI and needs review. It might not be accurate and might contain errors. The authors of Tracee recommend that the user reads the "events.go" source file to understand the events and their arguments better.