setitimer¶

Intro¶

setitimer - set value of an interval timer

Description¶

The setitimer system call sets the value of an interval timer. It sets the clock associated with the timer which according to the new_value argument. If old_value is non-NULL, the previous value of the timer is stored there. The time is measured in seconds, microseconds and nanoseconds (if possible on the platform); if required, the time is rounded up to the system clock granularity, and kernel-internal quantities are measured in jiffies (1/100ths of a second).

This system call is useful for applications that need to be periodically notified, for example to update statistics or audit data.

Arguments¶

which:int[K] - Specifies which of the four interval timers to set. It can take one of the following values: ITIMER_REAL, ITIMER_VIRTUAL, ITIMER_PROF or ITIMER_MONOTONIC.
new_value:struct itimerval*[KU] - A pointer to a struct itimerval data structure which sets the new values of the interval timer.
old_value:struct itimerval*[U] - A pointer to a struct itimerval data structure that will be filled with the reset value(s) of the interval timer.

Available Tags¶

K - Originated from kernel-space.
U - Originated from user space (for example, pointer to user space memory used to get it)
TOCTOU - Vulnerable to TOCTOU (time of check, time of use)
OPT - Optional argument - might not always be available (passed with null value)

Hooks¶

do_setitimer¶

Type¶

kprobe

Purpose¶

To monitor when an interval timer is set.

Example Use Case¶

An application which needs to perform multiple periodic tasks, each on a different interval, can use setitimer system call to set up different interval timers.

Issues¶

None.

getitimer, timer_create, timer_delete, timer_settime, timer_gettime, timer_getoverrun.

This document was automatically generated by OpenAI and needs review. It might not be accurate and might contain errors. The authors of Tracee recommend that the user reads the "events.go" source file to understand the events and their arguments better.