#include <linux/tty.h>
#include <linux/sched.h>

#define TTYINO 12 // "/dev/pts/9"

struct write_fact {
    u64 id;
    char comm[TASK_COMM_LEN];
    char name[64];
    char buf[64];
};

//BPF_HASH(ih, u64, struct write_fact);
BPF_PERF_OUTPUT(oq);

int kprobe__n_tty_write(struct pt_regs *ctx,
        struct tty_struct *tty, struct file *file, const unsigned char *buf, size_t nr)
{
    if (file->f_inode->i_ino != TTYINO)
        return 0;

    struct write_fact wf = {};
    bpf_get_current_comm(&wf.comm, sizeof(wf.comm));
    wf.id = bpf_get_current_pid_tgid() >> 32;
    bpf_probe_read(&wf.name, sizeof(wf.name), tty->name);
    bpf_probe_read(&wf.buf, nr < sizeof(buf) ? nr : sizeof(buf), buf);

    //ih.update(&id, &wf);
    oq.perf_submit(ctx, &wf, sizeof(wf));
    return 0;
}