pwru

package
v1.0.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 24, 2024 License: Apache-2.0 Imports: 31 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	MaxStackDepth = 50

	BackendKprobe      = "kprobe"
	BackendKprobeMulti = "kprobe-multi"
)

Variables

View Source 
var Version string = "version unknown"

Version is the pwru version and is set at compile time via LDFLAGS-

Functions

func AttachKprobeMulti added in v1.0.6 

func AttachKprobeMulti(ctx context.Context, bar *pb.ProgressBar, kprobes []Kprobe, a2n Addr2Name) (links []link.Link, ignored int)

AttachKprobeMulti attaches kprobe-multi serially.

func AttachKprobes added in v1.0.6 

func AttachKprobes(ctx context.Context, bar *pb.ProgressBar, kps []Kprobe, batch uint) (links []link.Link, ignored int)

AttachKprobes attaches kprobes concurrently.

func DetachKprobes added in v1.0.6 

func DetachKprobes(links []link.Link, batch uint)

DetachKprobes detaches kprobes concurrently.

func GetFuncsByPos added in v0.0.7 

func GetFuncsByPos(funcs Funcs) map[int][]string

func HaveAvailableFilterFunctions added in v1.0.6 

func HaveAvailableFilterFunctions() bool

func HaveBPFLinkKprobeMulti added in v0.0.7 

func HaveBPFLinkKprobeMulti() bool

Very hacky way to check whether multi-link kprobe is supported.

func HaveBPFLinkTracing added in v1.0.4 

func HaveBPFLinkTracing() bool

Very hacky way to check whether tracing link is supported.

func NewOutput 

func NewOutput(flags *Flags, printSkbMap *ebpf.Map, printStackMap *ebpf.Map,
	addr2Name Addr2Name, kprobeMulti bool, btfSpec *btf.Spec,
) (*output, error)

func ParseKallsyms added in v1.0.6 

func ParseKallsyms(funcs Funcs, all bool) (Addr2Name, BpfProgName2Addr, error)

func TraceTC added in v1.0.4 

func TraceTC(coll *ebpf.Collection, spec *ebpf.CollectionSpec,
	opts *ebpf.CollectionOptions, outputSkb bool, n2a BpfProgName2Addr,
) func()

Types

type Addr2Name 

type Addr2Name struct {
	Addr2NameMap   map[uint64]*ksym
	Addr2NameSlice []*ksym
	Name2AddrMap   map[string][]uintptr
}

type BpfProgName2Addr added in v1.0.6 

type BpfProgName2Addr map[string]uint64

type Event 

type Event struct {
	PID          uint32
	Type         uint32
	Addr         uint64
	SAddr        uint64
	Timestamp    uint64
	PrintSkbId   uint64
	Meta         Meta
	Tuple        Tuple
	PrintStackId int64
	ParamSecond  uint64
	CPU          uint32
}

type FilterCfg added in v0.0.2 

type FilterCfg struct {
	FilterNetns   uint32
	FilterMark    uint32
	FilterIfindex uint32

	// TODO: if there are more options later, then you can consider using a bit map
	OutputMeta  uint8
	OutputTuple uint8
	OutputSkb   uint8
	OutputStack uint8

	IsSet             byte
	TrackSkb          byte
	TrackSkbByStackid byte
}

func GetConfig added in v0.0.9 

func GetConfig(flags *Flags) (cfg FilterCfg, err error)

type Flags 

type Flags struct {
	ShowVersion bool
	ShowHelp    bool

	KernelBTF string

	FilterNetns             string
	FilterMark              uint32
	FilterFunc              string
	FilterNonSkbFuncs       []string
	FilterTrackSkb          bool
	FilterTrackSkbByStackid bool
	FilterTraceTc           bool
	FilterIfname            string
	FilterPcap              string
	FilterKprobeBatch       uint

	OutputTS         string
	OutputMeta       bool
	OutputTuple      bool
	OutputSkb        bool
	OutputStack      bool
	OutputLimitLines uint64
	OutputFile       string
	OutputJson       bool

	KMods    []string
	AllKMods bool

	ReadyFile string

	Backend string
}

func (*Flags) Parse added in v1.0.0 

func (f *Flags) Parse()

func (*Flags) PrintHelp added in v1.0.5 

func (f *Flags) PrintHelp()

func (*Flags) SetFlags added in v0.0.2 

func (f *Flags) SetFlags()

type Funcs 

type Funcs map[string]int

func GetFuncs 

func GetFuncs(pattern string, spec *btf.Spec, kmods []string, kprobeMulti bool) (Funcs, error)

type Kprobe added in v1.0.6 

type Kprobe struct {
	HookFuncs []string
	Prog      *ebpf.Program
	// contains filtered or unexported fields
}

type Meta 

type Meta struct {
	Netns   uint32
	Mark    uint32
	Ifindex uint32
	Len     uint32
	MTU     uint32
	Proto   uint16
	Pad     uint16
}

type StackData added in v0.0.2 

type StackData struct {
	IPs [MaxStackDepth]uint64
}

type Tuple 

type Tuple struct {
	Saddr   [16]byte
	Daddr   [16]byte
	Sport   uint16
	Dport   uint16
	L3Proto uint16
	L4Proto uint8
	Pad     uint8
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.