ptrace

package

v0.0.0-...-b60b6a8 Latest Latest Go to latest Published: Feb 9, 2022 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/SEI-TAS/docker-slim

Documentation ¶

Index ¶

func PtraceEvenEnum(data int) string
func SigTrapCauseInfo(cause int) string
func SignalEnum(sigNum int) string
func StopSignalInfo(sig syscall.Signal) string
type App
- func Run(cmd string, args []string, dir string, user string, runAsUser bool, ...) (*App, error)
type AppState
type StringParamPos
type SyscallProcessor
type SyscallTypeName

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func PtraceEvenEnum ¶

func PtraceEvenEnum(data int) string

func SigTrapCauseInfo ¶

func SigTrapCauseInfo(cause int) string

func SignalEnum ¶

func SignalEnum(sigNum int) string

func StopSignalInfo ¶

func StopSignalInfo(sig syscall.Signal) string

Types ¶

type App ¶

type App struct {
	Cmd       string
	Args      []string
	Dir       string
	User      string
	RunAsUser bool
	Report    report.PtMonitorReport
	ReportCh  chan *report.PtMonitorReport
	ErrorCh   chan error
	StateCh   chan AppState
	StopCh    chan struct{}
	// contains filtered or unexported fields
}

func Run ¶

func Run(
	cmd string,
	args []string,
	dir string,
	user string,
	runAsUser bool,
	reportCh chan *report.PtMonitorReport,
	errorCh chan error,
	stateCh chan AppState,
	stopCh chan struct{},
	includeNew bool,
	origPaths map[string]interface{},
) (*App, error)

func (*App) FileActivity ¶

func (app *App) FileActivity() map[string]*report.FSActivityInfo

func (*App) MainPID ¶

func (a *App) MainPID() int

func (*App) PGID ¶

func (a *App) PGID() int

func (*App) Stop ¶

func (app *App) Stop()

type AppState ¶

type AppState string

const (
	AppStarted AppState = "app.started"
	AppFailed  AppState = "app.failed"
	AppDone    AppState = "app.done"
	AppExited  AppState = "app.exited"
)

type StringParamPos ¶

type StringParamPos int

const (
	SPPNo  StringParamPos = 0
	SPPOne StringParamPos = 1
	SPPTwo StringParamPos = 2
)

type SyscallProcessor ¶

type SyscallProcessor interface {
	SyscallNumber() uint64
	SetSyscallNumber(uint64)
	SyscallType() SyscallTypeName
	SyscallName() string
	EventOnCall() bool
	OnCall(pid int, regs syscall.PtraceRegs, cstate *syscallState)
	OnReturn(pid int, regs syscall.PtraceRegs, cstate *syscallState)
	FailedCall(cstate *syscallState) bool
	FailedReturnStatus(retVal uint64) bool
}

type SyscallTypeName ¶

type SyscallTypeName string

const (
	CheckFileType SyscallTypeName = "type.checkfile"
	OpenFileType  SyscallTypeName = "type.openfile"
	ExecType      SyscallTypeName = "type.exec"
)

Source Files ¶

View all Source files

ptrace.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL