syscalls

package
v0.0.0-...-c601891 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 26, 2024 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

View Source 
const DefaultLogMaximumSize = 1024

DefaultLogMaximumSize is the default LogMaximumSize.

Variables

View Source 
var EventMaximumSize uint

EventMaximumSize determines the maximum size for data blobs (read, write, etc.) sent over the event channel. Default is 0 because most clients cannot do anything useful with binary text dump of byte array arguments.

View Source 
var LogMaximumSize uint = DefaultLogMaximumSize

LogMaximumSize determines the maximum display size for data blobs (read, write, etc.).

Functions

func ArgumentSimple 

func ArgumentSimple(t strace.Task, format Type, arg strace.SyscallArgument, maximumBlobSize uint) any

func ArgumentsStrings 

func ArgumentsStrings(si SyscallInfo, t strace.Task, args strace.SyscallArguments, rval strace.SyscallArgument, maximumBlobSize uint) []any

ArgumentsStrings fills arguments for a system call. If an argument cannot be interpreted, then a hex value will be used. Note that a full output slice will always be provided, that is len(return) == len(args).

func SignalString 

func SignalString(s unix.Signal) string

Types

type Arg 

type Arg struct {
	Type     string
	Value    interface{}
	Formated map[string]interface{}
}

type FullNetAddress 

type FullNetAddress struct {
	// Addr is the network address.
	Addr NetAddress

	// Port is the transport port.
	//
	// This may not be used by all endpoint types.
	Port uint16
}

func GetAddress 

func GetAddress(t strace.Task, addr []byte) (FullNetAddress, error)

GetAddress reads an sockaddr struct from the given address and converts it to the FullNetAddress format. It supports AF_UNIX, AF_INET and AF_INET6 addresses.

type NetAddress 

type NetAddress string

NetAddress is a byte slice cast as a string that represents the address of a network node. Or, in the case of unix endpoints, it may represent a path.

type SaneUtsname 

type SaneUtsname struct {
	Sysname    string
	Nodename   string
	Release    string
	Version    string
	Machine    string
	Domainname string
}

func SaneUname 

func SaneUname(u unix.Utsname) SaneUtsname

type Stackt 

type Stackt struct {
	Ss_sp    uint64
	Ss_flags int32
	Ss_size  uint64
}

stack_t

type SyscallInfo 

type SyscallInfo struct {
	// Name of a syscall.
	Name string

	// ArgTypes contains the type specifiers for each argument.
	ArgTypes []Type

	// ReturnType is a type specifier of the return value.
	ReturnType Type
}

SyscallInfo specifies syscall signature.

func Details 

func Details(s *strace.SyscallEvent) SyscallInfo

type SyscallMap 

type SyscallMap map[uintptr]SyscallInfo

SyscallMap maps syscalls into names and printing formats.

type Type 

type Type int

Type specifies an individual syscall argument type. 

const (
	// Hex is just a hexadecimal number.
	Hex Type = iota

	// Dec is just a decimal number.
	Dec

	// Oct is just an octal number.
	Oct

	// PID is process ID.
	PID

	// ReadBuffer is a buffer for a read-style call. The syscall return
	// value is used for the length.
	//
	// Formatted after syscall execution.
	ReadBuffer

	// WriteBuffer is a buffer for a write-style call. The following arg is
	// used for the length.
	//
	// Contents omitted after syscall execution.
	WriteBuffer

	// ReadIOVec is a pointer to a struct iovec for a writev-style call.
	// The following arg is used for the length. The return value is used
	// for the total length.
	//
	// Complete contents only formatted after syscall execution.
	ReadIOVec

	// WriteIOVec is a pointer to a struct iovec for a writev-style call.
	// The following arg is used for the length.
	//
	// Complete contents only formatted before syscall execution, omitted
	// after.
	WriteIOVec

	// IOVec is a generic pointer to a struct iovec. Contents are not dumped.
	IOVec

	// SendMsgHdr is a pointer to a struct msghdr for a sendmsg-style call.
	// Contents formatted only before syscall execution, omitted after.
	SendMsgHdr

	// RecvMsgHdr is a pointer to a struct msghdr for a recvmsg-style call.
	// Contents formatted only after syscall execution.
	RecvMsgHdr

	// Path is a pointer to a char* path.
	Path

	// PostPath is a pointer to a char* path, formatted after syscall
	// execution.
	PostPath

	// ExecveStringVector is a NULL-terminated array of strings. Enforces
	// the maximum execve array length.
	ExecveStringVector

	// FD is a file descriptor.
	FD

	// PipeFDs is an array of two FDs, formatted after syscall execution.
	PipeFDs

	// Uname is a pointer to a struct uname, formatted after syscall execution.
	Uname

	// Stat is a pointer to a struct stat, formatted after syscall execution.
	Stat

	// SockAddr is a pointer to a struct sockaddr. The following arg is
	// used for length.
	SockAddr

	// PostSockAddr is a pointer to a struct sockaddr, formatted after
	// syscall execution. The following arg is a pointer to the socklen_t
	// length.
	PostSockAddr

	// SockLen is a pointer to a socklen_t, formatted before and after
	// syscall execution.
	SockLen

	// SockFamily is a socket protocol family value.
	SockFamily

	// SockType is a socket type and flags value.
	SockType

	// SockProtocol is a socket protocol value. Argument n-2 is the socket
	// protocol family.
	SockProtocol

	// SockFlags are socket flags.
	SockFlags

	// Timespec is a pointer to a struct timespec.
	Timespec

	// PostTimespec is a pointer to a struct timespec, formatted after
	// syscall execution.
	PostTimespec

	// UTimeTimespec is a pointer to a struct timespec. Formatting includes
	// UTIME_NOW and UTIME_OMIT.
	UTimeTimespec

	// ItimerVal is a pointer to a struct itimerval.
	ItimerVal

	// PostItimerVal is a pointer to a struct itimerval, formatted after
	// syscall execution.
	PostItimerVal

	// ItimerSpec is a pointer to a struct itimerspec.
	ItimerSpec

	// PostItimerSpec is a pointer to a struct itimerspec, formatted after
	// syscall execution.
	PostItimerSpec

	// Timeval is a pointer to a struct timeval, formatted before and after
	// syscall execution.
	Timeval

	// Utimbuf is a pointer to a struct utimbuf.
	Utimbuf

	// Rusage is a struct rusage, formatted after syscall execution.
	Rusage

	// CloneFlags are clone(2) flags.
	CloneFlags

	// OpenFlags are open(2) flags.
	OpenFlags

	// Mode is a mode_t.
	Mode

	// FutexOp is the futex(2) operation.
	FutexOp

	// PtraceRequest is the ptrace(2) request.
	PtraceRequest

	// ItimerType is an itimer type (ITIMER_REAL, etc).
	ItimerType

	// CPUSet is a cpu_set_t.
	CPUSet

	// MMapProt is an mmap(2) protection flags.
	MMapProt

	// MMapFlags is an mmap(2) flags.
	MMapFlags

	// MADVFlags is an madvise(2) flags.
	MADVFlags

	// ArchPrctl is an arch_prctl(2) code.
	ArchPrctl

	// Signal is a process signal.
	Signal

	// StackT is a signal stack descriptor.
	StackT
)

Valid TypeSpecifiers.

Unless otherwise specified, values are formatted before syscall execution and not updated after syscall execution (the same value is output).

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.