pwru

package
v1.0.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 22, 2024 License: Apache-2.0 Imports: 31 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	OutputMetaMask uint8 = 1 << iota
	OutputTupleMask
	OutputSkbMask
	OutputShinfoMask
	OutputStackMask
	OutputCallerMask
)
View Source 
const (
	IsSetMask uint8 = 1 << iota
	TrackSkbMask
	TrackSkbByStackidMask
	TrackXDPMask
)
View Source 
const (
	MaxStackDepth = 50

	BackendKprobe      = "kprobe"
	BackendKprobeMulti = "kprobe-multi"
)

Variables

View Source 
var Version string = "version unknown"

Version is the pwru version and is set at compile time via LDFLAGS-

Functions

func AttachKprobeMulti added in v1.0.6 

func AttachKprobeMulti(ctx context.Context, bar *pb.ProgressBar, kprobes []Kprobe, a2n Addr2Name) (links []link.Link, ignored int)

AttachKprobeMulti attaches kprobe-multi serially.

func AttachKprobes added in v1.0.6 

func AttachKprobes(ctx context.Context, bar *pb.ProgressBar, kps []Kprobe, batch uint) (links []link.Link, ignored int)

AttachKprobes attaches kprobes concurrently.

func GetBpfHelpers added in v1.0.8 

func GetBpfHelpers(addr2name Addr2Name) (helpers []string, err error)

func GetFuncsByPos added in v0.0.7 

func GetFuncsByPos(funcs Funcs) map[int][]string

func HaveAvailableFilterFunctions added in v1.0.6 

func HaveAvailableFilterFunctions() bool

func HaveBPFLinkKprobeMulti added in v0.0.7 

func HaveBPFLinkKprobeMulti() bool

Very hacky way to check whether multi-link kprobe is supported.

func HaveBPFLinkTracing added in v1.0.4 

func HaveBPFLinkTracing() bool

Very hacky way to check whether tracing link is supported.

func NewKprober added in v1.0.7 

func NewKprober(ctx context.Context, funcs Funcs, coll *ebpf.Collection, a2n Addr2Name, useKprobeMulti bool, batch uint) *kprober

func NewNonSkbFuncsKprober added in v1.0.7 

func NewNonSkbFuncsKprober(nonSkbFuncs []string, funcs Funcs, coll *ebpf.Collection) *kprober

func NewOutput 

func NewOutput(flags *Flags, printSkbMap, printShinfoMap, printStackMap *ebpf.Map, addr2Name Addr2Name, kprobeMulti bool, btfSpec *btf.Spec) (*output, error)

func ParseKallsyms added in v1.0.6 

func ParseKallsyms(funcs Funcs, all bool) (Addr2Name, BpfProgName2Addr, error)

func TraceTC added in v1.0.4 

func TraceTC(coll *ebpf.Collection, spec *ebpf.CollectionSpec,
	opts *ebpf.CollectionOptions, outputSkb bool, outputShinfo bool,
	n2a BpfProgName2Addr,
) *tracing

func TraceXDP added in v1.0.7 

func TraceXDP(coll *ebpf.Collection, spec *ebpf.CollectionSpec,
	opts *ebpf.CollectionOptions, outputSkb bool, outputShinfo bool,
	n2a BpfProgName2Addr,
) *tracing

func TrackSkb added in v1.0.7 

func TrackSkb(coll *ebpf.Collection, haveFexit, trackSkbClone bool) *skbTracker

Types

type Addr2Name 

type Addr2Name struct {
	Addr2NameMap   map[uint64]*ksym
	Addr2NameSlice []*ksym
	Name2AddrMap   map[string][]uintptr
}

type BpfProgName2Addr added in v1.0.6 

type BpfProgName2Addr map[string]uint64

type Event 

type Event struct {
	PID           uint32
	Type          uint32
	Addr          uint64
	CallerAddr    uint64
	SkbAddr       uint64
	Timestamp     uint64
	PrintSkbId    uint64
	PrintShinfoId uint64
	Meta          Meta
	Tuple         Tuple
	PrintStackId  int64
	ParamSecond   uint64
	ParamThird    uint64
	CPU           uint32
}

type FilterCfg added in v0.0.2 

type FilterCfg struct {
	FilterNetns   uint32
	FilterMark    uint32
	FilterIfindex uint32

	OutputFlags uint8
	FilterFlags uint8
}

func GetConfig added in v0.0.9 

func GetConfig(flags *Flags) (cfg FilterCfg, err error)

type Flags 

type Flags struct {
	ShowVersion bool
	ShowHelp    bool

	KernelBTF string

	FilterNetns             string
	FilterMark              uint32
	FilterFunc              string
	FilterNonSkbFuncs       []string
	FilterTrackSkb          bool
	FilterTrackSkbByStackid bool
	FilterTraceTc           bool
	FilterTraceXdp          bool
	FilterTrackBpfHelpers   bool
	FilterIfname            string
	FilterPcap              string
	FilterKprobeBatch       uint

	OutputTS         string
	OutputMeta       bool
	OutputTuple      bool
	OutputSkb        bool
	OutputShinfo     bool
	OutputStack      bool
	OutputCaller     bool
	OutputLimitLines uint64
	OutputFile       string
	OutputJson       bool

	KMods    []string
	AllKMods bool

	ReadyFile string

	Backend string
}

func (*Flags) Parse added in v1.0.0 

func (f *Flags) Parse()

func (*Flags) PrintHelp added in v1.0.5 

func (f *Flags) PrintHelp()

func (*Flags) SetFlags added in v0.0.2 

func (f *Flags) SetFlags()

type Funcs 

type Funcs map[string]int

func GetFuncs 

func GetFuncs(pattern string, spec *btf.Spec, kmods []string, kprobeMulti bool) (Funcs, error)

type Kprobe added in v1.0.6 

type Kprobe struct {
	HookFuncs []string
	Prog      *ebpf.Program
	// contains filtered or unexported fields
}

type Meta 

type Meta struct {
	Netns   uint32
	Mark    uint32
	Ifindex uint32
	Len     uint32
	MTU     uint32
	Proto   uint16
	Pad     uint16
}

type StackData added in v0.0.2 

type StackData struct {
	IPs [MaxStackDepth]uint64
}

type Tuple 

type Tuple struct {
	Saddr   [16]byte
	Daddr   [16]byte
	Sport   uint16
	Dport   uint16
	L3Proto uint16
	L4Proto uint8
	Pad     uint8
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.