Documentation ¶
Index ¶
- Constants
- func DecodeSyscall(nr int, arguments []*byte, arglen int) (interface{}, error)
- func TestFutex(t *testing.T)
- type Accept
- type Accept4
- type AcceptFlags
- type Access
- type Acct
- type Alarm
- type Argument
- type Arguments
- type Bind
- type Brk
- type Chdir
- type Chroot
- type Clone
- type Close
- type Connect
- type Creat
- type Execve
- type Exit
- type Faccessat
- type Fstat
- type Ftruncate
- type Function
- type FunctionDecoder
- type FunctionHandle
- type FunctionHandler
- type Futex
- type Getcwd
- type Getpeername
- type Getsockname
- type Getsockopt
- type INotifyAddWatch
- type InitModule
- type InotifyMask
- type Kill
- type Link
- type Listen
- type Mincore
- type Mkdir
- type Mount
- type MountFlags
- type Mprotect
- type Nanosleep
- type Open
- type Openat
- type PRresource
- type PivotRoot
- type Prlimit64
- type ProtFlags
- type Ptrace
- type PtraceData
- type PtraceRequest
- type Read
- type Readlink
- type Readlinkat
- type Recvfrom
- type Rename
- type Rlimit
- type Rmdir
- type Seccomp
- type Sendto
- type Setns
- type Setsockopt
- type Setuid
- type SockFamily
- type SockProtocol
- type SockType
- type Socket
- type Sockopt
- type SockoptLevel
- type SockoptName
- type Stat
- type Statfs
- type Symlink
- type Syslog
- type TimerFDCreate
- type TimerFDSettime
- type Umount2
- type Unlink
- type Write
Constants ¶
View Source
const ( RLIMIT_RSS = 5 RLIMIT_NPROC = 6 RLIMIT_MEMLOCK = 8 RLIMIT_LOCKS = 10 RLIMIT_SIGPENDING = 11 RLIMIT_MSGQUEUE = 12 RLIMIT_NICE = 13 RLIMIT_RTPRIO = 14 RLIMIT_RTTIME = 15 )
View Source
const ( PTRACE_SEIZE = 0x4206 PTRACE_INTERRUPT = 0x4207 PTRACE_LISTEN = 0x4208 PTRACE_PEEKSIGINFO = 0x4209 PTRACE_SECCOMP_GET_FILTER = 0x420c PTRACE_GET_SYSCALL_INFO = 0x420e )
View Source
const ( CLONE_NEWCGROUP = 0x02000000 CLONE_NEWUTS = 0x04000000 CLONE_NEWIPC = 0x08000000 CLONE_NEWUSER = 0x10000000 CLONE_NEWPID = 0x20000000 CLONE_NEWNET = 0x40000000 CLONE_NEWNS = 0x00020000 )
View Source
const ( SYS_SECCOMP = 317 SYS_SETNS = 308 )
View Source
const PROT_SEM = 0x8
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Accept4 ¶
type Accept4 struct { FD types.InputFD `json:"fd"` Saddr *types.SockAddr `json:"saddr"` Flags AcceptFlags `json:"flags"` }
type AcceptFlags ¶
type AcceptFlags int
func (AcceptFlags) MarshalJSON ¶
func (f AcceptFlags) MarshalJSON() ([]byte, error)
func (AcceptFlags) Parse ¶
func (flags AcceptFlags) Parse() []string
func (AcceptFlags) String ¶
func (flags AcceptFlags) String() string
func (*AcceptFlags) UnmarshalJSON ¶
func (f *AcceptFlags) UnmarshalJSON(b []byte) error
type Access ¶
type Access struct { Pathname string `json:"pathname"` Mode types.XmodeFlags `json:"mode"` }
type Argument ¶
type Argument struct { // the name of the Value Name string `json:"name"` // the Type of the Value Type string `json:"type"` // THE ACTUAL VALUE OF THE VALUE! Value interface{} `json:"val"` }
Argument represents a single value within a function call. function(arg=(int)N <- name="arg", type="int", value="N"
func (Argument) MarshalJSON ¶
type Clone ¶
type Faccessat ¶
type Faccessat struct { FD types.DirFD `json:"fd"` Pathname string `json:"pathname"` Mode os.FileMode `json:"mode"` Flags int `json:"flags"` }
func (*Faccessat) DecodeArguments ¶
type Ftruncate ¶
func (*Ftruncate) DecodeArguments ¶
type Function ¶
type Function interface { // The name of the function CallName() string // The return argument of the function Return() *Argument // A slight abstraction around function arguments and how they can // be semi-serialized. This must return an array of EventArg's Arguments() Arguments }
Function represents a function call of some sort, as of the time of writing, that's just syscalls.
type FunctionDecoder ¶
FunctionDecoder api's should be able to read in an array of byte pointers (basically void argv[][]), and fill in information about itself.
type FunctionHandle ¶
type FunctionHandle struct {
FunctionHandler
}
FunctionHandle allows for abstract readers/writers on handlers.
func (*FunctionHandle) MarshalJSON ¶
func (h *FunctionHandle) MarshalJSON() ([]byte, error)
func (*FunctionHandle) String ¶
func (h *FunctionHandle) String() string
type FunctionHandler ¶
type FunctionHandler interface { Function FunctionDecoder }
Functionhandler api's define a function they are authoratative for, and a decoder for the function.
type Getpeername ¶
func (*Getpeername) Arguments ¶
func (g *Getpeername) Arguments() Arguments
func (*Getpeername) CallName ¶
func (g *Getpeername) CallName() string
func (*Getpeername) DecodeArguments ¶
func (g *Getpeername) DecodeArguments(data []*byte, arglen int) error
func (*Getpeername) Return ¶
func (g *Getpeername) Return() *Argument
type Getsockname ¶
func (*Getsockname) Arguments ¶
func (g *Getsockname) Arguments() Arguments
func (*Getsockname) CallName ¶
func (g *Getsockname) CallName() string
func (*Getsockname) DecodeArguments ¶
func (g *Getsockname) DecodeArguments(data []*byte, arglen int) error
func (*Getsockname) Return ¶
func (g *Getsockname) Return() *Argument
type Getsockopt ¶
type Getsockopt struct {
Sockopt `json:"sockopt"`
}
func (*Getsockopt) CallName ¶
func (g *Getsockopt) CallName() string
func (*Getsockopt) Return ¶
func (g *Getsockopt) Return() *Argument
type INotifyAddWatch ¶
type INotifyAddWatch struct { FD types.InputFD `json:"fd"` Pathname string `json:"pathname"` Mask InotifyMask `json:"mask"` }
func (*INotifyAddWatch) Arguments ¶
func (m *INotifyAddWatch) Arguments() Arguments
func (*INotifyAddWatch) CallName ¶
func (m *INotifyAddWatch) CallName() string
func (*INotifyAddWatch) DecodeArguments ¶
func (m *INotifyAddWatch) DecodeArguments(data []*byte, arglen int) error
func (*INotifyAddWatch) Return ¶
func (m *INotifyAddWatch) Return() *Argument
type InitModule ¶
type InitModule struct { Name string `json:"name"` Len int `json:"len"` Params string `json:"params"` }
func (*InitModule) Arguments ¶
func (i *InitModule) Arguments() Arguments
func (*InitModule) CallName ¶
func (i *InitModule) CallName() string
func (*InitModule) DecodeArguments ¶
func (i *InitModule) DecodeArguments(data []*byte, arglen int) error
func (*InitModule) Return ¶
func (i *InitModule) Return() *Argument
type InotifyMask ¶
type InotifyMask uint32
func (InotifyMask) MarshalJSON ¶
func (f InotifyMask) MarshalJSON() ([]byte, error)
func (InotifyMask) Parse ¶
func (flags InotifyMask) Parse() []string
func (InotifyMask) String ¶
func (flags InotifyMask) String() string
func (*InotifyMask) UnmarshalJSON ¶
func (f *InotifyMask) UnmarshalJSON(data []byte) error
type Mount ¶
type Mount struct { Device string `json:"device"` Directory string `json:"directory"` Type string `json:"type"` Flags MountFlags `json:"flags"` }
type MountFlags ¶
type MountFlags int
func (MountFlags) MarshalJSON ¶
func (f MountFlags) MarshalJSON() ([]byte, error)
func (MountFlags) Parse ¶
func (flags MountFlags) Parse() []string
func (MountFlags) String ¶
func (flags MountFlags) String() string
func (*MountFlags) UnmarshalJSON ¶
func (f *MountFlags) UnmarshalJSON(data []byte) error
type Mprotect ¶
type Mprotect struct { Addr uintptr `json:"addr"` Len int `json:"len"` Prot ProtFlags `json:"prot"` AddrData types.Buffer `json:"addr_data"` }
func (*Mprotect) DecodeArguments ¶
type Nanosleep ¶
func (*Nanosleep) DecodeArguments ¶
type Open ¶
type Openat ¶
type PRresource ¶
type PRresource int
func (PRresource) MarshalJSON ¶
func (r PRresource) MarshalJSON() ([]byte, error)
func (PRresource) Parse ¶
func (r PRresource) Parse() string
func (PRresource) String ¶
func (r PRresource) String() string
func (*PRresource) UnmarshalJSON ¶
func (r *PRresource) UnmarshalJSON(data []byte) error
type PivotRoot ¶
func (*PivotRoot) DecodeArguments ¶
type Prlimit64 ¶
type Prlimit64 struct { Pid int `json:"pid"` Resource PRresource `json:"resource"` New Rlimit `json:"new"` Old Rlimit `json:"old"` }
func (*Prlimit64) DecodeArguments ¶
type Ptrace ¶
type Ptrace struct { Request PtraceRequest `json:"request"` PID int `json:"pid"` Addr uint64 `json:"addr"` Data PtraceData `json:"data"` }
type PtraceData ¶
type PtraceData uint64
type PtraceRequest ¶
type PtraceRequest int
func (PtraceRequest) Parse ¶
func (p PtraceRequest) Parse() string
func (PtraceRequest) String ¶
func (p PtraceRequest) String() string
type Read ¶
type Readlink ¶
type Readlink struct { Pathname string `json:"pathname"` Buf types.Buffer `json:"buf"` Bufsize int `json:"size"` }
func (*Readlink) DecodeArguments ¶
type Readlinkat ¶
type Readlinkat struct { DirFD types.DirFD `json:"dir_fd"` Pathname string `json:"pathname"` Buf types.Buffer `json:"buf"` Bufsize int `json:"size"` }
func (*Readlinkat) Arguments ¶
func (r *Readlinkat) Arguments() Arguments
func (*Readlinkat) CallName ¶
func (r *Readlinkat) CallName() string
func (*Readlinkat) DecodeArguments ¶
func (r *Readlinkat) DecodeArguments(data []*byte, arglen int) error
func (*Readlinkat) Return ¶
func (r *Readlinkat) Return() *Argument
type Recvfrom ¶
type Recvfrom struct { FD types.InputFD `json:"fd"` Ubuf types.Buffer `json:"ubuf"` Size int `json:"size"` OSize int `json:"o_size"` Flags types.MsgFlags `json:"flags"` Saddr *types.SockAddr `json:"saddr"` }
func (*Recvfrom) DecodeArguments ¶
type Sendto ¶
type Setns ¶
type Setns struct { FD types.InputFD `json:"fd"` NSType types.CloneFlags `json:"ns_type"` }
type Setsockopt ¶
type Setsockopt struct {
Sockopt
}
func (*Setsockopt) CallName ¶
func (s *Setsockopt) CallName() string
func (*Setsockopt) Return ¶
func (s *Setsockopt) Return() *Argument
type SockFamily ¶
type SockFamily int
func (SockFamily) MarshalJSON ¶
func (f SockFamily) MarshalJSON() ([]byte, error)
func (SockFamily) Parse ¶
func (f SockFamily) Parse() string
func (SockFamily) String ¶
func (f SockFamily) String() string
func (*SockFamily) UnmarshalJSON ¶
func (f *SockFamily) UnmarshalJSON(data []byte) error
type SockProtocol ¶
type SockProtocol int
func (SockProtocol) MarshalJSON ¶
func (p SockProtocol) MarshalJSON() ([]byte, error)
func (SockProtocol) Parse ¶
func (p SockProtocol) Parse() string
func (SockProtocol) String ¶
func (p SockProtocol) String() string
func (*SockProtocol) UnmarshalJSON ¶
func (p *SockProtocol) UnmarshalJSON(data []byte) error
type Socket ¶
type Socket struct { Family SockFamily `json:"family"` Type SockType `json:"type"` Protocol SockProtocol `json:"protocol"` }
type Sockopt ¶
type Sockopt struct { FD types.InputFD `json:"fd"` Level SockoptLevel `json:"level"` Name *SockoptName `json:"name"` Val []byte `json:"val"` Len int `json:"len"` }
type SockoptLevel ¶
type SockoptLevel int
func (SockoptLevel) MarshalJSON ¶
func (s SockoptLevel) MarshalJSON() ([]byte, error)
func (SockoptLevel) Parse ¶
func (s SockoptLevel) Parse() string
func (SockoptLevel) String ¶
func (s SockoptLevel) String() string
func (*SockoptLevel) UnmarshalJSON ¶
func (s *SockoptLevel) UnmarshalJSON(data []byte) error
type SockoptName ¶
SockoptName is a combination of the type and level for easier marshalling and unmarshalling.
func (*SockoptName) MarshalJSON ¶
func (s *SockoptName) MarshalJSON() ([]byte, error)
func (*SockoptName) Parse ¶
func (s *SockoptName) Parse() string
func (*SockoptName) String ¶
func (s *SockoptName) String() string
func (*SockoptName) UnmarshalJSON ¶
func (s *SockoptName) UnmarshalJSON(b []byte) error
type TimerFDCreate ¶
type TimerFDCreate struct { Clock types.TFDClock `json:"clock"` Flags types.TimerFlags `json:"flags"` }
func (*TimerFDCreate) Arguments ¶
func (t *TimerFDCreate) Arguments() Arguments
func (*TimerFDCreate) CallName ¶
func (t *TimerFDCreate) CallName() string
func (*TimerFDCreate) DecodeArguments ¶
func (t *TimerFDCreate) DecodeArguments(data []*byte, arglen int) error
func (*TimerFDCreate) Return ¶
func (t *TimerFDCreate) Return() *Argument
type TimerFDSettime ¶
type TimerFDSettime struct { FD types.InputFD `json:"fd"` Flags types.TimerFlags `json:"flags"` New types.Itimerspec `json:"new"` Old types.Itimerspec `json:"old"` }
func (*TimerFDSettime) Arguments ¶
func (f *TimerFDSettime) Arguments() Arguments
func (*TimerFDSettime) CallName ¶
func (f *TimerFDSettime) CallName() string
func (*TimerFDSettime) DecodeArguments ¶
func (f *TimerFDSettime) DecodeArguments(data []*byte, arglen int) error
func (*TimerFDSettime) Return ¶
func (f *TimerFDSettime) Return() *Argument
type Umount2 ¶
type Umount2 struct { Target string `json:"target"` Flags types.UmountFlags `json:"flags"` }
Source Files ¶
- accept.go
- access.go
- acct.go
- alarm.go
- bind.go
- brk.go
- chdir.go
- chroot.go
- clone.go
- close.go
- connect.go
- creat.go
- execve.go
- exit.go
- faccessat.go
- fstat.go
- ftruncate.go
- function.go
- futex.go
- futex_text.go
- getcwd.go
- getpeername.go
- getsockname.go
- getsockopt.go
- init_module.go
- inotify_add_watch.go
- kill.go
- link.go
- listen.go
- mincore.go
- mkdir.go
- mount.go
- mprotect.go
- nanosleep.go
- open.go
- openat.go
- pivot_root.go
- prlimit64.go
- ptrace.go
- read.go
- readlink.go
- readlinkat.go
- recvfrom.go
- rename.go
- rmdir.go
- seccomp.go
- sendto.go
- setns.go
- setsockopt.go
- setuid.go
- socket.go
- sockopt.go
- stat.go
- statfs.go
- symlink.go
- syscall.go
- syslog.go
- timerfd_create.go
- timerfd_settime.go
- umount2.go
- unlink.go
- write.go
Click to show internal directories.
Click to hide internal directories.