goexec

package
v2.0.4-alloy-test Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 18, 2025 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Overview

Package goexec provides the utilities to analyse the executable code

Package goexec helps analyzing Go executables

Index

Constants

View Source 
const GoOffsetsTableSize = 30

Variables

This section is empty.

Functions

func FindReturnOffsets 

func FindReturnOffsets(baseOffset uint64, data []byte) ([]uint64, error)

Types

type FieldOffsets 

type FieldOffsets map[GoOffset]any

type FuncOffsets 

type FuncOffsets struct {
	Start   uint64
	Returns []uint64
}

type GoOffset 

type GoOffset uint32

this const table must match what's in go_offsets.h 

const (
	// go common
	ConnFdPos GoOffset = iota + 1 // start at 1, must match what's in go_offsets.h
	FdLaddrPos
	FdRaddrPos
	TCPAddrPortPtrPos
	TCPAddrIPPtrPos
	// http
	URLPtrPos
	PathPtrPos
	HostPtrPos
	SchemePtrPos
	MethodPtrPos
	StatusCodePtrPos
	ContentLengthPtrPos
	ReqHeaderPtrPos
	IoWriterBufPtrPos
	IoWriterNPos
	CcNextStreamIDPos
	FramerWPos
	PcConnPos
	PcTLSPos
	NetConnPos
	CcTconnPos
	ScConnPos
	CRwcPos
	CTlsPos
	// grpc
	GrpcStreamStPtrPos
	GrpcStreamMethodPtrPos
	GrpcStatusSPos
	GrpcStatusCodePtrPos
	MetaHeadersFrameFieldsPtrPos
	ValueContextValPtrPos
	GrpcStConnPos
	GrpcTConnPos
	GrpcTSchemePos
	HTTP2ClientNextIDPos
	GrpcTransportBufWriterBufPos
	GrpcTransportBufWriterOffsetPos
	// redis
	RedisConnBwPos
	// kafka go
	KafkaGoWriterTopicPos
	KafkaGoProtocolConnPos
	KafkaGoReaderTopicPos
	// kafka sarama
	SaramaBrokerCorrIDPos
	SaramaResponseCorrIDPos
	SaramaBrokerConnPos
	SaramaBufconnConnPos
	// grpc versioning
	OperateHeadersNew
)

type Offsets 

type Offsets struct {
	// Funcs key: function name
	Funcs map[string]FuncOffsets
	Field FieldOffsets
}

func InspectOffsets 

func InspectOffsets(execElf *exec.FileInfo, funcs []string) (*Offsets, error)

InspectOffsets gets the memory addresses/offsets of the instrumenting function, as well as the required parameters fields to be read from the eBPF code

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.