ptrace

package
v0.0.0-...-456a8b7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 30, 2025 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func PtraceEvenEnum 

func PtraceEvenEnum(data int) string

func SigTrapCauseInfo 

func SigTrapCauseInfo(cause int) string

func SignalEnum 

func SignalEnum(sigNum int) string

func StopSignalInfo 

func StopSignalInfo(sig syscall.Signal) string

Types

type App 

type App struct {
	Cmd       string
	Args      []string
	WorkDir   string
	User      string
	RunAsUser bool

	RTASourcePT bool

	StateCh  chan AppState
	ReportCh chan *report.PtMonitorReport

	Report report.PtMonitorReport
	// contains filtered or unexported fields
}

func Run 

func Run(
	ctx context.Context,
	del mondel.Publisher,
	runOpt AppRunOpt,

	includeNew bool,
	origPaths map[string]struct{},
	signalCh <-chan os.Signal,
	errorCh chan<- error,
) (*App, error)

func (*App) FileActivity 

func (app *App) FileActivity() map[string]*report.FSActivityInfo

func (*App) MainPID 

func (a *App) MainPID() int

func (*App) PGID 

func (a *App) PGID() int

type AppRunOpt 

type AppRunOpt struct {
	Cmd                 string
	Args                []string
	AppStdout           io.Writer
	AppStderr           io.Writer
	WorkDir             string
	User                string
	RunAsUser           bool
	RTASourcePT         bool
	ReportOnMainPidExit bool
}

type AppState 

type AppState string
const (
	AppStarted AppState = "app.started"
	AppFailed  AppState = "app.failed"
	AppDone    AppState = "app.done"
)

type StringParamPos 

type StringParamPos int
const (
	SPPNo  StringParamPos = 0
	SPPOne StringParamPos = 1
	SPPTwo StringParamPos = 2
)

type SyscallProcessor 

type SyscallProcessor interface {
	SyscallNumber() uint64
	SetSyscallNumber(uint64)
	SyscallType() SyscallTypeName
	SyscallName() string
	EventOnCall() bool
	OnCall(pid int, regs syscall.PtraceRegs, cstate *syscallState)
	OnReturn(pid int, regs syscall.PtraceRegs, cstate *syscallState)
	FailedCall(cstate *syscallState) bool
	FailedReturnStatus(retVal uint64) bool
	OKCall(cstate *syscallState) bool
	OKReturnStatus(retVal uint64) bool
}

type SyscallTypeName 

type SyscallTypeName string
const (
	CheckFileType SyscallTypeName = "type.checkfile"
	OpenFileType  SyscallTypeName = "type.openfile"
	ExecType      SyscallTypeName = "type.exec"
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.