Implement get_fd_from_tcp_conn function

tap/tlstapper/bpf/common.c

@@ -9,6 +9,7 @@ Copyright (C) UP9 Inc.
 #include "include/maps.h"
 #include "include/log.h"
 #include "include/logger_messages.h"
+#include "include/common.h"
 
 
 static __always_inline int get_count_bytes(struct pt_regs *ctx, struct ssl_info* info, __u64 id) {
@@ -149,7 +150,7 @@ static __always_inline struct ssl_info lookup_ssl_info(struct pt_regs *ctx, stru
     struct ssl_info info = {};
 
     if (infoPtr == NULL) {
-        info.fd = -1;
+        info.fd = invalid_fd;
         info.created_at_nano = bpf_ktime_get_ns();
     } else {
         long err = bpf_probe_read(&info, sizeof(struct ssl_info), infoPtr);
@@ -161,7 +162,7 @@ static __always_inline struct ssl_info lookup_ssl_info(struct pt_regs *ctx, stru
         if ((bpf_ktime_get_ns() - info.created_at_nano) > SSL_INFO_MAX_TTL_NANO) {
             // If the ssl info is too old, we don't want to use its info because it may be incorrect.
             //
-            info.fd = -1;
+            info.fd = invalid_fd;
             info.created_at_nano = bpf_ktime_get_ns();
         }
     }

tap/tlstapper/bpf/golang_uprobes.c

@@ -49,7 +49,29 @@ A Quick Guide to Go's Assembler: https://go.googlesource.com/go/+/refs/heads/dev
 #include "include/pids.h"
 #include "include/common.h"
 #include "include/go_abi_internal.h"
+#include "include/go_types.h"
 
+static __always_inline __u32 get_fd_from_tcp_conn(struct pt_regs *ctx) {
+    struct go_interface conn;
+    long err = bpf_probe_read(&conn, sizeof(conn), (void*)GO_ABI_INTERNAL_PT_REGS_R1(ctx));
+    if (err != 0) {
+        return invalid_fd;
+    }
+
+    void* net_fd_ptr;
+    err = bpf_probe_read(&net_fd_ptr, sizeof(net_fd_ptr), conn.ptr);
+    if (err != 0) {
+        return invalid_fd;
+    }
+
+    __u32 fd;
+    err = bpf_probe_read(&fd, sizeof(fd), net_fd_ptr + 0x10);
+    if (err != 0) {
+        return invalid_fd;
+    }
+
+    return fd;
+}
 
 SEC("uprobe/golang_crypto_tls_write")
 static int golang_crypto_tls_write_uprobe(struct pt_regs *ctx) {
@@ -63,6 +85,7 @@ static int golang_crypto_tls_write_uprobe(struct pt_regs *ctx) {
 
     info.buffer_len = GO_ABI_INTERNAL_PT_REGS_R2(ctx);
     info.buffer = (void*)GO_ABI_INTERNAL_PT_REGS_R4(ctx);
+    info.fd = get_fd_from_tcp_conn(ctx);
 
     long err = bpf_map_update_elem(&ssl_write_context, &pid_tgid, &info, BPF_ANY);
 
@@ -112,6 +135,7 @@ static int golang_crypto_tls_read_uprobe(struct pt_regs *ctx) {
 
     info.buffer_len = GO_ABI_INTERNAL_PT_REGS_R2(ctx);
     info.buffer = (void*)GO_ABI_INTERNAL_PT_REGS_R4(ctx);
+    info.fd = get_fd_from_tcp_conn(ctx);
 
     long err = bpf_map_update_elem(&ssl_read_context, &pid_tgid, &info, BPF_ANY);
 

tap/tlstapper/bpf/include/common.h

@@ -7,11 +7,13 @@ Copyright (C) UP9 Inc.
 #ifndef __COMMON__
 #define __COMMON__
 
-int get_count_bytes(struct pt_regs *ctx, struct ssl_info* info, __u64 id);
-int add_address_to_chunk(struct pt_regs *ctx, struct tls_chunk* chunk, __u64 id, __u32 fd);
-void send_chunk_part(struct pt_regs *ctx, __u8* buffer, __u64 id, struct tls_chunk* chunk, int start, int end);
-void send_chunk(struct pt_regs *ctx, __u8* buffer, __u64 id, struct tls_chunk* chunk);
-void output_ssl_chunk(struct pt_regs *ctx, struct ssl_info* info, int count_bytes, __u64 id, __u32 flags);
-struct ssl_info lookup_ssl_info(struct pt_regs *ctx, struct bpf_map_def* map_fd, __u64 pid_tgid);
+const int32_t invalid_fd = -1;
+
+static int get_count_bytes(struct pt_regs *ctx, struct ssl_info* info, __u64 id);
+static int add_address_to_chunk(struct pt_regs *ctx, struct tls_chunk* chunk, __u64 id, __u32 fd);
+static void send_chunk_part(struct pt_regs *ctx, __u8* buffer, __u64 id, struct tls_chunk* chunk, int start, int end);
+static void send_chunk(struct pt_regs *ctx, __u8* buffer, __u64 id, struct tls_chunk* chunk);
+static void output_ssl_chunk(struct pt_regs *ctx, struct ssl_info* info, int count_bytes, __u64 id, __u32 flags);
+static struct ssl_info lookup_ssl_info(struct pt_regs *ctx, struct bpf_map_def* map_fd, __u64 pid_tgid);
 
 #endif /* __COMMON__ */

tap/tlstapper/bpf/include/go_abi_internal.h

@@ -1,4 +1,9 @@
-/* SPDX-License-Identifier: (LGPL-2.1 OR BSD-2-Clause) */
+/*
+Note: This file is licenced differently from the rest of the project
+SPDX-License-Identifier: GPL-2.0
+Copyright (C) UP9 Inc.
+*/
+
 #ifndef __GOLANG_ABI_INTERNAL__
 #define __GOLANG_ABI_INTERNAL__
 

tap/tlstapper/bpf/include/go_types.h

@@ -0,0 +1,15 @@
+/*
+Note: This file is licenced differently from the rest of the project
+SPDX-License-Identifier: GPL-2.0
+Copyright (C) UP9 Inc.
+*/
+
+#ifndef __GOLANG_TYPES__
+#define __GOLANG_TYPES__
+
+struct go_interface {
+    int64_t type;
+    void* ptr;
+};
+
+#endif /* __GOLANG_TYPES__ */

tap/tlstapper/bpf/include/headers.h

@@ -8,6 +8,7 @@ Copyright (C) UP9 Inc.
 #define __HEADERS__
 
 #include <stddef.h>
+#include <stdint.h>
 #include <linux/bpf.h>
 #include <linux/ptrace.h>
 #include <bpf/bpf_helpers.h>

tap/tlstapper/bpf/openssl_uprobes.c

@@ -67,7 +67,7 @@ static __always_inline void ssl_uretprobe(struct pt_regs *ctx, struct bpf_map_de
 		return;
 	}
 	
-	if (info.fd == -1) {
+	if (info.fd == invalid_fd) {
 		log_error(ctx, LOG_ERROR_MISSING_FILE_DESCRIPTOR, id, 0l, 0l);
 		return;
 	}