From ba2738b7a414ea0e5fb6c1bfca591ef000931f95 Mon Sep 17 00:00:00 2001
From: "M. Mert Yildiran" <mehmet@up9.com>
Date: Wed, 8 Jun 2022 07:20:23 +0300
Subject: [PATCH] Add more comments

---
 tap/tlstapper/bpf/golang_uprobes.c |  10 +++++++++-
 tap/tlstapper/tlstapper_bpfeb.o    | Bin 152664 -> 152664 bytes
 tap/tlstapper/tlstapper_bpfel.o    | Bin 153480 -> 153480 bytes
 3 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/tap/tlstapper/bpf/golang_uprobes.c b/tap/tlstapper/bpf/golang_uprobes.c
index 6476d1b66..dbea1751c 100644
--- a/tap/tlstapper/bpf/golang_uprobes.c
+++ b/tap/tlstapper/bpf/golang_uprobes.c
@@ -4,6 +4,7 @@ SPDX-License-Identifier: GPL-2.0
 Copyright (C) UP9 Inc.
 
 
+---
 
 README
 
@@ -18,6 +19,12 @@ If stack size exceeds 2Kb, Go runtime reallocates the stack. That causes the
 return address to become wrong in case of `uretprobe` and probed Go program crashes.
 Therefore `uretprobe` CAN'T BE USED for a Go program.
 
+`golang_crypto_tls_read_uprobe` suppose to be `uretprobe` is actually a `uprobe` because of the ABI problems
+and we probe an arbitrary point in a function body (offset +559):
+https://github.com/golang/go/blob/go1.17.6/src/crypto/tls/conn.go#L1296
+Therefore `golang_crypto_tls_read_uprobe` is fragile any changes in `crypto/tls` library
+and it's only tested on x86-64.
+
 ---
 
 SOURCES:
@@ -28,7 +35,8 @@ x86 calling conventions: https://en.wikipedia.org/wiki/X86_calling_conventions
 Plan 9 from Bell Labs: https://en.wikipedia.org/wiki/Plan_9_from_Bell_Labs
 The issue for calling convention change in Go: https://github.com/golang/go/issues/40724
 Proposal of Register-based Go calling convention: https://go.googlesource.com/proposal/+/master/design/40724-register-calling.md
-Go internal ABI (1.17+) specification: https://go.googlesource.com/go/+/refs/heads/dev.regabi/src/cmd/compile/internal-abi.md
+Go internal ABI (1.17) specification: https://go.googlesource.com/go/+/refs/heads/dev.regabi/src/cmd/compile/internal-abi.md
+Go internal ABI (current) specification: https://go.googlesource.com/go/+/refs/heads/master/src/cmd/compile/abi-internal.md
 A Quick Guide to Go's Assembler: https://go.googlesource.com/go/+/refs/heads/dev.regabi/doc/asm.html
 */
 
diff --git a/tap/tlstapper/tlstapper_bpfeb.o b/tap/tlstapper/tlstapper_bpfeb.o
index 5e682c7878c32fc3de79dbc3cc2c92737e8ba033..27814d0ea432af3ca80e83d4e8976d9ebc3d7dea 100644
GIT binary patch
delta 562
zcmZ9IF-QV&7{%Yq2E|3~sw0TpYG`pu5s3?g0!x<$p)i{pY6>@RXfP03f^%$WaI+w|
zu_<T@M~4Q7hG>>>km&oozjSnP!|(sT$M?NA=*9-!nES-_Qf2`8qCnyiNXCHoC1E?n
zapAP#JTUaCCH9gZG79ldZI{5vxA%F%=42U&%<M0~WKno#pMY2q-Y`Dpq;Sr#&a1x~
zaB2&TCWIRS$DYB2?2WiazXq+Wa0{6KlK%(Z_W_+bT3)Wq3e$e8%yV+nA6J--XJk(}
zD+`)c7MScTXja>B9(26=5qqaa&H5TVFWi8KYr=iQZ(w~_c=%8M4C$8W<AAMIuu+5r
z3C;T#$8v4c)$DTP^qd#a)$SbQI|Hw@yS)%=ch%6m`Wr@XgKh1u6R>u7tKHoNoRaQ3
d+FkdryX_ix*zw$&9CPpYYg*ld@6>6JegXL{W+4Co

delta 562
zcmZ9IF-SsD6o&tk4Lxk|nU#c*Lr|*_DGu?1pup1gL18awE2tsjZ8|h41hu`!MmGt9
z*AUc@&=d|0Z*XvwrUnUzh|cj|>CuHdeD|FHp7Z}f!w4Ei^`4drnFsKh0AhE5X#kHi
z%*hZ(nbVr{z_Vu;sA;}%D+2v|4!rxxZQ7?wXBLQz<Sn2x%{-ES1Km01Wvvr7nRA+@
zU-Y)(_$ttgF}sS5C*YIkMyk4A2l`p&8ZiFB_XpnB4q0R9d$}T&2!5?dCq$F}phVed
zhW844rIdK(0opsI#49%qIS)#E&Mq|%7RBqUdY-xhtt>FNHNSzZP3G>udM{K@aDAXS
zF%Pmg0McWJ|M{nTylur1?>W_Hwm^<#XKCFL=uooT3bABohx$eD>iQ+<ShBlO%-PYI
kWOu7LUI)37UE?piwKA=f>s8CV%!S`BOLW)1<xsN!3%1W^I{*Lx

diff --git a/tap/tlstapper/tlstapper_bpfel.o b/tap/tlstapper/tlstapper_bpfel.o
index 3b816b587ab441096e77fcec6ede74b44e8d0555..7858e50cf061bff649c8a3ea19fec3ae1d43625d 100644
GIT binary patch
delta 562
zcmZ9IF-SsD7=_QN1|Kf()iX<oT%v}CTr#3T!LUh_qA`861QBl0rbCc{U_<cSYG`PC
z2EiShf~II}XmDtVW`_o;exFx)Hr(O+&-w4Y=hQr-<{8xo?&T71KnTFS2^bbI{SM3o
zI4m63ye@jI?Vji8Ss#FG`fDdL-t4Gso<&x=Vju6%pJW~pUees{t%FzzuqB)d_@m-4
zX<nTK%n(u4{AkD*O`@jxLiD6fTnc|p06%ivg#y!KHr>MlbBrrhV3}N2i#tq)6KfpJ
zx<N?nVfL`_AiJM6<u>-|IT_+v+Zt2A{4VjT`9(NeBHI7-&wy@={;he=1~RAeEc?&)
z?^D-B=2@wZb`cTY(pisWFLp+32iOuGbk*xRD*i!Nb@7{Z;zs-Z?yiVC&3<=Hq9r`+
Z?$}|PP1keeGq>v3=~dTK<pa)k{s1WxX7&I8

delta 562
zcmY+AAxJ|}7=_PKgO3^ZbaQhkE+`ruhy&9G%1oO>5R=<OgP^h^vbF`m3BuN1)M$GO
z!ZipQ6ii|;7z{=+85Rtp{_lC;cnddt|2g;G|D1+nG#sOT$<=)73g`!L5e5ts7`_JL
z0S*Z#HP4HlxU~=Sbj&;8MUVGoy!fng1(sNQ6?^ahbN4cj3QuePcCWtyGXXY*GXZ~0
z{AJB^gFyHlsB6A4WW`UQq4`MkbQ@?1fAj%Aa_q?>vpsFtTSevxrHZVO18Qo8=};=p
z?yRGP#O`Dd3H#Z-tVz4MPRE)c9<;4F1dPuTPnsWva~VQnc+dE{tnIO@M@0Y9JQe{K
z*5q3T{pzH|0&8V<brBU_(pk6VUSgA24zMZgcja~+6TjcpvG~I~#Hsds-R%))n!WC-
d#JO;%yIqS}R&B?UWe(J@<yO~Hl?{%x{{ZKaXb=DZ