mirror of
https://github.com/kubeshark/kubeshark.git
synced 2025-08-08 03:54:18 +00:00
Generate tlsTapperChunkType type (enum) as well
This commit is contained in:
M. Mert Yildiran
parent
71c4b592e8
commit
c94821b9d2
@ -45,7 +45,7 @@ static __always_inline int golang_crypto_tls_write_uprobe(struct pt_regs *ctx) {
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
chunk->type = Golang_type;
|
chunk->type = golang_type;
|
||||||
chunk->pid = pid;
|
chunk->pid = pid;
|
||||||
chunk->fd = s->fd;
|
chunk->fd = s->fd;
|
||||||
// ctx->rsi is common between golang_crypto_tls_write_uprobe and golang_crypto_tls_read_uprobe
|
// ctx->rsi is common between golang_crypto_tls_write_uprobe and golang_crypto_tls_read_uprobe
|
||||||
@ -91,7 +91,7 @@ static __always_inline int golang_crypto_tls_read_uprobe(struct pt_regs *ctx) {
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
chunk->type = Golang_type;
|
chunk->type = golang_type;
|
||||||
chunk->pid = pid;
|
chunk->pid = pid;
|
||||||
// ctx->rsi is common between golang_crypto_tls_write_uprobe and golang_crypto_tls_read_uprobe
|
// ctx->rsi is common between golang_crypto_tls_write_uprobe and golang_crypto_tls_read_uprobe
|
||||||
chunk->flags = ctx->rsi; // go.itab.*net.TCPConn,net.Conn address
|
chunk->flags = ctx->rsi; // go.itab.*net.TCPConn,net.Conn address
|
||||||
|
|||||||
@ -21,9 +21,9 @@ Copyright (C) UP9 Inc.
|
|||||||
#define MAX_ENTRIES_LRU_HASH (1 << 14) // 16384
|
#define MAX_ENTRIES_LRU_HASH (1 << 14) // 16384
|
||||||
#define MAX_ENTRIES_RINGBUFF (1 << 24) // 16777216
|
#define MAX_ENTRIES_RINGBUFF (1 << 24) // 16777216
|
||||||
|
|
||||||
enum ChunkType {
|
enum chunk_type {
|
||||||
OpenSSL_type=1,
|
openssl_type=1,
|
||||||
Golang_type=2,
|
golang_type=2,
|
||||||
};
|
};
|
||||||
|
|
||||||
// The same struct can be found in chunk.go
|
// The same struct can be found in chunk.go
|
||||||
@ -38,7 +38,7 @@ struct tls_chunk {
|
|||||||
__u32 recorded;
|
__u32 recorded;
|
||||||
__u32 fd;
|
__u32 fd;
|
||||||
__u32 flags;
|
__u32 flags;
|
||||||
enum ChunkType type;
|
enum chunk_type type;
|
||||||
bool is_request;
|
bool is_request;
|
||||||
__u8 address[16];
|
__u8 address[16];
|
||||||
__u8 data[CHUNK_SIZE]; // Must be N^2
|
__u8 data[CHUNK_SIZE]; // Must be N^2
|
||||||
|
|||||||
@ -132,7 +132,7 @@ static __always_inline void output_ssl_chunk(struct pt_regs *ctx, struct ssl_inf
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
chunk->type = OpenSSL_type;
|
chunk->type = openssl_type;
|
||||||
chunk->flags = flags;
|
chunk->flags = flags;
|
||||||
chunk->pid = id >> 32;
|
chunk->pid = id >> 32;
|
||||||
chunk->tgid = id;
|
chunk->tgid = id;
|
||||||
|
|||||||
@ -94,7 +94,7 @@ func (p *tlsPoller) pollSsllib(emitter api.Emitter, options *api.TrafficFilterin
|
|||||||
chunks := make(chan *tlsTapperTlsChunk)
|
chunks := make(chan *tlsTapperTlsChunk)
|
||||||
|
|
||||||
go p.pollChunksPerfBuffer(chunks)
|
go p.pollChunksPerfBuffer(chunks)
|
||||||
go p.pollSysClose(p.sysCloses)
|
go p.pollSysClosesPerfBuffer(p.sysCloses)
|
||||||
|
|
||||||
for {
|
for {
|
||||||
select {
|
select {
|
||||||
@ -104,11 +104,11 @@ func (p *tlsPoller) pollSsllib(emitter api.Emitter, options *api.TrafficFilterin
|
|||||||
}
|
}
|
||||||
|
|
||||||
switch chunk.Type {
|
switch chunk.Type {
|
||||||
case 1:
|
case tlsTapperChunkTypeOpensslType:
|
||||||
if err := p.handleOpenSslTlsChunk(chunk, p.extension, emitter, options, streamsMap); err != nil {
|
if err := p.handleOpensslTlsChunk(chunk, p.extension, emitter, options, streamsMap); err != nil {
|
||||||
LogError(err)
|
LogError(err)
|
||||||
}
|
}
|
||||||
case 2:
|
case tlsTapperChunkTypeGolangType:
|
||||||
if err := p.handleGolangTlsChunk(chunk, emitter, options, streamsMap); err != nil {
|
if err := p.handleGolangTlsChunk(chunk, emitter, options, streamsMap); err != nil {
|
||||||
LogError(err)
|
LogError(err)
|
||||||
}
|
}
|
||||||
@ -178,7 +178,7 @@ func (p *tlsPoller) handleGolangTlsChunk(chunk *tlsTapperTlsChunk, emitter api.E
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (p *tlsPoller) pollSysClose(rd *perf.Reader) {
|
func (p *tlsPoller) pollSysClosesPerfBuffer(rd *perf.Reader) {
|
||||||
nativeEndian := p.getByteOrder()
|
nativeEndian := p.getByteOrder()
|
||||||
// tlsTapperSysClose is generated by bpf2go.
|
// tlsTapperSysClose is generated by bpf2go.
|
||||||
var b tlsTapperSysClose
|
var b tlsTapperSysClose
|
||||||
@ -248,7 +248,7 @@ func (p *tlsPoller) pollChunksPerfBuffer(chunks chan<- *tlsTapperTlsChunk) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (p *tlsPoller) handleOpenSslTlsChunk(chunk *tlsTapperTlsChunk, extension *api.Extension, emitter api.Emitter,
|
func (p *tlsPoller) handleOpensslTlsChunk(chunk *tlsTapperTlsChunk, extension *api.Extension, emitter api.Emitter,
|
||||||
options *api.TrafficFilteringOptions, streamsMap api.TcpStreamMap) error {
|
options *api.TrafficFilteringOptions, streamsMap api.TcpStreamMap) error {
|
||||||
address, err := p.getSockfdAddressPair(chunk)
|
address, err := p.getSockfdAddressPair(chunk)
|
||||||
|
|
||||||
|
|||||||
@ -12,7 +12,7 @@ import (
|
|||||||
|
|
||||||
const GLOABL_TAP_PID = 0
|
const GLOABL_TAP_PID = 0
|
||||||
|
|
||||||
//go:generate go run github.com/cilium/ebpf/cmd/bpf2go@0d0727ef53e2f53b1731c73f4c61e0f58693083a -type tls_chunk -type sys_close tlsTapper bpf/tls_tapper.c -- -O2 -g -D__TARGET_ARCH_x86
|
//go:generate go run github.com/cilium/ebpf/cmd/bpf2go@0d0727ef53e2f53b1731c73f4c61e0f58693083a -type chunk_type -type tls_chunk -type sys_close tlsTapper bpf/tls_tapper.c -- -O2 -g -D__TARGET_ARCH_x86
|
||||||
|
|
||||||
type TlsTapper struct {
|
type TlsTapper struct {
|
||||||
bpfObjects tlsTapperObjects
|
bpfObjects tlsTapperObjects
|
||||||
|
|||||||
@ -13,6 +13,13 @@ import (
|
|||||||
"github.com/cilium/ebpf"
|
"github.com/cilium/ebpf"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
type tlsTapperChunkType int32
|
||||||
|
|
||||||
|
const (
|
||||||
|
tlsTapperChunkTypeOpensslType tlsTapperChunkType = 1
|
||||||
|
tlsTapperChunkTypeGolangType tlsTapperChunkType = 2
|
||||||
|
)
|
||||||
|
|
||||||
type tlsTapperSysClose struct{ Fd uint32 }
|
type tlsTapperSysClose struct{ Fd uint32 }
|
||||||
|
|
||||||
type tlsTapperTlsChunk struct {
|
type tlsTapperTlsChunk struct {
|
||||||
@ -23,7 +30,7 @@ type tlsTapperTlsChunk struct {
|
|||||||
Recorded uint32
|
Recorded uint32
|
||||||
Fd uint32
|
Fd uint32
|
||||||
Flags uint32
|
Flags uint32
|
||||||
Type int32
|
Type tlsTapperChunkType
|
||||||
IsRequest bool
|
IsRequest bool
|
||||||
Address [16]uint8
|
Address [16]uint8
|
||||||
Data [4096]uint8
|
Data [4096]uint8
|
||||||
|
|||||||
Binary file not shown.
@ -13,6 +13,13 @@ import (
|
|||||||
"github.com/cilium/ebpf"
|
"github.com/cilium/ebpf"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
type tlsTapperChunkType int32
|
||||||
|
|
||||||
|
const (
|
||||||
|
tlsTapperChunkTypeOpensslType tlsTapperChunkType = 1
|
||||||
|
tlsTapperChunkTypeGolangType tlsTapperChunkType = 2
|
||||||
|
)
|
||||||
|
|
||||||
type tlsTapperSysClose struct{ Fd uint32 }
|
type tlsTapperSysClose struct{ Fd uint32 }
|
||||||
|
|
||||||
type tlsTapperTlsChunk struct {
|
type tlsTapperTlsChunk struct {
|
||||||
@ -23,7 +30,7 @@ type tlsTapperTlsChunk struct {
|
|||||||
Recorded uint32
|
Recorded uint32
|
||||||
Fd uint32
|
Fd uint32
|
||||||
Flags uint32
|
Flags uint32
|
||||||
Type int32
|
Type tlsTapperChunkType
|
||||||
IsRequest bool
|
IsRequest bool
|
||||||
Address [16]uint8
|
Address [16]uint8
|
||||||
Data [4096]uint8
|
Data [4096]uint8
|
||||||
|
|||||||
Binary file not shown.
Loading…
Reference in New Issue
Block a user