aboutsummaryrefslogtreecommitdiffstats
path: root/listener/basefunc.go
diff options
context:
space:
mode:
authorWe-unite <3205135446@qq.com>2024-09-02 16:45:07 +0800
committerWe-unite <3205135446@qq.com>2024-09-02 16:45:07 +0800
commit08207d77be79afc6f75d1611726b92bdf622717f (patch)
tree918991217807ff18025b998407b87bcd31d4ddc3 /listener/basefunc.go
parentf9f8f35ccd8b505a827d40f95c52ed039512b79d (diff)
downloadgodo-dev.tar.gz
godo-dev.zip
Show filt result in tree&json, fix sth in listenerHEADmasterdev
In the listener, I change the order coroutines are started to avoid 'send on a closed channel'. Besides, the method to get syscall names and numbers are not so universial, so let's go back to check unistd.h. In the filter, the output is set to be written to ./log dir. Pid tree are shown in logs/tree.log, and detail info in pids.log, while file info in the logs/files.log. tree.log shows a tree just like `tree` command, the other two files are written in json. What's more, the flags while opening files are also checked ans showed in files.log.
Diffstat (limited to '')
-rw-r--r--listener/basefunc.go54
1 files changed, 30 insertions, 24 deletions
diff --git a/listener/basefunc.go b/listener/basefunc.go
index 2f39507..dcaf68a 100644
--- a/listener/basefunc.go
+++ b/listener/basefunc.go
@@ -4,46 +4,52 @@ import (
4 "bufio" 4 "bufio"
5 "fmt" 5 "fmt"
6 "os" 6 "os"
7 "os/exec"
8 "path/filepath" 7 "path/filepath"
8 "regexp"
9 "strconv" 9 "strconv"
10 "strings" 10 "strings"
11 "time" 11 "time"
12) 12)
13 13
14func figureOutSyscalls() error { 14func figureOutSyscalls() error {
15 cmd := exec.Command("ausyscall", "--dump") 15 var targetFile string
16 stdout, err := cmd.StdoutPipe() 16 err := filepath.Walk("/usr/include", func(path string, info os.FileInfo, err error) error {
17 if err != nil {
18 return err
19 }
20 if strings.HasSuffix(path, "asm/unistd_64.h") {
21 targetFile = path
22 return filepath.SkipDir // 找到后提前退出遍历
23 }
24 return nil
25 })
17 if err != nil { 26 if err != nil {
18 return err 27 return err
19 } 28 }
20 29
21 if err := cmd.Start(); err != nil { 30 // 如果没有找到目标文件
31 if targetFile == "" {
32 return fmt.Errorf("file asm/unistd_64.h not found in /usr/include")
33 }
34
35 NRRegex := regexp.MustCompile(`#define __NR_(.*?) (\d+)$`)
36 file, err := os.Open("/usr/include/asm/unistd_64.h")
37 if err != nil {
22 return err 38 return err
23 } 39 }
40 defer file.Close()
24 41
25 scanner := bufio.NewScanner(stdout) 42 scanner := bufio.NewScanner(file)
26 for i := 0; scanner.Scan(); i++ { 43 for scanner.Scan() {
27 if i == 0 {
28 continue
29 }
30 line := scanner.Text() 44 line := scanner.Text()
31 parts := strings.Split(line, "\t") 45 if NRRegex.MatchString(line) {
32 if len(parts) != 2 { 46 match := NRRegex.FindStringSubmatch(line)
33 return fmt.Errorf("invalid ausyscall format") 47 num, err := strconv.Atoi(match[2])
48 if err != nil {
49 return err
50 }
51 syscallTable[num] = match[1]
34 } 52 }
35 num, err := strconv.Atoi(parts[0])
36 if err != nil {
37 return err
38 }
39 syscallTable[num] = parts[1]
40 }
41
42 if err := scanner.Err(); err != nil {
43 return err
44 }
45 if err := cmd.Wait(); err != nil {
46 return err
47 } 53 }
48 return nil 54 return nil
49} 55}