Skip to content

Commit

Permalink
feat(helpers): add argument parser for socketcall (#390)
Browse files Browse the repository at this point in the history
  • Loading branch information
@geyslan
geyslan authored Nov 23, 2023
1 parent b235fb5 commit 37c4b84
Showing 1 changed file with 100 additions and 2 deletions.
102 changes: 100 additions & 2 deletions helpers/argumentParsers.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -996,6 +996,104 @@ func ParsePtraceRequestArgument(rawValue uint64) (PtraceRequestArgument, error)
return 0, fmt.Errorf("not a valid ptrace request value: %d", rawValue)
}

type SocketcallCallArgument uint64

const (
SYS_SOCKET SocketcallCallArgument = iota + 1
SYS_BIND
SYS_CONNECT
SYS_LISTEN
SYS_ACCEPT
SYS_GETSOCKNAME
SYS_GETPEERNAME
SYS_SOCKETPAIR
SYS_SEND
SYS_RECV
SYS_SENDTO
SYS_RECVFROM
SYS_SHUTDOWN
SYS_SETSOCKOPT
SYS_GETSOCKOPT
SYS_SENDMSG
SYS_RECVMSG
SYS_ACCEPT4
SYS_RECVMMSG
SYS_SENDMMSG
)

func (s SocketcallCallArgument) Value() uint64 {
return uint64(s)
}

var socketcallCallStringMap = map[SocketcallCallArgument]string{
SYS_SOCKET: "SYS_SOCKET",
SYS_BIND: "SYS_BIND",
SYS_CONNECT: "SYS_CONNECT",
SYS_LISTEN: "SYS_LISTEN",
SYS_ACCEPT: "SYS_ACCEPT",
SYS_GETSOCKNAME: "SYS_GETSOCKNAME",
SYS_GETPEERNAME: "SYS_GETPEERNAME",
SYS_SOCKETPAIR: "SYS_SOCKETPAIR",
SYS_SEND: "SYS_SEND",
SYS_RECV: "SYS_RECV",
SYS_SENDTO: "SYS_SENDTO",
SYS_RECVFROM: "SYS_RECVFROM",
SYS_SHUTDOWN: "SYS_SHUTDOWN",
SYS_SETSOCKOPT: "SYS_SETSOCKOPT",
SYS_GETSOCKOPT: "SYS_GETSOCKOPT",
SYS_SENDMSG: "SYS_SENDMSG",
SYS_RECVMSG: "SYS_RECVMSG",
SYS_ACCEPT4: "SYS_ACCEPT4",
SYS_RECVMMSG: "SYS_RECVMMSG",
SYS_SENDMMSG: "SYS_SENDMMSG",
}

func (s SocketcallCallArgument) String() string {
var res string

if sdName, ok := socketcallCallStringMap[s]; ok {
res = sdName
} else {
res = strconv.Itoa(int(s))
}

return res
}

var socketcallCallMap = map[uint64]SocketcallCallArgument{
SYS_SOCKET.Value(): SYS_SOCKET,
SYS_BIND.Value(): SYS_BIND,
SYS_CONNECT.Value(): SYS_CONNECT,
SYS_LISTEN.Value(): SYS_LISTEN,
SYS_ACCEPT.Value(): SYS_ACCEPT,
SYS_GETSOCKNAME.Value(): SYS_GETSOCKNAME,
SYS_GETPEERNAME.Value(): SYS_GETPEERNAME,
SYS_SOCKETPAIR.Value(): SYS_SOCKETPAIR,
SYS_SEND.Value(): SYS_SEND,
SYS_RECV.Value(): SYS_RECV,
SYS_SENDTO.Value(): SYS_SENDTO,
SYS_RECVFROM.Value(): SYS_RECVFROM,
SYS_SHUTDOWN.Value(): SYS_SHUTDOWN,
SYS_SETSOCKOPT.Value(): SYS_SETSOCKOPT,
SYS_GETSOCKOPT.Value(): SYS_GETSOCKOPT,
SYS_SENDMSG.Value(): SYS_SENDMSG,
SYS_RECVMSG.Value(): SYS_RECVMSG,
SYS_ACCEPT4.Value(): SYS_ACCEPT4,
SYS_RECVMMSG.Value(): SYS_RECVMMSG,
SYS_SENDMMSG.Value(): SYS_SENDMMSG,
}

// ParseSocketcallCall parses the `call` argument of the `socketcall` syscall
// http://man7.org/linux/man-pages/man2/socketcall.2.html
// https://elixir.bootlin.com/linux/latest/source/include/uapi/linux/net.h
func ParseSocketcallCall(rawValue uint64) (SocketcallCallArgument, error) {
if v, ok := socketcallCallMap[rawValue]; ok {
return v, nil
}

return 0, fmt.Errorf("not a valid socketcall call value: %d", rawValue)
}

type SocketDomainArgument uint64

const (
Expand Down Expand Up @@ -1096,8 +1194,6 @@ var socketDomainStringMap = map[SocketDomainArgument]string{
AF_XDP: "AF_XDP",
}

// String parses the `domain` bitmask argument of the `socket` syscall
// http://man7.org/linux/man-pages/man2/socket.2.html
func (s SocketDomainArgument) String() string {
var res string

Expand Down Expand Up @@ -1158,6 +1254,8 @@ var socketDomainMap = map[uint64]SocketDomainArgument{
AF_XDP.Value(): AF_XDP,
}

// ParseSocketDomainArgument parses the `domain` bitmask argument of the `socket` syscall
// http://man7.org/linux/man-pages/man2/socket.2.html
func ParseSocketDomainArgument(rawValue uint64) (SocketDomainArgument, error) {
v, ok := socketDomainMap[rawValue]
if !ok {
Expand Down

0 comments on commit 37c4b84

Please sign in to comment.