Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Global variable inspection #14

Open
dylandreimerink opened this issue May 23, 2022 · 0 comments
Open

Global variable inspection #14

dylandreimerink opened this issue May 23, 2022 · 0 comments
Labels
enhancement New feature or request

Comments

@dylandreimerink
Copy link
Owner

This issue is similar to #13, yet still requires some different steps. Global variables are DW_TAG_variable tags typically directly underneath the DW_TAG_compile_unit. Clang will output tags for these but the DW_AT_location attributes all point to address 0x00 because it doesn't know about the "global variables in array maps" trick eBPF/Clang employs. So we should should use the BTF to discover in which maps ".rodata/.bss/.data" each variable lives, at which offset and the memory address of the map values. With all of that we should be able to get the raw bytes at runtime and decode them using the BTF to a C literal declaration format.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dylandreimerink