github.com/Serizao/go-winio@v0.0.0-20230906082528-f02f7f4ad6e8/pkg/etw/eventdescriptor.go

github.com/Serizao/go-winio@v0.0.0-20230906082528-f02f7f4ad6e8/pkg/etw/eventdescriptor.go (about)

     1  package etw
     2  
     3  import "fmt"
     4  
     5  // Channel represents the ETW logging channel that is used. It can be used by
     6  // event consumers to give an event special treatment.
     7  type Channel uint8
     8  
     9  const (
    10  	// ChannelTraceLogging is the default channel for TraceLogging events. It is
    11  	// not required to be used for TraceLogging, but will prevent decoding
    12  	// issues for these events on older operating systems.
    13  	ChannelTraceLogging Channel = 11
    14  )
    15  
    16  // Level represents the ETW logging level. There are several predefined levels
    17  // that are commonly used, but technically anything from 0-255 is allowed.
    18  // Lower levels indicate more important events, and 0 indicates an event that
    19  // will always be collected.
    20  type Level uint8
    21  
    22  var _ fmt.Stringer = Level(0)
    23  
    24  // Predefined ETW log levels from winmeta.xml in the Windows SDK.
    25  //
    26  //go:generate go run golang.org/x/tools/cmd/stringer -type=Level -trimprefix=Level
    27  const (
    28  	LevelAlways Level = iota
    29  	LevelCritical
    30  	LevelError
    31  	LevelWarning
    32  	LevelInfo
    33  	LevelVerbose
    34  )
    35  
    36  // Opcode represents the operation that the event indicates is being performed.
    37  type Opcode uint8
    38  
    39  var _ fmt.Stringer = Opcode(0)
    40  
    41  // Predefined ETW opcodes from winmeta.xml in the Windows SDK.
    42  //
    43  //go:generate go run golang.org/x/tools/cmd/stringer -type=Opcode -trimprefix=Opcode
    44  const (
    45  	// OpcodeInfo indicates an informational event.
    46  	OpcodeInfo Opcode = iota
    47  	// OpcodeStart indicates the start of an operation.
    48  	OpcodeStart
    49  	// OpcodeStop indicates the end of an operation.
    50  	OpcodeStop
    51  	// OpcodeDCStart indicates the start of a provider capture state operation.
    52  	OpcodeDCStart
    53  	// OpcodeDCStop indicates the end of a provider capture state operation.
    54  	OpcodeDCStop
    55  )
    56  
    57  // eventDescriptor represents various metadata for an ETW event.
    58  type eventDescriptor struct {
    59  	id      uint16
    60  	version uint8
    61  	channel Channel
    62  	level   Level
    63  	opcode  Opcode
    64  	task    uint16
    65  	keyword uint64
    66  }
    67  
    68  // newEventDescriptor returns an EventDescriptor initialized for use with
    69  // TraceLogging.
    70  func newEventDescriptor() *eventDescriptor {
    71  	// Standard TraceLogging events default to the TraceLogging channel, and
    72  	// verbose level.
    73  	return &eventDescriptor{
    74  		channel: ChannelTraceLogging,
    75  		level:   LevelVerbose,
    76  	}
    77  }
    78  
    79  // identity returns the identity of the event. If the identity is not 0, it
    80  // should uniquely identify the other event metadata (contained in
    81  // EventDescriptor, and field metadata). Only the lower 24 bits of this value
    82  // are relevant.
    83  //
    84  //nolint:unused // keep for future use
    85  func (ed *eventDescriptor) identity() uint32 {
    86  	return (uint32(ed.version) << 16) | uint32(ed.id)
    87  }
    88  
    89  // setIdentity sets the identity of the event. If the identity is not 0, it
    90  // should uniquely identify the other event metadata (contained in
    91  // EventDescriptor, and field metadata). Only the lower 24 bits of this value
    92  // are relevant.
    93  //
    94  //nolint:unused // keep for future use
    95  func (ed *eventDescriptor) setIdentity(identity uint32) {
    96  	ed.id = uint16(identity)
    97  	ed.version = uint8(identity >> 16)
    98  }