Add the badname.stp example

This is a toy script I wrote a while back to demonstrate how SystemTap
could be used to enforce filesystem naming rules.

6 files changed, 82 insertions, 1 deletions

diff --git a/testsuite/systemtap.examples/general/badname.meta b/testsuite/systemtap.examples/general/badname.meta
new file mode 100644
index 00000000..9b4e7390
--- /dev/null
+++ b/testsuite/systemtap.examples/general/badname.meta
@@ -0,0 +1,13 @@
+title: Bad Filename Filter
+name: badname.stp
+version: 1.0
+keywords: filesystem hack
+author: Josh Stone
+subsystem: filesystem
+status: experimental
+exit: user-controlled
+output: none
+scope: system-wide
+description: The badname.stp script shows how one could prevent the creation of files with undesirable names.
+test_check: stap -p4 badname.stp
+test_installcheck: stap badname.stp -c "sleep 0.2"
diff --git a/testsuite/systemtap.examples/general/badname.stp b/testsuite/systemtap.examples/general/badname.stp
new file mode 100755
index 00000000..153e08c5
--- /dev/null
+++ b/testsuite/systemtap.examples/general/badname.stp
@@ -0,0 +1,28 @@
+#!/usr/bin/stap -g
+# badname.stp
+# Prevent the creation of files with undesirable names.
+# Source: http://blog.cuviper.com/2009/04/08/hacking-linux-filenames/
+
+# return non-zero if the filename should be blocked
+function filter:long (name:string)
+{
+  return euid() && isinstr(name, "XXX")
+}
+
+global squash_inode_permission
+probe kernel.function("may_create@fs/namei.c")
+{
+  # screen out the conditions which may_create will fail anyway
+  if ($child->d_inode || $dir->i_flags & 16) next
+
+  # check that the new file meets our naming rules
+  if (filter(kernel_string($child->d_name->name)))
+    squash_inode_permission[tid()] = 1
+}
+probe kernel.function("inode_permission@fs/namei.c").return !,
+      kernel.function("permission@fs/namei.c").return
+{
+  if (!$return && squash_inode_permission[tid()])
+    $return = -13 # -EACCES (Permission denied)
+  delete squash_inode_permission[tid()]
+}
diff --git a/testsuite/systemtap.examples/index.html b/testsuite/systemtap.examples/index.html
index 203bc5d4..cd2faadb 100644
--- a/testsuite/systemtap.examples/index.html
+++ b/testsuite/systemtap.examples/index.html
@@ -46,6 +46,9 @@ keywords: <a href="keyword-index.html#FORMAT">FORMAT</a> <br>
 <li><a href="general/ansi_colors2.stp">general/ansi_colors2.stp</a> - Show Attribues in Table for ansi_set_color3()<br>
 keywords: <a href="keyword-index.html#FORMAT">FORMAT</a> <br>
 <p>The script prints a table showing the available attributes (bold, underline, and inverse) with color combinations for the ans_set_color3() function in the ansi.stp tapset.</p></li>
+<li><a href="general/badname.stp">general/badname.stp</a> - Bad Filename Filter<br>
+keywords: <a href="keyword-index.html#FILESYSTEM">FILESYSTEM</a> <a href="keyword-index.html#HACK">HACK</a> <br>
+<p>The badname.stp script shows how one could prevent the creation of files with undesirable names.</p></li>
 <li><a href="general/graphs.stp">general/graphs.stp</a> - Graphing Disk and CPU Utilization<br>
 keywords: <a href="keyword-index.html#DISK">DISK</a> <a href="keyword-index.html#CPU">CPU</a> <a href="keyword-index.html#USE">USE</a> <a href="keyword-index.html#GRAPH">GRAPH</a> <br>
 <p>The script tracks the disk and CPU utilization. The resulting output of the script can be piped into gnuplot to generate a graph of disk and CPU USE.</p></li>
diff --git a/testsuite/systemtap.examples/index.txt b/testsuite/systemtap.examples/index.txt
index 20b4da4f..2e096ab1 100644
--- a/testsuite/systemtap.examples/index.txt
+++ b/testsuite/systemtap.examples/index.txt
@@ -17,6 +17,13 @@ keywords: format
   ans_set_color3() function in the ansi.stp tapset.
 
 
+general/badname.stp - Bad Filename Filter
+keywords: filesystem hack
+
+  The badname.stp script shows how one could prevent the creation of
+  files with undesirable names.
+
+
 general/graphs.stp - Graphing Disk and CPU Utilization
 keywords: disk cpu use graph
 
diff --git a/testsuite/systemtap.examples/keyword-index.html b/testsuite/systemtap.examples/keyword-index.html
index b59ce4a8..fe8fcc4e 100644
--- a/testsuite/systemtap.examples/keyword-index.html
+++ b/testsuite/systemtap.examples/keyword-index.html
@@ -39,7 +39,7 @@
          	</ul>
 
 <h2>Examples by Keyword</h2>
-<p><tt><a href="#AUTOFS">AUTOFS</a> <a href="#BACKTRACE">BACKTRACE</a> <a href="#BUFFER">BUFFER</a> <a href="#CALLGRAPH">CALLGRAPH</a> <a href="#CPU">CPU</a> <a href="#DEVICE">DEVICE</a> <a href="#DISK">DISK</a> <a href="#FORMAT">FORMAT</a> <a href="#FREE">FREE</a> <a href="#FUNCTIONS">FUNCTIONS</a> <a href="#FUTEX">FUTEX</a> <a href="#GRAPH">GRAPH</a> <a href="#INTERRUPT">INTERRUPT</a> <a href="#IO">IO</a> <a href="#LOCKING">LOCKING</a> <a href="#MEMORY">MEMORY</a> <a href="#MONITOR">MONITOR</a> <a href="#NETWORK">NETWORK</a> <a href="#NFS">NFS</a> <a href="#NUMA">NUMA</a> <a href="#PER-PROCESS">PER-PROCESS</a> <a href="#PROCESS">PROCESS</a> <a href="#PROFILING">PROFILING</a> <a href="#READ">READ</a> <a href="#SCHEDULER">SCHEDULER</a> <a href="#SCSI">SCSI</a> <a href="#SIGNALS">SIGNALS</a> <a href="#SIMPLE">SIMPLE</a> <a href="#SLEEP">SLEEP</a> <a href="#SOCKET">SOCKET</a> <a href="#STATISTICS">STATISTICS</a> <a href="#SYSCALL">SYSCALL</a> <a href="#TCP">TCP</a> <a href="#TIME">TIME</a> <a href="#TRACE">TRACE</a> <a href="#TRACEPOINT">TRACEPOINT</a> <a href="#TRAFFIC">TRAFFIC</a> <a href="#TTY">TTY</a> <a href="#USE">USE</a> <a href="#WAIT4">WAIT4</a> <a href="#WRITE">WRITE</a> </tt></p>
+<p><tt><a href="#AUTOFS">AUTOFS</a> <a href="#BACKTRACE">BACKTRACE</a> <a href="#BUFFER">BUFFER</a> <a href="#CALLGRAPH">CALLGRAPH</a> <a href="#CPU">CPU</a> <a href="#DEVICE">DEVICE</a> <a href="#DISK">DISK</a> <a href="#FILESYSTEM">FILESYSTEM</a> <a href="#FORMAT">FORMAT</a> <a href="#FREE">FREE</a> <a href="#FUNCTIONS">FUNCTIONS</a> <a href="#FUTEX">FUTEX</a> <a href="#GRAPH">GRAPH</a> <a href="#HACK">HACK</a> <a href="#INTERRUPT">INTERRUPT</a> <a href="#IO">IO</a> <a href="#LOCKING">LOCKING</a> <a href="#MEMORY">MEMORY</a> <a href="#MONITOR">MONITOR</a> <a href="#NETWORK">NETWORK</a> <a href="#NFS">NFS</a> <a href="#NUMA">NUMA</a> <a href="#PER-PROCESS">PER-PROCESS</a> <a href="#PROCESS">PROCESS</a> <a href="#PROFILING">PROFILING</a> <a href="#READ">READ</a> <a href="#SCHEDULER">SCHEDULER</a> <a href="#SCSI">SCSI</a> <a href="#SIGNALS">SIGNALS</a> <a href="#SIMPLE">SIMPLE</a> <a href="#SLEEP">SLEEP</a> <a href="#SOCKET">SOCKET</a> <a href="#STATISTICS">STATISTICS</a> <a href="#SYSCALL">SYSCALL</a> <a href="#TCP">TCP</a> <a href="#TIME">TIME</a> <a href="#TRACE">TRACE</a> <a href="#TRACEPOINT">TRACEPOINT</a> <a href="#TRAFFIC">TRAFFIC</a> <a href="#TTY">TTY</a> <a href="#USE">USE</a> <a href="#WAIT4">WAIT4</a> <a href="#WRITE">WRITE</a> </tt></p>
 <h3><a name="AUTOFS">AUTOFS</a></h3>
 <ul>
 <li><a href="network/autofs4.stp">network/autofs4.stp</a> - Watch autofs4 operations<br>
@@ -94,6 +94,12 @@ keywords: <a href="keyword-index.html#DISK">DISK</a> <a href="keyword-index.html
 keywords: <a href="keyword-index.html#DISK">DISK</a> <br>
 <p>Get the status of reading/writing disk every 5 seconds, output top ten entries during that period.</p></li>
 </ul>
+<h3><a name="FILESYSTEM">FILESYSTEM</a></h3>
+<ul>
+<li><a href="general/badname.stp">general/badname.stp</a> - Bad Filename Filter<br>
+keywords: <a href="keyword-index.html#FILESYSTEM">FILESYSTEM</a> <a href="keyword-index.html#HACK">HACK</a> <br>
+<p>The badname.stp script shows how one could prevent the creation of files with undesirable names.</p></li>
+</ul>
 <h3><a name="FORMAT">FORMAT</a></h3>
 <ul>
 <li><a href="general/ansi_colors.stp">general/ansi_colors.stp</a> - Color Table for ansi_set_color2() and ansi_set_color3()<br>
@@ -127,6 +133,12 @@ keywords: <a href="keyword-index.html#SYSCALL">SYSCALL</a> <a href="keyword-inde
 keywords: <a href="keyword-index.html#DISK">DISK</a> <a href="keyword-index.html#CPU">CPU</a> <a href="keyword-index.html#USE">USE</a> <a href="keyword-index.html#GRAPH">GRAPH</a> <br>
 <p>The script tracks the disk and CPU utilization. The resulting output of the script can be piped into gnuplot to generate a graph of disk and CPU USE.</p></li>
 </ul>
+<h3><a name="HACK">HACK</a></h3>
+<ul>
+<li><a href="general/badname.stp">general/badname.stp</a> - Bad Filename Filter<br>
+keywords: <a href="keyword-index.html#FILESYSTEM">FILESYSTEM</a> <a href="keyword-index.html#HACK">HACK</a> <br>
+<p>The badname.stp script shows how one could prevent the creation of files with undesirable names.</p></li>
+</ul>
 <h3><a name="INTERRUPT">INTERRUPT</a></h3>
 <ul>
 <li><a href="interrupt/scf.stp">interrupt/scf.stp</a> - Tally Backtraces for Inter-Processor Interrupt (IPI)<br>
diff --git a/testsuite/systemtap.examples/keyword-index.txt b/testsuite/systemtap.examples/keyword-index.txt
index 81713991..866e1d86 100644
--- a/testsuite/systemtap.examples/keyword-index.txt
+++ b/testsuite/systemtap.examples/keyword-index.txt
@@ -106,6 +106,15 @@ keywords: disk
   ten entries during that period.
 
 
+= FILESYSTEM =
+
+general/badname.stp - Bad Filename Filter
+keywords: filesystem hack
+
+  The badname.stp script shows how one could prevent the creation of
+  files with undesirable names.
+
+
 = FORMAT =
 
 general/ansi_colors.stp - Color Table for ansi_set_color2() and ansi_set_color3()
@@ -166,6 +175,15 @@ keywords: disk cpu use graph
   and CPU USE.
 
 
+= HACK =
+
+general/badname.stp - Bad Filename Filter
+keywords: filesystem hack
+
+  The badname.stp script shows how one could prevent the creation of
+  files with undesirable names.
+
+
 = INTERRUPT =
 
 interrupt/scf.stp - Tally Backtraces for Inter-Processor Interrupt (IPI)