2 files changed, 41 insertions, 0 deletions

diff --git a/testsuite/systemtap.examples/general/badname.meta b/testsuite/systemtap.examples/general/badname.meta
new file mode 100644
index 00000000..9a01763c
--- /dev/null
+++ b/testsuite/systemtap.examples/general/badname.meta
@@ -0,0 +1,13 @@
+title: Bad Filename Filter
+name: badname.stp
+version: 1.0
+keywords: filesystem hack
+author: Josh Stone
+subsystem: filesystem
+status: experimental
+exit: user-controlled
+output: none
+scope: system-wide
+description: The badname.stp script shows how one could prevent the creation of files with undesirable names using guru mode.
+test_check: stap -g -p4 badname.stp
+test_installcheck: stap -g badname.stp -c "sleep 0.2"
diff --git a/testsuite/systemtap.examples/general/badname.stp b/testsuite/systemtap.examples/general/badname.stp
new file mode 100755
index 00000000..153e08c5
--- /dev/null
+++ b/testsuite/systemtap.examples/general/badname.stp
@@ -0,0 +1,28 @@
+#!/usr/bin/stap -g
+# badname.stp
+# Prevent the creation of files with undesirable names.
+# Source: http://blog.cuviper.com/2009/04/08/hacking-linux-filenames/
+
+# return non-zero if the filename should be blocked
+function filter:long (name:string)
+{
+  return euid() && isinstr(name, "XXX")
+}
+
+global squash_inode_permission
+probe kernel.function("may_create@fs/namei.c")
+{
+  # screen out the conditions which may_create will fail anyway
+  if ($child->d_inode || $dir->i_flags & 16) next
+
+  # check that the new file meets our naming rules
+  if (filter(kernel_string($child->d_name->name)))
+    squash_inode_permission[tid()] = 1
+}
+probe kernel.function("inode_permission@fs/namei.c").return !,
+      kernel.function("permission@fs/namei.c").return
+{
+  if (!$return && squash_inode_permission[tid()])
+    $return = -13 # -EACCES (Permission denied)
+  delete squash_inode_permission[tid()]
+}