From ac505f97f1e85d95c9fe2b0401a375c2c8cd1cb9 Mon Sep 17 00:00:00 2001
From: Josh Stone <jistone@redhat.com>
Date: Wed, 16 Sep 2009 15:52:17 -0700
Subject: Add the badname.stp example

This is a toy script I wrote a while back to demonstrate how SystemTap
could be used to enforce filesystem naming rules.
---
 testsuite/systemtap.examples/general/badname.meta | 13 +++++++++++
 testsuite/systemtap.examples/general/badname.stp  | 28 +++++++++++++++++++++++
 2 files changed, 41 insertions(+)
 create mode 100644 testsuite/systemtap.examples/general/badname.meta
 create mode 100755 testsuite/systemtap.examples/general/badname.stp

(limited to 'testsuite/systemtap.examples/general')

diff --git a/testsuite/systemtap.examples/general/badname.meta b/testsuite/systemtap.examples/general/badname.meta
new file mode 100644
index 00000000..9b4e7390
--- /dev/null
+++ b/testsuite/systemtap.examples/general/badname.meta
@@ -0,0 +1,13 @@
+title: Bad Filename Filter
+name: badname.stp
+version: 1.0
+keywords: filesystem hack
+author: Josh Stone
+subsystem: filesystem
+status: experimental
+exit: user-controlled
+output: none
+scope: system-wide
+description: The badname.stp script shows how one could prevent the creation of files with undesirable names.
+test_check: stap -p4 badname.stp
+test_installcheck: stap badname.stp -c "sleep 0.2"
diff --git a/testsuite/systemtap.examples/general/badname.stp b/testsuite/systemtap.examples/general/badname.stp
new file mode 100755
index 00000000..153e08c5
--- /dev/null
+++ b/testsuite/systemtap.examples/general/badname.stp
@@ -0,0 +1,28 @@
+#!/usr/bin/stap -g
+# badname.stp
+# Prevent the creation of files with undesirable names.
+# Source: http://blog.cuviper.com/2009/04/08/hacking-linux-filenames/
+
+# return non-zero if the filename should be blocked
+function filter:long (name:string)
+{
+  return euid() && isinstr(name, "XXX")
+}
+
+global squash_inode_permission
+probe kernel.function("may_create@fs/namei.c")
+{
+  # screen out the conditions which may_create will fail anyway
+  if ($child->d_inode || $dir->i_flags & 16) next
+
+  # check that the new file meets our naming rules
+  if (filter(kernel_string($child->d_name->name)))
+    squash_inode_permission[tid()] = 1
+}
+probe kernel.function("inode_permission@fs/namei.c").return !,
+      kernel.function("permission@fs/namei.c").return
+{
+  if (!$return && squash_inode_permission[tid()])
+    $return = -13 # -EACCES (Permission denied)
+  delete squash_inode_permission[tid()]
+}
-- 
cgit