1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
#!/usr/bin/env stap
global acl_inode, acl_mask, acl_check, inode_mask;
probe module("nfsd").function("nfsd_permission")
{
printf("nfsd_permission: rqstp %p exp %p dentry '%s' %s\n",
$rqstp, $exp, dentry2name($dentry), file_modes($acc));
printf(" : %s\n", svc_export_dump($exp));
}
%( kernel_v >= "2.6.25" %?
probe kernel.function("acl_permission_check")
{
acl_inode = $inode;
acl_mask = $mask;
acl_check = $check_acl;
}
probe kernel.function("acl_permission_check").return
{
if ($return)
printf(" acl_permission_check: inode 0x%p uid %s %s %s error: %d\n",
acl_inode, inode_uid(acl_inode), file_modes(acl_mask), file_modes(inode_mode(acl_inode)), $return);
}
probe kernel.function("ext4_check_acl").return
{
printf(" ext4_check_acl: error: %d\n", $return);
}
probe kernel.function("posix_acl_permission").return
{
printf(" posix_acl_permission: error: %d\n", $return);
}
/*
a very busy probe
probe kernel.function("selinux_inode_permission").return
{
if ($return)
printf(" selinux_inode_permission: error: %d\n", $return);
}
*/
probe kernel.function("inode_permission")
{
inode_mask = $mask
}
probe kernel.function("inode_permission").return
{
if ($return)
printf(" inode_permission: uid %d gid %d: mask %s imode %s: iflags 0x%x: mask 0x%x: error: %d\n",
$inode->i_uid, $inode->i_gid, file_modes(inode_mask), file_modes($inode->i_mode), $inode->i_flags,
$mask, $return);
}
probe kernel.function("security_inode_permission").return
{
if ($return)
printf(" security_inode_permission: error: %d\n", $return);
}
probe kernel.function("devcgroup_inode_permission").return
{
if ($return)
printf(" devcgroup_inode_permission: error: %d\n", $return);
}
%)
probe kernel.function("generic_permission").return
{
if ($return)
printf(" generic_permission: error: %d\n", $return);
}
probe module("nfsd").function("nfsd_permission").return
{
if ($return)
printf("nfsd_permission: error: %s\n", nfsderror($return));
}
probe begin { log("starting nfsd_permission probe") }
probe end { log("ending nfsd_permission probe") }
|