v3:
- rebased on current HEAD
- changes suggested by Richard
v2:
- renamed uds_address2 option to uds_ro_address
- added a helper function for UDS check in port.c
This patchset adds a new UDS port to be used by untrusted applications
for monitoring purposes.
The first four patches are cleanup and preparation.
The fifth patch is the main change. As this could easily lead to
security issues, please check what code is exposed on the UDS-RO port.
We need to be sure that it cannot be exploited to cause crashes, changes
in the port or clock state, etc.
The intention is to drop any non-management messages just few calls
after transport_recv() and respond with errors to non-GET actions in
clock_manage(). Only GET actions can get to port_manage(). No message
should be able to get to clock_management_set() and
port_management_set().
Miroslav Lichvar (6):
port: Don't assume transport from port number.
port: Ignore non-management messages on UDS port.
clock: Don't allow COMMAND action on non-UDS port.
clock: Rename UDS variables to read-write.
clock: Add read-only UDS port for monitoring.
timemaster: Set uds_ro_address for ptp4l instances.
clock.c | 122 +++-
config.c| 1 +
configs/default.cfg | 1 +
port.c | 44 ++--
ptp4l.8 | 6 +++
timemaster.c| 9 +++-
6 files changed, 129 insertions(+), 54 deletions(-)
--
2.26.2
___
Linuxptp-devel mailing list
Linuxptp-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linuxptp-devel
