Re: [Linuxptp-devel] [RFC PATCH] clock: Add read-only UDS port for monitoring.

On Sat, Jan 23, 2021 at 05:41:12AM -0800, Richard Cochran wrote: > We'll have to do something about the port numbering. The "real" ports > must start with 1, 2, 3, ... as this is part of the standard. > > Also, there is some code in port_open() and maybe elsewhere that > treats zero as a special

[Linuxptp-devel] [PATCH 2/6] port: Ignore non-management messages on UDS port.

Drop non-management messages on the UDS port early in the processing to prevent them from changing the port or clock state. Signed-off-by: Miroslav Lichvar --- port.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/port.c b/port.c index 6136153..ed33131 100644 --- a/port.c +++ b/port.c

[Linuxptp-devel] [PATCH 5/6] clock: Add read-only UDS port for monitoring.

Add a second UDS port to allow untrusted applications to monitor ptp4l. On this "read-only" UDS port disable non-GET actions and forwarding. The path can be configured with the uds_address2 option (default is /var/run/ptp4lro). Forwarding is disabled to limit the access to the local ptp4l

[Linuxptp-devel] [PATCH 3/6] clock: Don't allow COMMAND action on non-UDS port.

No COMMAND actions are currently supported, but check the port early in clock_manage() before reaching port_manage(). Signed-off-by: Miroslav Lichvar --- clock.c | 5 + 1 file changed, 5 insertions(+) diff --git a/clock.c b/clock.c index 08c61eb..aff9589 100644 --- a/clock.c +++ b/clock.c

[Linuxptp-devel] [PATCH 4/6] clock: Rename UDS variables to read-write.

In preparation for a new read-only UDS port, rename variables of the current UDS port to make it clear it is read-write, as opposed to read-only. Signed-off-by: Miroslav Lichvar --- clock.c | 49 + 1 file changed, 25 insertions(+), 24 deletions(-)

[Linuxptp-devel] [PATCH 0/6] GET-only UDS port

This patchset adds a new UDS port to be used by untrusted applications for monitoring purposes. The first four patches are cleanup and preparation. Please feel free to skip the first patch. The fifth patch is the main change. As this could easily lead to security issues, please check what code

[Linuxptp-devel] [PATCH 6/6] timemaster: Set uds_address2 for ptp4l instances.

This prevents conflicts on the new UDS-RO port. Signed-off-by: Miroslav Lichvar --- timemaster.c | 9 +++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/timemaster.c b/timemaster.c index fb27d72..c180a78 100644 --- a/timemaster.c +++ b/timemaster.c @@ -712,7 +712,7 @@

[Linuxptp-devel] [PATCH 1/6] port: Don't assume transport from port number.

In port_open(), don't assume that UDS ports always have to have a zero number. Check the transport directly to make make the code cleaner. Signed-off-by: Miroslav Lichvar --- port.c | 12 +++- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/port.c b/port.c index

Re: [Linuxptp-devel] [PATCH 1/6] port: Don't assume transport from port number.

On 1/26/2021 2:00 AM, Miroslav Lichvar wrote: > In port_open(), don't assume that UDS ports always have to have a zero > number. Check the transport directly to make make the code cleaner. > > Signed-off-by: Miroslav Lichvar This seems more straight forward than assuming the clock number is

Re: [Linuxptp-devel] [PATCH 5/6] clock: Add read-only UDS port for monitoring.

On 1/26/2021 2:00 AM, Miroslav Lichvar wrote: > Add a second UDS port to allow untrusted applications to monitor ptp4l. > On this "read-only" UDS port disable non-GET actions and forwarding. > The path can be configured with the uds_address2 option (default is > /var/run/ptp4lro). > should

Re: [Linuxptp-devel] [PATCH 1/6] port: Don't assume transport from port number.

Hi all, Am 2021-01-26 11:00, schrieb Miroslav Lichvar: In port_open(), don't assume that UDS ports always have to have a zero number. Check the transport directly to make make the code cleaner. What about creating a helper? Something like port_is_uds(struct *port)? That way the actual