v3: - rebased on current HEAD - changes suggested by Richard v2: - renamed uds_address2 option to uds_ro_address - added a helper function for UDS check in port.c
This patchset adds a new UDS port to be used by untrusted applications for monitoring purposes. The first four patches are cleanup and preparation. The fifth patch is the main change. As this could easily lead to security issues, please check what code is exposed on the UDS-RO port. We need to be sure that it cannot be exploited to cause crashes, changes in the port or clock state, etc. The intention is to drop any non-management messages just few calls after transport_recv() and respond with errors to non-GET actions in clock_manage(). Only GET actions can get to port_manage(). No message should be able to get to clock_management_set() and port_management_set(). Miroslav Lichvar (6): port: Don't assume transport from port number. port: Ignore non-management messages on UDS port. clock: Don't allow COMMAND action on non-UDS port. clock: Rename UDS variables to read-write. clock: Add read-only UDS port for monitoring. timemaster: Set uds_ro_address for ptp4l instances. clock.c | 122 +++++++++++++++++++++++++++++++------------- config.c | 1 + configs/default.cfg | 1 + port.c | 44 ++++++++++------ ptp4l.8 | 6 +++ timemaster.c | 9 +++- 6 files changed, 129 insertions(+), 54 deletions(-) -- 2.26.2 _______________________________________________ Linuxptp-devel mailing list Linuxptp-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linuxptp-devel