From: Philippe Gerum <rpm@xenomai.org>
To: Jan Kiszka <jan.kiszka@domain.hid>
Cc: xenomai-core <xenomai@xenomai.org>
Subject: Re: [Xenomai-core] [RFC][PATCH] security check for skin access
Date: Fri, 17 Mar 2006 15:29:41 +0100 [thread overview]
Message-ID: <441AC7D5.1040106@domain.hid> (raw)
In-Reply-To: <441ABA73.2020903@domain.hid>
Jan Kiszka wrote:
> Hi,
>
> you all may know that Xenomai provides a bulk of very powerful
> interfaces to userspace real-time applications. But not everyone may
> have thought about the fact yet that these syscall extensions are
> accessible for *all* users in the system!
>
> Well, real-time and security is a more complex topic, but we should at
> least restore the same level of security which Linux provides. For this
> purpose, the attached (and long-planned) patch adds basic access control
> to all Xenomai skin services by requiring CAP_SYS_NICE, i.e. the same
> capability that is also required to manipulate the normal Linux
> scheduling parameters.
>
> I would suggest to merge it, either as an option (with default=y), or
> unconditionally (it's just a tiny additional check in the syscall path).
Also added the CONFIG_OPT_SECURITY_ACCESS switch to make this check conditional.
>
> Jan
>
>
> ------------------------------------------------------------------------
>
> Index: ksrc/nucleus/shadow.c
> ===================================================================
> --- ksrc/nucleus/shadow.c (revision 719)
> +++ ksrc/nucleus/shadow.c (working copy)
> @@ -1141,6 +1141,12 @@ static inline int do_hisyscall_event (un
> if (!__xn_reg_mux_p(regs))
> goto linux_syscall;
>
> + if (unlikely(!cap_raised(p->cap_effective, CAP_SYS_NICE)))
> + {
> + __xn_error_return(regs,-EPERM);
> + return RTHAL_EVENT_STOP;
> + }
> +
> muxid = __xn_mux_id(regs);
> muxop = __xn_mux_op(regs);
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Xenomai-core mailing list
> Xenomai-core@domain.hid
> https://mail.gna.org/listinfo/xenomai-core
--
Philippe.
prev parent reply other threads:[~2006-03-17 14:29 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-03-17 13:32 [Xenomai-core] [RFC][PATCH] security check for skin access Jan Kiszka
2006-03-17 14:27 ` Philippe Gerum
2006-03-17 14:29 ` Philippe Gerum [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=441AC7D5.1040106@domain.hid \
--to=rpm@xenomai.org \
--cc=jan.kiszka@domain.hid \
--cc=xenomai@xenomai.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.