Re: Access Control for RTEMS Shell

The goal is to provide different command sets for different users. For example a system could give the customer a certain command set and the service personal a different one which includes also maintenance operations. Most of the infrastructure was already present. There were just some missi

Re: [PATCH 4/6] i386/shared/int16: real mode interrupt interface

On Tue, Nov 18, 2014 at 10:47 AM, Jan Dolezal wrote: > > On 12.11.2014 16:54, Gedare Bloom wrote: >> >> On Wed, Nov 12, 2014 at 10:07 AM, Jan Dolezal >> wrote: >>> >>> --- >>> c/src/lib/libbsp/i386/pc386/Makefile.am| 2 + >>> c/src/lib/libbsp/i386/pc386/preinstall.am | 4 + >>> c/src

Re: [PATCH 3/6] i386: global descriptor table manipulation functions

On Tue, Nov 18, 2014 at 10:46 AM, Jan Dolezal wrote: > > On 12.11.2014 16:42, Gedare Bloom wrote: >> >> On Wed, Nov 12, 2014 at 10:07 AM, Jan Dolezal >> wrote: >>> >>> --- >>> c/src/lib/libbsp/i386/shared/irq/idt.c | 147 >>> + >>> c/src/lib/libcpu/i386/cpu.h

Re: [PATCH 1/6] i386/pc386: configurable size of descriptor tables

On Tue, Nov 18, 2014 at 10:46 AM, Jan Dolezal wrote: > Hello Gedare, > thank you very much for fast and valuable response. > > I made most of the changes you suggested. > > > On 12.11.2014 16:20, Gedare Bloom wrote: >> >> On Wed, Nov 12, 2014 at 10:07 AM, Jan Dolezal wrote: >>> >>> --- >>> c/src

Re: [PATCH 1/6] i386/pc386: configurable size of descriptor tables

Hello Gedare, thank you very much for fast and valuable response. I made most of the changes you suggested. On 12.11.2014 16:20, Gedare Bloom wrote: On Wed, Nov 12, 2014 at 10:07 AM, Jan Dolezal wrote: --- c/src/lib/libbsp/i386/pc386/Makefile.am | 1 + c/src/lib/libbsp/i386/pc38

Re: [PATCH 4/6] i386/shared/int16: real mode interrupt interface

On 12.11.2014 16:54, Gedare Bloom wrote: On Wed, Nov 12, 2014 at 10:07 AM, Jan Dolezal wrote: --- c/src/lib/libbsp/i386/pc386/Makefile.am| 2 + c/src/lib/libbsp/i386/pc386/preinstall.am | 4 + c/src/lib/libbsp/i386/shared/int16/int16.c | 397 + c/src/l

Re: [PATCH 2/6] score: i386: functions converting real mode pointer to physical address and back

On 12.11.2014 16:25, Gedare Bloom wrote: On Wed, Nov 12, 2014 at 10:07 AM, Jan Dolezal wrote: --- cpukit/score/cpu/i386/cpu_asm.S | 63 cpukit/score/cpu/i386/rtems/score/i386.h | 29 +++ 2 files changed, 92 insertions(+) diff --git a/c

Re: [PATCH 3/6] i386: global descriptor table manipulation functions

On 12.11.2014 16:42, Gedare Bloom wrote: On Wed, Nov 12, 2014 at 10:07 AM, Jan Dolezal wrote: --- c/src/lib/libbsp/i386/shared/irq/idt.c | 147 + c/src/lib/libcpu/i386/cpu.h| 83 ++- 2 files changed, 194 insertions(+), 36 deletio

Re: Access Control for RTEMS Shell

Could you briefly explain a bit more context about the goals for implementing access control? That is, is it for compliance to some standard, to address a security need, or something else? Thanks, Gedare On Tue, Nov 18, 2014 at 9:37 AM, Sebastian Huber wrote: > This patch set adds access control

[PATCH 17/22] shell: Add and use rtems_shell_execute_cmd()

--- cpukit/libmisc/shell/internal.h | 1 + cpukit/libmisc/shell/main_time.c| 10 +- cpukit/libmisc/shell/shell.c| 10 +- cpukit/libmisc/shell/shell_cmdset.c | 17 + 4 files changed, 20 insertions(+), 18 deletions(-) diff --git a/cpukit/libmisc/shel

[PATCH 22/22] shell: Documentation

--- doc/shell/Makefile.am | 2 +- doc/shell/confinit.t | 132 +- 2 files changed, 131 insertions(+), 3 deletions(-) diff --git a/doc/shell/Makefile.am b/doc/shell/Makefile.am index a811f73..a16c886 100644 --- a/doc/shell/Makefile.am +++ b/doc/she

[PATCH 14/22] shell: Add initial commands and aliases only once

Make tables read-only. --- cpukit/libmisc/shell/internal.h | 1 - cpukit/libmisc/shell/shell.c| 22 ++ cpukit/libmisc/shell/shell_cmdset.c | 17 - cpukit/libmisc/shell/shellconfig.h | 8 4 files changed, 22 insertions(+), 26 deletions(-)

[PATCH 21/22] shell: Add CMDLS, CMDCHOWN, CMDCHMOD commands

--- cpukit/libmisc/Makefile.am | 3 + cpukit/libmisc/shell/main_cmdchmod.c | 85 cpukit/libmisc/shell/main_cmdchown.c | 106 cpukit/libmisc/shell/main_cmdls.c| 91 + cpukit/libmisc/shell/shellconfig.h | 18 doc/shell/g

[PATCH 18/22] shell: Inherit UID and GID if no login check

Use the UID and GID of the executing user for the real and effective UID and GID of the shell task in case no login check is present. This prevents privilege escalation via shell scripts. --- cpukit/libmisc/shell/shell.c | 8 cpukit/libmisc/shell/shell.h | 13 + 2 files chan

[PATCH 15/22] shell: Print to stderr in TIME command

--- cpukit/libmisc/shell/main_time.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cpukit/libmisc/shell/main_time.c b/cpukit/libmisc/shell/main_time.c index dadcd85..e574647 100644 --- a/cpukit/libmisc/shell/main_time.c +++ b/cpukit/libmisc/shell/main_time.c @@ -49,7 +4

[PATCH 19/22] shell: Add mode, UID and GID to shell commands

Use this information to determine if a command is visible to the current user and if the current user is allowed to execute this command. --- cpukit/libmisc/shell/cmds.c | 4 +--- cpukit/libmisc/shell/internal.h | 2 ++ cpukit/libmisc/shell/main_alias.c | 11 +- cpukit/libm

[PATCH 03/22] Filesystem: Typo

--- cpukit/libcsupport/include/rtems/libio_.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpukit/libcsupport/include/rtems/libio_.h b/cpukit/libcsupport/include/rtems/libio_.h index d7f9034..c0f4432 100644 --- a/cpukit/libcsupport/include/rtems/libio_.h +++ b/cpukit/libcsu

[PATCH 16/22] shell: Make rtems_shell_main_joel() static

--- cpukit/libmisc/shell/shell_script.c | 9 + 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/cpukit/libmisc/shell/shell_script.c b/cpukit/libmisc/shell/shell_script.c index b198fa1..b46e124 100644 --- a/cpukit/libmisc/shell/shell_script.c +++ b/cpukit/libmisc/shell/shell_sc

Access Control for RTEMS Shell

This patch set adds access control to the RTEMS shell. The command visibility and ability to execute are determined by the current user environment and per command mode, UID and GID values. The user environment is set up by the rtems_shell_login_check() handler. Commands to alter the mode, UID a

[PATCH 08/22] shell: Get supplementary group IDs in login check

--- cpukit/libmisc/shell/login_check.c | 2 ++ testsuites/libtests/shell01/init.c | 13 + 2 files changed, 15 insertions(+) diff --git a/cpukit/libmisc/shell/login_check.c b/cpukit/libmisc/shell/login_check.c index 372d059..9d853f8 100644 --- a/cpukit/libmisc/shell/login_check.c +++

[PATCH 09/22] shell: Use exiting once initialization

Avoid TOCTOU issues. Avoid pull in of global buffers. --- cpukit/libmisc/shell/shell.c | 69 1 file changed, 31 insertions(+), 38 deletions(-) diff --git a/cpukit/libmisc/shell/shell.c b/cpukit/libmisc/shell/shell.c index eeb60dc..babac72 100644 --- a

[PATCH 20/22] shell: Fix help topic header

--- cpukit/libmisc/shell/main_help.c | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/cpukit/libmisc/shell/main_help.c b/cpukit/libmisc/shell/main_help.c index 393d7e8..43701d9 100644 --- a/cpukit/libmisc/shell/main_help.c +++ b/cpukit/libmisc/shell/main_help.c @@ -96,17

[PATCH 02/22] libcsupport: Implement getgroups()

--- cpukit/libcsupport/src/getgroups.c| 57 +-- testsuites/libtests/pwdgrp01/init.c | 41 ++ testsuites/libtests/pwdgrp01/pwdgrp01.doc | 2 ++ testsuites/psxtests/psxid01/init.c| 53 +--- testsuites/psxt

[PATCH 12/22] shell: Rename HALT to SHUTDOWN command

Use a normal command for shutdown via exit(). --- cpukit/libmisc/shell/main_halt.c | 11 ++- cpukit/libmisc/shell/shell.c | 3 --- cpukit/libmisc/shell/shellconfig.h | 8 doc/shell/rtems.t | 37 + 4 files changed, 23 i

[PATCH 10/22] shell: Do chroot() after successful login

--- cpukit/libmisc/shell/login_check.c | 4 ++ cpukit/libmisc/shell/shell.c | 75 +++--- testsuites/libtests/shell01/init.c | 38 ++- testsuites/samples/fileio/init.c | 8 +++- 4 files changed, 85 insertions(+), 40 deletions(-) diff --git

[PATCH 06/22] samples/fileio: Use unlimited objects

--- testsuites/samples/fileio/system.h | 9 + 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/testsuites/samples/fileio/system.h b/testsuites/samples/fileio/system.h index 8e3fa9e..a99c36d 100644 --- a/testsuites/samples/fileio/system.h +++ b/testsuites/samples/fileio/system.

[PATCH 11/22] Ensure security of default user environment

--- cpukit/libcsupport/src/base_fs.c | 5 +- cpukit/libcsupport/src/pwdgrp.c | 17 ++- testsuites/libtests/Makefile.am | 1 + testsuites/libtests/configure.ac | 1 + testsuites/libtests/pwdgrp02/Makefile.am | 19 testsuites/libtests/pwdgrp02/init

[PATCH 07/22] Add supplementary groups to user environment

--- cpukit/include/rtems/userenv.h| 74 -- cpukit/libcsupport/Makefile.am| 1 + cpukit/libcsupport/include/rtems/libio_.h | 27 +++- cpukit/libcsupport/src/sup_fs_check_permissions.c | 47 -- cpukit/libcsupport/src/uenvgetgroups.c

[PATCH 01/22] libcsupport: Use POSIX key for getgrent()

--- cpukit/libcsupport/Makefile.am | 1 + cpukit/libcsupport/src/getgrent.c | 88 +++--- cpukit/libcsupport/src/getgrnam.c | 53 testsuites/psxtests/psxpasswd01/init.c | 2 + testsuites/psxtests/psxpasswd02/init.c | 2 + 5 files

[PATCH 13/22] shell: Simplify rtems_shell_add_cmd_struct()

--- cpukit/libmisc/shell/shell_cmdset.c | 29 +++-- 1 file changed, 15 insertions(+), 14 deletions(-) diff --git a/cpukit/libmisc/shell/shell_cmdset.c b/cpukit/libmisc/shell/shell_cmdset.c index 23125b8..e291e74 100644 --- a/cpukit/libmisc/shell/shell_cmdset.c +++ b/cpuki

[PATCH 04/22] dosfs: Avoid MIN() re-definition

--- cpukit/libfs/src/dosfs/fat.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cpukit/libfs/src/dosfs/fat.h b/cpukit/libfs/src/dosfs/fat.h index 2f0f75f..26f0699 100644 --- a/cpukit/libfs/src/dosfs/fat.h +++ b/cpukit/libfs/src/dosfs/fat.h @@ -68,7 +68,9 @@ extern "C" { #define CT_LE_L

[PATCH 05/22] samples/fileio: Fix warning

--- testsuites/samples/fileio/init.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/testsuites/samples/fileio/init.c b/testsuites/samples/fileio/init.c index 735b588..1c6c88c 100644 --- a/testsuites/samples/fileio/init.c +++ b/testsuites/samples/fileio/init.c @@ -214,7 +214,9 @@ fstab_t fs_