From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pa0-f52.google.com (mail-pa0-f52.google.com [209.85.220.52]) by dpdk.org (Postfix) with ESMTP id 8FC9158DB for ; Thu, 3 Dec 2015 03:06:53 +0100 (CET) Received: by pacdm15 with SMTP id dm15so56891540pac.3 for ; Wed, 02 Dec 2015 18:06:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=networkplumber-org.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:in-reply-to:references :mime-version:content-type:content-transfer-encoding; bh=5E98cHym9vHv1Ujj6Au1hcTUj1qBuB3T2eHt7808R3E=; b=QAy7xPfO+b65KpFFPhuzbIz2d1C4dmXQagaEi7O5RuLP34RgHY+zqNDg2cZfvxPKoi YFD/t28Tc100ksQWN48pXBnNVE45Lali7O8TqkRAg6HoFt6jxPjvKd4LeVnBxHKWDYW/ WVSzEXpTA2q/h2H9C/ZCXq8JOgviv+1H7iqNcOv63AcVuZTXMSPW1F7wZQMD+/VLnHKJ ntTKgdMvdCSL7uL1mnE2akTrZpbKL7GrrKyn92SGE+PZsGrwW6VNVb/ndrDHQzE7KCDE Ze7ebOBXhvd73vmcm6adBUmPef6fv7CO1JjTlBLdtvF4FaEo58Sde7Z/k96dN7oL3NKw EZeg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:date:from:to:cc:subject:message-id:in-reply-to :references:mime-version:content-type:content-transfer-encoding; bh=5E98cHym9vHv1Ujj6Au1hcTUj1qBuB3T2eHt7808R3E=; b=H6gqQPRFK3DdmyCRiQPU7TOPVKy1WGPQgM7qu+tnr+RI9djcyKzhyMZuDgwPlj/d0d AOKJOfN/TutpSmeAqV8GwPLstqCsWaHC37breukJBMf9iE4vAXmZtAzf1e65izfslj0K 4r8v9h5R3u3YH8sQ4yBZG7PH9OX8xDy5GyNh8n3ZAHdNPx6NK4kIp/P7hm7VSdKZKoo8 ivuGpTjI6eXxdxszch+RyllR5Fybc/oSIRyOZ1Mq7+pZl/QVpoPFVJ48wLqh9vlodXbh iLJI2RU+bNTyEjwTWiEz2v41zQp/dR4PWdFNHbqbkS/J7w+cjE2obK2o093GMjk23Mk/ 1aYA== X-Gm-Message-State: ALoCoQmnxb1rVcLugahcwxKkOsEXyM9z7l4v/t05OooeWVZn221rBDnY9oXKB6M8yzvjwMyEFkti X-Received: by 10.66.139.200 with SMTP id ra8mr9352247pab.91.1449108412973; Wed, 02 Dec 2015 18:06:52 -0800 (PST) Received: from xeon-e3 (static-50-53-82-155.bvtn.or.frontiernet.net. [50.53.82.155]) by smtp.gmail.com with ESMTPSA id ga13sm6833766pac.47.2015.12.02.18.06.52 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 02 Dec 2015 18:06:52 -0800 (PST) Date: Wed, 2 Dec 2015 18:07:02 -0800 From: Stephen Hemminger To: Thomas Monjalon Message-ID: <20151202180702.784048ca@xeon-e3> In-Reply-To: <5394034.PY3UYPlQag@xps13> References: <5394034.PY3UYPlQag@xps13> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: dev@dpdk.org Subject: Re: [dpdk-dev] [PATCH v4 0/2] Add support for driver directories X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches and discussions about DPDK List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Dec 2015 02:06:54 -0000 On Thu, 12 Nov 2015 16:52:32 +0100 Thomas Monjalon wrote: > > > This mini-series adds support for driver directory concept > > > based on idea by Thomas Monjalon back in February: > > > http://dpdk.org/ml/archives/dev/2015-February/013285.html > > > > > > In the process FreeBSD also gains plugin support (but untested). > > > > > > v4: - introduce error-early behavior for invalid plugin paths > > > - support directories via the existing -d option instead of adding new > > > > > > v3: - merge the first commits > > > > > > v2: - move code to eal/common > > > - add bsd support > > > > > > Panu Matilainen (2): > > > eal: move plugin loading to eal/common > > > eal: add support for driver directory concept > > > > > > checkpatch complains for some indent problem (Thomas, can you fix this ?), > > but the rest looks good to me. > > > > Acked-by: David Marchand > > > > Thanks Panu. > > Applied, thanks This patch introduces a new issue reported by Coverity. The root cause of the problem is that you are checking that it s a directory first with stat then calling dlopen(). I malicious entity could get between the stat and the dlopen. In this case the desire to handle both file name and directory is getting in the way. It really should just only take a directory now, or have two different config options in a method similar to other subsystems (look at /etc/xxx vs /etc/xxx.d as standard practice). ________________________________________________________________________________________________________ *** CID 120151: Security best practices violations (TOCTOU) /lib/librte_eal/common/eal_common_options.c: 232 in eal_plugins_init() 226 solib->name); 227 return -1; 228 } 229 } else { 230 RTE_LOG(DEBUG, EAL, "open shared lib %s\n", 231 solib->name); >>> CID 120151: Security best practices violations (TOCTOU) >>> Calling function "dlopen" that uses "solib->name" after a check function. This can cause a time-of-check, time-of-use race condition. 232 solib->lib_handle = dlopen(solib->name, RTLD_NOW); 233 if (solib->lib_handle == NULL) { 234 RTE_LOG(ERR, EAL, "%s\n", dlerror()); 235 return -1; 236 } 237 }