From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 87E40A0519; Fri, 3 Jul 2020 12:23:40 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 06A2E1DB10; Fri, 3 Jul 2020 12:23:40 +0200 (CEST) Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by dpdk.org (Postfix) with ESMTP id 3240A1DB0F for ; Fri, 3 Jul 2020 12:23:38 +0200 (CEST) IronPort-SDR: hzR1nIwEU6Y6yvsM42m7Vg6C0sQ1d7FRADbkTcWJ4VrSU6s0xp7vs8HtXfLPo0/e8zOjC+tx/2 nPLqdMuMHo4Q== X-IronPort-AV: E=McAfee;i="6000,8403,9670"; a="212153027" X-IronPort-AV: E=Sophos;i="5.75,307,1589266800"; d="scan'208";a="212153027" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Jul 2020 03:23:37 -0700 IronPort-SDR: l9YjmRQJRDFmMY3GMeAiCsywn7+vmZDq4RM+V13k8hdpGK9pjUwNohn882MEEbpmqpovJ5nVNL 9tkxdJbW2kYA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,307,1589266800"; d="scan'208";a="481984266" Received: from silpixa00399126.ir.intel.com ([10.237.222.84]) by fmsmga006.fm.intel.com with ESMTP; 03 Jul 2020 03:23:35 -0700 From: Bruce Richardson To: thomas@monjalon.net Cc: dev@dpdk.org, Bruce Richardson Date: Fri, 3 Jul 2020 11:23:28 +0100 Message-Id: <20200703102332.1101232-1-bruce.richardson@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200618135049.489773-1-bruce.richardson@intel.com> References: <20200618135049.489773-1-bruce.richardson@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-dev] [PATCH v3 0/4] improve runtime loading of shared drivers X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This set includes a number of small improvements for handling the loading of drivers at runtime using the EAL -d flag. It limits the loading of files to only those files which end in .so, which means that one can pass in the whole "drivers/" subfolder from a meson build and not get an error when DPDK trys to load a .a file. It also puts in some basic permission checking to ensure that no drivers are loaded from a world-writable location on the filesystem, which would be a potential security hole on a mis-configured system. v3: adjusted commit titles based on Thomas' feedback skip over any paths which are not relative/absolute - assume any found from system directories by linker must be secure. v2: rebased to fix errors on apply fixed one checkpatch issue. Bruce Richardson (4): eal: remove unnecessary null-termination in plugin path eal: load only shared libs from driver plugin directories eal: forbid loading drivers from insecure paths eal: cache last directory permissions checked lib/librte_eal/common/eal_common_options.c | 100 ++++++++++++++++++--- 1 file changed, 90 insertions(+), 10 deletions(-) -- 2.25.1