From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by dpdk.org (Postfix) with ESMTP id EEF822A5B for ; Thu, 3 Dec 2015 08:59:04 +0100 (CET) Received: from int-mx11.intmail.prod.int.phx2.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24]) by mx1.redhat.com (Postfix) with ESMTPS id 3C67DC075658; Thu, 3 Dec 2015 07:59:04 +0000 (UTC) Received: from sopuli.koti.laiskiainen.org (vpn1-4-137.ams2.redhat.com [10.36.4.137]) by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id tB37x2tI005948; Thu, 3 Dec 2015 02:59:03 -0500 To: Thomas Monjalon , Stephen Hemminger References: <5394034.PY3UYPlQag@xps13> <20151202180702.784048ca@xeon-e3> <4326350.y6KGzOFPTo@xps13> From: Panu Matilainen Message-ID: <565FF646.8000006@redhat.com> Date: Thu, 3 Dec 2015 09:59:02 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0 MIME-Version: 1.0 In-Reply-To: <4326350.y6KGzOFPTo@xps13> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.68 on 10.5.11.24 Cc: dev@dpdk.org Subject: Re: [dpdk-dev] [PATCH v4 0/2] Add support for driver directories X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches and discussions about DPDK List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Dec 2015 07:59:05 -0000 On 12/03/2015 04:26 AM, Thomas Monjalon wrote: > 2015-12-02 18:07, Stephen Hemminger: >> On Thu, 12 Nov 2015 16:52:32 +0100 >> Thomas Monjalon wrote: >> >>>>> This mini-series adds support for driver directory concept >>>>> based on idea by Thomas Monjalon back in February: >>>>> http://dpdk.org/ml/archives/dev/2015-February/013285.html >>>>> >>>>> In the process FreeBSD also gains plugin support (but untested). >>>>> >>>>> v4: - introduce error-early behavior for invalid plugin paths >>>>> - support directories via the existing -d option instead of adding new >>>>> >>>>> v3: - merge the first commits >>>>> >>>>> v2: - move code to eal/common >>>>> - add bsd support >>>>> >>>>> Panu Matilainen (2): >>>>> eal: move plugin loading to eal/common >>>>> eal: add support for driver directory concept >>>> >>>> >>>> checkpatch complains for some indent problem (Thomas, can you fix this ?), >>>> but the rest looks good to me. >>>> >>>> Acked-by: David Marchand >>>> >>>> Thanks Panu. >>> >>> Applied, thanks >> >> This patch introduces a new issue reported by Coverity. >> >> The root cause of the problem is that you are checking that it s a directory first with stat >> then calling dlopen(). I malicious entity could get between the stat and the dlopen. > > I think it is a false positive. > The aim of loading every files in the directory is out of a security scope IMHO. > Yes its a false positive. The security aspect relates to world-writable directories and even in there the problem is usually "test for existence before creation", this is neither (if somebody routinely loads their critical device drivers from /tmp on a system they have bigger problems than this) If somebody changes a file to a directory or vice versa then the consecutive readdir() or dlopen() on that entry will just fail, end of story. And if somebody has the permission to change entries in that directory they dont have to bother with trying to time their changes between stat() and dlopen(). Sure it could just call dlopen() on everything and if it fails try readdir() on it. Matter of style, I dislike blindly stumbling and crashing when I can simply take a look to see whether its a door, a window or a wall :) - Panu -