Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/71727/?format=api
http://patches.dpdk.org/api/patches/71727/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/patch/20200618135049.489773-4-bruce.richardson@intel.com/", "project": { "id": 1, "url": "http://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20200618135049.489773-4-bruce.richardson@intel.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20200618135049.489773-4-bruce.richardson@intel.com", "date": "2020-06-18T13:50:48", "name": "[3/4] eal: don't load drivers from insecure paths", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "047d2c0d7691555f14a85f3b2f8abb127229241e", "submitter": { "id": 20, "url": "http://patches.dpdk.org/api/people/20/?format=api", "name": "Bruce Richardson", "email": "bruce.richardson@intel.com" }, "delegate": null, "mbox": "http://patches.dpdk.org/project/dpdk/patch/20200618135049.489773-4-bruce.richardson@intel.com/mbox/", "series": [ { "id": 10501, "url": "http://patches.dpdk.org/api/series/10501/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/list/?series=10501", "date": "2020-06-18T13:50:45", "name": "improve runtime loading of shared drivers", "version": 1, "mbox": "http://patches.dpdk.org/series/10501/mbox/" } ], "comments": "http://patches.dpdk.org/api/patches/71727/comments/", "check": "fail", "checks": "http://patches.dpdk.org/api/patches/71727/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from dpdk.org (dpdk.org [92.243.14.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id 8BAB3A04A5;\n\tThu, 18 Jun 2020 15:51:29 +0200 (CEST)", "from [92.243.14.124] (localhost [127.0.0.1])\n\tby dpdk.org (Postfix) with ESMTP id 945591BF75;\n\tThu, 18 Jun 2020 15:51:15 +0200 (CEST)", "from mga06.intel.com (mga06.intel.com [134.134.136.31])\n by dpdk.org (Postfix) with ESMTP id 976621BF31\n for <dev@dpdk.org>; Thu, 18 Jun 2020 15:51:13 +0200 (CEST)", "from fmsmga006.fm.intel.com ([10.253.24.20])\n by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;\n 18 Jun 2020 06:51:12 -0700", "from silpixa00399126.ir.intel.com ([10.237.222.84])\n by fmsmga006.fm.intel.com with ESMTP; 18 Jun 2020 06:51:11 -0700" ], "IronPort-SDR": [ "\n HyGyLcF6ODp8085+aUPjSjARwaCfTmA1u6YVk4kNk/agSfp42ueawag8jFPT9grRlhRDj8HTeg\n Kjf4FSnqk4bA==", "\n RD6CxQuZx/BWM4Gumx5Nj0ZZWiuatWViTOPMrXh92HXs0zemyBjkkh469bTMQiQBW2ejZnlUsG\n CsC8siurzEgA==" ], "X-IronPort-AV": [ "E=McAfee;i=\"6000,8403,9655\"; a=\"204065806\"", "E=Sophos;i=\"5.73,526,1583222400\"; d=\"scan'208\";a=\"204065806\"", "E=Sophos;i=\"5.73,526,1583222400\"; d=\"scan'208\";a=\"477200739\"" ], "X-Amp-Result": "SKIPPED(no attachment in message)", "X-Amp-File-Uploaded": "False", "X-ExtLoop1": "1", "From": "Bruce Richardson <bruce.richardson@intel.com>", "To": "dev@dpdk.org", "Cc": "thomas@monjalon.net, david.marchand@redhat.com,\n Bruce Richardson <bruce.richardson@intel.com>", "Date": "Thu, 18 Jun 2020 14:50:48 +0100", "Message-Id": "<20200618135049.489773-4-bruce.richardson@intel.com>", "X-Mailer": "git-send-email 2.25.1", "In-Reply-To": "<20200618135049.489773-1-bruce.richardson@intel.com>", "References": "<20200618135049.489773-1-bruce.richardson@intel.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "Subject": "[dpdk-dev] [PATCH 3/4] eal: don't load drivers from insecure paths", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.15", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org", "Sender": "\"dev\" <dev-bounces@dpdk.org>" }, "content": "Any paths on the system which are world-writable are insecure and should\nnot be used for loading drivers. Therefore check each driver path before\nloading it and error out on insecure ones.\n\nSigned-off-by: Bruce Richardson <bruce.richardson@intel.com>\n---\n lib/librte_eal/common/eal_common_options.c | 75 ++++++++++++++++++++--\n 1 file changed, 69 insertions(+), 6 deletions(-)", "diff": "diff --git a/lib/librte_eal/common/eal_common_options.c b/lib/librte_eal/common/eal_common_options.c\nindex 7aef6df4c..2a62a1342 100644\n--- a/lib/librte_eal/common/eal_common_options.c\n+++ b/lib/librte_eal/common/eal_common_options.c\n@@ -15,6 +15,7 @@\n #include <getopt.h>\n #ifndef RTE_EXEC_ENV_WINDOWS\n #include <dlfcn.h>\n+#include <libgen.h>\n #endif\n #include <sys/types.h>\n #include <sys/stat.h>\n@@ -368,10 +369,74 @@ eal_plugindir_init(const char *path)\n \treturn (dent == NULL) ? 0 : -1;\n }\n \n+#ifdef RTE_EXEC_ENV_WINDOWS\n+int\n+eal_plugins_init(void)\n+{\n+\treturn 0;\n+}\n+#else\n+\n+static int\n+verify_perms(const char *dirpath)\n+{\n+\tstruct stat st;\n+\n+\t/* if not root, check down one level first */\n+\tif (strcmp(dirpath, \"/\") != 0) {\n+\t\tchar copy[PATH_MAX];\n+\n+\t\tstrlcpy(copy, dirpath, PATH_MAX);\n+\t\tif (verify_perms(dirname(copy)) != 0)\n+\t\t\treturn -1;\n+\t}\n+\n+\t/* call stat to check for permissions and ensure not world writable */\n+\tif (stat(dirpath, &st) != 0) {\n+\t\tRTE_LOG(ERR, EAL, \"Error with stat on %s, %s\\n\",\n+\t\t\t\tdirpath, strerror(errno));\n+\t\treturn -1;\n+\t}\n+\tif (st.st_mode & S_IWOTH) {\n+\t\tRTE_LOG(ERR, EAL,\n+\t\t\t\t\"Error, directory path %s is world-writable and insecure\\n\",\n+\t\t\t\tdirpath);\n+\t\treturn -1;\n+\t}\n+\n+\treturn 0;\n+}\n+\n+static void *\n+eal_dlopen(const char *pathname)\n+{\n+\tvoid *retval = NULL;\n+\tchar *realp = realpath(pathname, NULL);\n+\n+\tif (realp == NULL) {\n+\t\tRTE_LOG(ERR, EAL, \"Error with realpath, %s\\n\", strerror(errno));\n+\t\tgoto out;\n+\t}\n+\tif (strnlen(realp, PATH_MAX) == PATH_MAX) {\n+\t\tRTE_LOG(ERR, EAL, \"Error, driver path greater than PATH_MAX\\n\");\n+\t\tgoto out;\n+\t}\n+\n+\t/* do permissions checks */\n+\tif (verify_perms(realp) != 0)\n+\t\tgoto out;\n+\n+\tretval = dlopen(realp, RTLD_NOW);\n+\tif (retval == NULL)\n+\t\tRTE_LOG(ERR, EAL, \"%s\\n\", dlerror());\n+out:\n+\tfree(realp);\n+\treturn retval;\n+}\n+\n int\n eal_plugins_init(void)\n {\n-#ifndef RTE_EXEC_ENV_WINDOWS\n \tstruct shared_driver *solib = NULL;\n \tstruct stat sb;\n \n@@ -391,17 +456,15 @@ eal_plugins_init(void)\n \t\t} else {\n \t\t\tRTE_LOG(DEBUG, EAL, \"open shared lib %s\\n\",\n \t\t\t\tsolib->name);\n-\t\t\tsolib->lib_handle = dlopen(solib->name, RTLD_NOW);\n-\t\t\tif (solib->lib_handle == NULL) {\n-\t\t\t\tRTE_LOG(ERR, EAL, \"%s\\n\", dlerror());\n+\t\t\tsolib->lib_handle = eal_dlopen(solib->name);\n+\t\t\tif (solib->lib_handle == NULL)\n \t\t\t\treturn -1;\n-\t\t\t}\n \t\t}\n \n \t}\n \treturn 0;\n-#endif\n }\n+#endif\n \n /*\n * Parse the coremask given as argument (hexadecimal string) and fill\n", "prefixes": [ "3/4" ] }{ "id": 71727, "url": "