From: Stephen Hemminger <stephen@networkplumber.org>
To: Denis Sergeev <denserg.edu@gmail.com>
Cc: dev@dpdk.org, shepard.siegel@atomicrules.com,
ed.czeck@atomicrules.com, john.miller@atomicrules.com,
stable@dpdk.org, sdl.dpdk@linuxtesting.org
Subject: Re: [PATCH v2] net/ark: fix unsafe env variable in extension loading
Date: Mon, 8 Jun 2026 08:24:43 -0700 [thread overview]
Message-ID: <20260608082443.7fc29529@phoenix.local> (raw)
In-Reply-To: <20260603053313.119342-1-denserg.edu@gmail.com>
On Wed, 3 Jun 2026 08:32:45 +0300
Denis Sergeev <denserg.edu@gmail.com> wrote:
> The ARK_EXT_PATH environment variable is passed to dlopen without
> verifying process privileges. In a setuid/setgid scenario, this
> could allow loading an arbitrary shared library with elevated
> privileges.
>
> Add a check that effective user/group IDs match real IDs before
> trusting the environment variable, consistent with the same
> protection already present in the mlx5 driver.
>
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
>
> Fixes: 727b3fe292bc ("net/ark: integrate PMD")
> Cc: stable@dpdk.org
>
> Signed-off-by: Denis Sergeev <denserg.edu@gmail.com>
Thanks for the report, but it makes no sense.
DPDK already load shared libraries via -d command line arg without
checking. And running DPDK application as setuid would be completely
unsafe. The startup is not hardened in anyway.
NAK
That said, it would be good if DPDK had some security documentation
about what the trust boundary is and what capabilities are needed.
next prev parent reply other threads:[~2026-06-08 15:24 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-03 5:26 [PATCH] net/ark: fix unsafe env variable in extension loading Denis Sergeev
2026-06-03 5:32 ` [PATCH v2] " Denis Sergeev
2026-06-08 15:24 ` Stephen Hemminger [this message]
2026-06-03 15:30 ` [PATCH] " Stephen Hemminger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260608082443.7fc29529@phoenix.local \
--to=stephen@networkplumber.org \
--cc=denserg.edu@gmail.com \
--cc=dev@dpdk.org \
--cc=ed.czeck@atomicrules.com \
--cc=john.miller@atomicrules.com \
--cc=sdl.dpdk@linuxtesting.org \
--cc=shepard.siegel@atomicrules.com \
--cc=stable@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.