[PATCH 3/3] eal/linux: Check hugepage access permissions

[Stephen Hemminger]

Please don't split message a across multiple lines.
Open and access are not the same in all security checks, so not a great
idea.
Some analyzer tools may flag as time of check, time of use issue.

On Wed, May 7, 2025, 02:50 Jake Freeland <jfree at freebsd.org> wrote:

> Currently, hugepage mountpoints will be used irrespective of permissions,
> leading to potential EACCES errors during memory allocation. Fix this by
> not using a mountpoint if we do not have read/write permissions on it.
>
> Signed-off-by: Jake Freeland <jfree at FreeBSD.org>
> ---
>  lib/eal/linux/eal_hugepage_info.c | 6 ++++++
>  1 file changed, 6 insertions(+)
>
> diff --git a/lib/eal/linux/eal_hugepage_info.c
> b/lib/eal/linux/eal_hugepage_info.c
> index d47a19c56a..dbfa38b05c 100644
> --- a/lib/eal/linux/eal_hugepage_info.c
> +++ b/lib/eal/linux/eal_hugepage_info.c
> @@ -260,6 +260,12 @@ get_hugepage_dir(uint64_t hugepage_sz, char *hugedir,
> int len)
>                                 continue;
>                 }
>
> +               if (access(splitstr[MOUNTPT], R_OK | W_OK) < 0) {
> +                       EAL_LOG(NOTICE, "Missing r/w permissions on huge
> dir: "
> +                           "'%s'. Skipping it", splitstr[MOUNTPT]);
> +                       continue;
> +               }
> +
>                 /*
>                  * If no --huge-dir option has been given, we're done.
>                  */
> -
>

>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mails.dpdk.org/archives/dev/attachments/20250507/acf913c9/attachment.htm>