[PATCH v2] net/ark: fix unsafe env variable in extension loading

Stephen Hemminger stephen at networkplumber.org
Mon Jun 8 17:24:43 CEST 2026

Previous message (by thread): [PATCH v2] net/ark: fix unsafe env variable in extension loading
Next message (by thread): [PATCH] net/ark: fix unsafe env variable in extension loading
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed,  3 Jun 2026 08:32:45 +0300
Denis Sergeev <denserg.edu at gmail.com> wrote:

> The ARK_EXT_PATH environment variable is passed to dlopen without
> verifying process privileges. In a setuid/setgid scenario, this
> could allow loading an arbitrary shared library with elevated
> privileges.
> 
> Add a check that effective user/group IDs match real IDs before
> trusting the environment variable, consistent with the same
> protection already present in the mlx5 driver.
> 
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
> 
> Fixes: 727b3fe292bc ("net/ark: integrate PMD")
> Cc: stable at dpdk.org
> 
> Signed-off-by: Denis Sergeev <denserg.edu at gmail.com>

Thanks for the report, but it makes no sense.
DPDK already load shared libraries via -d command line arg without
checking. And running DPDK application as setuid would be completely
unsafe. The startup is not hardened in anyway.

NAK

That said, it would be good if DPDK had some security documentation
about what the trust boundary is and what capabilities are needed.

Previous message (by thread): [PATCH v2] net/ark: fix unsafe env variable in extension loading
Next message (by thread): [PATCH] net/ark: fix unsafe env variable in extension loading
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list