2015-12-02 18:07, Stephen Hemminger: > On Thu, 12 Nov 2015 16:52:32 +0100 > Thomas Monjalon <thomas.monjalon at 6wind.com> wrote: > > > > > This mini-series adds support for driver directory concept > > > > based on idea by Thomas Monjalon back in February: > > > > http://dpdk.org/ml/archives/dev/2015-February/013285.html > > > > > > > > In the process FreeBSD also gains plugin support (but untested). > > > > > > > > v4: - introduce error-early behavior for invalid plugin paths > > > > - support directories via the existing -d option instead of adding > > > > new > > > > > > > > v3: - merge the first commits > > > > > > > > v2: - move code to eal/common > > > > - add bsd support > > > > > > > > Panu Matilainen (2): > > > > eal: move plugin loading to eal/common > > > > eal: add support for driver directory concept > > > > > > > > > checkpatch complains for some indent problem (Thomas, can you fix this ?), > > > but the rest looks good to me. > > > > > > Acked-by: David Marchand <david.marchand at 6wind.com> > > > > > > Thanks Panu. > > > > Applied, thanks > > This patch introduces a new issue reported by Coverity. > > The root cause of the problem is that you are checking that it s a directory > first with stat > then calling dlopen(). I malicious entity could get between the stat and the > dlopen.
I think it is a false positive. The aim of loading every files in the directory is out of a security scope IMHO.
