This check prevents an obvious way for a vhost-user socket to escape the
intended directory.
There might be other ways to escape the directory (none comes to mind at
the moment), but this is a problem that should be properly solved by
mandatory access control.
A similar check is done for a bridge name, since that name is used as
part of a socket as well.
Signed-off-by: Daniele Di Proietto <diproiet...@vmware.com>
---
v2:
* Do not check for '..', as this doesn't really create a problem
* Document restriction in INSTALL.DPDK.md
* Also check for backward slash
* Drop next patch that unlinks the socket before creating it. As pointed
out by Ansis, it enables users deleting other sockets (db or management)
in the run directory
---
INSTALL.DPDK.md | 3 ++-
lib/netdev-dpdk.c | 16 ++++++++++++++--
2 files changed, 16 insertions(+), 3 deletions(-)
diff --git a/INSTALL.DPDK.md b/INSTALL.DPDK.md
index a19a685..c98de69 100644
--- a/INSTALL.DPDK.md
+++ b/INSTALL.DPDK.md
@@ -508,7 +508,8 @@ Adding DPDK vhost-user ports to the Switch:
Following the steps above to create a bridge, you can now add DPDK vhost-user
as a port to the vswitch. Unlike DPDK ring ports, DPDK vhost-user ports can
-have arbitrary names.
+have arbitrary names, except that forward and backward slashes are prohibited
+in the names.
- For vhost-user, the name of the port type is `dpdkvhostuser`
diff --git a/lib/netdev-dpdk.c b/lib/netdev-dpdk.c
index e4f789b..2e27adf 100644
--- a/lib/netdev-dpdk.c
+++ b/lib/netdev-dpdk.c
@@ -677,14 +677,26 @@ static int
netdev_dpdk_vhost_user_construct(struct netdev *netdev_)
{
struct netdev_dpdk *netdev = netdev_dpdk_cast(netdev_);
+ const char *name = netdev_->name;
int err;
+ /* 'name' is appended to 'vhost_sock_dir' and used to create a socket in
+ * the file system. '/' or '\' would traverse directories, so they're not
+ * acceptable in 'name'. */
+ if (strchr(name, '/') || strchr(name, '\\')) {
+ VLOG_ERR("\"%s\" is not a valid name for a vhost-user port. "
+ "A valid name must not include '/' or '\\'",
+ name);
+ return EINVAL;
+ }
+
ovs_mutex_lock(&dpdk_mutex);
/* Take the name of the vhost-user port and append it to the location where
* the socket is to be created, then register the socket.
*/
snprintf(netdev->vhost_id, sizeof(netdev->vhost_id), "%s/%s",
- vhost_sock_dir, netdev_->name);
+ vhost_sock_dir, name);
+
err = rte_vhost_driver_register(netdev->vhost_id);
if (err) {
VLOG_ERR("vhost-user socket device setup failure for socket %s\n",
@@ -692,7 +704,7 @@ netdev_dpdk_vhost_user_construct(struct netdev *netdev_)
} else {
fatal_signal_add_file_to_unlink(netdev->vhost_id);
VLOG_INFO("Socket %s created for vhost-user port %s\n",
- netdev->vhost_id, netdev_->name);
+ netdev->vhost_id, name);
err = vhost_construct_helper(netdev_);
}
--
2.1.4
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
