On Wed, 3 Jun 2026 08:26:00 +0300
Denis Sergeev <[email protected]> wrote:
> diff --git a/drivers/net/ark/ark_ethdev.c b/drivers/net/ark/ark_ethdev.c
> index 8b25ed948f..e25478103b 100644
> --- a/drivers/net/ark/ark_ethdev.c
> +++ b/drivers/net/ark/ark_ethdev.c
> @@ -211,9 +211,19 @@ static int
> check_for_ext(struct ark_adapter *ark)
> {
> int found = 0;
> + const char *dllpath;
> +
> + /*
> + * A basic security check is necessary before trusting
> + * ARK_EXT_PATH environment variable.
> + */
> + if (geteuid() != getuid() || getegid() != getgid()) {
> + ARK_PMD_LOG(DEBUG, "EXT ignoring ARK_EXT_PATH under
> setuid/setgid\n");
> + return 0;
> + }
>
DPDK may be run in containers. This would break that.
The whole dlopen extension stuff in this driver is rubbish and should not have
been allowed in.
It creates testing and security nightmares.
