From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by dpdk.org (Postfix) with ESMTP id C78FA1B4CB; Wed, 3 Apr 2019 18:02:30 +0200 (CEST) X-Amp-Result: UNKNOWN X-Amp-Original-Verdict: FILE UNKNOWN X-Amp-File-Uploaded: False Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 03 Apr 2019 09:02:29 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.60,305,1549958400"; d="scan'208";a="146294963" Received: from bricha3-mobl.ger.corp.intel.com ([10.252.7.174]) by FMSMGA003.fm.intel.com with SMTP; 03 Apr 2019 09:02:27 -0700 Received: by (sSMTP sendmail emulation); Wed, 03 Apr 2019 17:02:26 +0100 Date: Wed, 3 Apr 2019 17:02:26 +0100 From: Bruce Richardson To: dev@dpdk.org Cc: anatoly.burakov@intel.com, stable@dpdk.org Message-ID: <20190403160226.GA1340@bricha3-MOBL.ger.corp.intel.com> References: <20190403160034.31176-1-bruce.richardson@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190403160034.31176-1-bruce.richardson@intel.com> User-Agent: Mutt/1.11.4 (2019-03-13) Subject: Re: [dpdk-dev] [PATCH] eal: tighten permissions on shared memory files X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Apr 2019 16:02:31 -0000 Adding stable@dpdk.org since this is suitable for backporting On Wed, Apr 03, 2019 at 05:00:34PM +0100, Bruce Richardson wrote: > When creating files on disk, e.g. for EAL configuration or shared memory > locks, etc., there is no need to grant any permissions on those files to > other users. All directories are already created with 0700 permissions, so > we should create all files with 0600 permissions. > CC: stable@dpdk.org > Signed-off-by: Bruce Richardson > --- > lib/librte_eal/freebsd/eal/eal.c | 2 +- > lib/librte_eal/freebsd/eal/eal_hugepage_info.c | 2 +- > lib/librte_eal/linux/eal/eal.c | 2 +- > lib/librte_eal/linux/eal/eal_hugepage_info.c | 2 +- > lib/librte_eal/linux/eal/eal_memory.c | 2 +- > 5 files changed, 5 insertions(+), 5 deletions(-) > > diff --git a/lib/librte_eal/freebsd/eal/eal.c b/lib/librte_eal/freebsd/eal/eal.c > index 790c6afa7..c6ac9028f 100644 > --- a/lib/librte_eal/freebsd/eal/eal.c > +++ b/lib/librte_eal/freebsd/eal/eal.c > @@ -227,7 +227,7 @@ rte_eal_config_create(void) > return; > > if (mem_cfg_fd < 0){ > - mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0660); > + mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0600); > if (mem_cfg_fd < 0) > rte_panic("Cannot open '%s' for rte_mem_config\n", pathname); > } > diff --git a/lib/librte_eal/freebsd/eal/eal_hugepage_info.c b/lib/librte_eal/freebsd/eal/eal_hugepage_info.c > index 1e8f5df23..32012e142 100644 > --- a/lib/librte_eal/freebsd/eal/eal_hugepage_info.c > +++ b/lib/librte_eal/freebsd/eal/eal_hugepage_info.c > @@ -22,7 +22,7 @@ static void * > map_shared_memory(const char *filename, const size_t mem_size, int flags) > { > void *retval; > - int fd = open(filename, flags, 0666); > + int fd = open(filename, flags, 0600); > if (fd < 0) > return NULL; > if (ftruncate(fd, mem_size) < 0) { > diff --git a/lib/librte_eal/linux/eal/eal.c b/lib/librte_eal/linux/eal/eal.c > index 75ed0cf10..f7ae62d7b 100644 > --- a/lib/librte_eal/linux/eal/eal.c > +++ b/lib/librte_eal/linux/eal/eal.c > @@ -320,7 +320,7 @@ rte_eal_config_create(void) > rte_mem_cfg_addr = NULL; > > if (mem_cfg_fd < 0){ > - mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0660); > + mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0600); > if (mem_cfg_fd < 0) > rte_panic("Cannot open '%s' for rte_mem_config\n", pathname); > } > diff --git a/lib/librte_eal/linux/eal/eal_hugepage_info.c b/lib/librte_eal/linux/eal/eal_hugepage_info.c > index ce3e99256..91a4fede7 100644 > --- a/lib/librte_eal/linux/eal/eal_hugepage_info.c > +++ b/lib/librte_eal/linux/eal/eal_hugepage_info.c > @@ -45,7 +45,7 @@ static void * > map_shared_memory(const char *filename, const size_t mem_size, int flags) > { > void *retval; > - int fd = open(filename, flags, 0666); > + int fd = open(filename, flags, 0600); > if (fd < 0) > return NULL; > if (ftruncate(fd, mem_size) < 0) { > diff --git a/lib/librte_eal/linux/eal/eal_memory.c b/lib/librte_eal/linux/eal/eal_memory.c > index 39cd359a0..319352521 100644 > --- a/lib/librte_eal/linux/eal/eal_memory.c > +++ b/lib/librte_eal/linux/eal/eal_memory.c > @@ -541,7 +541,7 @@ create_shared_memory(const char *filename, const size_t mem_size) > return retval; > } > > - fd = open(filename, O_CREAT | O_RDWR, 0666); > + fd = open(filename, O_CREAT | O_RDWR, 0600); > if (fd < 0) > return NULL; > if (ftruncate(fd, mem_size) < 0) { > -- > 2.20.1 > From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by dpdk.space (Postfix) with ESMTP id B46E0A0679 for ; Wed, 3 Apr 2019 18:02:32 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 5DDC91B4CC; Wed, 3 Apr 2019 18:02:32 +0200 (CEST) Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by dpdk.org (Postfix) with ESMTP id C78FA1B4CB; Wed, 3 Apr 2019 18:02:30 +0200 (CEST) X-Amp-Result: UNKNOWN X-Amp-Original-Verdict: FILE UNKNOWN X-Amp-File-Uploaded: False Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 03 Apr 2019 09:02:29 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.60,305,1549958400"; d="scan'208";a="146294963" Received: from bricha3-mobl.ger.corp.intel.com ([10.252.7.174]) by FMSMGA003.fm.intel.com with SMTP; 03 Apr 2019 09:02:27 -0700 Received: by (sSMTP sendmail emulation); Wed, 03 Apr 2019 17:02:26 +0100 Date: Wed, 3 Apr 2019 17:02:26 +0100 From: Bruce Richardson To: dev@dpdk.org Cc: anatoly.burakov@intel.com, stable@dpdk.org Message-ID: <20190403160226.GA1340@bricha3-MOBL.ger.corp.intel.com> References: <20190403160034.31176-1-bruce.richardson@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Disposition: inline In-Reply-To: <20190403160034.31176-1-bruce.richardson@intel.com> User-Agent: Mutt/1.11.4 (2019-03-13) Subject: Re: [dpdk-dev] [PATCH] eal: tighten permissions on shared memory files X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Message-ID: <20190403160226.tWvWA-JbaojmQwRuob81MXCIQLZvOkmdWodPF5HDydQ@z> Adding stable@dpdk.org since this is suitable for backporting On Wed, Apr 03, 2019 at 05:00:34PM +0100, Bruce Richardson wrote: > When creating files on disk, e.g. for EAL configuration or shared memory > locks, etc., there is no need to grant any permissions on those files to > other users. All directories are already created with 0700 permissions, so > we should create all files with 0600 permissions. > CC: stable@dpdk.org > Signed-off-by: Bruce Richardson > --- > lib/librte_eal/freebsd/eal/eal.c | 2 +- > lib/librte_eal/freebsd/eal/eal_hugepage_info.c | 2 +- > lib/librte_eal/linux/eal/eal.c | 2 +- > lib/librte_eal/linux/eal/eal_hugepage_info.c | 2 +- > lib/librte_eal/linux/eal/eal_memory.c | 2 +- > 5 files changed, 5 insertions(+), 5 deletions(-) > > diff --git a/lib/librte_eal/freebsd/eal/eal.c b/lib/librte_eal/freebsd/eal/eal.c > index 790c6afa7..c6ac9028f 100644 > --- a/lib/librte_eal/freebsd/eal/eal.c > +++ b/lib/librte_eal/freebsd/eal/eal.c > @@ -227,7 +227,7 @@ rte_eal_config_create(void) > return; > > if (mem_cfg_fd < 0){ > - mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0660); > + mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0600); > if (mem_cfg_fd < 0) > rte_panic("Cannot open '%s' for rte_mem_config\n", pathname); > } > diff --git a/lib/librte_eal/freebsd/eal/eal_hugepage_info.c b/lib/librte_eal/freebsd/eal/eal_hugepage_info.c > index 1e8f5df23..32012e142 100644 > --- a/lib/librte_eal/freebsd/eal/eal_hugepage_info.c > +++ b/lib/librte_eal/freebsd/eal/eal_hugepage_info.c > @@ -22,7 +22,7 @@ static void * > map_shared_memory(const char *filename, const size_t mem_size, int flags) > { > void *retval; > - int fd = open(filename, flags, 0666); > + int fd = open(filename, flags, 0600); > if (fd < 0) > return NULL; > if (ftruncate(fd, mem_size) < 0) { > diff --git a/lib/librte_eal/linux/eal/eal.c b/lib/librte_eal/linux/eal/eal.c > index 75ed0cf10..f7ae62d7b 100644 > --- a/lib/librte_eal/linux/eal/eal.c > +++ b/lib/librte_eal/linux/eal/eal.c > @@ -320,7 +320,7 @@ rte_eal_config_create(void) > rte_mem_cfg_addr = NULL; > > if (mem_cfg_fd < 0){ > - mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0660); > + mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0600); > if (mem_cfg_fd < 0) > rte_panic("Cannot open '%s' for rte_mem_config\n", pathname); > } > diff --git a/lib/librte_eal/linux/eal/eal_hugepage_info.c b/lib/librte_eal/linux/eal/eal_hugepage_info.c > index ce3e99256..91a4fede7 100644 > --- a/lib/librte_eal/linux/eal/eal_hugepage_info.c > +++ b/lib/librte_eal/linux/eal/eal_hugepage_info.c > @@ -45,7 +45,7 @@ static void * > map_shared_memory(const char *filename, const size_t mem_size, int flags) > { > void *retval; > - int fd = open(filename, flags, 0666); > + int fd = open(filename, flags, 0600); > if (fd < 0) > return NULL; > if (ftruncate(fd, mem_size) < 0) { > diff --git a/lib/librte_eal/linux/eal/eal_memory.c b/lib/librte_eal/linux/eal/eal_memory.c > index 39cd359a0..319352521 100644 > --- a/lib/librte_eal/linux/eal/eal_memory.c > +++ b/lib/librte_eal/linux/eal/eal_memory.c > @@ -541,7 +541,7 @@ create_shared_memory(const char *filename, const size_t mem_size) > return retval; > } > > - fd = open(filename, O_CREAT | O_RDWR, 0666); > + fd = open(filename, O_CREAT | O_RDWR, 0600); > if (fd < 0) > return NULL; > if (ftruncate(fd, mem_size) < 0) { > -- > 2.20.1 >