From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id B913BA046B for ; Tue, 23 Jul 2019 18:38:44 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 717081C06C; Tue, 23 Jul 2019 18:38:44 +0200 (CEST) Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-eopbgr30073.outbound.protection.outlook.com [40.107.3.73]) by dpdk.org (Postfix) with ESMTP id C18B71C06C for ; Tue, 23 Jul 2019 18:38:43 +0200 (CEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KRrjbhLUNO7sG8HoDJmX/d2DLLompW3EYepbuz/7meHrttvaWJA0qb55kfHe5JGaLBjnT5PFE5YdGOBnLAy4Xti54FeCKXA+TfZ/Pu30WY0cw2ZjNpk+Ktlj1G40OkNRdmoR/sq4iQQ1nF3OTKK4oHAxuN6G79WKHPVPMavDwin8ZNDVEwt3T5bL1L/vTrGTzzrR25iwF9Xi7N00LhsNNOXonO3t1M05PXhd3LUe48UFSp39oE3ngopbry9xsN5i/YqS13E2NzkL2C9p6puUmTr+xG8lroj3sj8DMdxmJ42TsSqQUwiLLSvEDfr3RqVzrGxX/tm5WHTaPSCA9lD5dA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=w4mDDkosUiAjMuad0omraQmiCASwFx492LeyF7KvUh4=; b=UyIlz7XzlOER5kwzAzrfRN/A9U15JgCj1oCdWTQ3bhnsoWM9ebDUqEn6laUN8HVA43kNSMuHx2yshhUR4ceOb0+HSHJZ8AEYHUMHhLaN6pVlx6Ikd03EFXu5QLHePUFf2CYHYlscOoOBgjfqPVUFn5tX88QgHk9N3b7K3mpuLIf6uaB2SxxLNs2dPyHz735dGZZLj4RYQ9OMILWTuWKQYWRDh1YzTwPdNFl21gB3B/OKFeQ66CQzDvlmaMvGahyZibix2IjSfY4jCa3+fwWLmP5g2KFF78glDNSNPvSYaD1yJIpj9j9DrvPWKKfqQG8eqVC10au2s6Gmzvj3fBMG+w== ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=mellanox.com;dmarc=pass action=none header.from=mellanox.com;dkim=pass header.d=mellanox.com;arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Mellanox.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=w4mDDkosUiAjMuad0omraQmiCASwFx492LeyF7KvUh4=; b=pMDz81TwURWEKD3CAIldACYin3R4rt1mJ91X0Z9IhTXWxZ4BLurxgVBSRbyNuKTyG/MZiY+LaViOHGNfJZUEQpSDk8/UuDUfBAgXF+2FhTw9NNkupxlZF3LsAicxCA/i9GXFi5lLrkptVPEQnmV7HHyBTrrsAc9BepkE6lcEoXk= Received: from DB3PR0502MB3980.eurprd05.prod.outlook.com (52.134.72.27) by DB3PR0502MB4028.eurprd05.prod.outlook.com (52.134.68.143) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2094.15; Tue, 23 Jul 2019 16:38:42 +0000 Received: from DB3PR0502MB3980.eurprd05.prod.outlook.com ([fe80::69c1:c0d7:1fa1:f89f]) by DB3PR0502MB3980.eurprd05.prod.outlook.com ([fe80::69c1:c0d7:1fa1:f89f%6]) with mapi id 15.20.2094.013; Tue, 23 Jul 2019 16:38:41 +0000 From: Yongseok Koh To: Bruce Richardson CC: "stable@dpdk.org" Thread-Topic: [dpdk-stable] [17.11] eal: tighten permissions on shared memory files Thread-Index: AQHVQUUDHgTuBTBkcE2X95UAA09rEKbYZ6GA Date: Tue, 23 Jul 2019 16:38:41 +0000 Message-ID: <19BFFE2F-B41F-487E-B911-74C615E12075@mellanox.com> References: <20190723105422.57339-1-bruce.richardson@intel.com> In-Reply-To: <20190723105422.57339-1-bruce.richardson@intel.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=yskoh@mellanox.com; x-originating-ip: [209.116.155.178] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: a4d43230-3b1a-4974-d57e-08d70f8c38a6 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020); SRVR:DB3PR0502MB4028; x-ms-traffictypediagnostic: DB3PR0502MB4028: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:538; x-forefront-prvs: 0107098B6C x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(366004)(396003)(376002)(39860400002)(136003)(346002)(189003)(199004)(6436002)(6486002)(76176011)(5660300002)(53936002)(3846002)(6116002)(66946007)(99286004)(86362001)(33656002)(6512007)(476003)(4326008)(6506007)(6246003)(2616005)(446003)(11346002)(186003)(26005)(486006)(36756003)(53546011)(102836004)(14444005)(229853002)(8936002)(25786009)(68736007)(66066001)(256004)(478600001)(14454004)(76116006)(316002)(2906002)(66446008)(64756008)(66556008)(81166006)(66476007)(81156014)(91956017)(6916009)(305945005)(71190400001)(71200400001)(7736002); DIR:OUT; SFP:1101; SCL:1; SRVR:DB3PR0502MB4028; H:DB3PR0502MB3980.eurprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; received-spf: None (protection.outlook.com: mellanox.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: wkF9KpMFwgraj3SjdQvpQ8+jbhD5TTuW8JXcq9W7h8hZ8xVEboRSrMj1A31xmutdGW+URsG1oj8u1qYtopNoID4mjURm2j9dFAP6rgrmxbfmcXCK2LiAdpzIjeL2BYx6bOe9hwLb8F4K4LY/9G0wnabmPgqfjyV2NXD6G7nkyv99ZaXt/aBYZZrp5cS+rqmEH9a6+i9twpPCOU98Ae9yDK9fZ6wTH00GV0LQ/6csBEZJ36iIxEr5eFYatQp0LQ5YCt4cNq9gU4+xMvUnOP6aY0uA7YThSa7IcLcXXYOKI4Mw/FxfEg7K4GCQcIG/ZfGHs/Vqdx9ElpbHhMYNdDezUtTxHRZFEiY+I2OHiOgzgfyIN6hEbVIqWcoAvmpSUFI7oq+2Non/OtednxiFGDFg87eA6tkewdt3feDiteDsw+E= Content-Type: text/plain; charset="us-ascii" Content-ID: <7631D3B42921DB4FB6D0FDF2EFE8FB1C@eurprd05.prod.outlook.com> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: Mellanox.com X-MS-Exchange-CrossTenant-Network-Message-Id: a4d43230-3b1a-4974-d57e-08d70f8c38a6 X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Jul 2019 16:38:41.5181 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: a652971c-7d2e-4d9b-a6a4-d149256f461b X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: yskoh@mellanox.com X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB3PR0502MB4028 Subject: Re: [dpdk-stable] [17.11] eal: tighten permissions on shared memory files X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Sender: "stable" > On Jul 23, 2019, at 3:54 AM, Bruce Richardson wrote: >=20 > When creating files on disk, e.g. for EAL configuration or shared memory > locks, etc., there is no need to grant any permissions on those files to > other users. All directories are already created with 0700 permissions, s= o > we should create all files with 0600 permissions. >=20 > Cc: stable@dpdk.org >=20 > Signed-off-by: Bruce Richardson > --- Applied to stable/17.11. Bruce, did you receive my email requesting backport and then send this back= port? I can't see the mail I sent, either in my mailbox or community archive. Looks it is being blocked or missing. I'll have to send it out again... Thanks, Yongseok > lib/librte_eal/bsdapp/eal/eal.c | 2 +- > lib/librte_eal/bsdapp/eal/eal_hugepage_info.c | 2 +- > lib/librte_eal/linuxapp/eal/eal.c | 2 +- > lib/librte_eal/linuxapp/eal/eal_memory.c | 2 +- > 4 files changed, 4 insertions(+), 4 deletions(-) >=20 > diff --git a/lib/librte_eal/bsdapp/eal/eal.c b/lib/librte_eal/bsdapp/eal/= eal.c > index 369a682a8..f5d8a77f6 100644 > --- a/lib/librte_eal/bsdapp/eal/eal.c > +++ b/lib/librte_eal/bsdapp/eal/eal.c > @@ -180,7 +180,7 @@ rte_eal_config_create(void) > return; >=20 > if (mem_cfg_fd < 0){ > - mem_cfg_fd =3D open(pathname, O_RDWR | O_CREAT, 0660); > + mem_cfg_fd =3D open(pathname, O_RDWR | O_CREAT, 0600); > if (mem_cfg_fd < 0) > rte_panic("Cannot open '%s' for rte_mem_config\n", pathname); > } > diff --git a/lib/librte_eal/bsdapp/eal/eal_hugepage_info.c b/lib/librte_e= al/bsdapp/eal/eal_hugepage_info.c > index 8a33c30c5..80b221071 100644 > --- a/lib/librte_eal/bsdapp/eal/eal_hugepage_info.c > +++ b/lib/librte_eal/bsdapp/eal/eal_hugepage_info.c > @@ -51,7 +51,7 @@ static void * > create_shared_memory(const char *filename, const size_t mem_size) > { > void *retval; > - int fd =3D open(filename, O_CREAT | O_RDWR, 0666); > + int fd =3D open(filename, O_CREAT | O_RDWR, 0600); > if (fd < 0) > return NULL; > if (ftruncate(fd, mem_size) < 0) { > diff --git a/lib/librte_eal/linuxapp/eal/eal.c b/lib/librte_eal/linuxapp/= eal/eal.c > index e6a733138..c6308a1ca 100644 > --- a/lib/librte_eal/linuxapp/eal/eal.c > +++ b/lib/librte_eal/linuxapp/eal/eal.c > @@ -198,7 +198,7 @@ rte_eal_config_create(void) > rte_mem_cfg_addr =3D NULL; >=20 > if (mem_cfg_fd < 0){ > - mem_cfg_fd =3D open(pathname, O_RDWR | O_CREAT, 0660); > + mem_cfg_fd =3D open(pathname, O_RDWR | O_CREAT, 0600); > if (mem_cfg_fd < 0) > rte_panic("Cannot open '%s' for rte_mem_config\n", pathname); > } > diff --git a/lib/librte_eal/linuxapp/eal/eal_memory.c b/lib/librte_eal/li= nuxapp/eal/eal_memory.c > index f1938ecfc..f3635373b 100644 > --- a/lib/librte_eal/linuxapp/eal/eal_memory.c > +++ b/lib/librte_eal/linuxapp/eal/eal_memory.c > @@ -740,7 +740,7 @@ static void * > create_shared_memory(const char *filename, const size_t mem_size) > { > void *retval; > - int fd =3D open(filename, O_CREAT | O_RDWR, 0666); > + int fd =3D open(filename, O_CREAT | O_RDWR, 0600); > if (fd < 0) > return NULL; > if (ftruncate(fd, mem_size) < 0) { > --=20 > 2.21.0 >=20