From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-bounces@dpdk.org>
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by dpdk.space (Postfix) with ESMTP id 7811FA05D3
	for <public@inbox.dpdk.org>; Thu, 25 Apr 2019 17:41:58 +0200 (CEST)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id 703671B5FD;
	Thu, 25 Apr 2019 17:41:58 +0200 (CEST)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
 by dpdk.org (Postfix) with ESMTP id BA9C51B600
 for <stable@dpdk.org>; Thu, 25 Apr 2019 17:41:56 +0200 (CEST)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
 [10.5.11.14])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.redhat.com (Postfix) with ESMTPS id 2F9173091D52;
 Thu, 25 Apr 2019 15:41:56 +0000 (UTC)
Received: from rh.redhat.com (unknown [10.36.116.255])
 by smtp.corp.redhat.com (Postfix) with ESMTP id 53A0C5D9D1;
 Thu, 25 Apr 2019 15:41:55 +0000 (UTC)
From: Kevin Traynor <ktraynor@redhat.com>
To: Bruce Richardson <bruce.richardson@intel.com>
Cc: dpdk stable <stable@dpdk.org>
Date: Thu, 25 Apr 2019 16:40:22 +0100
Message-Id: <20190425154037.28778-47-ktraynor@redhat.com>
In-Reply-To: <20190425154037.28778-1-ktraynor@redhat.com>
References: <20190425154037.28778-1-ktraynor@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
 (mx1.redhat.com [10.5.110.42]); Thu, 25 Apr 2019 15:41:56 +0000 (UTC)
Subject: [dpdk-stable] patch 'eal: tighten permissions on shared memory
	files' has been queued to LTS release 18.11.2
X-BeenThere: stable@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: patches for DPDK stable branches <stable.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/stable>,
 <mailto:stable-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/stable/>
List-Post: <mailto:stable@dpdk.org>
List-Help: <mailto:stable-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/stable>,
 <mailto:stable-request@dpdk.org?subject=subscribe>
Errors-To: stable-bounces@dpdk.org
Sender: "stable" <stable-bounces@dpdk.org>

Hi,

FYI, your patch has been queued to LTS release 18.11.2

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 05/01/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches can be viewed on the 18.11 branch at:
	https://github.com/kevintraynor/dpdk-stable-queue.git

Thanks.

Kevin Traynor

---
>From a938ac708f813dd74a1e7db7c6b64479acabdc13 Mon Sep 17 00:00:00 2001
From: Bruce Richardson <bruce.richardson@intel.com>
Date: Wed, 3 Apr 2019 17:00:34 +0100
Subject: [PATCH] eal: tighten permissions on shared memory files

[ upstream commit 70d284ab8262e81600d76456c7819af2913aa164 ]

When creating files on disk, e.g. for EAL configuration or shared memory
locks, etc., there is no need to grant any permissions on those files to
other users. All directories are already created with 0700 permissions, so
we should create all files with 0600 permissions.

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
---
 lib/librte_eal/bsdapp/eal/eal.c                 | 2 +-
 lib/librte_eal/bsdapp/eal/eal_hugepage_info.c   | 2 +-
 lib/librte_eal/linuxapp/eal/eal.c               | 2 +-
 lib/librte_eal/linuxapp/eal/eal_hugepage_info.c | 2 +-
 lib/librte_eal/linuxapp/eal/eal_memory.c        | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/lib/librte_eal/bsdapp/eal/eal.c b/lib/librte_eal/bsdapp/eal/eal.c
index 26c31a236..bfac7fdc9 100644
--- a/lib/librte_eal/bsdapp/eal/eal.c
+++ b/lib/librte_eal/bsdapp/eal/eal.c
@@ -228,5 +228,5 @@ rte_eal_config_create(void)
 
 	if (mem_cfg_fd < 0){
-		mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0660);
+		mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0600);
 		if (mem_cfg_fd < 0)
 			rte_panic("Cannot open '%s' for rte_mem_config\n", pathname);
diff --git a/lib/librte_eal/bsdapp/eal/eal_hugepage_info.c b/lib/librte_eal/bsdapp/eal/eal_hugepage_info.c
index 1e8f5df23..32012e142 100644
--- a/lib/librte_eal/bsdapp/eal/eal_hugepage_info.c
+++ b/lib/librte_eal/bsdapp/eal/eal_hugepage_info.c
@@ -23,5 +23,5 @@ map_shared_memory(const char *filename, const size_t mem_size, int flags)
 {
 	void *retval;
-	int fd = open(filename, flags, 0666);
+	int fd = open(filename, flags, 0600);
 	if (fd < 0)
 		return NULL;
diff --git a/lib/librte_eal/linuxapp/eal/eal.c b/lib/librte_eal/linuxapp/eal/eal.c
index 479071260..58124195b 100644
--- a/lib/librte_eal/linuxapp/eal/eal.c
+++ b/lib/librte_eal/linuxapp/eal/eal.c
@@ -321,5 +321,5 @@ rte_eal_config_create(void)
 
 	if (mem_cfg_fd < 0){
-		mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0660);
+		mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0600);
 		if (mem_cfg_fd < 0)
 			rte_panic("Cannot open '%s' for rte_mem_config\n", pathname);
diff --git a/lib/librte_eal/linuxapp/eal/eal_hugepage_info.c b/lib/librte_eal/linuxapp/eal/eal_hugepage_info.c
index 0eab1cf71..6e898c249 100644
--- a/lib/librte_eal/linuxapp/eal/eal_hugepage_info.c
+++ b/lib/librte_eal/linuxapp/eal/eal_hugepage_info.c
@@ -46,5 +46,5 @@ map_shared_memory(const char *filename, const size_t mem_size, int flags)
 {
 	void *retval;
-	int fd = open(filename, flags, 0666);
+	int fd = open(filename, flags, 0600);
 	if (fd < 0)
 		return NULL;
diff --git a/lib/librte_eal/linuxapp/eal/eal_memory.c b/lib/librte_eal/linuxapp/eal/eal_memory.c
index 788aed25d..ee5f6613b 100644
--- a/lib/librte_eal/linuxapp/eal/eal_memory.c
+++ b/lib/librte_eal/linuxapp/eal/eal_memory.c
@@ -538,5 +538,5 @@ create_shared_memory(const char *filename, const size_t mem_size)
 	}
 
-	fd = open(filename, O_CREAT | O_RDWR, 0666);
+	fd = open(filename, O_CREAT | O_RDWR, 0600);
 	if (fd < 0)
 		return NULL;
-- 
2.20.1

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-04-25 16:37:48.774071477 +0100
+++ 0047-eal-tighten-permissions-on-shared-memory-files.patch	2019-04-25 16:37:46.764294515 +0100
@@ -1 +1 @@
-From 70d284ab8262e81600d76456c7819af2913aa164 Mon Sep 17 00:00:00 2001
+From a938ac708f813dd74a1e7db7c6b64479acabdc13 Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit 70d284ab8262e81600d76456c7819af2913aa164 ]
+
@@ -11,2 +12,0 @@
-Cc: stable@dpdk.org
-
@@ -15,5 +15,5 @@
- lib/librte_eal/freebsd/eal/eal.c               | 2 +-
- lib/librte_eal/freebsd/eal/eal_hugepage_info.c | 2 +-
- lib/librte_eal/linux/eal/eal.c                 | 2 +-
- lib/librte_eal/linux/eal/eal_hugepage_info.c   | 2 +-
- lib/librte_eal/linux/eal/eal_memory.c          | 2 +-
+ lib/librte_eal/bsdapp/eal/eal.c                 | 2 +-
+ lib/librte_eal/bsdapp/eal/eal_hugepage_info.c   | 2 +-
+ lib/librte_eal/linuxapp/eal/eal.c               | 2 +-
+ lib/librte_eal/linuxapp/eal/eal_hugepage_info.c | 2 +-
+ lib/librte_eal/linuxapp/eal/eal_memory.c        | 2 +-
@@ -22,4 +22,4 @@
-diff --git a/lib/librte_eal/freebsd/eal/eal.c b/lib/librte_eal/freebsd/eal/eal.c
-index 790c6afa7..c6ac9028f 100644
---- a/lib/librte_eal/freebsd/eal/eal.c
-+++ b/lib/librte_eal/freebsd/eal/eal.c
+diff --git a/lib/librte_eal/bsdapp/eal/eal.c b/lib/librte_eal/bsdapp/eal/eal.c
+index 26c31a236..bfac7fdc9 100644
+--- a/lib/librte_eal/bsdapp/eal/eal.c
++++ b/lib/librte_eal/bsdapp/eal/eal.c
@@ -33 +33 @@
-diff --git a/lib/librte_eal/freebsd/eal/eal_hugepage_info.c b/lib/librte_eal/freebsd/eal/eal_hugepage_info.c
+diff --git a/lib/librte_eal/bsdapp/eal/eal_hugepage_info.c b/lib/librte_eal/bsdapp/eal/eal_hugepage_info.c
@@ -35,2 +35,2 @@
---- a/lib/librte_eal/freebsd/eal/eal_hugepage_info.c
-+++ b/lib/librte_eal/freebsd/eal/eal_hugepage_info.c
+--- a/lib/librte_eal/bsdapp/eal/eal_hugepage_info.c
++++ b/lib/librte_eal/bsdapp/eal/eal_hugepage_info.c
@@ -44,4 +44,4 @@
-diff --git a/lib/librte_eal/linux/eal/eal.c b/lib/librte_eal/linux/eal/eal.c
-index 75ed0cf10..f7ae62d7b 100644
---- a/lib/librte_eal/linux/eal/eal.c
-+++ b/lib/librte_eal/linux/eal/eal.c
+diff --git a/lib/librte_eal/linuxapp/eal/eal.c b/lib/librte_eal/linuxapp/eal/eal.c
+index 479071260..58124195b 100644
+--- a/lib/librte_eal/linuxapp/eal/eal.c
++++ b/lib/librte_eal/linuxapp/eal/eal.c
@@ -55,4 +55,4 @@
-diff --git a/lib/librte_eal/linux/eal/eal_hugepage_info.c b/lib/librte_eal/linux/eal/eal_hugepage_info.c
-index ce3e99256..91a4fede7 100644
---- a/lib/librte_eal/linux/eal/eal_hugepage_info.c
-+++ b/lib/librte_eal/linux/eal/eal_hugepage_info.c
+diff --git a/lib/librte_eal/linuxapp/eal/eal_hugepage_info.c b/lib/librte_eal/linuxapp/eal/eal_hugepage_info.c
+index 0eab1cf71..6e898c249 100644
+--- a/lib/librte_eal/linuxapp/eal/eal_hugepage_info.c
++++ b/lib/librte_eal/linuxapp/eal/eal_hugepage_info.c
@@ -66,5 +66,5 @@
-diff --git a/lib/librte_eal/linux/eal/eal_memory.c b/lib/librte_eal/linux/eal/eal_memory.c
-index 39cd359a0..319352521 100644
---- a/lib/librte_eal/linux/eal/eal_memory.c
-+++ b/lib/librte_eal/linux/eal/eal_memory.c
-@@ -542,5 +542,5 @@ create_shared_memory(const char *filename, const size_t mem_size)
+diff --git a/lib/librte_eal/linuxapp/eal/eal_memory.c b/lib/librte_eal/linuxapp/eal/eal_memory.c
+index 788aed25d..ee5f6613b 100644
+--- a/lib/librte_eal/linuxapp/eal/eal_memory.c
++++ b/lib/librte_eal/linuxapp/eal/eal_memory.c
+@@ -538,5 +538,5 @@ create_shared_memory(const char *filename, const size_t mem_size)