From 70d284ab8262e81600d76456c7819af2913aa164 Mon Sep 17 00:00:00 2001 From: Bruce Richardson Date: Wed, 3 Apr 2019 17:00:34 +0100 Subject: [PATCH] eal: tighten permissions on shared memory files When creating files on disk, e.g. for EAL configuration or shared memory locks, etc., there is no need to grant any permissions on those files to other users. All directories are already created with 0700 permissions, so we should create all files with 0600 permissions. Cc: stable@dpdk.org Signed-off-by: Bruce Richardson --- lib/librte_eal/freebsd/eal/eal.c | 2 +- lib/librte_eal/freebsd/eal/eal_hugepage_info.c | 2 +- lib/librte_eal/linux/eal/eal.c | 2 +- lib/librte_eal/linux/eal/eal_hugepage_info.c | 2 +- lib/librte_eal/linux/eal/eal_memory.c | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/lib/librte_eal/freebsd/eal/eal.c b/lib/librte_eal/freebsd/eal/eal.c index 790c6afa70..c6ac9028fa 100644 --- a/lib/librte_eal/freebsd/eal/eal.c +++ b/lib/librte_eal/freebsd/eal/eal.c @@ -227,7 +227,7 @@ rte_eal_config_create(void) return; if (mem_cfg_fd < 0){ - mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0660); + mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0600); if (mem_cfg_fd < 0) rte_panic("Cannot open '%s' for rte_mem_config\n", pathname); } diff --git a/lib/librte_eal/freebsd/eal/eal_hugepage_info.c b/lib/librte_eal/freebsd/eal/eal_hugepage_info.c index 1e8f5df234..32012e1427 100644 --- a/lib/librte_eal/freebsd/eal/eal_hugepage_info.c +++ b/lib/librte_eal/freebsd/eal/eal_hugepage_info.c @@ -22,7 +22,7 @@ static void * map_shared_memory(const char *filename, const size_t mem_size, int flags) { void *retval; - int fd = open(filename, flags, 0666); + int fd = open(filename, flags, 0600); if (fd < 0) return NULL; if (ftruncate(fd, mem_size) < 0) { diff --git a/lib/librte_eal/linux/eal/eal.c b/lib/librte_eal/linux/eal/eal.c index 75ed0cf102..f7ae62d7b1 100644 --- a/lib/librte_eal/linux/eal/eal.c +++ b/lib/librte_eal/linux/eal/eal.c @@ -320,7 +320,7 @@ rte_eal_config_create(void) rte_mem_cfg_addr = NULL; if (mem_cfg_fd < 0){ - mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0660); + mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0600); if (mem_cfg_fd < 0) rte_panic("Cannot open '%s' for rte_mem_config\n", pathname); } diff --git a/lib/librte_eal/linux/eal/eal_hugepage_info.c b/lib/librte_eal/linux/eal/eal_hugepage_info.c index ce3e99256a..91a4fede76 100644 --- a/lib/librte_eal/linux/eal/eal_hugepage_info.c +++ b/lib/librte_eal/linux/eal/eal_hugepage_info.c @@ -45,7 +45,7 @@ static void * map_shared_memory(const char *filename, const size_t mem_size, int flags) { void *retval; - int fd = open(filename, flags, 0666); + int fd = open(filename, flags, 0600); if (fd < 0) return NULL; if (ftruncate(fd, mem_size) < 0) { diff --git a/lib/librte_eal/linux/eal/eal_memory.c b/lib/librte_eal/linux/eal/eal_memory.c index 39cd359a03..319352521e 100644 --- a/lib/librte_eal/linux/eal/eal_memory.c +++ b/lib/librte_eal/linux/eal/eal_memory.c @@ -541,7 +541,7 @@ create_shared_memory(const char *filename, const size_t mem_size) return retval; } - fd = open(filename, O_CREAT | O_RDWR, 0666); + fd = open(filename, O_CREAT | O_RDWR, 0600); if (fd < 0) return NULL; if (ftruncate(fd, mem_size) < 0) { -- 2.20.1