eal: tighten permissions on shared memory files

When creating files on disk, e.g. for EAL configuration or shared memory
locks, etc., there is no need to grant any permissions on those files to
other users. All directories are already created with 0700 permissions, so
we should create all files with 0600 permissions.

Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>

diff --git a/lib/librte_eal/freebsd/eal/eal.c b/lib/librte_eal/freebsd/eal/eal.c
index 790c6af..c6ac902 100644 (file)
--- a/lib/librte_eal/freebsd/eal/eal.c
+++ b/lib/librte_eal/freebsd/eal/eal.c
@@ -227,7 +227,7 @@ rte_eal_config_create(void)
                return;
 
        if (mem_cfg_fd < 0){
-               mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0660);
+               mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0600);
                if (mem_cfg_fd < 0)
                        rte_panic("Cannot open '%s' for rte_mem_config\n", pathname);
        }

diff --git a/lib/librte_eal/freebsd/eal/eal_hugepage_info.c b/lib/librte_eal/freebsd/eal/eal_hugepage_info.c
index 1e8f5df..32012e1 100644 (file)
--- a/lib/librte_eal/freebsd/eal/eal_hugepage_info.c
+++ b/lib/librte_eal/freebsd/eal/eal_hugepage_info.c
@@ -22,7 +22,7 @@ static void *
 map_shared_memory(const char *filename, const size_t mem_size, int flags)
 {
        void *retval;
-       int fd = open(filename, flags, 0666);
+       int fd = open(filename, flags, 0600);
        if (fd < 0)
                return NULL;
        if (ftruncate(fd, mem_size) < 0) {

diff --git a/lib/librte_eal/linux/eal/eal.c b/lib/librte_eal/linux/eal/eal.c
index 75ed0cf..f7ae62d 100644 (file)
--- a/lib/librte_eal/linux/eal/eal.c
+++ b/lib/librte_eal/linux/eal/eal.c
@@ -320,7 +320,7 @@ rte_eal_config_create(void)
                rte_mem_cfg_addr = NULL;
 
        if (mem_cfg_fd < 0){
-               mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0660);
+               mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0600);
                if (mem_cfg_fd < 0)
                        rte_panic("Cannot open '%s' for rte_mem_config\n", pathname);
        }

diff --git a/lib/librte_eal/linux/eal/eal_hugepage_info.c b/lib/librte_eal/linux/eal/eal_hugepage_info.c
index ce3e992..91a4fed 100644 (file)
--- a/lib/librte_eal/linux/eal/eal_hugepage_info.c
+++ b/lib/librte_eal/linux/eal/eal_hugepage_info.c
@@ -45,7 +45,7 @@ static void *
 map_shared_memory(const char *filename, const size_t mem_size, int flags)
 {
        void *retval;
-       int fd = open(filename, flags, 0666);
+       int fd = open(filename, flags, 0600);
        if (fd < 0)
                return NULL;
        if (ftruncate(fd, mem_size) < 0) {

diff --git a/lib/librte_eal/linux/eal/eal_memory.c b/lib/librte_eal/linux/eal/eal_memory.c
index 39cd359..3193525 100644 (file)
--- a/lib/librte_eal/linux/eal/eal_memory.c
+++ b/lib/librte_eal/linux/eal/eal_memory.c
@@ -541,7 +541,7 @@ create_shared_memory(const char *filename, const size_t mem_size)
                return retval;
        }
 
-       fd = open(filename, O_CREAT | O_RDWR, 0666);
+       fd = open(filename, O_CREAT | O_RDWR, 0600);
        if (fd < 0)
                return NULL;
        if (ftruncate(fd, mem_size) < 0) {