eal: tighten permissions on shared memory files

When creating files on disk, e.g. for EAL configuration or shared memory
locks, etc., there is no need to grant any permissions on those files to
other users. All directories are already created with 0700 permissions, so
we should create all files with 0600 permissions.

Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>

diff --git a/lib/librte_eal/freebsd/eal/eal.c b/lib/librte_eal/freebsd/eal/eal.c
index 790c6afa7050d2a7ff9c9c54319aa8773b34eac0..c6ac9028fa2b1acc89cd1a13b77adb0603a2b5f0 100644 (file)
--- a/lib/librte_eal/freebsd/eal/eal.c
+++ b/lib/librte_eal/freebsd/eal/eal.c
@@ -227,7 +227,7 @@ rte_eal_config_create(void)
                return;
 
        if (mem_cfg_fd < 0){
-               mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0660);
+               mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0600);
                if (mem_cfg_fd < 0)
                        rte_panic("Cannot open '%s' for rte_mem_config\n", pathname);
        }

diff --git a/lib/librte_eal/freebsd/eal/eal_hugepage_info.c b/lib/librte_eal/freebsd/eal/eal_hugepage_info.c
index 1e8f5df23411838765bec0e466819a2715a250d1..32012e1427626934bb82c5989a70cde417120fcb 100644 (file)
--- a/lib/librte_eal/freebsd/eal/eal_hugepage_info.c
+++ b/lib/librte_eal/freebsd/eal/eal_hugepage_info.c
@@ -22,7 +22,7 @@ static void *
 map_shared_memory(const char *filename, const size_t mem_size, int flags)
 {
        void *retval;
-       int fd = open(filename, flags, 0666);
+       int fd = open(filename, flags, 0600);
        if (fd < 0)
                return NULL;
        if (ftruncate(fd, mem_size) < 0) {

diff --git a/lib/librte_eal/linux/eal/eal.c b/lib/librte_eal/linux/eal/eal.c
index 75ed0cf1029f8bd6e55058649c046ad2f9141596..f7ae62d7b1713a4d5e6f396c1a5f74ffaf768b7d 100644 (file)
--- a/lib/librte_eal/linux/eal/eal.c
+++ b/lib/librte_eal/linux/eal/eal.c
@@ -320,7 +320,7 @@ rte_eal_config_create(void)
                rte_mem_cfg_addr = NULL;
 
        if (mem_cfg_fd < 0){
-               mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0660);
+               mem_cfg_fd = open(pathname, O_RDWR | O_CREAT, 0600);
                if (mem_cfg_fd < 0)
                        rte_panic("Cannot open '%s' for rte_mem_config\n", pathname);
        }

diff --git a/lib/librte_eal/linux/eal/eal_hugepage_info.c b/lib/librte_eal/linux/eal/eal_hugepage_info.c
index ce3e99256a128f2ac5dc20aa0d4ceaa5249ce8dd..91a4fede76bc114065014808b4698d9cb6e6b994 100644 (file)
--- a/lib/librte_eal/linux/eal/eal_hugepage_info.c
+++ b/lib/librte_eal/linux/eal/eal_hugepage_info.c
@@ -45,7 +45,7 @@ static void *
 map_shared_memory(const char *filename, const size_t mem_size, int flags)
 {
        void *retval;
-       int fd = open(filename, flags, 0666);
+       int fd = open(filename, flags, 0600);
        if (fd < 0)
                return NULL;
        if (ftruncate(fd, mem_size) < 0) {

diff --git a/lib/librte_eal/linux/eal/eal_memory.c b/lib/librte_eal/linux/eal/eal_memory.c
index 39cd359a039de276579f9ad37df9360cf85a3ba1..319352521e55222230fea093920b310a32e9da2a 100644 (file)
--- a/lib/librte_eal/linux/eal/eal_memory.c
+++ b/lib/librte_eal/linux/eal/eal_memory.c
@@ -541,7 +541,7 @@ create_shared_memory(const char *filename, const size_t mem_size)
                return retval;
        }
 
-       fd = open(filename, O_CREAT | O_RDWR, 0666);
+       fd = open(filename, O_CREAT | O_RDWR, 0600);
        if (fd < 0)
                return NULL;
        if (ftruncate(fd, mem_size) < 0) {