DivestOS/Patches/Linux_CVEs/CVE-2016-0806/prima/0006.patch

45 lines
1.6 KiB
Diff
Raw Normal View History

2017-11-07 18:55:10 -05:00
From 86fd66a451b2549f990b71013220e0a3f46b5a00 Mon Sep 17 00:00:00 2001
From: Mukul Sharma <mukul@qti.qualcomm.com>
Date: Thu, 17 Mar 2016 10:41:41 -0700
Subject: wlan:Check priviledge permission
for QCSAP_IOCTL_DISASSOC_STA
Kernel assumes all SET IOCTL commands are assigned with even
numbers. But in our WLAN driver, some SET IOCTLS are assigned with
odd numbers. This leads kernel fail to check, for some SET IOCTLs,
whether user has the right permission to do SET operation.
Hence, in driver, before processing QCSAP_IOCTL_DISASSOC_STA IOCTL,
making sure user task has right permission to process the command.
Bug: 27104184
Change-Id: I7928789c0ce94a2b81495064496766b9e62d6ed8
Signed-off-by: Yuan Lin <yualin@google.com>
---
drivers/staging/prima/CORE/HDD/src/wlan_hdd_hostapd.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/drivers/staging/prima/CORE/HDD/src/wlan_hdd_hostapd.c b/drivers/staging/prima/CORE/HDD/src/wlan_hdd_hostapd.c
index 7598b99..005c193 100644
--- a/drivers/staging/prima/CORE/HDD/src/wlan_hdd_hostapd.c
+++ b/drivers/staging/prima/CORE/HDD/src/wlan_hdd_hostapd.c
@@ -1338,7 +1338,14 @@ static iw_softap_disassoc_sta(struct net_device *dev,
{
hdd_adapter_t *pHostapdAdapter = (netdev_priv(dev));
v_U8_t *peerMacAddr;
-
+
+ if (!capable(CAP_NET_ADMIN))
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ FL("permission check failed"));
+ return -EPERM;
+ }
+
ENTER();
/* iwpriv tool or framework calls this ioctl with
* data passed in extra (less than 16 octets);
--
cgit v1.1