DivestOS/Patches/Linux_CVEs/CVE-2016-0806/qcacld-2.0/0016.patch

42 lines
1.6 KiB
Diff
Raw Normal View History

2017-11-07 18:55:10 -05:00
From d4b451bd06ad53ed785cbda4272c54788b1537d4 Mon Sep 17 00:00:00 2001
From: Amarnath Hullur Subramanyam <amarnath@codeaurora.org>
Date: Wed, 28 Oct 2015 20:59:45 -0700
2017-11-07 17:32:46 -05:00
Subject: wlan:Check priviledge permission before processing SET_OEM_DATA_REQ
IOCTL
Kernel assumes all SET IOCTL commands are assigned with even
numbers. But in our WLAN driver, some SET IOCTLS are assigned with
odd numbers. This leads kernel fail to check, for some SET IOCTLs,
whether user has the right permission to do SET operation.
Hence, in driver, before processing SET_OEM_DATA_REQ IOCTLs, making
sure user task has right permission to process the command.
CRs-Fixed: 930549
2017-11-07 18:55:10 -05:00
Git-commit: 6feb2faf80a05940618aa2eef2b62e4e2e54f148
Bug: 25344453
Signed-off-by: Amarnath Hullur Subramanyam <amarnath@codeaurora.org>
2017-11-07 17:32:46 -05:00
---
2017-11-07 18:55:10 -05:00
drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_oemdata.c | 6 ++++++
2017-11-07 17:32:46 -05:00
1 file changed, 6 insertions(+)
2017-11-07 18:55:10 -05:00
diff --git a/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_oemdata.c b/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_oemdata.c
index dbec0fc..26d0b5f 100644
--- a/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_oemdata.c
+++ b/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_oemdata.c
@@ -189,6 +189,12 @@ int iw_set_oem_data_req(
hdd_adapter_t *pAdapter = (netdev_priv(dev));
hdd_wext_state_t *pwextBuf = WLAN_HDD_GET_WEXT_STATE_PTR(pAdapter);
2017-11-07 17:32:46 -05:00
+ if (!capable(CAP_NET_ADMIN)) {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ FL("permission check failed"));
+ return -EPERM;
+ }
+
if ((WLAN_HDD_GET_CTX(pAdapter))->isLogpInProgress)
{
VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_FATAL,
--
cgit v1.1