DivestOS/Patches/Linux_CVEs/CVE-2015-0571/ANY/0004.patch
2017-11-07 17:32:46 -05:00

40 lines
1.3 KiB
Diff

From 88ce639e7a0bba852f193b6f53b7ca1926a09b02 Mon Sep 17 00:00:00 2001
From: Mukul Sharma <mukul@qti.qualcomm.com>
Date: Tue, 27 Oct 2015 23:47:48 +0530
Subject: wlan:Check priviledge permission before processing SET_PACKET_FILTER
IOCTL
Kernel assumes all SET IOCTL commands are assigned with even
numbers. But in our WLAN driver, some SET IOCTLS are assigned with
odd numbers. This leads kernel fail to check, for some SET IOCTLs,
whether user has the right permission to do SET operation.
Hence, in driver, before processing SET_PACKET_FILTER IOCTL, making
sure user task has right permission to process the command.
Change-Id: Ib49c3223eacdc90dfe0d45af1aff7c74518990df
CRs-Fixed: 930937
---
CORE/HDD/src/wlan_hdd_wext.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/CORE/HDD/src/wlan_hdd_wext.c b/CORE/HDD/src/wlan_hdd_wext.c
index 610b61b..67ed8a3 100644
--- a/CORE/HDD/src/wlan_hdd_wext.c
+++ b/CORE/HDD/src/wlan_hdd_wext.c
@@ -10088,6 +10088,12 @@ static int __iw_set_packet_filter_params(struct net_device *dev,
ENTER();
+ if (!capable(CAP_NET_ADMIN)) {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ FL("permission check failed"));
+ return -EPERM;
+ }
+
hdd_ctx = WLAN_HDD_GET_CTX(pAdapter);
ret = wlan_hdd_validate_context(hdd_ctx);
if (0 != ret)
--
cgit v1.1