DivestOS/Patches/Linux_CVEs/CVE-2015-0571/qcacld-2.0/0009.patch

From 6642bccf3ed8cba176dee7d4bbc21fc4580efb7b Mon Sep 17 00:00:00 2001
From: Mukul Sharma <mukul@qti.qualcomm.com>
Date: Tue, 27 Oct 2015 23:51:02 +0530
Subject: wlan:Check priviledge permission for SET_BAND_CONFIG IOCTL

Kernel assumes all SET IOCTL commands are assigned with even
numbers. But in our WLAN driver, some SET IOCTLS are assigned with
odd numbers. This leads kernel fail to check, for some SET IOCTLs,
whether user has the right permission to do SET operation.
Hence, in driver, before processing SET_BAND_CONFIG IOCTL, making
sure user task has right permission to process the command.

Change-Id: Ie8a36bfa07a7b21601364b27b3c4bc888a6a5b4e
CRs-Fixed: 930952
---
 CORE/HDD/src/wlan_hdd_wext.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/CORE/HDD/src/wlan_hdd_wext.c b/CORE/HDD/src/wlan_hdd_wext.c
index 27c1813..3240c90 100644
--- a/CORE/HDD/src/wlan_hdd_wext.c
+++ b/CORE/HDD/src/wlan_hdd_wext.c
@@ -10816,6 +10816,12 @@ static int __iw_set_band_config(struct net_device *dev,
     if (0 != ret)
         return ret;
 
+    if (!capable(CAP_NET_ADMIN)) {
+        VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+                  FL("permission check failed"));
+        return -EPERM;
+    }
+
     return hdd_setBand(dev, value[0]);
 }
 
-- 
cgit v1.1