net: wireless: bcmdhd: check privilege on priv cmdandroid-wear-6.0.1_r0.33 android-wear-6.0.1_r0.18

check net admin capability for ioctl calls CVE-2016-2475 BUG=26425765 Change-Id: I02d471d8f486e4773d72c67244dcb03b2b4835ed Signed-off-by: Jerry Lee <jerrylee@broadcom.com>
author: Zhao Xuewen <zhaoxuewen@huawei.com> 2016-06-07 19:45:52 +0800
committer: Zhao Xuewen <zhaoxuewen@huawei.com> 2016-06-07 19:45:52 +0800
commit: 39f2c179e7b0be85d87303e07f794586a5976f84 (patch)
tree: e14ca0c8794b1884a0f9d66055c40f16fbaa7749
parent: 254bb579ffe65ef312b3ab53da9834db51ffe70a (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/drivers/net/wireless/bcmdhd/wl_android.c b/drivers/net/wireless/bcmdhd/wl_android.c
index 36ab67bc8866..126cb17bc69e 100644
--- a/drivers/net/wireless/bcmdhd/wl_android.c
+++ b/drivers/net/wireless/bcmdhd/wl_android.c
@@ -1287,6 +1287,11 @@ int wl_android_priv_cmd(struct net_device *net, struct ifreq *ifr, int cmd)
 		goto exit;
 	}
 
+	if (!capable(CAP_NET_ADMIN)) {
+		ret = -EPERM;
+		goto exit;
+	}
+
 #ifdef CONFIG_COMPAT
 	if (is_compat_task()) {
 		compat_android_wifi_priv_cmd compat_priv_cmd;
author	Zhao Xuewen <zhaoxuewen@huawei.com>	2016-06-07 19:45:52 +0800
committer	Zhao Xuewen <zhaoxuewen@huawei.com>	2016-06-07 19:45:52 +0800
commit	39f2c179e7b0be85d87303e07f794586a5976f84 (patch)
tree	e14ca0c8794b1884a0f9d66055c40f16fbaa7749
parent	254bb579ffe65ef312b3ab53da9834db51ffe70a (diff)