From a8a1247a44e3d7e9c11be939bc3eb44e935886fe Mon Sep 17 00:00:00 2001
From: Mohammed Javid <mjavid@codeaurora.org>
Date: Thu, 19 Apr 2018 13:41:16 +0530
Subject: [PATCH] msm: ipa: rmnet: Make code changes with respect to CR#2046006

Check for CAP_NET_ADMIN capability of the user
space application who tries to access rmnet driver IOCTL.

Bug: 36367253
Change-Id: If6bb4b54659306c5103b5e34bf02c7234c851e0a
CRs-Fixed: 2226355
Signed-off-by: Mohammed Javid <mjavid@codeaurora.org>
---
 drivers/platform/msm/ipa/rmnet_ipa.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/drivers/platform/msm/ipa/rmnet_ipa.c b/drivers/platform/msm/ipa/rmnet_ipa.c
index 2079d36671ce..6c90f4c788ca 100644
--- a/drivers/platform/msm/ipa/rmnet_ipa.c
+++ b/drivers/platform/msm/ipa/rmnet_ipa.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Linux Foundation. All rights reserved.
+/* Copyright (c) 2014-2018, The Linux Foundation. All rights reserved.
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 2 and
@@ -1152,6 +1152,8 @@ static int ipa_wwan_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
 
 	/*  Extended IOCTLs  */
 	case RMNET_IOCTL_EXTENDED:
+		if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN))
+			return -EPERM;
 		IPAWANDBG("get ioctl: RMNET_IOCTL_EXTENDED\n");
 		if (copy_from_user(&extend_ioctl_data,
 			(u8 *)ifr->ifr_ifru.ifru_data,
-- 
GitLab