FPII-1879:CR:930954-Improper access control on WLAN_PRIV_CLEAR_MCBC_FILTER (SIOCIWFIRSTPRIV + 27) Kernel assumes all SET IOCTL commands are assigned with even numbers. But in our WLAN driver, some SET IOCTLS are assigned with odd numbers. This leads kernel fail to check, for some SET IOCTLs, whether user has the right permission to do SET operation. Hence, in driver, before processing CLEAR_MCBC_FILTER IOCTL, making sure user task has right permission to process the command. Change-Id: I9b50fcc0eeb1c1eb3493eab573f4421b52f0ea9a CRs-Fixed: 930954 Git-commit: 9eeafd788f53cc37c169b299f91ca9c558b228f9

commit: dbb62709b3533b33db1d0ca800d48e8765fe76db [log] [tgz]
author: c.wang <c.wang2@hi-p.com> Wed Apr 13 13:19:01 2016 +0800
committer: c.wang <c.wang2@hi-p.com> Wed Apr 13 13:19:05 2016 +0800
tree: dac86571ef8f7ed67423313fe07e111c9a8b1243
parent: d9c097d417565ef5c281f8b1ae47edbe17e16de0 [diff]
diff --git a/CORE/HDD/src/wlan_hdd_wext.c b/CORE/HDD/src/wlan_hdd_wext.c
index 6375e42..5e21e82 100644
--- a/CORE/HDD/src/wlan_hdd_wext.c
+++ b/CORE/HDD/src/wlan_hdd_wext.c

@@ -6923,6 +6923,12 @@
     tpSirWlanSetRxpFilters wlanRxpFilterParam;
     hddLog(VOS_TRACE_LEVEL_INFO_HIGH, "%s: ", __func__);
 
+    if (!capable(CAP_NET_ADMIN)) {
+        VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+                 FL("permission check failed"));
+        return -EPERM;
+    }
+
     //Reset the filter to INI value as we have to clear the dynamic filter
     pHddCtx->configuredMcastBcastFilter = pHddCtx->cfg_ini->mcastBcastFilterSetting;
commit	dbb62709b3533b33db1d0ca800d48e8765fe76db	[log] [tgz]
author	c.wang <c.wang2@hi-p.com>	Wed Apr 13 13:19:01 2016 +0800
committer	c.wang <c.wang2@hi-p.com>	Wed Apr 13 13:19:05 2016 +0800
tree	dac86571ef8f7ed67423313fe07e111c9a8b1243
parent	d9c097d417565ef5c281f8b1ae47edbe17e16de0 [diff]