Check for CAP_NET_ADMIN capability of the user
space application who tries to access rmnet driver IOCTL.
Change-Id: If6bb4b54659306c5103b5e34bf02c7234c851e0a
CRs-Fixed:
2226355
Signed-off-by: Mohammed Javid <mjavid@codeaurora.org>
/* Extended IOCTLs */
case RMNET_IOCTL_EXTENDED:
+ if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN))
+ return -EPERM;
IPAWANDBG("get ioctl: RMNET_IOCTL_EXTENDED\n");
if (copy_from_user(&extend_ioctl_data,
(u8 *)ifr->ifr_ifru.ifru_data,
/* Extended IOCTLs */
case RMNET_IOCTL_EXTENDED:
+ if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN))
+ return -EPERM;
IPAWANDBG("get ioctl: RMNET_IOCTL_EXTENDED\n");
if (copy_from_user(&extend_ioctl_data,
(u8 *)ifr->ifr_ifru.ifru_data,