IPC ioctl calls. This prevents user space app (i.e. Android app)
from getting our fw information such as IFWI fw version.
BZ: 20905
Change-Id: I4b13346026c450f365111856ee89be2cc665f22c
Signed-off-by: Winson Yung <winson.w.yung@intel.com>
Reviewed-on: http://android.intel.com:8080/32689
Reviewed-by: Yang, Fei <fei.yang@intel.com>
Reviewed-by: Gross, Mark <mark.gross@intel.com>
Reviewed-by: Mansoor, Illyas <illyas.mansoor@intel.com>
Reviewed-by: Yang, Bin <bin.yang@intel.com>
Tested-by: Wang, Zhifeng <zhifeng.wang@intel.com>
Reviewed-by: buildbot <buildbot@intel.com>
Tested-by: buildbot <buildbot@intel.com>
void __user *argp = (void __user *)arg;
int platform;
- if (!capable(CAP_SYS_RAWIO))
+ /* Only IOCTL cmd allowed to pass through without capability check */
+ /* is getting fw version info, all others need to check to prevent */
+ /* arbitrary access to all sort of bit of the hardware exposed here*/
+
+ if (cmd != INTEL_SCU_IPC_FW_REVISION_GET && !capable(CAP_SYS_RAWIO))
return -EPERM;
platform = mrst_identify_cpu();