intel_scu_ipc: remove the un-neccessary capability check inside

IPC ioctl calls. This prevents user space app (i.e. Android app)
from getting our fw information such as IFWI fw version.

BZ: 20905

Change-Id: I4b13346026c450f365111856ee89be2cc665f22c
Signed-off-by: Winson Yung <winson.w.yung@intel.com>
Reviewed-on: http://android.intel.com:8080/32689
Reviewed-by: Yang, Fei <fei.yang@intel.com>
Reviewed-by: Gross, Mark <mark.gross@intel.com>
Reviewed-by: Mansoor, Illyas <illyas.mansoor@intel.com>
Reviewed-by: Yang, Bin <bin.yang@intel.com>
Tested-by: Wang, Zhifeng <zhifeng.wang@intel.com>
Reviewed-by: buildbot <buildbot@intel.com>
Tested-by: buildbot <buildbot@intel.com>

diff --git a/drivers/platform/x86/intel_scu_ipcutil.c b/drivers/platform/x86/intel_scu_ipcutil.c
index f5ec72d..414a4b8 100644 (file)
--- a/drivers/platform/x86/intel_scu_ipcutil.c
+++ b/drivers/platform/x86/intel_scu_ipcutil.c
@@ -124,7 +124,11 @@ static long scu_ipc_ioctl(struct file *fp, unsigned int cmd,
        void __user *argp = (void __user *)arg;
        int platform;
 
-       if (!capable(CAP_SYS_RAWIO))
+       /* Only IOCTL cmd allowed to pass through without capability check */
+       /* is getting fw version info, all others need to check to prevent */
+       /* arbitrary access to all sort of bit of the hardware exposed here*/
+
+       if (cmd != INTEL_SCU_IPC_FW_REVISION_GET && !capable(CAP_SYS_RAWIO))
                return -EPERM;
 
        platform = mrst_identify_cpu();