diff options
| author | Philippe Langlais <philippe.langlais@stericsson.com> | 2012-06-04 19:46:24 +0800 |
|---|---|---|
| committer | Philippe Langlais <philippe.langlais@stericsson.com> | 2012-06-04 19:46:24 +0800 |
| commit | 29a3e1ef73daaa91cbf5cce2fb475f1878254402 (patch) | |
| tree | fbd1df992706a4786633a7986a31b9cf78b3dced /net/ipv4/af_inet.c | |
| parent | 564119271649aa2d1840e79badf743e957b497e6 (diff) | |
| parent | 3c16bd7bb0a2b00b71f65bb0075e0c94d0fcc777 (diff) | |
Merge Linaro Android branch ' jstultz/linaro-android-3.4
' into integration-android-ux500
Signed-off-by: Philippe Langlais <philippe.langlais@stericsson.com>
Diffstat (limited to 'net/ipv4/af_inet.c')
| -rw-r--r-- | net/ipv4/af_inet.c | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c index 10e3751466b..0b711659ac7 100644 --- a/net/ipv4/af_inet.c +++ b/net/ipv4/af_inet.c @@ -119,6 +119,19 @@ #include <linux/mroute.h> #endif +#ifdef CONFIG_ANDROID_PARANOID_NETWORK +#include <linux/android_aid.h> + +static inline int current_has_network(void) +{ + return in_egroup_p(AID_INET) || capable(CAP_NET_RAW); +} +#else +static inline int current_has_network(void) +{ + return 1; +} +#endif /* The inetsw table contains everything that inet_create needs to * build a new socket. @@ -259,6 +272,7 @@ static inline int inet_netns_ok(struct net *net, int protocol) return ipprot->netns_ok; } + /* * Create an inet socket. */ @@ -275,6 +289,9 @@ static int inet_create(struct net *net, struct socket *sock, int protocol, int try_loading_module = 0; int err; + if (!current_has_network()) + return -EACCES; + if (unlikely(!inet_ehash_secret)) if (sock->type != SOCK_RAW && sock->type != SOCK_DGRAM) build_ehash_secret(); @@ -881,6 +898,7 @@ int inet_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg) case SIOCSIFPFLAGS: case SIOCGIFPFLAGS: case SIOCSIFFLAGS: + case SIOCKILLADDR: err = devinet_ioctl(net, cmd, (void __user *)arg); break; default: |