Merge tag 'v3.10.107' into update

[GitHub/mt8127/android_kernel_alcatel_ttab.git] / drivers / net / tun.c

diff --git a/drivers/net/tun.c b/drivers/net/tun.c
index 7bbc43fbb7200149716fb61d871f3a494d635c27..d818f990c7ad66052bc38fcf43f4585e2fd084db 100644 (file)
--- a/drivers/net/tun.c
+++ b/drivers/net/tun.c
@@ -1904,6 +1904,12 @@ static long __tun_chr_ioctl(struct file *file, unsigned int cmd,
        int vnet_hdr_sz;
        int ret;
 
+#ifdef CONFIG_ANDROID_PARANOID_NETWORK
+       if (cmd != TUNGETIFF && !capable(CAP_NET_ADMIN)) {
+               return -EPERM;
+       }
+#endif
+
        if (cmd == TUNSETIFF || cmd == TUNSETQUEUE || _IOC_TYPE(cmd) == 0x89) {
                if (copy_from_user(&ifr, argp, ifreq_len))
                        return -EFAULT;