tehuti: move ioctl perm check closer to function start (CVE-2008-1675)

Commit f946dffed6334f08da065a89ed65026ebf8b33b4 upstream Noticed by davem. Signed-off-by: Jeff Garzik <jgarzik@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
author: Jeff Garzik <jeff@garzik.org> 2008-04-25 03:11:31 -0400
committer: Greg Kroah-Hartman <gregkh@suse.de> 2008-05-01 14:44:37 -0700
commit: 71d27b2ed5191a1c5b32e360e74f32fe513d6ed2 (patch)
tree: 0a510f0ec31068e7fe6d467062b3dc8ad0cecb7b
parent: 492d59860bd9a36deac6c3189ba98af355108324 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/drivers/net/tehuti.c b/drivers/net/tehuti.c
index d2e1b219673d..e83b166aa6b9 100644
--- a/drivers/net/tehuti.c
+++ b/drivers/net/tehuti.c
@@ -649,6 +649,9 @@ static int bdx_ioctl_priv(struct net_device *ndev, struct ifreq *ifr, int cmd)
 		DBG("%d 0x%x 0x%x\n", data[0], data[1], data[2]);
 	}
 
+	if (!capable(CAP_NET_ADMIN))
+		return -EPERM;
+
 	switch (data[0]) {
 
 	case BDX_OP_READ:
@@ -664,8 +667,6 @@ static int bdx_ioctl_priv(struct net_device *ndev, struct ifreq *ifr, int cmd)
 		break;
 
 	case BDX_OP_WRITE:
-		if (!capable(CAP_NET_ADMIN))
-			return -EPERM;
 		error = bdx_range_check(priv, data[1]);
 		if (error < 0)
 			return error;
author	Jeff Garzik <jeff@garzik.org>	2008-04-25 03:11:31 -0400
committer	Greg Kroah-Hartman <gregkh@suse.de>	2008-05-01 14:44:37 -0700
commit	71d27b2ed5191a1c5b32e360e74f32fe513d6ed2 (patch)
tree	0a510f0ec31068e7fe6d467062b3dc8ad0cecb7b
parent	492d59860bd9a36deac6c3189ba98af355108324 (diff)