From 9c23eefd23c668badf8ccbb8bd0877cf283ef02b Mon Sep 17 00:00:00 2001
From: Biswajit Paul <biswajitpaul@codeaurora.org>
Date: Mon, 9 Feb 2015 15:21:12 -0800
Subject: [PATCH] ANDROID: kernel: Restrict permissions of /proc/iomem.

The permissions of /proc/iomem currently are -r--r--r--. Everyone can
see its content. As iomem contains information about the physical memory
content of the device, restrict the information only to root.

Change-Id: If0be35c3fac5274151bea87b738a48e6ec0ae891
CRs-Fixed: 786116
Signed-off-by: Biswajit Paul <biswajitpaul@codeaurora.org>
Signed-off-by: Avijit Kanti Das <avijitnsec@codeaurora.org>
(cherry picked from https://android.googlesource.com/kernel/msm
 commit 3b1ac3a37ce5e6c31c82ca85604705575cb570d6)
Signed-off-by: Tao Huang <huangtao@rock-chips.com>
---
 kernel/resource.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/resource.c b/kernel/resource.c
index 30e1bc68503b..07d2192f1efa 100644
--- a/kernel/resource.c
+++ b/kernel/resource.c
@@ -139,7 +139,7 @@ static int __init ioresources_init(void)
 {
 	proc_create_seq_data("ioports", 0, NULL, &resource_op,
 			&ioport_resource);
-	proc_create_seq_data("iomem", 0, NULL, &resource_op, &iomem_resource);
+	proc_create_seq_data("iomem", 0400, NULL, &resource_op, &iomem_resource);
 	return 0;
 }
 __initcall(ioresources_init);