Needed for legacy VPN access.
Note that ioctl whitelisting only uses the type and command fields
of the ioctl so only the last two bytes are necessary, thus 0x40047438
and 0x7438 are treated the same.
Bug: 30154346
Change-Id: I45bdc77ab666e05707729a114d933900655ba48b
Remove the ioctl permission for most socket types. For others, such as
tcp/udp/rawip/unix_dgram/unix_stream set a default unprivileged whitelist
that individual domains may extend (except where neverallowed like
untrusted_app). Enforce via a neverallowxperm rule.
Change-Id: I15548d830f8eff1fd4d64005c5769ca2be8d4ffe
Per "man socket":
SIOCGSTAMP
Return a struct timeval with the receive timestamp of the last packet
passed to the user. This is useful for accurate round trip time
measurements. See setitimer(2) for a description of struct timeval.
This ioctl should only be used if the socket option SO_TIMESTAMP is
not set on the socket. Otherwise, it returns the timestamp of the last
packet that was received while SO_TIMESTAMP was not set, or it fails
if no such packet has been received, (i.e., ioctl(2) returns -1 with
errno set to ENOENT).
Addresses the following denial:
avc: denied { ioctl } for comm=6E6574776F726B5F74687265616420
path="socket:[42934]" dev="sockfs" ino=42934 ioctlcmd=8906
scontext=u:r:untrusted_app:s0:c512,c768
tcontext=u:r:untrusted_app:s0:c512,c768 tclass=udp_socket permissive=0
Bug: 29333189
Change-Id: I916a695fa362cf1cf6759629c7f6101e9f657e7d
(cherry picked from commit 6ba383c575)
Restrict unix_dgram_socket and unix_stream_socket to a whitelist.
Disallow all ioctls for netlink_selinux_socket and netlink_route_socket.
Neverallow third party app use of all ioctls other than
unix_dgram_socket, unix_stream_socket, netlink_selinux_socket,
netlink_route_socket, tcp_socket, udp_socket and rawip_socket.
Bug: 28171804
Change-Id: Icfe3486a62fc2fc2d2abd8d4030a5fbdd0ab30ab
Remove from unpriv_socket_ioctls but grant each user of unpriv_socket_ioctls
use of unpriv_tty_ioctls
Bug: 26990688
Change-Id: I998e09091de5a7234ad0049758d5dad0b35722f7
Enforce via neverallow rule by adding WAN_IOC_ADD_FLT_RULE
and WAN_IOC_ADD_FLT_RULE_INDEX to neverallow macro.
Bug: 26324307
Change-Id: I5350d9339e45ddeefd5423c3fe9a0ea14fe877b2
Reduce the socket ioctl commands available to untrusted/isolated apps.
Neverallow accessing sensitive information or setting of network parameters.
Neverallow access to device private ioctls i.e. device specific
customizations as these are a common source of driver bugs.
Define common ioctl commands in ioctl_defines.
Bug: 26267358
Change-Id: Ic5c0af066e26d4cb2867568f53a3e65c5e3b5a5d
Grant untrusted_app and isolated_app unpriv_sock_perms, neverallow
priv_sock_perms to disallow access to MAC address and ESSID.
Change-Id: Idac3b657a153e7d7fdc647ff34b876a325d759b3
Grant untrusted_app and isolated_app unpriv_sock_perms, neverallow
priv_sock_perms to disallow access to MAC address and ESSID.
Change-Id: Idac3b657a153e7d7fdc647ff34b876a325d759b3
Create a macro of unprivileged ioctls including
- All common socket ioctls except MAC address
- All wireless extensions ioctls except get/set ESSID
- Some commonly used tty ioctls
Bug: 21657002
Change-Id: Ib08be9cb70d08c1fa2c8bddbae519e7c2df5293c
