81b7675e8c
TIOCGWINSZ = 0x00005413
avc: denied { ioctl } for comm="ls" path="socket:[362628]" dev="sockfs" ino=362628 ioctlcmd=5413 scontext=u:r:shell:s0 tcontext=u:r:adbd:s0 tclass=unix_stream_socket permissive=0
Bug: 28171804
Change-Id: I460e2469730d0cd90d714f30803ef849317d4be7
47 lines
2.3 KiB
Text
47 lines
2.3 KiB
Text
# socket ioctls allowed to unprivileged apps
|
|
define(`unpriv_sock_ioctls', `
|
|
{
|
|
# Socket ioctls for gathering information about the interface
|
|
SIOCGIFNAME SIOCGIFCONF SIOCGIFFLAGS SIOCGIFADDR SIOCGIFDSTADDR SIOCGIFBRDADDR
|
|
SIOCGIFNETMASK SIOCGIFMTU SIOCGIFINDEX SIOCGIFCOUNT SIOCGIFTXQLEN
|
|
# Wireless extension ioctls. Primarily get functions.
|
|
SIOCGIWNAME SIOCGIWFREQ SIOCGIWMODE SIOCGIWSENS SIOCGIWRANGE SIOCGIWPRIV
|
|
SIOCGIWSTATS SIOCGIWSPY SIOCSIWTHRSPY SIOCGIWTHRSPY SIOCGIWRATE SIOCGIWRTS
|
|
SIOCGIWFRAG SIOCGIWTXPOW SIOCGIWRETRY SIOCGIWPOWER
|
|
}')
|
|
|
|
# socket ioctls never allowed to unprivileged apps
|
|
define(`priv_sock_ioctls', `
|
|
{
|
|
# qualcomm rmnet ioctls
|
|
WAN_IOC_ADD_FLT_RULE WAN_IOC_ADD_FLT_INDEX
|
|
# socket ioctls
|
|
SIOCADDRT SIOCDELRT SIOCRTMSG SIOCSIFLINK SIOCSIFFLAGS SIOCSIFADDR
|
|
SIOCSIFDSTADDR SIOCSIFBRDADDR SIOCSIFNETMASK SIOCGIFMETRIC SIOCSIFMETRIC SIOCGIFMEM
|
|
SIOCSIFMEM SIOCSIFMTU SIOCSIFNAME SIOCSIFHWADDR SIOCGIFENCAP SIOCSIFENCAP
|
|
SIOCGIFHWADDR SIOCGIFSLAVE SIOCSIFSLAVE SIOCADDMULTI SIOCDELMULTI
|
|
SIOCSIFPFLAGS SIOCGIFPFLAGS SIOCDIFADDR SIOCSIFHWBROADCAST SIOCGIFBR SIOCSIFBR
|
|
SIOCSIFTXQLEN SIOCETHTOOL SIOCGMIIPHY SIOCGMIIREG SIOCSMIIREG SIOCWANDEV
|
|
SIOCOUTQNSD SIOCDARP SIOCGARP SIOCSARP SIOCDRARP SIOCGRARP SIOCSRARP SIOCGIFMAP
|
|
SIOCSIFMAP SIOCADDDLCI SIOCDELDLCI SIOCGIFVLAN SIOCSIFVLAN SIOCBONDENSLAVE
|
|
SIOCBONDRELEASE SIOCBONDSETHWADDR SIOCBONDSLAVEINFOQUERY SIOCBONDINFOQUERY
|
|
SIOCBONDCHANGEACTIVE SIOCBRADDBR SIOCBRDELBR SIOCBRADDIF SIOCBRDELIF SIOCSHWTSTAMP
|
|
# device and protocol specific ioctls
|
|
SIOCDEVPRIVATE-SIOCDEVPRIVLAST
|
|
SIOCPROTOPRIVATE-SIOCPROTOPRIVLAST
|
|
# Wireless extension ioctls
|
|
SIOCSIWCOMMIT SIOCSIWNWID SIOCSIWFREQ SIOCSIWMODE SIOCSIWSENS SIOCSIWRANGE
|
|
SIOCSIWPRIV SIOCSIWSTATS SIOCSIWSPY SIOCSIWAP SIOCGIWAP SIOCSIWMLME SIOCGIWAPLIST
|
|
SIOCSIWSCAN SIOCGIWSCAN SIOCSIWESSID SIOCGIWESSID SIOCSIWNICKN SIOCGIWNICKN
|
|
SIOCSIWRATE SIOCSIWRTS SIOCSIWFRAG SIOCSIWTXPOW SIOCSIWRETRY SIOCSIWENCODE
|
|
SIOCGIWENCODE SIOCSIWPOWER SIOCSIWGENIE SIOCGIWGENIE SIOCSIWAUTH SIOCGIWAUTH
|
|
SIOCSIWENCODEEXT SIOCGIWENCODEEXT SIOCSIWPMKSA
|
|
# Dev private ioctl i.e. hardware specific ioctls
|
|
SIOCIWFIRSTPRIV-SIOCIWLASTPRIV
|
|
}')
|
|
|
|
# commonly used ioctls on unix sockets
|
|
define(`unpriv_unix_sock_ioctls', `{TIOCOUTQ FIOCLEX TCGETS TIOCGWINSZ TIOCSWINSZ FIONREAD }')
|
|
|
|
# commonly used TTY ioctls
|
|
define(`unpriv_tty_ioctls', `{ TIOCOUTQ FIOCLEX }')
|