Reduce socket ioctl perms Reduce the socket ioctl commands available to untrusted/isolated apps. Neverallow accessing sensitive information or setting of network parameters. Neverallow access to device private ioctls i.e. device specific customizations as these are a common source of driver bugs. Define common ioctl commands in ioctl_defines. Bug: 26267358 Change-Id: Ic5c0af066e26d4cb2867568f53a3e65c5e3b5a5d

commit: cbaa2b7d37c0810009cc0ffa4026334b4bf3096e [log] [tgz]
author: Jeff Vander Stoep <jeffv@google.com> Tue Dec 22 10:39:34 2015 -0800
committer: Jeff Vander Stoep <jeffv@google.com> Mon Jan 04 12:15:19 2016 -0800
tree: b80e3517f274cd80d81c1474454e28f5e1d57aa0
parent: e02e6c03a59d1f60f07affa8540b74aca077a6c8 [diff] [blame]
diff --git a/Android.mk b/Android.mk
index 91d6303..a05e2b0 100644
--- a/Android.mk
+++ b/Android.mk

@@ -40,6 +40,7 @@
                         policy_capabilities \
                         te_macros \
                         attributes \
+                        ioctl_defines \
                         ioctl_macros \
                         *.te \
                         roles \
commit	cbaa2b7d37c0810009cc0ffa4026334b4bf3096e	[log] [tgz]
author	Jeff Vander Stoep <jeffv@google.com>	Tue Dec 22 10:39:34 2015 -0800
committer	Jeff Vander Stoep <jeffv@google.com>	Mon Jan 04 12:15:19 2016 -0800
tree	b80e3517f274cd80d81c1474454e28f5e1d57aa0
parent	e02e6c03a59d1f60f07affa8540b74aca077a6c8 [diff] [blame]