| Tri Vo | bc8dc3a | 2019-05-26 13:17:08 -0700 | [diff] [blame^] | 1 | # socket ioctls allowed to unprivileged apps |
| 2 | define(`unpriv_sock_ioctls', ` |
| 3 | { |
| 4 | # Socket ioctls for gathering information about the interface |
| 5 | SIOCGSTAMP SIOCGSTAMPNS |
| 6 | SIOCGIFNAME SIOCGIFCONF SIOCGIFFLAGS SIOCGIFADDR SIOCGIFDSTADDR SIOCGIFBRDADDR |
| 7 | SIOCGIFNETMASK SIOCGIFMTU SIOCGIFINDEX SIOCGIFCOUNT SIOCGIFTXQLEN |
| 8 | # Wireless extension ioctls. Primarily get functions. |
| 9 | SIOCGIWNAME SIOCGIWFREQ SIOCGIWMODE SIOCGIWSENS SIOCGIWRANGE SIOCGIWPRIV |
| 10 | SIOCGIWSTATS SIOCGIWSPY SIOCSIWTHRSPY SIOCGIWTHRSPY SIOCGIWRATE SIOCGIWRTS |
| 11 | SIOCGIWFRAG SIOCGIWTXPOW SIOCGIWRETRY SIOCGIWPOWER |
| 12 | }') |
| 13 | |
| 14 | # socket ioctls never allowed to unprivileged apps |
| 15 | define(`priv_sock_ioctls', ` |
| 16 | { |
| 17 | # qualcomm rmnet ioctls |
| 18 | WAN_IOC_ADD_FLT_RULE WAN_IOC_ADD_FLT_INDEX |
| 19 | # socket ioctls |
| 20 | SIOCADDRT SIOCDELRT SIOCRTMSG SIOCSIFLINK SIOCSIFFLAGS SIOCSIFADDR |
| 21 | SIOCSIFDSTADDR SIOCSIFBRDADDR SIOCSIFNETMASK SIOCGIFMETRIC SIOCSIFMETRIC SIOCGIFMEM |
| 22 | SIOCSIFMEM SIOCSIFMTU SIOCSIFNAME SIOCSIFHWADDR SIOCGIFENCAP SIOCSIFENCAP |
| 23 | SIOCGIFHWADDR SIOCGIFSLAVE SIOCSIFSLAVE SIOCADDMULTI SIOCDELMULTI |
| 24 | SIOCSIFPFLAGS SIOCGIFPFLAGS SIOCDIFADDR SIOCSIFHWBROADCAST SIOCKILLADDR SIOCGIFBR SIOCSIFBR |
| 25 | SIOCSIFTXQLEN SIOCETHTOOL SIOCGMIIPHY SIOCGMIIREG SIOCSMIIREG SIOCWANDEV |
| 26 | SIOCOUTQNSD SIOCDARP SIOCGARP SIOCSARP SIOCDRARP SIOCGRARP SIOCSRARP SIOCGIFMAP |
| 27 | SIOCSIFMAP SIOCADDDLCI SIOCDELDLCI SIOCGIFVLAN SIOCSIFVLAN SIOCBONDENSLAVE |
| 28 | SIOCBONDRELEASE SIOCBONDSETHWADDR SIOCBONDSLAVEINFOQUERY SIOCBONDINFOQUERY |
| 29 | SIOCBONDCHANGEACTIVE SIOCBRADDBR SIOCBRDELBR SIOCBRADDIF SIOCBRDELIF SIOCSHWTSTAMP |
| 30 | # device and protocol specific ioctls |
| 31 | SIOCDEVPRIVATE-SIOCDEVPRIVLAST |
| 32 | SIOCPROTOPRIVATE-SIOCPROTOPRIVLAST |
| 33 | # Wireless extension ioctls |
| 34 | SIOCSIWCOMMIT SIOCSIWNWID SIOCSIWFREQ SIOCSIWMODE SIOCSIWSENS SIOCSIWRANGE |
| 35 | SIOCSIWPRIV SIOCSIWSTATS SIOCSIWSPY SIOCSIWAP SIOCGIWAP SIOCSIWMLME SIOCGIWAPLIST |
| 36 | SIOCSIWSCAN SIOCGIWSCAN SIOCSIWESSID SIOCGIWESSID SIOCSIWNICKN SIOCGIWNICKN |
| 37 | SIOCSIWRATE SIOCSIWRTS SIOCSIWFRAG SIOCSIWTXPOW SIOCSIWRETRY SIOCSIWENCODE |
| 38 | SIOCGIWENCODE SIOCSIWPOWER SIOCSIWGENIE SIOCGIWGENIE SIOCSIWAUTH SIOCGIWAUTH |
| 39 | SIOCSIWENCODEEXT SIOCGIWENCODEEXT SIOCSIWPMKSA |
| 40 | # Dev private ioctl i.e. hardware specific ioctls |
| 41 | SIOCIWFIRSTPRIV-SIOCIWLASTPRIV |
| 42 | }') |
| 43 | |
| 44 | # commonly used ioctls on unix sockets |
| 45 | define(`unpriv_unix_sock_ioctls', `{ |
| 46 | TIOCOUTQ FIOCLEX FIONCLEX TCGETS TIOCGWINSZ TIOCSWINSZ FIONREAD |
| 47 | }') |
| 48 | |
| 49 | # commonly used TTY ioctls |
| 50 | # merge with unpriv_unix_sock_ioctls? |
| 51 | define(`unpriv_tty_ioctls', `{ |
| 52 | TIOCOUTQ FIOCLEX FIONCLEX TCGETS TCSETS TIOCGWINSZ TIOCSWINSZ TIOCSCTTY |
| 53 | TCSETSW TCFLSH TIOCSPGRP TIOCGPGRP |
| 54 | }') |
| 55 | |
| 56 | # point to point ioctls |
| 57 | define(`ppp_ioctls', `{ |
| 58 | PPPIOCGL2TPSTATS PPPIOCGCHAN PPPIOCATTCHAN PPPIOCDISCONN |
| 59 | PPPIOCCONNECT PPPIOCSMRRU PPPIOCDETACH PPPIOCATTACH |
| 60 | PPPIOCNEWUNIT PPPIOCGIDLE PPPIOCSDEBUG PPPIOCGDEBUG |
| 61 | PPPIOCSACTIVE PPPIOCSPASS PPPIOCSNPMODE PPPIOCGNPMODE |
| 62 | PPPIOCSCOMPRESS PPPIOCXFERUNIT PPPIOCSXASYNCMAP |
| 63 | PPPIOCGXASYNCMAP PPPIOCSMAXCID PPPIOCSMRU PPPIOCGMRU |
| 64 | PPPIOCSRASYNCMAP PPPIOCGRASYNCMAP PPPIOCGUNIT PPPIOCSASYNCMAP |
| 65 | PPPIOCGASYNCMAP PPPIOCSFLAGS PPPIOCGFLAGS PPPIOCGCALLINFO |
| 66 | PPPIOCBUNDLE PPPIOCGMPFLAGS PPPIOCSMPFLAGS PPPIOCSMPMTU |
| 67 | PPPIOCSMPMRU PPPIOCGCOMPRESSORS PPPIOCSCOMPRESSOR PPPIOCGIFNAME |
| 68 | }') |