Google Git
Sign in
android / device / lge / bullhead / fc37444836e15610ba72140b1d22f569b06556f7
commitfc37444836e15610ba72140b1d22f569b06556f7[log] [tgz]
authorJeff Vander Stoep <jeffv@google.com>Mon May 23 15:30:51 2016 -0700
committerJeff Vander Stoep <jeffv@google.com>Fri Sep 09 16:52:25 2016 -0700
treecae2a259776f5e01de297e243dbc45460f72aa40
parent0ba54125ef117c4310fb14441d551a3741bf8193 [diff]
Enforce ioctl command whitelisting on all sockets

Remove the ioctl permission for most socket types. For others, such as
tcp/udp/rawip/unix_dgram/unix_stream set a default unprivileged whitelist
that individual domains may extend (except where neverallowed like
untrusted_app). Enforce via a neverallowxperm rule.

Change-Id: I7573fdb24f9c53ad169bce2aeab1baac8b2a11ea
17 files changed
tree: cae2a259776f5e01de297e243dbc45460f72aa40
  1. bluetooth/
  2. BullheadLayout/
  3. camera/
  4. dataservices/
  5. dumpstate/
  6. factory-images/
  7. kernel-headers/
  8. libandroid/
  9. liblight/
  10. location/
  11. nfc/
  12. original-kernel-headers/
  13. overlay/
  14. power/
  15. self-extractors/
  16. sensorhal/
  17. sepolicy/
  18. thermal/
  19. time-services/
  20. voice_processing/
  21. wifi/
  22. Android.mk
  23. AndroidProducts.mk
  24. aosp_bullhead.mk
  25. apns-full-conf.xml
  26. audio_effects.conf
  27. audio_platform_info.xml
  28. audio_policy_configuration.xml
  29. audio_policy_volumes_drc.xml
  30. board-info.txt
  31. BoardConfig.mk
  32. CleanSpec.mk
  33. config.fs
  34. device.mk
  35. egl.cfg
  36. fstab.bullhead
  37. fstab_fbe.bullhead
  38. gpio-keys.kl
  39. gps.conf
  40. init.bullhead.diag.rc.user
  41. init.bullhead.diag.rc.userdebug
  42. init.bullhead.fp.rc
  43. init.bullhead.misc.rc.user
  44. init.bullhead.misc.rc.userdebug
  45. init.bullhead.nanohub.rc
  46. init.bullhead.power.sh
  47. init.bullhead.qseecomd.sh
  48. init.bullhead.ramdump.rc
  49. init.bullhead.rc
  50. init.bullhead.sensorhub.rc
  51. init.bullhead.sh
  52. init.bullhead.usb.rc
  53. media_codecs.xml
  54. media_codecs_performance.xml
  55. media_profiles.xml
  56. mixer_paths.xml
  57. msm_irqbalance.conf
  58. proprietary-blobs.txt
  59. qpnp_pon.kl
  60. releasetools.py
  61. sec_config
  62. sound_trigger_mixer_paths.xml
  63. sound_trigger_platform_info.xml
  64. spn-conf.xml
  65. synaptics_rmi4_i2c.idc
  66. ueventd.bullhead.rc
  67. vendor_owner_info.txt
  68. vendorsetup.sh