From 92e79e2217c904991336ae8a62dc461e7cc063a2 Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Tue, 14 Jun 2016 03:57:02 -0700
Subject: [PATCH] Add SIOCGSTAMP SIOCGSTAMPNS to unpriv_sock_ioctls

Per "man socket":

  SIOCGSTAMP
  Return a struct timeval with the receive timestamp of the last packet
  passed to the user. This is useful for accurate round trip time
  measurements. See setitimer(2) for a description of struct timeval.
  This ioctl should only be used if the socket option SO_TIMESTAMP is
  not set on the socket. Otherwise, it returns the timestamp of the last
  packet that was received while SO_TIMESTAMP was not set, or it fails
  if no such packet has been received, (i.e., ioctl(2) returns -1 with
  errno set to ENOENT).

Addresses the following denial:

avc: denied { ioctl } for comm=6E6574776F726B5F74687265616420
path="socket:[42934]" dev="sockfs" ino=42934 ioctlcmd=8906
scontext=u:r:untrusted_app:s0:c512,c768
tcontext=u:r:untrusted_app:s0:c512,c768 tclass=udp_socket permissive=0

Bug: 29333189
Change-Id: I916a695fa362cf1cf6759629c7f6101e9f657e7d
---
 ioctl_macros | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ioctl_macros b/ioctl_macros
index 0831db8c7..858bd78fb 100644
--- a/ioctl_macros
+++ b/ioctl_macros
@@ -2,6 +2,7 @@
 define(`unpriv_sock_ioctls', `
 {
 # Socket ioctls for gathering information about the interface
+SIOCGSTAMP SIOCGSTAMPNS
 SIOCGIFNAME SIOCGIFCONF SIOCGIFFLAGS SIOCGIFADDR SIOCGIFDSTADDR SIOCGIFBRDADDR
 SIOCGIFNETMASK SIOCGIFMTU SIOCGIFINDEX SIOCGIFCOUNT SIOCGIFTXQLEN
 # Wireless extension ioctls. Primarily get functions.
-- 
GitLab