Merge "app: expand socket ioctl restrictions to all apps"

ef0b7b1a · Jeffrey Vander Stoep · Android (Google) Code Review · 3873c31f · bb1ece49 · ef0b7b1a
Commit ef0b7b1a authored 9 years ago by Jeffrey Vander Stoep Committed by Android (Google) Code Review 9 years ago
--- a/app.te
+++ b/app.te
@@ -205,6 +205,9 @@ use_keystore({ appdomain -isolated_app })
 allow appdomain console_device:chr_file { read write };
+# only allow unprivileged socket ioctl commands
+allowxperm { appdomain -bluetooth } self:{ rawip_socket tcp_socket udp_socket } ioctl unpriv_sock_ioctls;
 ###
 ### CTS-specific rules
 ###

--- a/isolated_app.te
+++ b/isolated_app.te
@@ -18,9 +18,6 @@ allow isolated_app app_data_file:file { read write getattr lock };
 allow isolated_app activity_service:service_manager find;
 allow isolated_app display_service:service_manager find;
-# only allow unprivileged socket ioctl commands
-allowxperm isolated_app self:{ rawip_socket tcp_socket udp_socket } ioctl unpriv_sock_ioctls;
 # Google Breakpad (crash reporter for Chrome) relies on ptrace
 # functionality. Without the ability to ptrace, the crash reporter
 # tool is broken.

--- a/priv_app.te
+++ b/priv_app.te
@@ -77,6 +77,9 @@ allow priv_app fuse_device:chr_file { read write };
 allow priv_app sysfs_zram:dir search;
 allow priv_app sysfs_zram:file r_file_perms;
+# access the mac address
+allowxperm priv_app self:udp_socket ioctl SIOCGIFHWADDR;
 ###
 ### neverallow rules
 ###

--- a/untrusted_app.te
+++ b/untrusted_app.te
@@ -80,9 +80,6 @@ allow untrusted_app radio_service:service_manager find;
 allow untrusted_app surfaceflinger_service:service_manager find;
 allow untrusted_app app_api_service:service_manager find;
-# only allow unprivileged socket ioctl commands
-allowxperm untrusted_app self:{ rawip_socket tcp_socket udp_socket } ioctl unpriv_sock_ioctls;
 # Allow GMS core to access perfprofd output, which is stored
 # in /data/misc/perfprofd/. GMS core will need to list all
 # data stored in that directory to process them one by one.