Jeff Vander Stoep | de9b530 | 2015-06-05 15:28:55 -0700 | [diff] [blame] | 1 | # socket ioctls allowed to unprivileged apps |
| 2 | define(`unpriv_sock_ioctls', ` |
| 3 | { |
Jeff Vander Stoep | c47a11b | 2016-01-05 13:16:34 -0800 | [diff] [blame] | 4 | # all socket ioctls except: |
| 5 | # 1) the Mac address SIOCGIFHWADDR 0x8927 |
| 6 | # 2) device private SIOCDEVPRIVATE-SIOCDEVPRIVLAST 0x89F0-0x89FF |
| 7 | # 3) protocol private SIOCPROTOPRIVATE-SIOCPROTOPRIVLAST 0x89E0-0x89EF |
| 8 | 0x8900-0x8926 0x8928-0x89DF |
| 9 | # all wireless extensions ioctls except: |
| 10 | # 1) get/set essid IOCSIWESSID 0x8B1A SIOCGIWESSID 0x8B1B |
| 11 | # 2) device private ioctls SIOCIWFIRSTPRIV-SIOCIWLASTPRIV 0x8BE0-0x8BFF |
| 12 | 0x8B00-0x8B09 0x8B1C-0x8BDF |
Jeff Vander Stoep | de9b530 | 2015-06-05 15:28:55 -0700 | [diff] [blame] | 13 | # commonly used TTY ioctls |
| 14 | 0x5411 0x5451 |
| 15 | }') |
Jeff Vander Stoep | 90ccbcf | 2016-04-26 11:29:14 -0700 | [diff] [blame] | 16 | |
| 17 | define(`TCGETS', `0x00005401') |
| 18 | define(`TIOCOUTQ', `0x00005411') |
| 19 | define(`TIOCGWINSZ', `0x00005413') |
| 20 | define(`TIOCSWINSZ', `0x00005414') |
| 21 | define(`FIONREAD', `0x0000541b') |
| 22 | define(`FIOCLEX', `0x00005451') |
| 23 | |
| 24 | # commonly used ioctls on unix sockets |
| 25 | define(`unpriv_unix_sock_ioctls', `{ TIOCOUTQ FIOCLEX TCGETS TIOCGWINSZ TIOCSWINSZ FIONREAD }') |