From c4a93a6cdd8f045e10c5a9da2756cb36af3c14d3 Mon Sep 17 00:00:00 2001
From: Jeff Vander Stoep <jeffv@google.com>
Date: Fri, 8 Jan 2016 13:37:53 -0800
Subject: [PATCH] add SIOCGIFINDEX to list of unprivileged socket ioctls

Addresses
avc: denied { ioctl } for path="socket:[69748]" dev="sockfs" ino=69748
ioctlcmd=8933 scontext=u:r:untrusted_app:s0:c512,c768
tcontext=u:r:untrusted_app:s0:c512,c768 tclass=udp_socket

Change-Id: Iee3821ade9dc044fa03705902923ed18c91425dd
---
 ioctl_macros | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ioctl_macros b/ioctl_macros
index 5a94bf21b..73458798f 100644
--- a/ioctl_macros
+++ b/ioctl_macros
@@ -3,7 +3,7 @@ define(`unpriv_sock_ioctls', `
 {
 # Socket ioctls for gathering information about the interface
 SIOCGIFNAME SIOCGIFCONF SIOCGIFFLAGS SIOCGIFADDR SIOCGIFBRDADDR
-SIOCGIFNETMASK SIOCGIFMTU SIOCGIFCOUNT SIOCGIFTXQLEN
+SIOCGIFNETMASK SIOCGIFMTU SIOCGIFINDEX SIOCGIFCOUNT SIOCGIFTXQLEN
 # Wireless extension ioctls. Primarily get functions.
 SIOCGIWNAME SIOCGIWFREQ SIOCGIWMODE SIOCGIWSENS SIOCGIWRANGE SIOCGIWPRIV
 SIOCGIWSTATS SIOCGIWSPY SIOCSIWTHRSPY SIOCGIWTHRSPY SIOCGIWRATE SIOCGIWRTS
@@ -21,7 +21,7 @@ WAN_IOC_ADD_FLT_RULE WAN_IOC_ADD_FLT_INDEX
 SIOCADDRT SIOCDELRT SIOCRTMSG SIOCSIFLINK SIOCSIFFLAGS SIOCSIFADDR SIOCGIFDSTADDR
 SIOCSIFDSTADDR SIOCSIFBRDADDR SIOCSIFNETMASK SIOCGIFMETRIC SIOCSIFMETRIC SIOCGIFMEM
 SIOCSIFMEM SIOCSIFMTU SIOCSIFNAME SIOCSIFHWADDR SIOCGIFENCAP SIOCSIFENCAP
-SIOCGIFHWADDR SIOCGIFSLAVE SIOCSIFSLAVE SIOCADDMULTI SIOCDELMULTI SIOCGIFINDEX
+SIOCGIFHWADDR SIOCGIFSLAVE SIOCSIFSLAVE SIOCADDMULTI SIOCDELMULTI
 SIOCSIFPFLAGS SIOCGIFPFLAGS SIOCDIFADDR SIOCSIFHWBROADCAST SIOCGIFBR SIOCSIFBR
 SIOCSIFTXQLEN SIOCETHTOOL SIOCGMIIPHY SIOCGMIIREG SIOCSMIIREG SIOCWANDEV
 SIOCOUTQNSD SIOCDARP SIOCGARP SIOCSARP SIOCDRARP SIOCGRARP SIOCSRARP SIOCGIFMAP