[PATCH v10 7/9] selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets
Günther Noack
gnoack at google.com
Fri Mar 22 14:43:45 UTC 2024
On Fri, Mar 22, 2024 at 08:57:18AM +0100, Mickaël Salaün wrote:
> On Sat, Mar 09, 2024 at 07:53:18AM +0000, Günther Noack wrote:
> > diff --git a/tools/testing/selftests/landlock/fs_test.c b/tools/testing/selftests/landlock/fs_test.c
> > index d991f44875bc..941e6f9702b7 100644
> > --- a/tools/testing/selftests/landlock/fs_test.c
> > +++ b/tools/testing/selftests/landlock/fs_test.c
[...]
> > +/* For named UNIX domain sockets, no IOCTL restrictions apply. */
> > +TEST_F_FORK(layout1, named_unix_domain_socket_ioctl)
> > +{
[...]
> > + /* Sets up a client connection to it */
> > + cli_un.sun_family = AF_UNIX;
> > + snprintf(cli_un.sun_path, sizeof(cli_un.sun_path), "%s%ld", path,
> > + (long)getpid());
>
> I don't think it is useful to have a unique sun_path for a named unix
> socket, that's the purpose of naming it right?
Removed, well spotted! I did not realize that I could omit that.
—Günther
More information about the Linux-security-module-archive
mailing list