[PATCH] selftests/landlock: Remove invalid unix socket bind()
Günther Noack
gnoack at google.com
Tue Dec 2 08:37:24 UTC 2025
Hello!
On Mon, Dec 01, 2025 at 01:36:31AM +0100, Matthieu Buffet wrote:
> diff --git a/tools/testing/selftests/landlock/fs_test.c b/tools/testing/selftests/landlock/fs_test.c
> index eee814e09dd7..7d378bdf3bce 100644
> --- a/tools/testing/selftests/landlock/fs_test.c
> +++ b/tools/testing/selftests/landlock/fs_test.c
> @@ -4391,9 +4391,6 @@ TEST_F_FORK(layout1, named_unix_domain_socket_ioctl)
> cli_fd = socket(AF_UNIX, SOCK_STREAM, 0);
> ASSERT_LE(0, cli_fd);
>
> - size = offsetof(struct sockaddr_un, sun_path) + strlen(cli_un.sun_path);
> - ASSERT_EQ(0, bind(cli_fd, (struct sockaddr *)&cli_un, size));
> -
> bzero(&cli_un, sizeof(cli_un));
> cli_un.sun_family = AF_UNIX;
> strncpy(cli_un.sun_path, path, sizeof(cli_un.sun_path));
>
> base-commit: 54f9baf537b0a091adad860ec92e3e18e0a0754c
> --
> 2.47.3
>
Reviewed-by: Günther Noack <gnoack at google.com>
It looks like I must have fumbled with the copy&paste in that test,
this bind() call does not make sense in the place where it is and is
not necessary for the test. Apologies for that and thank you for
spotting this!
Optional: In hindsight, I think it would be nice to simplify the way
that we calculate the address length here. I probably mis-read
unix(7) at the time, where a similar formula is used (but with a
"+1"). Re-reading it, it seems that just passing sizeof(cli_un) as
the address length would have been the simpler and less error prone
solution:
>From unix(7) (emphasis mine):
The addrlen argument that describes the enclosing sockaddr_un
structure should have a value of at least:
offsetof(struct sockaddr_un, sun_path)+strlen(addr.sun_path)+1
or, more simply, addrlen **can be specified as sizeof(struct
sockaddr_un).**
So, I believe that all the places where we calculate the size in this
function can just disappear and we can directly use sizeof(cli_un) and
sizeof(srv_un) in the bind() and connect() calls instead.
(Let me know whether you want to do it in this change, otherwise I am
also happy to send a follow-up fix.)
Thanks,
—Günther
More information about the Linux-security-module-archive
mailing list