[PATCH 2/6] landlock: Implement LANDLOCK_SCOPE_PATHNAME_UNIX_SOCKET

Tingmao Wang m at maowtm.org
Tue Dec 30 15:56:46 UTC 2025 

On 12/30/25 15:52, Tingmao Wang wrote:
> On 12/28/25 16:37, Justin Suess wrote:
>> On 12/28/25 07:45, Tingmao Wang wrote:
>>> [...]
>>> diff --git a/security/landlock/task.c b/security/landlock/task.c
>>> index 6dfcc1860d6e..9fbb0ada440b 100644
>>> --- a/security/landlock/task.c
>>> +++ b/security/landlock/task.c
>>> @@ -233,57 +233,84 @@ static bool domain_is_scoped(const struct landlock_ruleset *const client,
>>>  	return false;
>>>  }
>>>  
>>> +/**
>>> + * sock_is_scoped - Check if socket connect or send should be restricted
>>> + *    based on scope controls.
>>> + *
>>> + * @other: The server socket.
>>> + * @domain: The client domain.
>>> + * @scope: The relevant scope bit to check (i.e. pathname or abstract).
>>> + *
>>> + * Returns: True if connect should be restricted, false otherwise.
>>> + */
>>>  static bool sock_is_scoped(struct sock *const other,
>>> -			   const struct landlock_ruleset *const domain)
>>> +			   const struct landlock_ruleset *const domain,
>>> +			   access_mask_t scope)
>>>  {
>>>  	const struct landlock_ruleset *dom_other;
>>>  
>>>  	/* The credentials will not change. */
>>>  	lockdep_assert_held(&unix_sk(other)->lock);
>>>  	dom_other = landlock_cred(other->sk_socket->file->f_cred)->domain;
>>> -	return domain_is_scoped(domain, dom_other,
>>> -				LANDLOCK_SCOPE_ABSTRACT_UNIX_SOCKET);
>>> +	return domain_is_scoped(domain, dom_other, scope);
>>>  }
>>>  
>>> -static bool is_abstract_socket(struct sock *const sock)
>>> +static bool sock_addr_is_abstract(const struct unix_address *const addr)
>>
>> Nit: From the name sock_addr_is_abstract, it's unclear without reading
>> the parameter that this function only works with unix sockets, when
>> socket is an overloaded term that can refer to other kinds of sockets
>> (e.g tcp/udp/raw).
>>
>> Maybe is_unix_sock_addr_abstract? or unix_sock_addr_is_abstract?
> 
> I guess sock_addr_is_abstract is indeed a bit of a weird name, but it
> helps that this function is static to this file and also very short.
> Maybe is_unix_addr_abstract?
> 

(nevermind I didn't read Mickaël's reply before sending this, if we can
get rid of this extra function then the name doesn't matter)

More information about the Linux-security-module-archive mailing list