[RFC PATCH v1 0/3] Fix TCP short AF_UNSPEC handling
Matthieu Buffet
matthieu at buffet.re
Mon Oct 27 19:07:23 UTC 2025
Hi Mickaël, Günther, Konstantin, Mikhail,
Here's a small fix for userland behaviour+error consistency in TCP, in
the edge case where userland uses an AF_UNSPEC address consisting of
just a bare sa_family_t.
First two commits fix/add test cases (which then fail), and third commit
patches current_check_access_socket() to make these tests pass. There's
more than one way to patch it, I just chose this because it should also
make it easier to merge UDP support (soon if this goes well).
Feedback welcome!
Matthieu Buffet (3):
selftests/landlock: Fix TCP bind(AF_UNSPEC) test case
selftests/landlock: Add missing connect(minimal AF_UNSPEC) test
landlock: Fix TCP handling of short AF_UNSPEC addresses
security/landlock/net.c | 118 +++++++++++---------
tools/testing/selftests/landlock/common.h | 1 +
tools/testing/selftests/landlock/net_test.c | 30 ++++-
3 files changed, 96 insertions(+), 53 deletions(-)
base-commit: 6dde339a3df80a57ac3d780d8cfc14d9262e2acd
--
2.47.2
More information about the Linux-security-module-archive
mailing list