[PATCH v2 0/6] Landlock: Implement scope control for pathname Unix sockets
Günther Noack
gnoack3000 at gmail.com
Sun Feb 8 23:21:29 UTC 2026
On Sun, Feb 08, 2026 at 08:48:22PM +0000, Tingmao Wang wrote:
> On 2/8/26 20:37, Günther Noack wrote:
> > Thank you, Tingmao!
> >
> > So far, the selftests that I already had in fs_test.c were
> > straightforward to extend so that they cover the new cases. I had a
> > look at your patch set, but found the scoping tests difficult to port
> > to fs_test.c
>
> I was thinking that the tests in scoped_abstract_unix_test.c could be
> extended to test scoping of pathname UNIX sockets as well (otherwise
> wouldn't you have to write another instance of the scoped_domains test
> based on scoped_base_variants.h, whether you put it in fs_test.c or
> somewhere else?)
>
> And if you think that is sensible, then I'm hoping that patch 4,5,6 of the
> series would be mostly useful. But it's up to you :)
I maybe have not wrapped my head around the scoped_test enough; for
now I sent a tentative V4 patch set to the list, so that we can
discuss something concrete.
If you spot things that are missing, or you feel inspired to port your
tests on top, I am still happy to accept that. (But for today it is
too late in the evening here %-))
–Günther
More information about the Linux-security-module-archive
mailing list