[PATCH v4 1/6] lsm: Add LSM hook security_unix_find
Tingmao Wang
m at maowtm.org
Mon Feb 9 19:53:34 UTC 2026
On 2/9/26 18:33, Tingmao Wang wrote:
> On 2/9/26 17:51, Mickaël Salaün wrote:
>> On Mon, Feb 09, 2026 at 12:10:11AM +0100, Günther Noack wrote:
>>> [...]
>>> diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
>>> index d0511225799b..db9d279b3883 100644
>>> --- a/net/unix/af_unix.c
>>> +++ b/net/unix/af_unix.c
>>> @@ -1226,10 +1226,19 @@ static struct sock *unix_find_bsd(struct sockaddr_un *sunaddr, int addr_len,
>>> if (!S_ISSOCK(inode->i_mode))
>>> goto path_put;
>>>
>>> + err = -ECONNREFUSED;
>>
>> We don't see it in this patch but err is already set to -ECONNREFUSED.
>> This line might be confusing, and unrelated to the goal of this patch,
>> so we should remove it.
>
> I will confess that in a side conversation with Justin previously I
> suggested that for blocks like these it might be better to always assign
> to err, and let the compiler optimize it away, so that when this block is
> moved there is less chances of mistake. (This was relevant in the
> previous context where a move of this hook caused err to be reset,
> resulting in a NULL deference from syzbot)
>
> But of course if the convention in this file is to not do it, or if I have
> missed some reason against doing this, then that's also fine (even though,
> IMHO, personally I think this is better).
>
Actually, looking at this more carefully, Mickaël is right that this
single line addition doesn't have anything to do with the patch itself
(unlike in the diff in the other thread [1] where it is part of a moved
block), so I guess it makes sense to not add this in this patch.
Apologies for any conversation derailment caused here :)
[1]: https://lore.kernel.org/all/e6b6b069-384c-4c45-a56b-fa54b26bc72a@maowtm.org/
More information about the Linux-security-module-archive
mailing list