[RFC PATCH 0/3] coredump, net: fix layer violation with direct connection
John Ericson
John.Ericson at Obsidian.Systems
Fri Jul 3 07:39:41 UTC 2026
From: John Ericson <mail at JohnEricson.me>
In https://lore.kernel.org/all/akWxrjOl4Up02Bvq@pop-os.localdomain/ Cong
Wang asked about doing things without new syscalls for my fd-based
connect idea. This got me investigating a few things, all of which I hope to
submit as patches.
This is the first one. I stumbled on `SOCK_COREDUMP` in `af_unix.c`, and
I realized that this was --- right in the part of the kernel I was
already looking at --- an excellent example of something that directly
connecting to a socket could do better. This is not because the
filesystem would never be involved (the interface in procfs still
specifies a path) but because the core dumper wants to resolve that path
differently than the usual way.
The first two commits are refactors that expose/create the necessary
functionality, and then the last commit actually does the untangling of
the unix socket implementation and the core dumper. See especially that
third commit message for details.
I hope this is a compelling use-case for you all, that does not touch
the UABI yet, but also does just the sort of thing that would be nice to
expose with a new syscall.
John
John Ericson (3):
af_unix: factor out unix_lookup_bsd_path()
af_unix: factor out kernel_unix_connect_direct()
coredump, net: remove `SOCK_COREDUMP`
fs/coredump.c | 47 +++--
include/linux/lsm_hook_defs.h | 3 +-
include/linux/net.h | 1 -
include/linux/security.h | 4 +-
include/net/af_unix.h | 2 +
net/unix/af_unix.c | 335 +++++++++++++++++++++++++---------
security/landlock/fs.c | 7 +-
security/security.c | 5 +-
8 files changed, 287 insertions(+), 117 deletions(-)
--
2.54.0
More information about the Linux-security-module-archive
mailing list