On 9/5/23 12:02 PM, Martin KaFai Lau wrote:

quoted

@@ -1766,14 +1787,37 @@ static int unix_getname(struct socket *sock, struct 

sockaddr *uaddr, int peer)
      if (!addr) {
          sunaddr->sun_family = AF_UNIX;
          sunaddr->sun_path[0] = 0;
-        err = offsetof(struct sockaddr_un, sun_path);
+        addr_len = offsetof(struct sockaddr_un, sun_path);
      } else {
-        err = addr->len;
+        addr_len = addr->len;
          memcpy(sunaddr, addr->name, addr->len);
      }
+
+    if (peer && cgroup_bpf_enabled(CGROUP_UNIX_GETPEERNAME)) {
+        err = BPF_CGROUP_RUN_SA_PROG(sk, uaddr, &addr_len,
+                         CGROUP_UNIX_GETPEERNAME);
+        if (err)

UNIX_GETPEERNAME can only have return value 1 (OK), so no need to do err check 
here.

quoted

+            goto out;
+
+        err = unix_validate_addr(sunaddr, addr_len);

Since the kfunc is specific to the unix address, how about doing the 
unix_validate_addr check in the kfunc itself?

When reading patch 3 again, the kfunc has already checked the addrlen with the 
UNIX_PATH_MAX. It should be as good as unix_validate_addr() check considering 
the kfunc can only change the sunaddr->sun_path?