[RFC PATCH 0/3] coredump, net: fix layer violation with direct connection
From: John Ericson <hidden>
Date: 2026-07-03 07:40:45
Also in:
linux-fsdevel, linux-security-module, lkml
From: John Ericson <redacted> In https://lore.kernel.org/all/akWxrjOl4Up02Bvq@pop-os.localdomain/ (local) Cong Wang asked about doing things without new syscalls for my fd-based connect idea. This got me investigating a few things, all of which I hope to submit as patches. This is the first one. I stumbled on `SOCK_COREDUMP` in `af_unix.c`, and I realized that this was --- right in the part of the kernel I was already looking at --- an excellent example of something that directly connecting to a socket could do better. This is not because the filesystem would never be involved (the interface in procfs still specifies a path) but because the core dumper wants to resolve that path differently than the usual way. The first two commits are refactors that expose/create the necessary functionality, and then the last commit actually does the untangling of the unix socket implementation and the core dumper. See especially that third commit message for details. I hope this is a compelling use-case for you all, that does not touch the UABI yet, but also does just the sort of thing that would be nice to expose with a new syscall. John John Ericson (3): af_unix: factor out unix_lookup_bsd_path() af_unix: factor out kernel_unix_connect_direct() coredump, net: remove `SOCK_COREDUMP` fs/coredump.c | 47 +++-- include/linux/lsm_hook_defs.h | 3 +- include/linux/net.h | 1 - include/linux/security.h | 4 +- include/net/af_unix.h | 2 + net/unix/af_unix.c | 335 +++++++++++++++++++++++++--------- security/landlock/fs.c | 7 +- security/security.c | 5 +- 8 files changed, 287 insertions(+), 117 deletions(-) -- 2.54.0