git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Günther Noack <gnoack3000@gmail.com>
	Fri, 27 Mar 2026 16:48:35 +0000 (17:48 +0100)
committer	Mickaël Salaün <mic@digikod.net>
	Tue, 7 Apr 2026 16:51:10 +0000 (18:51 +0200)
commit	f433fd3fa275e52fc1c7107e8aa57f1d037ee341
tree	aba86398beb555c10a7b66846b9e4f97fd8acfcf	tree \| snapshot
parent	0f42f5be0b21c625ca52b9df96f452153aea05a8	commit \| diff

selftests/landlock: Check that coredump sockets stay unrestricted

Even when a process is restricted with the new
LANDLOCK_ACCESS_FS_RESOLVE_UNIX right, the kernel can continue writing
its coredump to the configured coredump socket.

In the test, we create a local server and rewire the system to write
coredumps into it. We then create a child process within a Landlock
domain where LANDLOCK_ACCESS_FS_RESOLVE_UNIX is restricted and make
the process crash. The test uses SO_PEERCRED to check that the
connecting client process is the expected one.

Includes a fix by Mickaël Salaün for setting the EUID to 0 (see [1]).

Link[1]: https://lore.kernel.org/all/20260218.ohth8theu8Yi@digikod.net/
Suggested-by: Mickaël Salaün <mic@digikod.net>
Signed-off-by: Günther Noack <gnoack3000@gmail.com>
Link: https://lore.kernel.org/r/20260327164838.38231-11-gnoack3000@gmail.com
Signed-off-by: Mickaël Salaün <mic@digikod.net>