Netdev List
 help / color / mirror / Atom feed
From: Cong Wang <cwang@multikernel.io>
To: John Ericson <mail@johnericson.me>
Cc: Li Chen <me@linux.beauty>, Andy Lutomirski <luto@kernel.org>,
	Christian Brauner <brauner@kernel.org>,
	Jens Axboe <axboe@kernel.dk>,
	network dev <netdev@vger.kernel.org>,
	linux-fsdevel <linux-fsdevel@vger.kernel.org>
Subject: Re: [RFC] connectat()/bindat() or an alternative design
Date: Wed, 1 Jul 2026 17:32:46 -0700	[thread overview]
Message-ID: <akWxrjOl4Up02Bvq@pop-os.localdomain> (raw)
In-Reply-To: <e396ce86-ec84-4189-9da2-98af7cfa6c41@app.fastmail.com>

On Tue, Jun 30, 2026 at 04:22:25PM -0400, John Ericson wrote:
> I'm bumping this and adding new recipients again in light of the
> discussion happening elsewhere in
> <https://lore.kernel.org/all/a49ce818-f38d-41b0-bbf7-80b8aad998b1@app.fastmail.com/>.
> I don't want to count my chickens before they are hatched, but it is
> looking to me like a consensus in that thread is building around the
> ability to opt into intentionally empty/unusable root and working
> directories (at least with nullfs, maybe but less likely with other
> mechanisms instead).
> 
> That new functionality concretizes the motivation for what I am
> proposing in this thread: in such a world, there is little to no point
> binding listening sockets in the file system, because the containing
> directory would have to be conveyed by file descriptor anyways --- might
> as well just directly convey the socket to connect to by file
> descriptor. Likewise, abstract sockets are not appealing, because the
> abstract socket namespace is either too coarse-grained (leaking info in
> the same way root/cwd would), or too cumbersome to keep it from leaking.
> 
> To recap (with some slight changes, like renames), my latest proposal (a
> new version, not either of the two variations in the original email) is
> new syscalls `bind_unix_anon` and `connectat`, supporting a workflow
> like this:
> 
>     /* server */
>     int lfd = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
>     int addrfd = bind_unix_anon(
>             lfd,
>             /*flags, for the future*/0);
>     listen(lfd, 64);
> 
>     /* client, handed `addrfd` */
>     int cfd = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
>     connectat(addrfd, cfd, AT_EMPTY_PATH);
> 
> Or, more radically, `bind_unix_anon` and `connectat` could let one skip
> the initial `socket` calls by returning those new sockets directly:

Hm? Why not just setsockopt()? Something like:

struct unix_lookup_ctx {
    int dirfd;
    __u64 resolve_flags;   /* RESOLVE_BENEATH, RESOLVE_NO_SYMLINKS, etc. */
    __u64 op_flags;        /* maybe future */
};

setsockopt(fd, SOL_UNIX, UNIX_NEXT_LOOKUP,
           &ctx, sizeof(ctx));

bind(fd, (struct sockaddr *)&addr, addrlen);
/* or connect(fd, ...) */


Zero new syscall is needed.

Regards,
Cong

  parent reply	other threads:[~2026-07-02  0:32 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-05-18 19:09 [RFC] connectat()/bindat() or an alternative design John Ericson
2026-06-08 19:45 ` Cong Wang
2026-06-11  2:08   ` John Ericson
2026-06-12 18:50     ` Cong Wang
2026-06-23 17:40       ` John Ericson
2026-06-30 20:22         ` John Ericson
2026-07-01 19:41           ` John Ericson
2026-07-02  0:32           ` Cong Wang [this message]
2026-07-02  3:22             ` John Ericson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=akWxrjOl4Up02Bvq@pop-os.localdomain \
    --to=cwang@multikernel.io \
    --cc=axboe@kernel.dk \
    --cc=brauner@kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=luto@kernel.org \
    --cc=mail@johnericson.me \
    --cc=me@linux.beauty \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox