More importantly, there is the question you raised of whether this should be done in userspace by libc instead. That would avoid upstream having to wonder, "why should we care what happens when someone using a BSD4.3-style bind() calls our BSD4.4-style kernel"? So it's tempting.
For now I propose to silently shorten too long size in kernel.
I.e instead of
if (soun->sun_len > sizeof(struct sockaddr_un))
return (EINVAL);
add
if (soun->sun_len > sizeof(struct sockaddr_un))
{
if (soun->sun_len > (4 + sizeof(struct sockaddr_un)))
return (EINVAL);
else
soun->sun_len = sizeof(struct sockaddr_un);
}
This would allow all usual situation to be handled without problem.
Even upstream have problem with added check in linux emulation, see
http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/compat/linux/linux_socket.c.diff?r1=1.108;r2=1.109;f=h
In long term, we could clip the size in libc, but for stable security
upload we should just silently clip the passed size.
Petr