More importantly, there is the question you raised of whether this should be done in userspace by libc instead. That would avoid upstream having to wonder, "why should we care what happens when someone using a BSD4.3-style bind() calls our BSD4.4-style kernel"? So it's tempting.
For now I propose to silently shorten too long size in kernel. I.e instead of if (soun->sun_len > sizeof(struct sockaddr_un)) return (EINVAL); add if (soun->sun_len > sizeof(struct sockaddr_un)) { if (soun->sun_len > (4 + sizeof(struct sockaddr_un))) return (EINVAL); else soun->sun_len = sizeof(struct sockaddr_un); } This would allow all usual situation to be handled without problem. Even upstream have problem with added check in linux emulation, see http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/compat/linux/linux_socket.c.diff?r1=1.108;r2=1.109;f=hIn long term, we could clip the size in libc, but for stable security upload we should just silently clip the passed size.
Petr