apparmor: fix af_unix auditing to include all address information

The auditing of addresses currently doesn't include the source address and mixes source and foreign/peer under the same audit name. Fix this so source is always addr, and the foreign/peer is peer_addr. Fixes: c05e705812d1 ("apparmor: add fine grained af_unix mediation") Signed-off-by: John Johansen <[email protected]>
author: John Johansen <[email protected]> 2025-06-14 20:49:02 +0000
committer: John Johansen <[email protected]> 2025-07-16 05:39:43 +0000
commit: a30a9fdb66319466a7c76b455524d27c75d2b05b (patch)
tree: 27e5836d6979adef7799a31c282a03ae8c3efaef /security/apparmor/include
parent: apparmor: Remove use of the double lock (diff)
download: kernel-a30a9fdb66319466a7c76b455524d27c75d2b05b.tar.gz
kernel-a30a9fdb66319466a7c76b455524d27c75d2b05b.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/security/apparmor/include/audit.h b/security/apparmor/include/audit.h
index 365bc67dd150..1a71a94ea19c 100644
--- a/security/apparmor/include/audit.h
+++ b/security/apparmor/include/audit.h
@@ -140,6 +140,10 @@ struct apparmor_audit_data {
 					int type, protocol;
 					void *addr;
 					int addrlen;
+					struct {
+						void *addr;
+						int addrlen;
+					} peer;
 				} net;
 			};
 		};
author	John Johansen <[email protected]>	2025-06-14 20:49:02 +0000
committer	John Johansen <[email protected]>	2025-07-16 05:39:43 +0000
commit	a30a9fdb66319466a7c76b455524d27c75d2b05b (patch)
tree	27e5836d6979adef7799a31c282a03ae8c3efaef /security/apparmor/include
parent	apparmor: Remove use of the double lock (diff)
download	kernel-a30a9fdb66319466a7c76b455524d27c75d2b05b.tar.gz kernel-a30a9fdb66319466a7c76b455524d27c75d2b05b.zip