apparmor: fix af_unix auditing to include all address information

The auditing of addresses currently doesn't include the source address
and mixes source and foreign/peer under the same audit name. Fix this
so source is always addr, and the foreign/peer is peer_addr.

Fixes: c05e705812d1 ("apparmor: add fine grained af_unix mediation")
Signed-off-by: John Johansen <john.johansen@canonical.com>

1 files changed, 12 insertions, 8 deletions

diff --git a/security/apparmor/net.c b/security/apparmor/net.c
index e6f9e11eaa6a..2da554cc3a35 100644
--- a/security/apparmor/net.c
+++ b/security/apparmor/net.c
@@ -99,10 +99,15 @@ static void audit_unix_sk_addr(struct audit_buffer *ab, const char *str,
 {
 	const struct unix_sock *u = unix_sk(sk);
 
-	if (u && u->addr)
-		audit_unix_addr(ab, str, u->addr->name, u->addr->len);
-	else
+	if (u && u->addr) {
+		int addrlen;
+		struct sockaddr_un *addr = aa_sunaddr(u, &addrlen);
+
+		audit_unix_addr(ab, str, addr, addrlen);
+	} else {
 		audit_unix_addr(ab, str, NULL, 0);
+
+	}
 }
 
 /* audit callback for net specific fields */
@@ -137,17 +142,16 @@ void audit_net_cb(struct audit_buffer *ab, void *va)
 		}
 	}
 	if (ad->common.u.net->family == PF_UNIX) {
-		if ((ad->request & ~NET_PEER_MASK) && ad->net.addr)
+		if (ad->net.addr || !ad->common.u.net->sk)
 			audit_unix_addr(ab, "addr",
 					unix_addr(ad->net.addr),
 					ad->net.addrlen);
 		else
 			audit_unix_sk_addr(ab, "addr", ad->common.u.net->sk);
 		if (ad->request & NET_PEER_MASK) {
-			if (ad->net.addr)
-				audit_unix_addr(ab, "peer_addr",
-						unix_addr(ad->net.addr),
-						ad->net.addrlen);
+			audit_unix_addr(ab, "peer_addr",
+					unix_addr(ad->net.peer.addr),
+					ad->net.peer.addrlen);
 		}
 	}
 	if (ad->peer) {