From a30a9fdb66319466a7c76b455524d27c75d2b05b Mon Sep 17 00:00:00 2001
From: John Johansen <john.johansen@canonical.com>
Date: Sat, 14 Jun 2025 13:49:02 -0700
Subject: apparmor: fix af_unix auditing to include all address information

The auditing of addresses currently doesn't include the source address
and mixes source and foreign/peer under the same audit name. Fix this
so source is always addr, and the foreign/peer is peer_addr.

Fixes: c05e705812d1 ("apparmor: add fine grained af_unix mediation")
Signed-off-by: John Johansen <john.johansen@canonical.com>
---
 security/apparmor/af_unix.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'security/apparmor/af_unix.c')

diff --git a/security/apparmor/af_unix.c b/security/apparmor/af_unix.c
index 53ccf9becdf7..03d44fa19d12 100644
--- a/security/apparmor/af_unix.c
+++ b/security/apparmor/af_unix.c
@@ -584,8 +584,8 @@ static int unix_peer_perm(const struct cred *subj_cred,
 	struct aa_profile *profile;
 	DEFINE_AUDIT_SK(ad, op, subj_cred, sk);
 
-	ad.net.addr = peer_addr;
-	ad.net.addrlen = peer_addrlen;
+	ad.net.peer.addr = peer_addr;
+	ad.net.peer.addrlen = peer_addrlen;
 
 	return fn_for_each_confined(label, profile,
 			profile_peer_perm(profile, request, sk,
-- 
cgit