git: 16de94eaf09b - main - audit: Fix logging of IPv6 addresses
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 21 Apr 2026 13:28:19 UTC
The branch main has been updated by gallatin:
URL: https://cgit.FreeBSD.org/src/commit/?id=16de94eaf09b75a9a1e90254a6fe5812f55f4cab
commit 16de94eaf09b75a9a1e90254a6fe5812f55f4cab
Author: Andrew Gallatin <gallatin@FreeBSD.org>
AuthorDate: 2026-04-20 21:35:46 +0000
Commit: Andrew Gallatin <gallatin@FreeBSD.org>
CommitDate: 2026-04-21 13:27:43 +0000
audit: Fix logging of IPv6 addresses
- kaudit_to_bsm: Log IPv6 as well as IPv4 and unix addrs
- au_to_sock_inet128: Treat ports the same way as au_to_sock_inet32() as
just pushing a uint16 causes byte ordering problems on little endian.
Differential Revision: https://reviews.freebsd.org/D39633
Sponsored by: Netflix
Reviewed by: csjp
---
sys/security/audit/audit_bsm.c | 17 +++++++++++++++--
sys/security/audit/bsm_token.c | 2 +-
2 files changed, 16 insertions(+), 3 deletions(-)
diff --git a/sys/security/audit/audit_bsm.c b/sys/security/audit/audit_bsm.c
index 6cd96ebe092f..4654b607aea5 100644
--- a/sys/security/audit/audit_bsm.c
+++ b/sys/security/audit/audit_bsm.c
@@ -542,6 +542,11 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau)
kau_write(rec, tok);
UPATH1_TOKENS;
}
+ if (ARG_IS_VALID(kar, ARG_SADDRINET6)) {
+ tok = au_to_sock_inet128((struct sockaddr_in6 *)
+ &ar->ar_arg_sockaddr);
+ kau_write(rec, tok);
+ }
break;
case AUE_BIND:
@@ -571,7 +576,11 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau)
kau_write(rec, tok);
UPATH1_TOKENS;
}
- /* XXX Need to handle ARG_SADDRINET6 */
+ if (ARG_IS_VALID(kar, ARG_SADDRINET6)) {
+ tok = au_to_sock_inet128((struct sockaddr_in6 *)
+ &ar->ar_arg_sockaddr);
+ kau_write(rec, tok);
+ }
break;
case AUE_BINDAT:
@@ -602,7 +611,11 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau)
kau_write(rec, tok);
UPATH1_TOKENS;
}
- /* XXX Need to handle ARG_SADDRINET6 */
+ if (ARG_IS_VALID(kar, ARG_SADDRINET6)) {
+ tok = au_to_sock_inet128((struct sockaddr_in6 *)
+ &ar->ar_arg_sockaddr);
+ kau_write(rec, tok);
+ }
break;
case AUE_SOCKET:
diff --git a/sys/security/audit/bsm_token.c b/sys/security/audit/bsm_token.c
index f704f75c17df..ccf7ab7d2cc8 100644
--- a/sys/security/audit/bsm_token.c
+++ b/sys/security/audit/bsm_token.c
@@ -1065,7 +1065,7 @@ au_to_sock_inet128(struct sockaddr_in6 *so)
ADD_U_CHAR(dptr, 0);
ADD_U_CHAR(dptr, so->sin6_family);
- ADD_U_INT16(dptr, so->sin6_port);
+ ADD_MEM(dptr, &so->sin6_port, sizeof(uint16_t));
ADD_MEM(dptr, &so->sin6_addr, 4 * sizeof(uint32_t));
return (t);