Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 21 Apr 2026 13:28:19 +0000
From:      Andrew Gallatin <gallatin@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
Subject:   git: 16de94eaf09b - main - audit: Fix logging of IPv6 addresses
Message-ID:  <69e77b73.1e1de.18c989ff@gitrepo.freebsd.org>
index | next in thread | raw e-mail 

The branch main has been updated by gallatin:

URL: https://cgit.FreeBSD.org/src/commit/?id=16de94eaf09b75a9a1e90254a6fe5812f55f4cab

commit 16de94eaf09b75a9a1e90254a6fe5812f55f4cab
Author:     Andrew Gallatin <gallatin@FreeBSD.org>
AuthorDate: 2026-04-20 21:35:46 +0000
Commit:     Andrew Gallatin <gallatin@FreeBSD.org>
CommitDate: 2026-04-21 13:27:43 +0000

    audit: Fix logging of IPv6 addresses
    
    - kaudit_to_bsm: Log IPv6 as well as IPv4 and unix addrs
    - au_to_sock_inet128: Treat ports the same way as au_to_sock_inet32() as
      just pushing a uint16 causes byte ordering problems on little endian.
    
    Differential Revision: https://reviews.freebsd.org/D39633
    Sponsored by: Netflix
    Reviewed by: csjp
---
 sys/security/audit/audit_bsm.c | 17 +++++++++++++++--
 sys/security/audit/bsm_token.c |  2 +-
 2 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/sys/security/audit/audit_bsm.c b/sys/security/audit/audit_bsm.c
index 6cd96ebe092f..4654b607aea5 100644
--- a/sys/security/audit/audit_bsm.c
+++ b/sys/security/audit/audit_bsm.c
@@ -542,6 +542,11 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau)
 			kau_write(rec, tok);
 			UPATH1_TOKENS;
 		}
+		if (ARG_IS_VALID(kar, ARG_SADDRINET6)) {
+			tok = au_to_sock_inet128((struct sockaddr_in6 *)
+			    &ar->ar_arg_sockaddr);
+			kau_write(rec, tok);
+		}
 		break;
 
 	case AUE_BIND:
@@ -571,7 +576,11 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau)
 			kau_write(rec, tok);
 			UPATH1_TOKENS;
 		}
-		/* XXX Need to handle ARG_SADDRINET6 */
+		if (ARG_IS_VALID(kar, ARG_SADDRINET6)) {
+			tok = au_to_sock_inet128((struct sockaddr_in6 *)
+			    &ar->ar_arg_sockaddr);
+			kau_write(rec, tok);
+		}
 		break;
 
 	case AUE_BINDAT:
@@ -602,7 +611,11 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau)
 			kau_write(rec, tok);
 			UPATH1_TOKENS;
 		}
-		/* XXX Need to handle ARG_SADDRINET6 */
+		if (ARG_IS_VALID(kar, ARG_SADDRINET6)) {
+			tok = au_to_sock_inet128((struct sockaddr_in6 *)
+			    &ar->ar_arg_sockaddr);
+			kau_write(rec, tok);
+		}
 		break;
 
 	case AUE_SOCKET:
diff --git a/sys/security/audit/bsm_token.c b/sys/security/audit/bsm_token.c
index f704f75c17df..ccf7ab7d2cc8 100644
--- a/sys/security/audit/bsm_token.c
+++ b/sys/security/audit/bsm_token.c
@@ -1065,7 +1065,7 @@ au_to_sock_inet128(struct sockaddr_in6 *so)
 	ADD_U_CHAR(dptr, 0);
 	ADD_U_CHAR(dptr, so->sin6_family);
 
-	ADD_U_INT16(dptr, so->sin6_port);
+	ADD_MEM(dptr, &so->sin6_port, sizeof(uint16_t));
 	ADD_MEM(dptr, &so->sin6_addr, 4 * sizeof(uint32_t));
 
 	return (t);
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69e77b73.1e1de.18c989ff>