From aa2b237ce51ef12c213ac55d4d3aba509cb3133e Mon Sep 17 00:00:00 2001 From: Robert Haas Date: Wed, 5 Sep 2012 14:01:15 -0400 Subject: [PATCH] sepgsql cleanups. This is needed to match recent changes elsewhere. Along the way, some renaming for clarity. KaiGai Kohei --- contrib/sepgsql/database.c | 1 + contrib/sepgsql/dml.c | 15 ++++++++------- contrib/sepgsql/hooks.c | 8 ++++---- contrib/sepgsql/label.c | 1 + contrib/sepgsql/proc.c | 2 ++ contrib/sepgsql/relation.c | 2 ++ contrib/sepgsql/schema.c | 1 + contrib/sepgsql/selinux.c | 6 +++--- contrib/sepgsql/sepgsql.h | 8 ++++---- contrib/sepgsql/uavc.c | 12 +++++++----- 10 files changed, 33 insertions(+), 23 deletions(-) diff --git a/contrib/sepgsql/database.c b/contrib/sepgsql/database.c index 5a4246752a..c15f2d0e0c 100644 --- a/contrib/sepgsql/database.c +++ b/contrib/sepgsql/database.c @@ -12,6 +12,7 @@ #include "access/genam.h" #include "access/heapam.h" +#include "access/htup_details.h" #include "access/sysattr.h" #include "catalog/dependency.h" #include "catalog/pg_database.h" diff --git a/contrib/sepgsql/dml.c b/contrib/sepgsql/dml.c index 47a1087417..49502f50e7 100644 --- a/contrib/sepgsql/dml.c +++ b/contrib/sepgsql/dml.c @@ -10,6 +10,7 @@ */ #include "postgres.h" +#include "access/htup_details.h" #include "access/sysattr.h" #include "access/tupdesc.h" #include "catalog/catalog.h" @@ -148,7 +149,7 @@ check_relation_privileges(Oid relOid, Bitmapset *selected, Bitmapset *modified, uint32 required, - bool abort) + bool abort_on_violation) { ObjectAddress object; char *audit_name; @@ -194,7 +195,7 @@ check_relation_privileges(Oid relOid, SEPG_CLASS_DB_TABLE, required, audit_name, - abort); + abort_on_violation); break; case RELKIND_SEQUENCE: @@ -205,7 +206,7 @@ check_relation_privileges(Oid relOid, SEPG_CLASS_DB_SEQUENCE, SEPG_DB_SEQUENCE__GET_VALUE, audit_name, - abort); + abort_on_violation); break; case RELKIND_VIEW: @@ -213,7 +214,7 @@ check_relation_privileges(Oid relOid, SEPG_CLASS_DB_VIEW, SEPG_DB_VIEW__EXPAND, audit_name, - abort); + abort_on_violation); break; default: @@ -264,7 +265,7 @@ check_relation_privileges(Oid relOid, SEPG_CLASS_DB_COLUMN, column_perms, audit_name, - abort); + abort_on_violation); pfree(audit_name); if (!result) @@ -279,7 +280,7 @@ check_relation_privileges(Oid relOid, * Entrypoint of the DML permission checks */ bool -sepgsql_dml_privileges(List *rangeTabls, bool abort) +sepgsql_dml_privileges(List *rangeTabls, bool abort_on_violation) { ListCell *lr; @@ -351,7 +352,7 @@ sepgsql_dml_privileges(List *rangeTabls, bool abort) if (!check_relation_privileges(tableOid, selectedCols, modifiedCols, - required, abort)) + required, abort_on_violation)) return false; } list_free(tableIds); diff --git a/contrib/sepgsql/hooks.c b/contrib/sepgsql/hooks.c index 914519109c..f3cf1c5f88 100644 --- a/contrib/sepgsql/hooks.c +++ b/contrib/sepgsql/hooks.c @@ -265,9 +265,9 @@ static void sepgsql_utility_command(Node *parsetree, const char *queryString, ParamListInfo params, - bool isTopLevel, DestReceiver *dest, - char *completionTag) + char *completionTag, + ProcessUtilityContext context) { sepgsql_context_info_t saved_context_info = sepgsql_context_info; ListCell *cell; @@ -328,10 +328,10 @@ sepgsql_utility_command(Node *parsetree, if (next_ProcessUtility_hook) (*next_ProcessUtility_hook) (parsetree, queryString, params, - isTopLevel, dest, completionTag); + dest, completionTag, context); else standard_ProcessUtility(parsetree, queryString, params, - isTopLevel, dest, completionTag); + dest, completionTag, context); } PG_CATCH(); { diff --git a/contrib/sepgsql/label.c b/contrib/sepgsql/label.c index 23577b5844..3ebf273326 100644 --- a/contrib/sepgsql/label.c +++ b/contrib/sepgsql/label.c @@ -11,6 +11,7 @@ #include "postgres.h" #include "access/heapam.h" +#include "access/htup_details.h" #include "access/genam.h" #include "access/xact.h" #include "catalog/catalog.h" diff --git a/contrib/sepgsql/proc.c b/contrib/sepgsql/proc.c index b68314d878..fbd358a8c1 100644 --- a/contrib/sepgsql/proc.c +++ b/contrib/sepgsql/proc.c @@ -12,12 +12,14 @@ #include "access/genam.h" #include "access/heapam.h" +#include "access/htup_details.h" #include "access/sysattr.h" #include "catalog/dependency.h" #include "catalog/indexing.h" #include "catalog/pg_namespace.h" #include "catalog/pg_proc.h" #include "commands/seclabel.h" +#include "lib/stringinfo.h" #include "utils/builtins.h" #include "utils/fmgroids.h" #include "utils/lsyscache.h" diff --git a/contrib/sepgsql/relation.c b/contrib/sepgsql/relation.c index e759a7d98e..4ab7fc8be9 100644 --- a/contrib/sepgsql/relation.c +++ b/contrib/sepgsql/relation.c @@ -12,6 +12,7 @@ #include "access/genam.h" #include "access/heapam.h" +#include "access/htup_details.h" #include "access/sysattr.h" #include "catalog/indexing.h" #include "catalog/dependency.h" @@ -20,6 +21,7 @@ #include "catalog/pg_namespace.h" #include "commands/seclabel.h" #include "utils/fmgroids.h" +#include "utils/catcache.h" #include "utils/lsyscache.h" #include "utils/syscache.h" #include "utils/tqual.h" diff --git a/contrib/sepgsql/schema.c b/contrib/sepgsql/schema.c index 230449dc4b..e063e394da 100644 --- a/contrib/sepgsql/schema.c +++ b/contrib/sepgsql/schema.c @@ -12,6 +12,7 @@ #include "access/genam.h" #include "access/heapam.h" +#include "access/htup_details.h" #include "access/sysattr.h" #include "catalog/dependency.h" #include "catalog/indexing.h" diff --git a/contrib/sepgsql/selinux.c b/contrib/sepgsql/selinux.c index baf92b6f6d..7df98175dd 100644 --- a/contrib/sepgsql/selinux.c +++ b/contrib/sepgsql/selinux.c @@ -893,7 +893,7 @@ sepgsql_compute_create(const char *scontext, * tclass: class code (SEPG_CLASS_*) of the object being referenced * required: a mask of required permissions (SEPG___) * audit_name: a human readable object name for audit logs, or NULL. - * abort: true, if caller wants to raise an error on access violation + * abort_on_violation: true, if error shall be raised on access violation */ bool sepgsql_check_perms(const char *scontext, @@ -901,7 +901,7 @@ sepgsql_check_perms(const char *scontext, uint16 tclass, uint32 required, const char *audit_name, - bool abort) + bool abort_on_violation) { struct av_decision avd; uint32 denied; @@ -937,7 +937,7 @@ sepgsql_check_perms(const char *scontext, audit_name); } - if (!result && abort) + if (!result && abort_on_violation) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), errmsg("SELinux: security policy violation"))); diff --git a/contrib/sepgsql/sepgsql.h b/contrib/sepgsql/sepgsql.h index 479b136909..9c89eaa893 100644 --- a/contrib/sepgsql/sepgsql.h +++ b/contrib/sepgsql/sepgsql.h @@ -247,7 +247,7 @@ extern bool sepgsql_check_perms(const char *scontext, uint16 tclass, uint32 required, const char *audit_name, - bool abort); + bool abort_on_violation); /* * uavc.c @@ -257,12 +257,12 @@ extern bool sepgsql_avc_check_perms_label(const char *tcontext, uint16 tclass, uint32 required, const char *audit_name, - bool abort); + bool abort_on_violation); extern bool sepgsql_avc_check_perms(const ObjectAddress *tobject, uint16 tclass, uint32 required, const char *audit_name, - bool abort); + bool abort_on_violation); extern char *sepgsql_avc_trusted_proc(Oid functionId); extern void sepgsql_avc_init(void); @@ -285,7 +285,7 @@ extern Datum sepgsql_restorecon(PG_FUNCTION_ARGS); /* * dml.c */ -extern bool sepgsql_dml_privileges(List *rangeTabls, bool abort); +extern bool sepgsql_dml_privileges(List *rangeTabls, bool abort_on_violation); /* * database.c diff --git a/contrib/sepgsql/uavc.c b/contrib/sepgsql/uavc.c index 9641a17d79..04ec305606 100644 --- a/contrib/sepgsql/uavc.c +++ b/contrib/sepgsql/uavc.c @@ -335,7 +335,7 @@ sepgsql_avc_lookup(const char *scontext, const char *tcontext, uint16 tclass) * * It returns 'true', if the security policy suggested to allow the required * permissions. Otherwise, it returns 'false' or raises an error according - * to the 'abort' argument. + * to the 'abort_on_violation' argument. * The 'tobject' and 'tclass' identify the target object being referenced, * and 'required' is a bitmask of permissions (SEPG_*__*) defined for each * object classes. @@ -345,7 +345,8 @@ sepgsql_avc_lookup(const char *scontext, const char *tcontext, uint16 tclass) bool sepgsql_avc_check_perms_label(const char *tcontext, uint16 tclass, uint32 required, - const char *audit_name, bool abort) + const char *audit_name, + bool abort_on_violation) { char *scontext = sepgsql_get_client_label(); avc_cache *cache; @@ -415,7 +416,7 @@ sepgsql_avc_check_perms_label(const char *tcontext, audit_name); } - if (abort && !result) + if (abort_on_violation && !result) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), errmsg("SELinux: security policy violation"))); @@ -426,14 +427,15 @@ sepgsql_avc_check_perms_label(const char *tcontext, bool sepgsql_avc_check_perms(const ObjectAddress *tobject, uint16 tclass, uint32 required, - const char *audit_name, bool abort) + const char *audit_name, + bool abort_on_violation) { char *tcontext = GetSecurityLabel(tobject, SEPGSQL_LABEL_TAG); bool rc; rc = sepgsql_avc_check_perms_label(tcontext, tclass, required, - audit_name, abort); + audit_name, abort_on_violation); if (tcontext) pfree(tcontext); -- 2.40.0