PostgreSQL Source Code  git master
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros
proc.c File Reference
#include "postgres.h"
#include "access/genam.h"
#include "access/heapam.h"
#include "access/htup_details.h"
#include "access/sysattr.h"
#include "catalog/dependency.h"
#include "catalog/indexing.h"
#include "catalog/pg_namespace.h"
#include "catalog/pg_proc.h"
#include "catalog/pg_type.h"
#include "commands/seclabel.h"
#include "lib/stringinfo.h"
#include "utils/builtins.h"
#include "utils/fmgroids.h"
#include "utils/lsyscache.h"
#include "utils/syscache.h"
#include "utils/tqual.h"
#include "sepgsql.h"
Include dependency graph for proc.c:

Go to the source code of this file.

Functions

void sepgsql_proc_post_create (Oid functionId)
 
void sepgsql_proc_drop (Oid functionId)
 
void sepgsql_proc_relabel (Oid functionId, const char *seclabel)
 
void sepgsql_proc_setattr (Oid functionId)
 
void sepgsql_proc_execute (Oid functionId)
 

Function Documentation

void sepgsql_proc_drop ( Oid  functionId)

Definition at line 157 of file proc.c.

References ObjectAddress::classId, get_func_namespace(), getObjectIdentity(), NamespaceRelationId, pfree(), ProcedureRelationId, SEPG_CLASS_DB_PROCEDURE, SEPG_CLASS_DB_SCHEMA, SEPG_DB_PROCEDURE__DROP, SEPG_DB_SCHEMA__REMOVE_NAME, and sepgsql_avc_check_perms().

Referenced by sepgsql_object_access().

158 {
159  ObjectAddress object;
160  char *audit_name;
161 
162  /*
163  * check db_schema:{remove_name} permission
164  */
165  object.classId = NamespaceRelationId;
166  object.objectId = get_func_namespace(functionId);
167  object.objectSubId = 0;
168  audit_name = getObjectIdentity(&object);
169 
170  sepgsql_avc_check_perms(&object,
173  audit_name,
174  true);
175  pfree(audit_name);
176 
177  /*
178  * check db_procedure:{drop} permission
179  */
180  object.classId = ProcedureRelationId;
181  object.objectId = functionId;
182  object.objectSubId = 0;
183  audit_name = getObjectIdentity(&object);
184 
185  sepgsql_avc_check_perms(&object,
188  audit_name,
189  true);
190  pfree(audit_name);
191 }
#define SEPG_DB_PROCEDURE__DROP
Definition: sepgsql.h:160
#define NamespaceRelationId
Definition: pg_namespace.h:34
Oid get_func_namespace(Oid funcid)
Definition: lsyscache.c:1436
#define ProcedureRelationId
Definition: pg_proc.h:33
bool sepgsql_avc_check_perms(const ObjectAddress *tobject, uint16 tclass, uint32 required, const char *audit_name, bool abort_on_violation)
Definition: uavc.c:428
#define SEPG_CLASS_DB_SCHEMA
Definition: sepgsql.h:45
void pfree(void *pointer)
Definition: mcxt.c:950
char * getObjectIdentity(const ObjectAddress *object)
#define SEPG_CLASS_DB_PROCEDURE
Definition: sepgsql.h:48
#define SEPG_DB_SCHEMA__REMOVE_NAME
Definition: sepgsql.h:135
void sepgsql_proc_execute ( Oid  functionId)

Definition at line 317 of file proc.c.

References ObjectAddress::classId, getObjectIdentity(), pfree(), ProcedureRelationId, SEPG_CLASS_DB_PROCEDURE, SEPG_DB_PROCEDURE__EXECUTE, and sepgsql_avc_check_perms().

Referenced by sepgsql_object_access().

318 {
319  ObjectAddress object;
320  char *audit_name;
321 
322  /*
323  * check db_procedure:{execute} permission
324  */
325  object.classId = ProcedureRelationId;
326  object.objectId = functionId;
327  object.objectSubId = 0;
328  audit_name = getObjectIdentity(&object);
329  sepgsql_avc_check_perms(&object,
332  audit_name,
333  true);
334  pfree(audit_name);
335 }
#define SEPG_DB_PROCEDURE__EXECUTE
Definition: sepgsql.h:165
#define ProcedureRelationId
Definition: pg_proc.h:33
bool sepgsql_avc_check_perms(const ObjectAddress *tobject, uint16 tclass, uint32 required, const char *audit_name, bool abort_on_violation)
Definition: uavc.c:428
void pfree(void *pointer)
Definition: mcxt.c:950
char * getObjectIdentity(const ObjectAddress *object)
#define SEPG_CLASS_DB_PROCEDURE
Definition: sepgsql.h:48
void sepgsql_proc_post_create ( Oid  functionId)

Definition at line 39 of file proc.c.

References AccessShareLock, appendStringInfo(), appendStringInfoChar(), appendStringInfoString(), BTEqualStrategyNumber, StringInfoData::data, elog, ERROR, get_namespace_name(), getObjectIdentity(), GETSTRUCT, heap_close, heap_open(), HeapTupleIsValid, i, initStringInfo(), NamespaceRelationId, NameStr, ObjectIdAttributeNumber, ObjectIdGetDatum, pfree(), ProcedureOidIndexId, ProcedureRelationId, quote_qualified_identifier(), ScanKeyInit(), SEPG_CLASS_DB_PROCEDURE, SEPG_CLASS_DB_SCHEMA, SEPG_DB_PROCEDURE__CREATE, SEPG_DB_PROCEDURE__INSTALL, SEPG_DB_SCHEMA__ADD_NAME, sepgsql_avc_check_perms(), sepgsql_avc_check_perms_label(), sepgsql_compute_create(), sepgsql_get_client_label(), sepgsql_get_label(), SEPGSQL_LABEL_TAG, SetSecurityLabel(), SnapshotSelf, systable_beginscan(), systable_endscan(), systable_getnext(), and TypeRelationId.

Referenced by sepgsql_object_access().

40 {
41  Relation rel;
42  ScanKeyData skey;
43  SysScanDesc sscan;
44  HeapTuple tuple;
45  char *nsp_name;
46  char *scontext;
47  char *tcontext;
48  char *ncontext;
49  uint32 required;
50  int i;
51  StringInfoData audit_name;
52  ObjectAddress object;
53  Form_pg_proc proForm;
54 
55  /*
56  * Fetch namespace of the new procedure. Because pg_proc entry is not
57  * visible right now, we need to scan the catalog using SnapshotSelf.
58  */
60 
61  ScanKeyInit(&skey,
63  BTEqualStrategyNumber, F_OIDEQ,
64  ObjectIdGetDatum(functionId));
65 
66  sscan = systable_beginscan(rel, ProcedureOidIndexId, true,
67  SnapshotSelf, 1, &skey);
68 
69  tuple = systable_getnext(sscan);
70  if (!HeapTupleIsValid(tuple))
71  elog(ERROR, "could not find tuple for function %u", functionId);
72 
73  proForm = (Form_pg_proc) GETSTRUCT(tuple);
74 
75  /*
76  * check db_schema:{add_name} permission of the namespace
77  */
78  object.classId = NamespaceRelationId;
79  object.objectId = proForm->pronamespace;
80  object.objectSubId = 0;
84  getObjectIdentity(&object),
85  true);
86 
87  /*
88  * XXX - db_language:{implement} also should be checked here
89  */
90 
91 
92  /*
93  * Compute a default security label when we create a new procedure object
94  * under the specified namespace.
95  */
96  scontext = sepgsql_get_client_label();
98  proForm->pronamespace, 0);
99  ncontext = sepgsql_compute_create(scontext, tcontext,
101  NameStr(proForm->proname));
102 
103  /*
104  * check db_procedure:{create (install)} permission
105  */
106  initStringInfo(&audit_name);
107  nsp_name = get_namespace_name(proForm->pronamespace);
108  appendStringInfo(&audit_name, "%s(",
109  quote_qualified_identifier(nsp_name, NameStr(proForm->proname)));
110  for (i = 0; i < proForm->pronargs; i++)
111  {
112  if (i > 0)
113  appendStringInfoChar(&audit_name, ',');
114 
115  object.classId = TypeRelationId;
116  object.objectId = proForm->proargtypes.values[i];
117  object.objectSubId = 0;
118  appendStringInfoString(&audit_name, getObjectIdentity(&object));
119  }
120  appendStringInfoChar(&audit_name, ')');
121 
122  required = SEPG_DB_PROCEDURE__CREATE;
123  if (proForm->proleakproof)
124  required |= SEPG_DB_PROCEDURE__INSTALL;
125 
128  required,
129  audit_name.data,
130  true);
131 
132  /*
133  * Assign the default security label on a new procedure
134  */
135  object.classId = ProcedureRelationId;
136  object.objectId = functionId;
137  object.objectSubId = 0;
138  SetSecurityLabel(&object, SEPGSQL_LABEL_TAG, ncontext);
139 
140  /*
141  * Cleanup
142  */
143  systable_endscan(sscan);
145 
146  pfree(audit_name.data);
147  pfree(tcontext);
148  pfree(ncontext);
149 }
bool sepgsql_avc_check_perms_label(const char *tcontext, uint16 tclass, uint32 required, const char *audit_name, bool abort_on_violation)
Definition: uavc.c:346
#define ProcedureOidIndexId
Definition: indexing.h:216
#define NamespaceRelationId
Definition: pg_namespace.h:34
void systable_endscan(SysScanDesc sysscan)
Definition: genam.c:499
#define GETSTRUCT(TUP)
Definition: htup_details.h:656
void SetSecurityLabel(const ObjectAddress *object, const char *provider, const char *label)
Definition: seclabel.c:327
#define ObjectIdAttributeNumber
Definition: sysattr.h:22
#define ProcedureRelationId
Definition: pg_proc.h:33
char * sepgsql_get_label(Oid classId, Oid objectId, int32 subId)
Definition: label.c:463
bool sepgsql_avc_check_perms(const ObjectAddress *tobject, uint16 tclass, uint32 required, const char *audit_name, bool abort_on_violation)
Definition: uavc.c:428
#define AccessShareLock
Definition: lockdefs.h:36
#define heap_close(r, l)
Definition: heapam.h:97
#define SEPG_CLASS_DB_SCHEMA
Definition: sepgsql.h:45
#define TypeRelationId
Definition: pg_type.h:34
SysScanDesc systable_beginscan(Relation heapRelation, Oid indexId, bool indexOK, Snapshot snapshot, int nkeys, ScanKey key)
Definition: genam.c:328
HeapTuple systable_getnext(SysScanDesc sysscan)
Definition: genam.c:416
void pfree(void *pointer)
Definition: mcxt.c:950
void appendStringInfo(StringInfo str, const char *fmt,...)
Definition: stringinfo.c:78
#define SEPG_DB_PROCEDURE__CREATE
Definition: sepgsql.h:159
#define ObjectIdGetDatum(X)
Definition: postgres.h:513
#define ERROR
Definition: elog.h:43
char * getObjectIdentity(const ObjectAddress *object)
void appendStringInfoString(StringInfo str, const char *s)
Definition: stringinfo.c:157
char * get_namespace_name(Oid nspid)
Definition: lsyscache.c:3033
#define SEPG_CLASS_DB_PROCEDURE
Definition: sepgsql.h:48
#define SEPGSQL_LABEL_TAG
Definition: sepgsql.h:23
unsigned int uint32
Definition: c.h:268
#define SnapshotSelf
Definition: tqual.h:27
void appendStringInfoChar(StringInfo str, char ch)
Definition: stringinfo.c:169
void initStringInfo(StringInfo str)
Definition: stringinfo.c:46
char * quote_qualified_identifier(const char *qualifier, const char *ident)
Definition: ruleutils.c:10486
Relation heap_open(Oid relationId, LOCKMODE lockmode)
Definition: heapam.c:1284
#define SEPG_DB_SCHEMA__ADD_NAME
Definition: sepgsql.h:134
FormData_pg_proc * Form_pg_proc
Definition: pg_proc.h:83
#define HeapTupleIsValid(tuple)
Definition: htup.h:77
char * sepgsql_get_client_label(void)
Definition: label.c:91
char * sepgsql_compute_create(const char *scontext, const char *tcontext, uint16 tclass, const char *objname)
Definition: selinux.c:837
int i
#define NameStr(name)
Definition: c.h:499
void ScanKeyInit(ScanKey entry, AttrNumber attributeNumber, StrategyNumber strategy, RegProcedure procedure, Datum argument)
Definition: scankey.c:76
#define elog
Definition: elog.h:219
#define BTEqualStrategyNumber
Definition: stratnum.h:31
#define SEPG_DB_PROCEDURE__INSTALL
Definition: sepgsql.h:167
void sepgsql_proc_relabel ( Oid  functionId,
const char *  seclabel 
)

Definition at line 200 of file proc.c.

References ObjectAddress::classId, getObjectIdentity(), pfree(), ProcedureRelationId, SEPG_CLASS_DB_PROCEDURE, SEPG_DB_PROCEDURE__RELABELFROM, SEPG_DB_PROCEDURE__RELABELTO, SEPG_DB_PROCEDURE__SETATTR, sepgsql_avc_check_perms(), and sepgsql_avc_check_perms_label().

Referenced by sepgsql_object_relabel().

201 {
202  ObjectAddress object;
203  char *audit_name;
204 
205  object.classId = ProcedureRelationId;
206  object.objectId = functionId;
207  object.objectSubId = 0;
208  audit_name = getObjectIdentity(&object);
209 
210  /*
211  * check db_procedure:{setattr relabelfrom} permission
212  */
213  sepgsql_avc_check_perms(&object,
217  audit_name,
218  true);
219 
220  /*
221  * check db_procedure:{relabelto} permission
222  */
226  audit_name,
227  true);
228  pfree(audit_name);
229 }
bool sepgsql_avc_check_perms_label(const char *tcontext, uint16 tclass, uint32 required, const char *audit_name, bool abort_on_violation)
Definition: uavc.c:346
#define ProcedureRelationId
Definition: pg_proc.h:33
bool sepgsql_avc_check_perms(const ObjectAddress *tobject, uint16 tclass, uint32 required, const char *audit_name, bool abort_on_violation)
Definition: uavc.c:428
void pfree(void *pointer)
Definition: mcxt.c:950
char * getObjectIdentity(const ObjectAddress *object)
#define SEPG_DB_PROCEDURE__RELABELFROM
Definition: sepgsql.h:163
#define SEPG_CLASS_DB_PROCEDURE
Definition: sepgsql.h:48
#define SEPG_DB_PROCEDURE__RELABELTO
Definition: sepgsql.h:164
#define SEPG_DB_PROCEDURE__SETATTR
Definition: sepgsql.h:162
void sepgsql_proc_setattr ( Oid  functionId)

Definition at line 237 of file proc.c.

References AccessShareLock, BTEqualStrategyNumber, elog, ERROR, getObjectIdentity(), GETSTRUCT, heap_close, heap_open(), HeapTupleIsValid, NameStr, ObjectIdAttributeNumber, ObjectIdGetDatum, pfree(), ProcedureOidIndexId, ProcedureRelationId, PROCOID, ReleaseSysCache(), ScanKeyInit(), SearchSysCache1, SEPG_CLASS_DB_PROCEDURE, SEPG_DB_PROCEDURE__INSTALL, SEPG_DB_PROCEDURE__SETATTR, sepgsql_avc_check_perms(), sepgsql_schema_add_name(), sepgsql_schema_remove_name(), sepgsql_schema_rename(), SnapshotSelf, systable_beginscan(), systable_endscan(), and systable_getnext().

Referenced by sepgsql_object_access().

238 {
239  Relation rel;
240  ScanKeyData skey;
241  SysScanDesc sscan;
242  HeapTuple oldtup;
243  HeapTuple newtup;
244  Form_pg_proc oldform;
245  Form_pg_proc newform;
246  uint32 required;
247  ObjectAddress object;
248  char *audit_name;
249 
250  /*
251  * Fetch newer catalog
252  */
254 
255  ScanKeyInit(&skey,
257  BTEqualStrategyNumber, F_OIDEQ,
258  ObjectIdGetDatum(functionId));
259 
260  sscan = systable_beginscan(rel, ProcedureOidIndexId, true,
261  SnapshotSelf, 1, &skey);
262  newtup = systable_getnext(sscan);
263  if (!HeapTupleIsValid(newtup))
264  elog(ERROR, "could not find tuple for function %u", functionId);
265  newform = (Form_pg_proc) GETSTRUCT(newtup);
266 
267  /*
268  * Fetch older catalog
269  */
270  oldtup = SearchSysCache1(PROCOID, ObjectIdGetDatum(functionId));
271  if (!HeapTupleIsValid(oldtup))
272  elog(ERROR, "cache lookup failed for function %u", functionId);
273  oldform = (Form_pg_proc) GETSTRUCT(oldtup);
274 
275  /*
276  * Does this ALTER command takes operation to namespace?
277  */
278  if (newform->pronamespace != oldform->pronamespace)
279  {
280  sepgsql_schema_remove_name(oldform->pronamespace);
281  sepgsql_schema_add_name(oldform->pronamespace);
282  }
283  if (strcmp(NameStr(newform->proname), NameStr(oldform->proname)) != 0)
284  sepgsql_schema_rename(oldform->pronamespace);
285 
286  /*
287  * check db_procedure:{setattr (install)} permission
288  */
289  required = SEPG_DB_PROCEDURE__SETATTR;
290  if (!oldform->proleakproof && newform->proleakproof)
291  required |= SEPG_DB_PROCEDURE__INSTALL;
292 
293  object.classId = ProcedureRelationId;
294  object.objectId = functionId;
295  object.objectSubId = 0;
296  audit_name = getObjectIdentity(&object);
297 
298  sepgsql_avc_check_perms(&object,
300  required,
301  audit_name,
302  true);
303  /* cleanups */
304  pfree(audit_name);
305 
306  ReleaseSysCache(oldtup);
307  systable_endscan(sscan);
309 }
#define ProcedureOidIndexId
Definition: indexing.h:216
void systable_endscan(SysScanDesc sysscan)
Definition: genam.c:499
#define GETSTRUCT(TUP)
Definition: htup_details.h:656
#define ObjectIdAttributeNumber
Definition: sysattr.h:22
#define ProcedureRelationId
Definition: pg_proc.h:33
void sepgsql_schema_add_name(Oid namespaceId)
Definition: schema.c:219
bool sepgsql_avc_check_perms(const ObjectAddress *tobject, uint16 tclass, uint32 required, const char *audit_name, bool abort_on_violation)
Definition: uavc.c:428
void sepgsql_schema_remove_name(Oid namespaceId)
Definition: schema.c:225
#define AccessShareLock
Definition: lockdefs.h:36
#define heap_close(r, l)
Definition: heapam.h:97
SysScanDesc systable_beginscan(Relation heapRelation, Oid indexId, bool indexOK, Snapshot snapshot, int nkeys, ScanKey key)
Definition: genam.c:328
#define SearchSysCache1(cacheId, key1)
Definition: syscache.h:156
HeapTuple systable_getnext(SysScanDesc sysscan)
Definition: genam.c:416
void pfree(void *pointer)
Definition: mcxt.c:950
#define ObjectIdGetDatum(X)
Definition: postgres.h:513
#define ERROR
Definition: elog.h:43
char * getObjectIdentity(const ObjectAddress *object)
void sepgsql_schema_rename(Oid namespaceId)
Definition: schema.c:231
#define SEPG_CLASS_DB_PROCEDURE
Definition: sepgsql.h:48
unsigned int uint32
Definition: c.h:268
#define SnapshotSelf
Definition: tqual.h:27
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1117
Relation heap_open(Oid relationId, LOCKMODE lockmode)
Definition: heapam.c:1284
FormData_pg_proc * Form_pg_proc
Definition: pg_proc.h:83
#define HeapTupleIsValid(tuple)
Definition: htup.h:77
#define NameStr(name)
Definition: c.h:499
void ScanKeyInit(ScanKey entry, AttrNumber attributeNumber, StrategyNumber strategy, RegProcedure procedure, Datum argument)
Definition: scankey.c:76
#define elog
Definition: elog.h:219
#define SEPG_DB_PROCEDURE__SETATTR
Definition: sepgsql.h:162
#define BTEqualStrategyNumber
Definition: stratnum.h:31
#define SEPG_DB_PROCEDURE__INSTALL
Definition: sepgsql.h:167