PostgreSQL Source Code  git master
proc.c File Reference
#include "postgres.h"
#include "access/genam.h"
#include "access/htup_details.h"
#include "access/sysattr.h"
#include "access/table.h"
#include "catalog/dependency.h"
#include "catalog/indexing.h"
#include "catalog/pg_namespace.h"
#include "catalog/pg_proc.h"
#include "catalog/pg_type.h"
#include "commands/seclabel.h"
#include "lib/stringinfo.h"
#include "sepgsql.h"
#include "utils/builtins.h"
#include "utils/fmgroids.h"
#include "utils/lsyscache.h"
#include "utils/snapmgr.h"
#include "utils/syscache.h"
Include dependency graph for proc.c:

Go to the source code of this file.

Functions

void sepgsql_proc_post_create (Oid functionId)
 
void sepgsql_proc_drop (Oid functionId)
 
void sepgsql_proc_relabel (Oid functionId, const char *seclabel)
 
void sepgsql_proc_setattr (Oid functionId)
 
void sepgsql_proc_execute (Oid functionId)
 

Function Documentation

◆ sepgsql_proc_drop()

void sepgsql_proc_drop ( Oid  functionId)

Definition at line 156 of file proc.c.

References ObjectAddress::classId, get_func_namespace(), getObjectIdentity(), pfree(), SEPG_CLASS_DB_PROCEDURE, SEPG_CLASS_DB_SCHEMA, SEPG_DB_PROCEDURE__DROP, SEPG_DB_SCHEMA__REMOVE_NAME, and sepgsql_avc_check_perms().

Referenced by sepgsql_object_access().

157 {
158  ObjectAddress object;
159  char *audit_name;
160 
161  /*
162  * check db_schema:{remove_name} permission
163  */
164  object.classId = NamespaceRelationId;
165  object.objectId = get_func_namespace(functionId);
166  object.objectSubId = 0;
167  audit_name = getObjectIdentity(&object);
168 
169  sepgsql_avc_check_perms(&object,
172  audit_name,
173  true);
174  pfree(audit_name);
175 
176  /*
177  * check db_procedure:{drop} permission
178  */
179  object.classId = ProcedureRelationId;
180  object.objectId = functionId;
181  object.objectSubId = 0;
182  audit_name = getObjectIdentity(&object);
183 
184  sepgsql_avc_check_perms(&object,
187  audit_name,
188  true);
189  pfree(audit_name);
190 }
#define SEPG_DB_PROCEDURE__DROP
Definition: sepgsql.h:161
Oid get_func_namespace(Oid funcid)
Definition: lsyscache.c:1434
bool sepgsql_avc_check_perms(const ObjectAddress *tobject, uint16 tclass, uint32 required, const char *audit_name, bool abort_on_violation)
Definition: uavc.c:419
#define SEPG_CLASS_DB_SCHEMA
Definition: sepgsql.h:45
void pfree(void *pointer)
Definition: mcxt.c:1056
char * getObjectIdentity(const ObjectAddress *object)
#define SEPG_CLASS_DB_PROCEDURE
Definition: sepgsql.h:48
#define SEPG_DB_SCHEMA__REMOVE_NAME
Definition: sepgsql.h:135

◆ sepgsql_proc_execute()

void sepgsql_proc_execute ( Oid  functionId)

Definition at line 316 of file proc.c.

References ObjectAddress::classId, getObjectIdentity(), pfree(), SEPG_CLASS_DB_PROCEDURE, SEPG_DB_PROCEDURE__EXECUTE, and sepgsql_avc_check_perms().

Referenced by sepgsql_object_access().

317 {
318  ObjectAddress object;
319  char *audit_name;
320 
321  /*
322  * check db_procedure:{execute} permission
323  */
324  object.classId = ProcedureRelationId;
325  object.objectId = functionId;
326  object.objectSubId = 0;
327  audit_name = getObjectIdentity(&object);
328  sepgsql_avc_check_perms(&object,
331  audit_name,
332  true);
333  pfree(audit_name);
334 }
#define SEPG_DB_PROCEDURE__EXECUTE
Definition: sepgsql.h:166
bool sepgsql_avc_check_perms(const ObjectAddress *tobject, uint16 tclass, uint32 required, const char *audit_name, bool abort_on_violation)
Definition: uavc.c:419
void pfree(void *pointer)
Definition: mcxt.c:1056
char * getObjectIdentity(const ObjectAddress *object)
#define SEPG_CLASS_DB_PROCEDURE
Definition: sepgsql.h:48

◆ sepgsql_proc_post_create()

void sepgsql_proc_post_create ( Oid  functionId)

Definition at line 38 of file proc.c.

References AccessShareLock, appendStringInfo(), appendStringInfoChar(), appendStringInfoString(), BTEqualStrategyNumber, StringInfoData::data, elog, ERROR, get_namespace_name(), getObjectIdentity(), GETSTRUCT, HeapTupleIsValid, i, initStringInfo(), NameStr, ObjectIdGetDatum, pfree(), ProcedureOidIndexId, quote_qualified_identifier(), generate_unaccent_rules::required, ScanKeyInit(), SEPG_CLASS_DB_PROCEDURE, SEPG_CLASS_DB_SCHEMA, SEPG_DB_PROCEDURE__CREATE, SEPG_DB_PROCEDURE__INSTALL, SEPG_DB_SCHEMA__ADD_NAME, sepgsql_avc_check_perms(), sepgsql_avc_check_perms_label(), sepgsql_compute_create(), sepgsql_get_client_label(), sepgsql_get_label(), SEPGSQL_LABEL_TAG, SetSecurityLabel(), SnapshotSelf, systable_beginscan(), systable_endscan(), systable_getnext(), table_close(), and table_open().

Referenced by sepgsql_object_access().

39 {
40  Relation rel;
41  ScanKeyData skey;
42  SysScanDesc sscan;
43  HeapTuple tuple;
44  char *nsp_name;
45  char *scontext;
46  char *tcontext;
47  char *ncontext;
49  int i;
50  StringInfoData audit_name;
51  ObjectAddress object;
52  Form_pg_proc proForm;
53 
54  /*
55  * Fetch namespace of the new procedure. Because pg_proc entry is not
56  * visible right now, we need to scan the catalog using SnapshotSelf.
57  */
58  rel = table_open(ProcedureRelationId, AccessShareLock);
59 
60  ScanKeyInit(&skey,
61  Anum_pg_proc_oid,
62  BTEqualStrategyNumber, F_OIDEQ,
63  ObjectIdGetDatum(functionId));
64 
65  sscan = systable_beginscan(rel, ProcedureOidIndexId, true,
66  SnapshotSelf, 1, &skey);
67 
68  tuple = systable_getnext(sscan);
69  if (!HeapTupleIsValid(tuple))
70  elog(ERROR, "could not find tuple for function %u", functionId);
71 
72  proForm = (Form_pg_proc) GETSTRUCT(tuple);
73 
74  /*
75  * check db_schema:{add_name} permission of the namespace
76  */
77  object.classId = NamespaceRelationId;
78  object.objectId = proForm->pronamespace;
79  object.objectSubId = 0;
83  getObjectIdentity(&object),
84  true);
85 
86  /*
87  * XXX - db_language:{implement} also should be checked here
88  */
89 
90 
91  /*
92  * Compute a default security label when we create a new procedure object
93  * under the specified namespace.
94  */
95  scontext = sepgsql_get_client_label();
96  tcontext = sepgsql_get_label(NamespaceRelationId,
97  proForm->pronamespace, 0);
98  ncontext = sepgsql_compute_create(scontext, tcontext,
100  NameStr(proForm->proname));
101 
102  /*
103  * check db_procedure:{create (install)} permission
104  */
105  initStringInfo(&audit_name);
106  nsp_name = get_namespace_name(proForm->pronamespace);
107  appendStringInfo(&audit_name, "%s(",
108  quote_qualified_identifier(nsp_name, NameStr(proForm->proname)));
109  for (i = 0; i < proForm->pronargs; i++)
110  {
111  if (i > 0)
112  appendStringInfoChar(&audit_name, ',');
113 
114  object.classId = TypeRelationId;
115  object.objectId = proForm->proargtypes.values[i];
116  object.objectSubId = 0;
117  appendStringInfoString(&audit_name, getObjectIdentity(&object));
118  }
119  appendStringInfoChar(&audit_name, ')');
120 
121  required = SEPG_DB_PROCEDURE__CREATE;
122  if (proForm->proleakproof)
123  required |= SEPG_DB_PROCEDURE__INSTALL;
124 
127  required,
128  audit_name.data,
129  true);
130 
131  /*
132  * Assign the default security label on a new procedure
133  */
134  object.classId = ProcedureRelationId;
135  object.objectId = functionId;
136  object.objectSubId = 0;
137  SetSecurityLabel(&object, SEPGSQL_LABEL_TAG, ncontext);
138 
139  /*
140  * Cleanup
141  */
142  systable_endscan(sscan);
144 
145  pfree(audit_name.data);
146  pfree(tcontext);
147  pfree(ncontext);
148 }
bool sepgsql_avc_check_perms_label(const char *tcontext, uint16 tclass, uint32 required, const char *audit_name, bool abort_on_violation)
Definition: uavc.c:337
#define ProcedureOidIndexId
Definition: indexing.h:213
void table_close(Relation relation, LOCKMODE lockmode)
Definition: table.c:133
void systable_endscan(SysScanDesc sysscan)
Definition: genam.c:525
#define GETSTRUCT(TUP)
Definition: htup_details.h:655
void SetSecurityLabel(const ObjectAddress *object, const char *provider, const char *label)
Definition: seclabel.c:327
char * sepgsql_get_label(Oid classId, Oid objectId, int32 subId)
Definition: label.c:446
bool sepgsql_avc_check_perms(const ObjectAddress *tobject, uint16 tclass, uint32 required, const char *audit_name, bool abort_on_violation)
Definition: uavc.c:419
#define AccessShareLock
Definition: lockdefs.h:36
#define SEPG_CLASS_DB_SCHEMA
Definition: sepgsql.h:45
SysScanDesc systable_beginscan(Relation heapRelation, Oid indexId, bool indexOK, Snapshot snapshot, int nkeys, ScanKey key)
Definition: genam.c:352
HeapTuple systable_getnext(SysScanDesc sysscan)
Definition: genam.c:444
void pfree(void *pointer)
Definition: mcxt.c:1056
void appendStringInfo(StringInfo str, const char *fmt,...)
Definition: stringinfo.c:91
#define SEPG_DB_PROCEDURE__CREATE
Definition: sepgsql.h:160
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
#define ERROR
Definition: elog.h:43
char * getObjectIdentity(const ObjectAddress *object)
void appendStringInfoString(StringInfo str, const char *s)
Definition: stringinfo.c:176
char * get_namespace_name(Oid nspid)
Definition: lsyscache.c:3094
#define SnapshotSelf
Definition: snapmgr.h:68
#define SEPG_CLASS_DB_PROCEDURE
Definition: sepgsql.h:48
#define SEPGSQL_LABEL_TAG
Definition: sepgsql.h:23
unsigned int uint32
Definition: c.h:359
void appendStringInfoChar(StringInfo str, char ch)
Definition: stringinfo.c:188
void initStringInfo(StringInfo str)
Definition: stringinfo.c:59
char * quote_qualified_identifier(const char *qualifier, const char *ident)
Definition: ruleutils.c:10856
#define SEPG_DB_SCHEMA__ADD_NAME
Definition: sepgsql.h:134
FormData_pg_proc * Form_pg_proc
Definition: pg_proc.h:133
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
char * sepgsql_get_client_label(void)
Definition: label.c:81
char * sepgsql_compute_create(const char *scontext, const char *tcontext, uint16 tclass, const char *objname)
Definition: selinux.c:836
#define elog(elevel,...)
Definition: elog.h:228
int i
#define NameStr(name)
Definition: c.h:616
void ScanKeyInit(ScanKey entry, AttrNumber attributeNumber, StrategyNumber strategy, RegProcedure procedure, Datum argument)
Definition: scankey.c:76
Relation table_open(Oid relationId, LOCKMODE lockmode)
Definition: table.c:39
#define BTEqualStrategyNumber
Definition: stratnum.h:31
#define SEPG_DB_PROCEDURE__INSTALL
Definition: sepgsql.h:168

◆ sepgsql_proc_relabel()

void sepgsql_proc_relabel ( Oid  functionId,
const char *  seclabel 
)

Definition at line 199 of file proc.c.

References ObjectAddress::classId, getObjectIdentity(), pfree(), SEPG_CLASS_DB_PROCEDURE, SEPG_DB_PROCEDURE__RELABELFROM, SEPG_DB_PROCEDURE__RELABELTO, SEPG_DB_PROCEDURE__SETATTR, sepgsql_avc_check_perms(), and sepgsql_avc_check_perms_label().

Referenced by sepgsql_object_relabel().

200 {
201  ObjectAddress object;
202  char *audit_name;
203 
204  object.classId = ProcedureRelationId;
205  object.objectId = functionId;
206  object.objectSubId = 0;
207  audit_name = getObjectIdentity(&object);
208 
209  /*
210  * check db_procedure:{setattr relabelfrom} permission
211  */
212  sepgsql_avc_check_perms(&object,
216  audit_name,
217  true);
218 
219  /*
220  * check db_procedure:{relabelto} permission
221  */
225  audit_name,
226  true);
227  pfree(audit_name);
228 }
bool sepgsql_avc_check_perms_label(const char *tcontext, uint16 tclass, uint32 required, const char *audit_name, bool abort_on_violation)
Definition: uavc.c:337
bool sepgsql_avc_check_perms(const ObjectAddress *tobject, uint16 tclass, uint32 required, const char *audit_name, bool abort_on_violation)
Definition: uavc.c:419
void pfree(void *pointer)
Definition: mcxt.c:1056
char * getObjectIdentity(const ObjectAddress *object)
#define SEPG_DB_PROCEDURE__RELABELFROM
Definition: sepgsql.h:164
#define SEPG_CLASS_DB_PROCEDURE
Definition: sepgsql.h:48
#define SEPG_DB_PROCEDURE__RELABELTO
Definition: sepgsql.h:165
#define SEPG_DB_PROCEDURE__SETATTR
Definition: sepgsql.h:163

◆ sepgsql_proc_setattr()

void sepgsql_proc_setattr ( Oid  functionId)

Definition at line 236 of file proc.c.

References AccessShareLock, BTEqualStrategyNumber, elog, ERROR, getObjectIdentity(), GETSTRUCT, HeapTupleIsValid, NameStr, ObjectIdGetDatum, pfree(), ProcedureOidIndexId, PROCOID, ReleaseSysCache(), generate_unaccent_rules::required, ScanKeyInit(), SearchSysCache1(), SEPG_CLASS_DB_PROCEDURE, SEPG_DB_PROCEDURE__INSTALL, SEPG_DB_PROCEDURE__SETATTR, sepgsql_avc_check_perms(), sepgsql_schema_add_name(), sepgsql_schema_remove_name(), sepgsql_schema_rename(), SnapshotSelf, systable_beginscan(), systable_endscan(), systable_getnext(), table_close(), and table_open().

Referenced by sepgsql_object_access().

237 {
238  Relation rel;
239  ScanKeyData skey;
240  SysScanDesc sscan;
241  HeapTuple oldtup;
242  HeapTuple newtup;
243  Form_pg_proc oldform;
244  Form_pg_proc newform;
246  ObjectAddress object;
247  char *audit_name;
248 
249  /*
250  * Fetch newer catalog
251  */
252  rel = table_open(ProcedureRelationId, AccessShareLock);
253 
254  ScanKeyInit(&skey,
255  Anum_pg_proc_oid,
256  BTEqualStrategyNumber, F_OIDEQ,
257  ObjectIdGetDatum(functionId));
258 
259  sscan = systable_beginscan(rel, ProcedureOidIndexId, true,
260  SnapshotSelf, 1, &skey);
261  newtup = systable_getnext(sscan);
262  if (!HeapTupleIsValid(newtup))
263  elog(ERROR, "could not find tuple for function %u", functionId);
264  newform = (Form_pg_proc) GETSTRUCT(newtup);
265 
266  /*
267  * Fetch older catalog
268  */
269  oldtup = SearchSysCache1(PROCOID, ObjectIdGetDatum(functionId));
270  if (!HeapTupleIsValid(oldtup))
271  elog(ERROR, "cache lookup failed for function %u", functionId);
272  oldform = (Form_pg_proc) GETSTRUCT(oldtup);
273 
274  /*
275  * Does this ALTER command takes operation to namespace?
276  */
277  if (newform->pronamespace != oldform->pronamespace)
278  {
279  sepgsql_schema_remove_name(oldform->pronamespace);
280  sepgsql_schema_add_name(oldform->pronamespace);
281  }
282  if (strcmp(NameStr(newform->proname), NameStr(oldform->proname)) != 0)
283  sepgsql_schema_rename(oldform->pronamespace);
284 
285  /*
286  * check db_procedure:{setattr (install)} permission
287  */
288  required = SEPG_DB_PROCEDURE__SETATTR;
289  if (!oldform->proleakproof && newform->proleakproof)
290  required |= SEPG_DB_PROCEDURE__INSTALL;
291 
292  object.classId = ProcedureRelationId;
293  object.objectId = functionId;
294  object.objectSubId = 0;
295  audit_name = getObjectIdentity(&object);
296 
297  sepgsql_avc_check_perms(&object,
299  required,
300  audit_name,
301  true);
302  /* cleanups */
303  pfree(audit_name);
304 
305  ReleaseSysCache(oldtup);
306  systable_endscan(sscan);
308 }
#define ProcedureOidIndexId
Definition: indexing.h:213
void table_close(Relation relation, LOCKMODE lockmode)
Definition: table.c:133
void systable_endscan(SysScanDesc sysscan)
Definition: genam.c:525
#define GETSTRUCT(TUP)
Definition: htup_details.h:655
void sepgsql_schema_add_name(Oid namespaceId)
Definition: schema.c:218
bool sepgsql_avc_check_perms(const ObjectAddress *tobject, uint16 tclass, uint32 required, const char *audit_name, bool abort_on_violation)
Definition: uavc.c:419
void sepgsql_schema_remove_name(Oid namespaceId)
Definition: schema.c:224
#define AccessShareLock
Definition: lockdefs.h:36
SysScanDesc systable_beginscan(Relation heapRelation, Oid indexId, bool indexOK, Snapshot snapshot, int nkeys, ScanKey key)
Definition: genam.c:352
HeapTuple systable_getnext(SysScanDesc sysscan)
Definition: genam.c:444
void pfree(void *pointer)
Definition: mcxt.c:1056
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
#define ERROR
Definition: elog.h:43
char * getObjectIdentity(const ObjectAddress *object)
void sepgsql_schema_rename(Oid namespaceId)
Definition: schema.c:230
#define SnapshotSelf
Definition: snapmgr.h:68
#define SEPG_CLASS_DB_PROCEDURE
Definition: sepgsql.h:48
unsigned int uint32
Definition: c.h:359
HeapTuple SearchSysCache1(int cacheId, Datum key1)
Definition: syscache.c:1116
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1164
FormData_pg_proc * Form_pg_proc
Definition: pg_proc.h:133
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
#define elog(elevel,...)
Definition: elog.h:228
#define NameStr(name)
Definition: c.h:616
void ScanKeyInit(ScanKey entry, AttrNumber attributeNumber, StrategyNumber strategy, RegProcedure procedure, Datum argument)
Definition: scankey.c:76
Relation table_open(Oid relationId, LOCKMODE lockmode)
Definition: table.c:39
#define SEPG_DB_PROCEDURE__SETATTR
Definition: sepgsql.h:163
#define BTEqualStrategyNumber
Definition: stratnum.h:31
#define SEPG_DB_PROCEDURE__INSTALL
Definition: sepgsql.h:168