PostgreSQL Source Code git master
Loading...
Searching...
No Matches
schema.c
Go to the documentation of this file.
1/* -------------------------------------------------------------------------
2 *
3 * contrib/sepgsql/schema.c
4 *
5 * Routines corresponding to schema objects
6 *
7 * Copyright (c) 2010-2026, PostgreSQL Global Development Group
8 *
9 * -------------------------------------------------------------------------
10 */
11#include "postgres.h"
12
13#include "access/genam.h"
14#include "access/htup_details.h"
15#include "access/sysattr.h"
16#include "access/table.h"
17#include "catalog/dependency.h"
18#include "catalog/pg_database.h"
19#include "catalog/pg_namespace.h"
20#include "commands/seclabel.h"
21#include "lib/stringinfo.h"
22#include "miscadmin.h"
23#include "sepgsql.h"
24#include "utils/builtins.h"
25#include "utils/fmgroids.h"
26#include "utils/lsyscache.h"
27#include "utils/snapmgr.h"
28
29/*
30 * sepgsql_schema_post_create
31 *
32 * This routine assigns a default security label on a newly defined
33 * schema.
34 */
35void
36sepgsql_schema_post_create(Oid namespaceId)
37{
38 Relation rel;
39 ScanKeyData skey;
40 SysScanDesc sscan;
41 HeapTuple tuple;
42 char *tcontext;
43 char *ncontext;
44 const char *nsp_name;
45 ObjectAddress object;
46 Form_pg_namespace nspForm;
47 StringInfoData audit_name;
48
49 /*
50 * Compute a default security label when we create a new schema object
51 * under the working database.
52 *
53 * XXX - upcoming version of libselinux supports to take object name to
54 * handle special treatment on default security label; such as special
55 * label on "pg_temp" schema.
56 */
57 rel = table_open(NamespaceRelationId, AccessShareLock);
58
59 ScanKeyInit(&skey,
60 Anum_pg_namespace_oid,
61 BTEqualStrategyNumber, F_OIDEQ,
62 ObjectIdGetDatum(namespaceId));
63
64 sscan = systable_beginscan(rel, NamespaceOidIndexId, true,
65 SnapshotSelf, 1, &skey);
66 tuple = systable_getnext(sscan);
67 if (!HeapTupleIsValid(tuple))
68 elog(ERROR, "could not find tuple for namespace %u", namespaceId);
69
70 nspForm = (Form_pg_namespace) GETSTRUCT(tuple);
71 nsp_name = NameStr(nspForm->nspname);
72 if (strncmp(nsp_name, "pg_temp_", 8) == 0)
73 nsp_name = "pg_temp";
74 else if (strncmp(nsp_name, "pg_toast_temp_", 14) == 0)
75 nsp_name = "pg_toast_temp";
76
77 tcontext = sepgsql_get_label(DatabaseRelationId, MyDatabaseId, 0);
78 ncontext = sepgsql_compute_create(sepgsql_get_client_label(),
79 tcontext,
80 SEPG_CLASS_DB_SCHEMA,
81 nsp_name);
82
83 /*
84 * check db_schema:{create}
85 */
86 initStringInfo(&audit_name);
87 appendStringInfoString(&audit_name, quote_identifier(nsp_name));
88 sepgsql_avc_check_perms_label(ncontext,
89 SEPG_CLASS_DB_SCHEMA,
90 SEPG_DB_SCHEMA__CREATE,
91 audit_name.data,
92 true);
93 systable_endscan(sscan);
94 table_close(rel, AccessShareLock);
95
96 /*
97 * Assign the default security label on a new procedure
98 */
99 object.classId = NamespaceRelationId;
100 object.objectId = namespaceId;
101 object.objectSubId = 0;
102 SetSecurityLabel(&object, SEPGSQL_LABEL_TAG, ncontext);
103
104 pfree(ncontext);
105 pfree(tcontext);
106}
107
108/*
109 * sepgsql_schema_drop
110 *
111 * It checks privileges to drop the supplied schema object.
112 */
113void
114sepgsql_schema_drop(Oid namespaceId)
115{
116 ObjectAddress object;
117 char *audit_name;
118
119 /*
120 * check db_schema:{drop} permission
121 */
122 object.classId = NamespaceRelationId;
123 object.objectId = namespaceId;
124 object.objectSubId = 0;
125 audit_name = getObjectIdentity(&object, false);
126
127 sepgsql_avc_check_perms(&object,
128 SEPG_CLASS_DB_SCHEMA,
129 SEPG_DB_SCHEMA__DROP,
130 audit_name,
131 true);
132 pfree(audit_name);
133}
134
135/*
136 * sepgsql_schema_relabel
137 *
138 * It checks privileges to relabel the supplied schema
139 * by the `seclabel'.
140 */
141void
142sepgsql_schema_relabel(Oid namespaceId, const char *seclabel)
143{
144 ObjectAddress object;
145 char *audit_name;
146
147 object.classId = NamespaceRelationId;
148 object.objectId = namespaceId;
149 object.objectSubId = 0;
150 audit_name = getObjectIdentity(&object, false);
151
152 /*
153 * check db_schema:{setattr relabelfrom} permission
154 */
155 sepgsql_avc_check_perms(&object,
156 SEPG_CLASS_DB_SCHEMA,
157 SEPG_DB_SCHEMA__SETATTR |
158 SEPG_DB_SCHEMA__RELABELFROM,
159 audit_name,
160 true);
161
162 /*
163 * check db_schema:{relabelto} permission
164 */
165 sepgsql_avc_check_perms_label(seclabel,
166 SEPG_CLASS_DB_SCHEMA,
167 SEPG_DB_SCHEMA__RELABELTO,
168 audit_name,
169 true);
170 pfree(audit_name);
171}
172
173/*
174 * sepgsql_schema_check_perms
175 *
176 * utility routine to check db_schema:{xxx} permissions
177 */
178static bool
179check_schema_perms(Oid namespaceId, uint32 required, bool abort_on_violation)
180{
181 ObjectAddress object;
182 char *audit_name;
183 bool result;
184
185 object.classId = NamespaceRelationId;
186 object.objectId = namespaceId;
187 object.objectSubId = 0;
188 audit_name = getObjectIdentity(&object, false);
189
190 result = sepgsql_avc_check_perms(&object,
191 SEPG_CLASS_DB_SCHEMA,
192 required,
193 audit_name,
194 abort_on_violation);
195 pfree(audit_name);
196
197 return result;
198}
199
200/* db_schema:{setattr} permission */
201void
206
207/* db_schema:{search} permission */
208bool
215
216void
221
222void
227
228void
NameStr
#define NameStr(name)
Definition c.h:765
uint32
uint32_t uint32
Definition c.h:546
ERROR
#define ERROR
Definition elog.h:39
elog
#define elog(elevel,...)
Definition elog.h:226
systable_endscan
void systable_endscan(SysScanDesc sysscan)
Definition genam.c:603
systable_getnext
HeapTuple systable_getnext(SysScanDesc sysscan)
Definition genam.c:514
systable_beginscan
SysScanDesc systable_beginscan(Relation heapRelation, Oid indexId, bool indexOK, Snapshot snapshot, int nkeys, ScanKey key)
Definition genam.c:388
MyDatabaseId
Oid MyDatabaseId
Definition globals.c:94
HeapTupleIsValid
#define HeapTupleIsValid(tuple)
Definition htup.h:78
htup_details.h
GETSTRUCT
static void * GETSTRUCT(const HeapTupleData *tuple)
Definition htup_details.h:728
sepgsql_get_label
char * sepgsql_get_label(Oid classId, Oid objectId, int32 subId)
Definition label.c:444
sepgsql_get_client_label
char * sepgsql_get_client_label(void)
Definition label.c:79
AccessShareLock
#define AccessShareLock
Definition lockdefs.h:36
pfree
void pfree(void *pointer)
Definition mcxt.c:1616
getObjectIdentity
char * getObjectIdentity(const ObjectAddress *object, bool missing_ok)
Definition objectaddress.c:4823
pg_database.h
pg_namespace.h
Form_pg_namespace
FormData_pg_namespace * Form_pg_namespace
Definition pg_namespace.h:52
ObjectIdGetDatum
static Datum ObjectIdGetDatum(Oid X)
Definition postgres.h:262
Oid
unsigned int Oid
Definition postgres_ext.h:32
fb
static int fb(int x)
Definition preproc-init.c:92
quote_identifier
const char * quote_identifier(const char *ident)
Definition ruleutils.c:13060
ScanKeyInit
void ScanKeyInit(ScanKey entry, AttrNumber attributeNumber, StrategyNumber strategy, RegProcedure procedure, Datum argument)
Definition scankey.c:76
sepgsql_schema_post_create
void sepgsql_schema_post_create(Oid namespaceId)
Definition schema.c:36
sepgsql_schema_setattr
void sepgsql_schema_setattr(Oid namespaceId)
Definition schema.c:202
sepgsql_schema_rename
void sepgsql_schema_rename(Oid namespaceId)
Definition schema.c:229
sepgsql_schema_remove_name
void sepgsql_schema_remove_name(Oid namespaceId)
Definition schema.c:223
sepgsql_schema_add_name
void sepgsql_schema_add_name(Oid namespaceId)
Definition schema.c:217
sepgsql_schema_relabel
void sepgsql_schema_relabel(Oid namespaceId, const char *seclabel)
Definition schema.c:142
sepgsql_schema_search
bool sepgsql_schema_search(Oid namespaceId, bool abort_on_violation)
Definition schema.c:209
sepgsql_schema_drop
void sepgsql_schema_drop(Oid namespaceId)
Definition schema.c:114
check_schema_perms
static bool check_schema_perms(Oid namespaceId, uint32 required, bool abort_on_violation)
Definition schema.c:179
SetSecurityLabel
void SetSecurityLabel(const ObjectAddress *object, const char *provider, const char *label)
Definition seclabel.c:404
sepgsql_compute_create
char * sepgsql_compute_create(const char *scontext, const char *tcontext, uint16 tclass, const char *objname)
Definition selinux.c:842
SEPG_DB_SCHEMA__DROP
#define SEPG_DB_SCHEMA__DROP
Definition sepgsql.h:128
SEPG_CLASS_DB_SCHEMA
#define SEPG_CLASS_DB_SCHEMA
Definition sepgsql.h:45
SEPG_DB_SCHEMA__SETATTR
#define SEPG_DB_SCHEMA__SETATTR
Definition sepgsql.h:130
SEPG_DB_SCHEMA__CREATE
#define SEPG_DB_SCHEMA__CREATE
Definition sepgsql.h:127
SEPG_DB_SCHEMA__REMOVE_NAME
#define SEPG_DB_SCHEMA__REMOVE_NAME
Definition sepgsql.h:135
sepgsql_avc_check_perms_label
bool sepgsql_avc_check_perms_label(const char *tcontext, uint16 tclass, uint32 required, const char *audit_name, bool abort_on_violation)
Definition uavc.c:337
SEPG_DB_SCHEMA__ADD_NAME
#define SEPG_DB_SCHEMA__ADD_NAME
Definition sepgsql.h:134
SEPG_DB_SCHEMA__RELABELFROM
#define SEPG_DB_SCHEMA__RELABELFROM
Definition sepgsql.h:131
SEPG_DB_SCHEMA__SEARCH
#define SEPG_DB_SCHEMA__SEARCH
Definition sepgsql.h:133
SEPGSQL_LABEL_TAG
#define SEPGSQL_LABEL_TAG
Definition sepgsql.h:23
SEPG_DB_SCHEMA__RELABELTO
#define SEPG_DB_SCHEMA__RELABELTO
Definition sepgsql.h:132
sepgsql_avc_check_perms
bool sepgsql_avc_check_perms(const ObjectAddress *tobject, uint16 tclass, uint32 required, const char *audit_name, bool abort_on_violation)
Definition uavc.c:420
SnapshotSelf
#define SnapshotSelf
Definition snapmgr.h:32
BTEqualStrategyNumber
#define BTEqualStrategyNumber
Definition stratnum.h:31
appendStringInfoString
void appendStringInfoString(StringInfo str, const char *s)
Definition stringinfo.c:230
initStringInfo
void initStringInfo(StringInfo str)
Definition stringinfo.c:97
table_close
void table_close(Relation relation, LOCKMODE lockmode)
Definition table.c:126
table_open
Relation table_open(Oid relationId, LOCKMODE lockmode)
Definition table.c:40