#include "catalog/objectaddress.h"
#include "fmgr.h"
#include <selinux/selinux.h>
#include <selinux/avc.h>

Include dependency graph for sepgsql.h:

This graph shows which files directly or indirectly include this file:

Macros
#define	SEPGSQL_LABEL_TAG "selinux"

#define	SEPGSQL_MODE_DEFAULT 1

#define	SEPGSQL_MODE_PERMISSIVE 2

#define	SEPGSQL_MODE_INTERNAL 3

#define	SEPGSQL_MODE_DISABLED 4

#define	SEPG_CLASS_PROCESS 0

#define	SEPG_CLASS_FILE 1

#define	SEPG_CLASS_DIR 2

#define	SEPG_CLASS_LNK_FILE 3

#define	SEPG_CLASS_CHR_FILE 4

#define	SEPG_CLASS_BLK_FILE 5

#define	SEPG_CLASS_SOCK_FILE 6

#define	SEPG_CLASS_FIFO_FILE 7

#define	SEPG_CLASS_DB_DATABASE 8

#define	SEPG_CLASS_DB_SCHEMA 9

#define	SEPG_CLASS_DB_TABLE 10

#define	SEPG_CLASS_DB_SEQUENCE 11

#define	SEPG_CLASS_DB_PROCEDURE 12

#define	SEPG_CLASS_DB_COLUMN 13

#define	SEPG_CLASS_DB_TUPLE 14

#define	SEPG_CLASS_DB_BLOB 15

#define	SEPG_CLASS_DB_LANGUAGE 16

#define	SEPG_CLASS_DB_VIEW 17

#define	SEPG_CLASS_MAX 18

#define	SEPG_PROCESS__TRANSITION (1<<0)

#define	SEPG_PROCESS__DYNTRANSITION (1<<1)

#define	SEPG_PROCESS__SETCURRENT (1<<2)

#define	SEPG_FILE__READ (1<<0)

#define	SEPG_FILE__WRITE (1<<1)

#define	SEPG_FILE__CREATE (1<<2)

#define	SEPG_FILE__GETATTR (1<<3)

#define	SEPG_FILE__UNLINK (1<<4)

#define	SEPG_FILE__RENAME (1<<5)

#define	SEPG_FILE__APPEND (1<<6)

#define	SEPG_DIR__READ (SEPG_FILE__READ)

#define	SEPG_DIR__WRITE (SEPG_FILE__WRITE)

#define	SEPG_DIR__CREATE (SEPG_FILE__CREATE)

#define	SEPG_DIR__GETATTR (SEPG_FILE__GETATTR)

#define	SEPG_DIR__UNLINK (SEPG_FILE__UNLINK)

#define	SEPG_DIR__RENAME (SEPG_FILE__RENAME)

#define	SEPG_DIR__SEARCH (1<<6)

#define	SEPG_DIR__ADD_NAME (1<<7)

#define	SEPG_DIR__REMOVE_NAME (1<<8)

#define	SEPG_DIR__RMDIR (1<<9)

#define	SEPG_DIR__REPARENT (1<<10)

#define	SEPG_LNK_FILE__READ (SEPG_FILE__READ)

#define	SEPG_LNK_FILE__WRITE (SEPG_FILE__WRITE)

#define	SEPG_LNK_FILE__CREATE (SEPG_FILE__CREATE)

#define	SEPG_LNK_FILE__GETATTR (SEPG_FILE__GETATTR)

#define	SEPG_LNK_FILE__UNLINK (SEPG_FILE__UNLINK)

#define	SEPG_LNK_FILE__RENAME (SEPG_FILE__RENAME)

#define	SEPG_CHR_FILE__READ (SEPG_FILE__READ)

#define	SEPG_CHR_FILE__WRITE (SEPG_FILE__WRITE)

#define	SEPG_CHR_FILE__CREATE (SEPG_FILE__CREATE)

#define	SEPG_CHR_FILE__GETATTR (SEPG_FILE__GETATTR)

#define	SEPG_CHR_FILE__UNLINK (SEPG_FILE__UNLINK)

#define	SEPG_CHR_FILE__RENAME (SEPG_FILE__RENAME)

#define	SEPG_BLK_FILE__READ (SEPG_FILE__READ)

#define	SEPG_BLK_FILE__WRITE (SEPG_FILE__WRITE)

#define	SEPG_BLK_FILE__CREATE (SEPG_FILE__CREATE)

#define	SEPG_BLK_FILE__GETATTR (SEPG_FILE__GETATTR)

#define	SEPG_BLK_FILE__UNLINK (SEPG_FILE__UNLINK)

#define	SEPG_BLK_FILE__RENAME (SEPG_FILE__RENAME)

#define	SEPG_SOCK_FILE__READ (SEPG_FILE__READ)

#define	SEPG_SOCK_FILE__WRITE (SEPG_FILE__WRITE)

#define	SEPG_SOCK_FILE__CREATE (SEPG_FILE__CREATE)

#define	SEPG_SOCK_FILE__GETATTR (SEPG_FILE__GETATTR)

#define	SEPG_SOCK_FILE__UNLINK (SEPG_FILE__UNLINK)

#define	SEPG_SOCK_FILE__RENAME (SEPG_FILE__RENAME)

#define	SEPG_FIFO_FILE__READ (SEPG_FILE__READ)

#define	SEPG_FIFO_FILE__WRITE (SEPG_FILE__WRITE)

#define	SEPG_FIFO_FILE__CREATE (SEPG_FILE__CREATE)

#define	SEPG_FIFO_FILE__GETATTR (SEPG_FILE__GETATTR)

#define	SEPG_FIFO_FILE__UNLINK (SEPG_FILE__UNLINK)

#define	SEPG_FIFO_FILE__RENAME (SEPG_FILE__RENAME)

#define	SEPG_DB_DATABASE__CREATE (1<<0)

#define	SEPG_DB_DATABASE__DROP (1<<1)

#define	SEPG_DB_DATABASE__GETATTR (1<<2)

#define	SEPG_DB_DATABASE__SETATTR (1<<3)

#define	SEPG_DB_DATABASE__RELABELFROM (1<<4)

#define	SEPG_DB_DATABASE__RELABELTO (1<<5)

#define	SEPG_DB_DATABASE__ACCESS (1<<6)

#define	SEPG_DB_DATABASE__LOAD_MODULE (1<<7)

#define	SEPG_DB_SCHEMA__CREATE (SEPG_DB_DATABASE__CREATE)

#define	SEPG_DB_SCHEMA__DROP (SEPG_DB_DATABASE__DROP)

#define	SEPG_DB_SCHEMA__GETATTR (SEPG_DB_DATABASE__GETATTR)

#define	SEPG_DB_SCHEMA__SETATTR (SEPG_DB_DATABASE__SETATTR)

#define	SEPG_DB_SCHEMA__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)

#define	SEPG_DB_SCHEMA__RELABELTO (SEPG_DB_DATABASE__RELABELTO)

#define	SEPG_DB_SCHEMA__SEARCH (1<<6)

#define	SEPG_DB_SCHEMA__ADD_NAME (1<<7)

#define	SEPG_DB_SCHEMA__REMOVE_NAME (1<<8)

#define	SEPG_DB_TABLE__CREATE (SEPG_DB_DATABASE__CREATE)

#define	SEPG_DB_TABLE__DROP (SEPG_DB_DATABASE__DROP)

#define	SEPG_DB_TABLE__GETATTR (SEPG_DB_DATABASE__GETATTR)

#define	SEPG_DB_TABLE__SETATTR (SEPG_DB_DATABASE__SETATTR)

#define	SEPG_DB_TABLE__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)

#define	SEPG_DB_TABLE__RELABELTO (SEPG_DB_DATABASE__RELABELTO)

#define	SEPG_DB_TABLE__SELECT (1<<6)

#define	SEPG_DB_TABLE__UPDATE (1<<7)

#define	SEPG_DB_TABLE__INSERT (1<<8)

#define	SEPG_DB_TABLE__DELETE (1<<9)

#define	SEPG_DB_TABLE__LOCK (1<<10)

#define	SEPG_DB_TABLE__TRUNCATE (1<<11)

#define	SEPG_DB_SEQUENCE__CREATE (SEPG_DB_DATABASE__CREATE)

#define	SEPG_DB_SEQUENCE__DROP (SEPG_DB_DATABASE__DROP)

#define	SEPG_DB_SEQUENCE__GETATTR (SEPG_DB_DATABASE__GETATTR)

#define	SEPG_DB_SEQUENCE__SETATTR (SEPG_DB_DATABASE__SETATTR)

#define	SEPG_DB_SEQUENCE__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)

#define	SEPG_DB_SEQUENCE__RELABELTO (SEPG_DB_DATABASE__RELABELTO)

#define	SEPG_DB_SEQUENCE__GET_VALUE (1<<6)

#define	SEPG_DB_SEQUENCE__NEXT_VALUE (1<<7)

#define	SEPG_DB_SEQUENCE__SET_VALUE (1<<8)

#define	SEPG_DB_PROCEDURE__CREATE (SEPG_DB_DATABASE__CREATE)

#define	SEPG_DB_PROCEDURE__DROP (SEPG_DB_DATABASE__DROP)

#define	SEPG_DB_PROCEDURE__GETATTR (SEPG_DB_DATABASE__GETATTR)

#define	SEPG_DB_PROCEDURE__SETATTR (SEPG_DB_DATABASE__SETATTR)

#define	SEPG_DB_PROCEDURE__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)

#define	SEPG_DB_PROCEDURE__RELABELTO (SEPG_DB_DATABASE__RELABELTO)

#define	SEPG_DB_PROCEDURE__EXECUTE (1<<6)

#define	SEPG_DB_PROCEDURE__ENTRYPOINT (1<<7)

#define	SEPG_DB_PROCEDURE__INSTALL (1<<8)

#define	SEPG_DB_COLUMN__CREATE (SEPG_DB_DATABASE__CREATE)

#define	SEPG_DB_COLUMN__DROP (SEPG_DB_DATABASE__DROP)

#define	SEPG_DB_COLUMN__GETATTR (SEPG_DB_DATABASE__GETATTR)

#define	SEPG_DB_COLUMN__SETATTR (SEPG_DB_DATABASE__SETATTR)

#define	SEPG_DB_COLUMN__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)

#define	SEPG_DB_COLUMN__RELABELTO (SEPG_DB_DATABASE__RELABELTO)

#define	SEPG_DB_COLUMN__SELECT (1<<6)

#define	SEPG_DB_COLUMN__UPDATE (1<<7)

#define	SEPG_DB_COLUMN__INSERT (1<<8)

#define	SEPG_DB_TUPLE__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)

#define	SEPG_DB_TUPLE__RELABELTO (SEPG_DB_DATABASE__RELABELTO)

#define	SEPG_DB_TUPLE__SELECT (SEPG_DB_DATABASE__GETATTR)

#define	SEPG_DB_TUPLE__UPDATE (SEPG_DB_DATABASE__SETATTR)

#define	SEPG_DB_TUPLE__INSERT (SEPG_DB_DATABASE__CREATE)

#define	SEPG_DB_TUPLE__DELETE (SEPG_DB_DATABASE__DROP)

#define	SEPG_DB_BLOB__CREATE (SEPG_DB_DATABASE__CREATE)

#define	SEPG_DB_BLOB__DROP (SEPG_DB_DATABASE__DROP)

#define	SEPG_DB_BLOB__GETATTR (SEPG_DB_DATABASE__GETATTR)

#define	SEPG_DB_BLOB__SETATTR (SEPG_DB_DATABASE__SETATTR)

#define	SEPG_DB_BLOB__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)

#define	SEPG_DB_BLOB__RELABELTO (SEPG_DB_DATABASE__RELABELTO)

#define	SEPG_DB_BLOB__READ (1<<6)

#define	SEPG_DB_BLOB__WRITE (1<<7)

#define	SEPG_DB_BLOB__IMPORT (1<<8)

#define	SEPG_DB_BLOB__EXPORT (1<<9)

#define	SEPG_DB_LANGUAGE__CREATE (SEPG_DB_DATABASE__CREATE)

#define	SEPG_DB_LANGUAGE__DROP (SEPG_DB_DATABASE__DROP)

#define	SEPG_DB_LANGUAGE__GETATTR (SEPG_DB_DATABASE__GETATTR)

#define	SEPG_DB_LANGUAGE__SETATTR (SEPG_DB_DATABASE__SETATTR)

#define	SEPG_DB_LANGUAGE__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)

#define	SEPG_DB_LANGUAGE__RELABELTO (SEPG_DB_DATABASE__RELABELTO)

#define	SEPG_DB_LANGUAGE__IMPLEMENT (1<<6)

#define	SEPG_DB_LANGUAGE__EXECUTE (1<<7)

#define	SEPG_DB_VIEW__CREATE (SEPG_DB_DATABASE__CREATE)

#define	SEPG_DB_VIEW__DROP (SEPG_DB_DATABASE__DROP)

#define	SEPG_DB_VIEW__GETATTR (SEPG_DB_DATABASE__GETATTR)

#define	SEPG_DB_VIEW__SETATTR (SEPG_DB_DATABASE__SETATTR)

#define	SEPG_DB_VIEW__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)

#define	SEPG_DB_VIEW__RELABELTO (SEPG_DB_DATABASE__RELABELTO)

#define	SEPG_DB_VIEW__EXPAND (1<<6)

#define	SEPGSQL_AVC_NOAUDIT ((void *)(-1))

Functions
bool	sepgsql_get_permissive (void)

bool	sepgsql_get_debug_audit (void)

bool	sepgsql_is_enabled (void)

int	sepgsql_get_mode (void)

int	sepgsql_set_mode (int new_mode)

bool	sepgsql_getenforce (void)

void	sepgsql_audit_log (bool denied, bool enforcing, const char scontext, const char tcontext, uint16 tclass, uint32 audited, const char *audit_name)

void	sepgsql_compute_avd (const char scontext, const char tcontext, uint16 tclass, struct av_decision *avd)

char *	sepgsql_compute_create (const char scontext, const char tcontext, uint16 tclass, const char *objname)

bool	sepgsql_avc_check_perms_label (const char tcontext, uint16 tclass, uint32 required, const char audit_name, bool abort_on_violation)

bool	sepgsql_avc_check_perms (const ObjectAddress tobject, uint16 tclass, uint32 required, const char audit_name, bool abort_on_violation)

char *	sepgsql_avc_trusted_proc (Oid functionId)

void	sepgsql_avc_init (void)

char *	sepgsql_get_client_label (void)

void	sepgsql_init_client_label (void)

char *	sepgsql_get_label (Oid classId, Oid objectId, int32 subId)

void	sepgsql_object_relabel (const ObjectAddress object, const char seclabel)

bool	sepgsql_dml_privileges (List rangeTabls, List rteperminfos, bool abort_on_violation)

void	sepgsql_database_post_create (Oid databaseId, const char *dtemplate)

void	sepgsql_database_drop (Oid databaseId)

void	sepgsql_database_relabel (Oid databaseId, const char *seclabel)

void	sepgsql_database_setattr (Oid databaseId)

void	sepgsql_schema_post_create (Oid namespaceId)

void	sepgsql_schema_drop (Oid namespaceId)

void	sepgsql_schema_relabel (Oid namespaceId, const char *seclabel)

void	sepgsql_schema_setattr (Oid namespaceId)

bool	sepgsql_schema_search (Oid namespaceId, bool abort_on_violation)

void	sepgsql_schema_add_name (Oid namespaceId)

void	sepgsql_schema_remove_name (Oid namespaceId)

void	sepgsql_schema_rename (Oid namespaceId)

void	sepgsql_attribute_post_create (Oid relOid, AttrNumber attnum)

void	sepgsql_attribute_drop (Oid relOid, AttrNumber attnum)

void	sepgsql_attribute_relabel (Oid relOid, AttrNumber attnum, const char *seclabel)

void	sepgsql_attribute_setattr (Oid relOid, AttrNumber attnum)

void	sepgsql_relation_post_create (Oid relOid)

void	sepgsql_relation_drop (Oid relOid)

void	sepgsql_relation_truncate (Oid relOid)

void	sepgsql_relation_relabel (Oid relOid, const char *seclabel)

void	sepgsql_relation_setattr (Oid relOid)

void	sepgsql_proc_post_create (Oid functionId)

void	sepgsql_proc_drop (Oid functionId)

void	sepgsql_proc_relabel (Oid functionId, const char *seclabel)

void	sepgsql_proc_setattr (Oid functionId)

void	sepgsql_proc_execute (Oid functionId)

Macro Definition Documentation

◆ SEPG_BLK_FILE__CREATE

#define SEPG_BLK_FILE__CREATE (SEPG_FILE__CREATE)

Definition at line 99 of file sepgsql.h.

◆ SEPG_BLK_FILE__GETATTR

#define SEPG_BLK_FILE__GETATTR (SEPG_FILE__GETATTR)

Definition at line 100 of file sepgsql.h.

◆ SEPG_BLK_FILE__READ

#define SEPG_BLK_FILE__READ (SEPG_FILE__READ)

Definition at line 97 of file sepgsql.h.

◆ SEPG_BLK_FILE__RENAME

#define SEPG_BLK_FILE__RENAME (SEPG_FILE__RENAME)

Definition at line 102 of file sepgsql.h.

◆ SEPG_BLK_FILE__UNLINK

#define SEPG_BLK_FILE__UNLINK (SEPG_FILE__UNLINK)

Definition at line 101 of file sepgsql.h.

◆ SEPG_BLK_FILE__WRITE

#define SEPG_BLK_FILE__WRITE (SEPG_FILE__WRITE)

Definition at line 98 of file sepgsql.h.

◆ SEPG_CHR_FILE__CREATE

#define SEPG_CHR_FILE__CREATE (SEPG_FILE__CREATE)

Definition at line 92 of file sepgsql.h.

◆ SEPG_CHR_FILE__GETATTR

#define SEPG_CHR_FILE__GETATTR (SEPG_FILE__GETATTR)

Definition at line 93 of file sepgsql.h.

◆ SEPG_CHR_FILE__READ

#define SEPG_CHR_FILE__READ (SEPG_FILE__READ)

Definition at line 90 of file sepgsql.h.

◆ SEPG_CHR_FILE__RENAME

#define SEPG_CHR_FILE__RENAME (SEPG_FILE__RENAME)

Definition at line 95 of file sepgsql.h.

◆ SEPG_CHR_FILE__UNLINK

#define SEPG_CHR_FILE__UNLINK (SEPG_FILE__UNLINK)

Definition at line 94 of file sepgsql.h.

◆ SEPG_CHR_FILE__WRITE

#define SEPG_CHR_FILE__WRITE (SEPG_FILE__WRITE)

Definition at line 91 of file sepgsql.h.

◆ SEPG_CLASS_BLK_FILE

#define SEPG_CLASS_BLK_FILE 5

Definition at line 41 of file sepgsql.h.

◆ SEPG_CLASS_CHR_FILE

#define SEPG_CLASS_CHR_FILE 4

Definition at line 40 of file sepgsql.h.

◆ SEPG_CLASS_DB_BLOB

#define SEPG_CLASS_DB_BLOB 15

Definition at line 51 of file sepgsql.h.

◆ SEPG_CLASS_DB_COLUMN

#define SEPG_CLASS_DB_COLUMN 13

Definition at line 49 of file sepgsql.h.

◆ SEPG_CLASS_DB_DATABASE

#define SEPG_CLASS_DB_DATABASE 8

Definition at line 44 of file sepgsql.h.

◆ SEPG_CLASS_DB_LANGUAGE

#define SEPG_CLASS_DB_LANGUAGE 16

Definition at line 52 of file sepgsql.h.

◆ SEPG_CLASS_DB_PROCEDURE

#define SEPG_CLASS_DB_PROCEDURE 12

Definition at line 48 of file sepgsql.h.

◆ SEPG_CLASS_DB_SCHEMA

#define SEPG_CLASS_DB_SCHEMA 9

Definition at line 45 of file sepgsql.h.

◆ SEPG_CLASS_DB_SEQUENCE

#define SEPG_CLASS_DB_SEQUENCE 11

Definition at line 47 of file sepgsql.h.

◆ SEPG_CLASS_DB_TABLE

#define SEPG_CLASS_DB_TABLE 10

Definition at line 46 of file sepgsql.h.

◆ SEPG_CLASS_DB_TUPLE

#define SEPG_CLASS_DB_TUPLE 14

Definition at line 50 of file sepgsql.h.

◆ SEPG_CLASS_DB_VIEW

#define SEPG_CLASS_DB_VIEW 17

Definition at line 53 of file sepgsql.h.

◆ SEPG_CLASS_DIR

#define SEPG_CLASS_DIR 2

Definition at line 38 of file sepgsql.h.

◆ SEPG_CLASS_FIFO_FILE

#define SEPG_CLASS_FIFO_FILE 7

Definition at line 43 of file sepgsql.h.

◆ SEPG_CLASS_FILE

#define SEPG_CLASS_FILE 1

Definition at line 37 of file sepgsql.h.

◆ SEPG_CLASS_LNK_FILE

#define SEPG_CLASS_LNK_FILE 3

Definition at line 39 of file sepgsql.h.

◆ SEPG_CLASS_MAX

#define SEPG_CLASS_MAX 18

Definition at line 54 of file sepgsql.h.

◆ SEPG_CLASS_PROCESS

#define SEPG_CLASS_PROCESS 0

Definition at line 36 of file sepgsql.h.

◆ SEPG_CLASS_SOCK_FILE

#define SEPG_CLASS_SOCK_FILE 6

Definition at line 42 of file sepgsql.h.

◆ SEPG_DB_BLOB__CREATE

#define SEPG_DB_BLOB__CREATE (SEPG_DB_DATABASE__CREATE)

Definition at line 187 of file sepgsql.h.

◆ SEPG_DB_BLOB__DROP

#define SEPG_DB_BLOB__DROP (SEPG_DB_DATABASE__DROP)

Definition at line 188 of file sepgsql.h.

◆ SEPG_DB_BLOB__EXPORT

#define SEPG_DB_BLOB__EXPORT (1<<9)

Definition at line 196 of file sepgsql.h.

◆ SEPG_DB_BLOB__GETATTR

#define SEPG_DB_BLOB__GETATTR (SEPG_DB_DATABASE__GETATTR)

Definition at line 189 of file sepgsql.h.

◆ SEPG_DB_BLOB__IMPORT

#define SEPG_DB_BLOB__IMPORT (1<<8)

Definition at line 195 of file sepgsql.h.

◆ SEPG_DB_BLOB__READ

#define SEPG_DB_BLOB__READ (1<<6)

Definition at line 193 of file sepgsql.h.

◆ SEPG_DB_BLOB__RELABELFROM

#define SEPG_DB_BLOB__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)

Definition at line 191 of file sepgsql.h.

◆ SEPG_DB_BLOB__RELABELTO

#define SEPG_DB_BLOB__RELABELTO (SEPG_DB_DATABASE__RELABELTO)

Definition at line 192 of file sepgsql.h.

◆ SEPG_DB_BLOB__SETATTR

#define SEPG_DB_BLOB__SETATTR (SEPG_DB_DATABASE__SETATTR)

Definition at line 190 of file sepgsql.h.

◆ SEPG_DB_BLOB__WRITE

#define SEPG_DB_BLOB__WRITE (1<<7)

Definition at line 194 of file sepgsql.h.

◆ SEPG_DB_COLUMN__CREATE

#define SEPG_DB_COLUMN__CREATE (SEPG_DB_DATABASE__CREATE)

Definition at line 170 of file sepgsql.h.

◆ SEPG_DB_COLUMN__DROP

#define SEPG_DB_COLUMN__DROP (SEPG_DB_DATABASE__DROP)

Definition at line 171 of file sepgsql.h.

◆ SEPG_DB_COLUMN__GETATTR

#define SEPG_DB_COLUMN__GETATTR (SEPG_DB_DATABASE__GETATTR)

Definition at line 172 of file sepgsql.h.

◆ SEPG_DB_COLUMN__INSERT

#define SEPG_DB_COLUMN__INSERT (1<<8)

Definition at line 178 of file sepgsql.h.

◆ SEPG_DB_COLUMN__RELABELFROM

#define SEPG_DB_COLUMN__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)

Definition at line 174 of file sepgsql.h.

◆ SEPG_DB_COLUMN__RELABELTO

#define SEPG_DB_COLUMN__RELABELTO (SEPG_DB_DATABASE__RELABELTO)

Definition at line 175 of file sepgsql.h.

◆ SEPG_DB_COLUMN__SELECT

#define SEPG_DB_COLUMN__SELECT (1<<6)

Definition at line 176 of file sepgsql.h.

◆ SEPG_DB_COLUMN__SETATTR

#define SEPG_DB_COLUMN__SETATTR (SEPG_DB_DATABASE__SETATTR)

Definition at line 173 of file sepgsql.h.

◆ SEPG_DB_COLUMN__UPDATE

#define SEPG_DB_COLUMN__UPDATE (1<<7)

Definition at line 177 of file sepgsql.h.

◆ SEPG_DB_DATABASE__ACCESS

#define SEPG_DB_DATABASE__ACCESS (1<<6)

Definition at line 124 of file sepgsql.h.

◆ SEPG_DB_DATABASE__CREATE

#define SEPG_DB_DATABASE__CREATE (1<<0)

Definition at line 118 of file sepgsql.h.

◆ SEPG_DB_DATABASE__DROP

#define SEPG_DB_DATABASE__DROP (1<<1)

Definition at line 119 of file sepgsql.h.

◆ SEPG_DB_DATABASE__GETATTR

#define SEPG_DB_DATABASE__GETATTR (1<<2)

Definition at line 120 of file sepgsql.h.

◆ SEPG_DB_DATABASE__LOAD_MODULE

#define SEPG_DB_DATABASE__LOAD_MODULE (1<<7)

Definition at line 125 of file sepgsql.h.

◆ SEPG_DB_DATABASE__RELABELFROM

#define SEPG_DB_DATABASE__RELABELFROM (1<<4)

Definition at line 122 of file sepgsql.h.

◆ SEPG_DB_DATABASE__RELABELTO

#define SEPG_DB_DATABASE__RELABELTO (1<<5)

Definition at line 123 of file sepgsql.h.

◆ SEPG_DB_DATABASE__SETATTR

#define SEPG_DB_DATABASE__SETATTR (1<<3)

Definition at line 121 of file sepgsql.h.

◆ SEPG_DB_LANGUAGE__CREATE

#define SEPG_DB_LANGUAGE__CREATE (SEPG_DB_DATABASE__CREATE)

Definition at line 198 of file sepgsql.h.

◆ SEPG_DB_LANGUAGE__DROP

#define SEPG_DB_LANGUAGE__DROP (SEPG_DB_DATABASE__DROP)

Definition at line 199 of file sepgsql.h.

◆ SEPG_DB_LANGUAGE__EXECUTE

#define SEPG_DB_LANGUAGE__EXECUTE (1<<7)

Definition at line 205 of file sepgsql.h.

◆ SEPG_DB_LANGUAGE__GETATTR

#define SEPG_DB_LANGUAGE__GETATTR (SEPG_DB_DATABASE__GETATTR)

Definition at line 200 of file sepgsql.h.

◆ SEPG_DB_LANGUAGE__IMPLEMENT

#define SEPG_DB_LANGUAGE__IMPLEMENT (1<<6)

Definition at line 204 of file sepgsql.h.

◆ SEPG_DB_LANGUAGE__RELABELFROM

#define SEPG_DB_LANGUAGE__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)

Definition at line 202 of file sepgsql.h.

◆ SEPG_DB_LANGUAGE__RELABELTO

#define SEPG_DB_LANGUAGE__RELABELTO (SEPG_DB_DATABASE__RELABELTO)

Definition at line 203 of file sepgsql.h.

◆ SEPG_DB_LANGUAGE__SETATTR

#define SEPG_DB_LANGUAGE__SETATTR (SEPG_DB_DATABASE__SETATTR)

Definition at line 201 of file sepgsql.h.

◆ SEPG_DB_PROCEDURE__CREATE

#define SEPG_DB_PROCEDURE__CREATE (SEPG_DB_DATABASE__CREATE)

Definition at line 160 of file sepgsql.h.

◆ SEPG_DB_PROCEDURE__DROP

#define SEPG_DB_PROCEDURE__DROP (SEPG_DB_DATABASE__DROP)

Definition at line 161 of file sepgsql.h.

◆ SEPG_DB_PROCEDURE__ENTRYPOINT

#define SEPG_DB_PROCEDURE__ENTRYPOINT (1<<7)

Definition at line 167 of file sepgsql.h.

◆ SEPG_DB_PROCEDURE__EXECUTE

#define SEPG_DB_PROCEDURE__EXECUTE (1<<6)

Definition at line 166 of file sepgsql.h.

◆ SEPG_DB_PROCEDURE__GETATTR

#define SEPG_DB_PROCEDURE__GETATTR (SEPG_DB_DATABASE__GETATTR)

Definition at line 162 of file sepgsql.h.

◆ SEPG_DB_PROCEDURE__INSTALL

#define SEPG_DB_PROCEDURE__INSTALL (1<<8)

Definition at line 168 of file sepgsql.h.

◆ SEPG_DB_PROCEDURE__RELABELFROM

#define SEPG_DB_PROCEDURE__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)

Definition at line 164 of file sepgsql.h.

◆ SEPG_DB_PROCEDURE__RELABELTO

#define SEPG_DB_PROCEDURE__RELABELTO (SEPG_DB_DATABASE__RELABELTO)

Definition at line 165 of file sepgsql.h.

◆ SEPG_DB_PROCEDURE__SETATTR

#define SEPG_DB_PROCEDURE__SETATTR (SEPG_DB_DATABASE__SETATTR)

Definition at line 163 of file sepgsql.h.

◆ SEPG_DB_SCHEMA__ADD_NAME

#define SEPG_DB_SCHEMA__ADD_NAME (1<<7)

Definition at line 134 of file sepgsql.h.

◆ SEPG_DB_SCHEMA__CREATE

#define SEPG_DB_SCHEMA__CREATE (SEPG_DB_DATABASE__CREATE)

Definition at line 127 of file sepgsql.h.

◆ SEPG_DB_SCHEMA__DROP

#define SEPG_DB_SCHEMA__DROP (SEPG_DB_DATABASE__DROP)

Definition at line 128 of file sepgsql.h.

◆ SEPG_DB_SCHEMA__GETATTR

#define SEPG_DB_SCHEMA__GETATTR (SEPG_DB_DATABASE__GETATTR)

Definition at line 129 of file sepgsql.h.

◆ SEPG_DB_SCHEMA__RELABELFROM

#define SEPG_DB_SCHEMA__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)

Definition at line 131 of file sepgsql.h.

◆ SEPG_DB_SCHEMA__RELABELTO

#define SEPG_DB_SCHEMA__RELABELTO (SEPG_DB_DATABASE__RELABELTO)

Definition at line 132 of file sepgsql.h.

◆ SEPG_DB_SCHEMA__REMOVE_NAME

#define SEPG_DB_SCHEMA__REMOVE_NAME (1<<8)

Definition at line 135 of file sepgsql.h.

◆ SEPG_DB_SCHEMA__SEARCH

#define SEPG_DB_SCHEMA__SEARCH (1<<6)

Definition at line 133 of file sepgsql.h.

◆ SEPG_DB_SCHEMA__SETATTR

#define SEPG_DB_SCHEMA__SETATTR (SEPG_DB_DATABASE__SETATTR)

Definition at line 130 of file sepgsql.h.

◆ SEPG_DB_SEQUENCE__CREATE

#define SEPG_DB_SEQUENCE__CREATE (SEPG_DB_DATABASE__CREATE)

Definition at line 150 of file sepgsql.h.

◆ SEPG_DB_SEQUENCE__DROP

#define SEPG_DB_SEQUENCE__DROP (SEPG_DB_DATABASE__DROP)

Definition at line 151 of file sepgsql.h.

◆ SEPG_DB_SEQUENCE__GET_VALUE

#define SEPG_DB_SEQUENCE__GET_VALUE (1<<6)

Definition at line 156 of file sepgsql.h.

◆ SEPG_DB_SEQUENCE__GETATTR

#define SEPG_DB_SEQUENCE__GETATTR (SEPG_DB_DATABASE__GETATTR)

Definition at line 152 of file sepgsql.h.

◆ SEPG_DB_SEQUENCE__NEXT_VALUE

#define SEPG_DB_SEQUENCE__NEXT_VALUE (1<<7)

Definition at line 157 of file sepgsql.h.

◆ SEPG_DB_SEQUENCE__RELABELFROM

#define SEPG_DB_SEQUENCE__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)

Definition at line 154 of file sepgsql.h.

◆ SEPG_DB_SEQUENCE__RELABELTO

#define SEPG_DB_SEQUENCE__RELABELTO (SEPG_DB_DATABASE__RELABELTO)

Definition at line 155 of file sepgsql.h.

◆ SEPG_DB_SEQUENCE__SET_VALUE

#define SEPG_DB_SEQUENCE__SET_VALUE (1<<8)

Definition at line 158 of file sepgsql.h.

◆ SEPG_DB_SEQUENCE__SETATTR

#define SEPG_DB_SEQUENCE__SETATTR (SEPG_DB_DATABASE__SETATTR)

Definition at line 153 of file sepgsql.h.

◆ SEPG_DB_TABLE__CREATE

#define SEPG_DB_TABLE__CREATE (SEPG_DB_DATABASE__CREATE)

Definition at line 137 of file sepgsql.h.

◆ SEPG_DB_TABLE__DELETE

#define SEPG_DB_TABLE__DELETE (1<<9)

Definition at line 146 of file sepgsql.h.

◆ SEPG_DB_TABLE__DROP

#define SEPG_DB_TABLE__DROP (SEPG_DB_DATABASE__DROP)

Definition at line 138 of file sepgsql.h.

◆ SEPG_DB_TABLE__GETATTR

#define SEPG_DB_TABLE__GETATTR (SEPG_DB_DATABASE__GETATTR)

Definition at line 139 of file sepgsql.h.

◆ SEPG_DB_TABLE__INSERT

#define SEPG_DB_TABLE__INSERT (1<<8)

Definition at line 145 of file sepgsql.h.

◆ SEPG_DB_TABLE__LOCK

#define SEPG_DB_TABLE__LOCK (1<<10)

Definition at line 147 of file sepgsql.h.

◆ SEPG_DB_TABLE__RELABELFROM

#define SEPG_DB_TABLE__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)

Definition at line 141 of file sepgsql.h.

◆ SEPG_DB_TABLE__RELABELTO

#define SEPG_DB_TABLE__RELABELTO (SEPG_DB_DATABASE__RELABELTO)

Definition at line 142 of file sepgsql.h.

◆ SEPG_DB_TABLE__SELECT

#define SEPG_DB_TABLE__SELECT (1<<6)

Definition at line 143 of file sepgsql.h.

◆ SEPG_DB_TABLE__SETATTR

#define SEPG_DB_TABLE__SETATTR (SEPG_DB_DATABASE__SETATTR)

Definition at line 140 of file sepgsql.h.

◆ SEPG_DB_TABLE__TRUNCATE

#define SEPG_DB_TABLE__TRUNCATE (1<<11)

Definition at line 148 of file sepgsql.h.

◆ SEPG_DB_TABLE__UPDATE

#define SEPG_DB_TABLE__UPDATE (1<<7)

Definition at line 144 of file sepgsql.h.

◆ SEPG_DB_TUPLE__DELETE

#define SEPG_DB_TUPLE__DELETE (SEPG_DB_DATABASE__DROP)

Definition at line 185 of file sepgsql.h.

◆ SEPG_DB_TUPLE__INSERT

#define SEPG_DB_TUPLE__INSERT (SEPG_DB_DATABASE__CREATE)

Definition at line 184 of file sepgsql.h.

◆ SEPG_DB_TUPLE__RELABELFROM

#define SEPG_DB_TUPLE__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)

Definition at line 180 of file sepgsql.h.

◆ SEPG_DB_TUPLE__RELABELTO

#define SEPG_DB_TUPLE__RELABELTO (SEPG_DB_DATABASE__RELABELTO)

Definition at line 181 of file sepgsql.h.

◆ SEPG_DB_TUPLE__SELECT

#define SEPG_DB_TUPLE__SELECT (SEPG_DB_DATABASE__GETATTR)

Definition at line 182 of file sepgsql.h.

◆ SEPG_DB_TUPLE__UPDATE

#define SEPG_DB_TUPLE__UPDATE (SEPG_DB_DATABASE__SETATTR)

Definition at line 183 of file sepgsql.h.

◆ SEPG_DB_VIEW__CREATE

#define SEPG_DB_VIEW__CREATE (SEPG_DB_DATABASE__CREATE)

Definition at line 207 of file sepgsql.h.

◆ SEPG_DB_VIEW__DROP

#define SEPG_DB_VIEW__DROP (SEPG_DB_DATABASE__DROP)

Definition at line 208 of file sepgsql.h.

◆ SEPG_DB_VIEW__EXPAND

#define SEPG_DB_VIEW__EXPAND (1<<6)

Definition at line 213 of file sepgsql.h.

◆ SEPG_DB_VIEW__GETATTR

#define SEPG_DB_VIEW__GETATTR (SEPG_DB_DATABASE__GETATTR)

Definition at line 209 of file sepgsql.h.

◆ SEPG_DB_VIEW__RELABELFROM

#define SEPG_DB_VIEW__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)

Definition at line 211 of file sepgsql.h.

◆ SEPG_DB_VIEW__RELABELTO

#define SEPG_DB_VIEW__RELABELTO (SEPG_DB_DATABASE__RELABELTO)

Definition at line 212 of file sepgsql.h.

◆ SEPG_DB_VIEW__SETATTR

#define SEPG_DB_VIEW__SETATTR (SEPG_DB_DATABASE__SETATTR)

Definition at line 210 of file sepgsql.h.

◆ SEPG_DIR__ADD_NAME

#define SEPG_DIR__ADD_NAME (1<<7)

Definition at line 78 of file sepgsql.h.

◆ SEPG_DIR__CREATE

#define SEPG_DIR__CREATE (SEPG_FILE__CREATE)

Definition at line 73 of file sepgsql.h.

◆ SEPG_DIR__GETATTR

#define SEPG_DIR__GETATTR (SEPG_FILE__GETATTR)

Definition at line 74 of file sepgsql.h.

◆ SEPG_DIR__READ

#define SEPG_DIR__READ (SEPG_FILE__READ)

Definition at line 71 of file sepgsql.h.

◆ SEPG_DIR__REMOVE_NAME

#define SEPG_DIR__REMOVE_NAME (1<<8)

Definition at line 79 of file sepgsql.h.

◆ SEPG_DIR__RENAME

#define SEPG_DIR__RENAME (SEPG_FILE__RENAME)

Definition at line 76 of file sepgsql.h.

◆ SEPG_DIR__REPARENT

#define SEPG_DIR__REPARENT (1<<10)

Definition at line 81 of file sepgsql.h.

◆ SEPG_DIR__RMDIR

#define SEPG_DIR__RMDIR (1<<9)

Definition at line 80 of file sepgsql.h.

◆ SEPG_DIR__SEARCH

#define SEPG_DIR__SEARCH (1<<6)

Definition at line 77 of file sepgsql.h.

◆ SEPG_DIR__UNLINK

#define SEPG_DIR__UNLINK (SEPG_FILE__UNLINK)

Definition at line 75 of file sepgsql.h.

◆ SEPG_DIR__WRITE

#define SEPG_DIR__WRITE (SEPG_FILE__WRITE)

Definition at line 72 of file sepgsql.h.

◆ SEPG_FIFO_FILE__CREATE

#define SEPG_FIFO_FILE__CREATE (SEPG_FILE__CREATE)

Definition at line 113 of file sepgsql.h.

◆ SEPG_FIFO_FILE__GETATTR

#define SEPG_FIFO_FILE__GETATTR (SEPG_FILE__GETATTR)

Definition at line 114 of file sepgsql.h.

◆ SEPG_FIFO_FILE__READ

#define SEPG_FIFO_FILE__READ (SEPG_FILE__READ)

Definition at line 111 of file sepgsql.h.

◆ SEPG_FIFO_FILE__RENAME

#define SEPG_FIFO_FILE__RENAME (SEPG_FILE__RENAME)

Definition at line 116 of file sepgsql.h.

◆ SEPG_FIFO_FILE__UNLINK

#define SEPG_FIFO_FILE__UNLINK (SEPG_FILE__UNLINK)

Definition at line 115 of file sepgsql.h.

◆ SEPG_FIFO_FILE__WRITE

#define SEPG_FIFO_FILE__WRITE (SEPG_FILE__WRITE)

Definition at line 112 of file sepgsql.h.

◆ SEPG_FILE__APPEND

#define SEPG_FILE__APPEND (1<<6)

Definition at line 69 of file sepgsql.h.

◆ SEPG_FILE__CREATE

#define SEPG_FILE__CREATE (1<<2)

Definition at line 65 of file sepgsql.h.

◆ SEPG_FILE__GETATTR

#define SEPG_FILE__GETATTR (1<<3)

Definition at line 66 of file sepgsql.h.

◆ SEPG_FILE__READ

#define SEPG_FILE__READ (1<<0)

Definition at line 63 of file sepgsql.h.

◆ SEPG_FILE__RENAME

#define SEPG_FILE__RENAME (1<<5)

Definition at line 68 of file sepgsql.h.

◆ SEPG_FILE__UNLINK

#define SEPG_FILE__UNLINK (1<<4)

Definition at line 67 of file sepgsql.h.

◆ SEPG_FILE__WRITE

#define SEPG_FILE__WRITE (1<<1)

Definition at line 64 of file sepgsql.h.

◆ SEPG_LNK_FILE__CREATE

#define SEPG_LNK_FILE__CREATE (SEPG_FILE__CREATE)

Definition at line 85 of file sepgsql.h.

◆ SEPG_LNK_FILE__GETATTR

#define SEPG_LNK_FILE__GETATTR (SEPG_FILE__GETATTR)

Definition at line 86 of file sepgsql.h.

◆ SEPG_LNK_FILE__READ

#define SEPG_LNK_FILE__READ (SEPG_FILE__READ)

Definition at line 83 of file sepgsql.h.

◆ SEPG_LNK_FILE__RENAME

#define SEPG_LNK_FILE__RENAME (SEPG_FILE__RENAME)

Definition at line 88 of file sepgsql.h.

◆ SEPG_LNK_FILE__UNLINK

#define SEPG_LNK_FILE__UNLINK (SEPG_FILE__UNLINK)

Definition at line 87 of file sepgsql.h.

◆ SEPG_LNK_FILE__WRITE

#define SEPG_LNK_FILE__WRITE (SEPG_FILE__WRITE)

Definition at line 84 of file sepgsql.h.

◆ SEPG_PROCESS__DYNTRANSITION

#define SEPG_PROCESS__DYNTRANSITION (1<<1)

Definition at line 60 of file sepgsql.h.

◆ SEPG_PROCESS__SETCURRENT

#define SEPG_PROCESS__SETCURRENT (1<<2)

Definition at line 61 of file sepgsql.h.

◆ SEPG_PROCESS__TRANSITION

#define SEPG_PROCESS__TRANSITION (1<<0)

Definition at line 59 of file sepgsql.h.

◆ SEPG_SOCK_FILE__CREATE

#define SEPG_SOCK_FILE__CREATE (SEPG_FILE__CREATE)

Definition at line 106 of file sepgsql.h.

◆ SEPG_SOCK_FILE__GETATTR

#define SEPG_SOCK_FILE__GETATTR (SEPG_FILE__GETATTR)

Definition at line 107 of file sepgsql.h.

◆ SEPG_SOCK_FILE__READ

#define SEPG_SOCK_FILE__READ (SEPG_FILE__READ)

Definition at line 104 of file sepgsql.h.

◆ SEPG_SOCK_FILE__RENAME

#define SEPG_SOCK_FILE__RENAME (SEPG_FILE__RENAME)

Definition at line 109 of file sepgsql.h.

◆ SEPG_SOCK_FILE__UNLINK

#define SEPG_SOCK_FILE__UNLINK (SEPG_FILE__UNLINK)

Definition at line 108 of file sepgsql.h.

◆ SEPG_SOCK_FILE__WRITE

#define SEPG_SOCK_FILE__WRITE (SEPG_FILE__WRITE)

Definition at line 105 of file sepgsql.h.

◆ SEPGSQL_AVC_NOAUDIT

#define SEPGSQL_AVC_NOAUDIT ((void *)(-1))

Definition at line 250 of file sepgsql.h.

◆ SEPGSQL_LABEL_TAG

#define SEPGSQL_LABEL_TAG "selinux"

Definition at line 23 of file sepgsql.h.

◆ SEPGSQL_MODE_DEFAULT

#define SEPGSQL_MODE_DEFAULT 1

Definition at line 28 of file sepgsql.h.

◆ SEPGSQL_MODE_DISABLED

#define SEPGSQL_MODE_DISABLED 4

Definition at line 31 of file sepgsql.h.

◆ SEPGSQL_MODE_INTERNAL

#define SEPGSQL_MODE_INTERNAL 3

Definition at line 30 of file sepgsql.h.

◆ SEPGSQL_MODE_PERMISSIVE

#define SEPGSQL_MODE_PERMISSIVE 2

Definition at line 29 of file sepgsql.h.

Function Documentation

◆ sepgsql_attribute_drop()

void sepgsql_attribute_drop	(	Oid	relOid,
		AttrNumber	attnum
	)

Definition at line 133 of file relation.c.

{
    ObjectAddress object;
    char       *audit_name;
    char        relkind = get_rel_relkind(relOid);
 
    if (relkind != RELKIND_RELATION && relkind != RELKIND_PARTITIONED_TABLE)
        return;
 
    /*
     * check db_column:{drop} permission
     */
    object.classId = RelationRelationId;
    object.objectId = relOid;
    object.objectSubId = attnum;
    audit_name = getObjectIdentity(&object, false);
 
    sepgsql_avc_check_perms(&object,
                            SEPG_CLASS_DB_COLUMN,
                            SEPG_DB_COLUMN__DROP,
                            audit_name,
                            true);
    pfree(audit_name);
}

References attnum, get_rel_relkind(), getObjectIdentity(), pfree(), SEPG_CLASS_DB_COLUMN, SEPG_DB_COLUMN__DROP, and sepgsql_avc_check_perms().

Referenced by sepgsql_object_access().

◆ sepgsql_attribute_post_create()

void sepgsql_attribute_post_create	(	Oid	relOid,
		AttrNumber	attnum
	)

Definition at line 43 of file relation.c.

{
    Relation    rel;
    ScanKeyData skey[2];
    SysScanDesc sscan;
    HeapTuple   tuple;
    char       *scontext;
    char       *tcontext;
    char       *ncontext;
    ObjectAddress object;
    Form_pg_attribute attForm;
    StringInfoData audit_name;
    char        relkind = get_rel_relkind(relOid);
 
    /*
     * Only attributes within regular relations or partition relations have
     * individual security labels.
     */
    if (relkind != RELKIND_RELATION && relkind != RELKIND_PARTITIONED_TABLE)
        return;
 
    /*
     * Compute a default security label of the new column underlying the
     * specified relation, and check permission to create it.
     */
    rel = table_open(AttributeRelationId, AccessShareLock);
 
    ScanKeyInit(&skey[0],
                Anum_pg_attribute_attrelid,
                BTEqualStrategyNumber, F_OIDEQ,
                ObjectIdGetDatum(relOid));
    ScanKeyInit(&skey[1],
                Anum_pg_attribute_attnum,
                BTEqualStrategyNumber, F_INT2EQ,
                Int16GetDatum(attnum));
 
    sscan = systable_beginscan(rel, AttributeRelidNumIndexId, true,
                               SnapshotSelf, 2, &skey[0]);
 
    tuple = systable_getnext(sscan);
    if (!HeapTupleIsValid(tuple))
        elog(ERROR, "could not find tuple for column %d of relation %u",
             attnum, relOid);
 
    attForm = (Form_pg_attribute) GETSTRUCT(tuple);
 
    scontext = sepgsql_get_client_label();
    tcontext = sepgsql_get_label(RelationRelationId, relOid, 0);
    ncontext = sepgsql_compute_create(scontext, tcontext,
                                      SEPG_CLASS_DB_COLUMN,
                                      NameStr(attForm->attname));
 
    /*
     * check db_column:{create} permission
     */
    object.classId = RelationRelationId;
    object.objectId = relOid;
    object.objectSubId = 0;
 
    initStringInfo(&audit_name);
    appendStringInfo(&audit_name, "%s.%s",
                     getObjectIdentity(&object, false),
                     quote_identifier(NameStr(attForm->attname)));
    sepgsql_avc_check_perms_label(ncontext,
                                  SEPG_CLASS_DB_COLUMN,
                                  SEPG_DB_COLUMN__CREATE,
                                  audit_name.data,
                                  true);
 
    /*
     * Assign the default security label on a new procedure
     */
    object.classId = RelationRelationId;
    object.objectId = relOid;
    object.objectSubId = attnum;
    SetSecurityLabel(&object, SEPGSQL_LABEL_TAG, ncontext);
 
    systable_endscan(sscan);
    table_close(rel, AccessShareLock);
 
    pfree(tcontext);
    pfree(ncontext);
}

References AccessShareLock, appendStringInfo(), attnum, BTEqualStrategyNumber, StringInfoData::data, elog, ERROR, get_rel_relkind(), getObjectIdentity(), GETSTRUCT(), HeapTupleIsValid, initStringInfo(), Int16GetDatum(), NameStr, ObjectIdGetDatum(), pfree(), quote_identifier(), ScanKeyInit(), SEPG_CLASS_DB_COLUMN, SEPG_DB_COLUMN__CREATE, sepgsql_avc_check_perms_label(), sepgsql_compute_create(), sepgsql_get_client_label(), sepgsql_get_label(), SEPGSQL_LABEL_TAG, SetSecurityLabel(), SnapshotSelf, systable_beginscan(), systable_endscan(), systable_getnext(), table_close(), and table_open().

Referenced by sepgsql_object_access().

◆ sepgsql_attribute_relabel()

void sepgsql_attribute_relabel	(	Oid	relOid,
		AttrNumber	attnum,
		const char *	seclabel
	)

Definition at line 165 of file relation.c.

{
    ObjectAddress object;
    char       *audit_name;
    char        relkind = get_rel_relkind(relOid);
 
    if (relkind != RELKIND_RELATION && relkind != RELKIND_PARTITIONED_TABLE)
        ereport(ERROR,
                (errcode(ERRCODE_WRONG_OBJECT_TYPE),
                 errmsg("cannot set security label on non-regular columns")));
 
    object.classId = RelationRelationId;
    object.objectId = relOid;
    object.objectSubId = attnum;
    audit_name = getObjectIdentity(&object, false);
 
    /*
     * check db_column:{setattr relabelfrom} permission
     */
    sepgsql_avc_check_perms(&object,
                            SEPG_CLASS_DB_COLUMN,
                            SEPG_DB_COLUMN__SETATTR |
                            SEPG_DB_COLUMN__RELABELFROM,
                            audit_name,
                            true);
 
    /*
     * check db_column:{relabelto} permission
     */
    sepgsql_avc_check_perms_label(seclabel,
                                  SEPG_CLASS_DB_COLUMN,
                                  SEPG_DB_PROCEDURE__RELABELTO,
                                  audit_name,
                                  true);
    pfree(audit_name);
}

References attnum, ereport, errcode(), errmsg(), ERROR, get_rel_relkind(), getObjectIdentity(), pfree(), SEPG_CLASS_DB_COLUMN, SEPG_DB_COLUMN__RELABELFROM, SEPG_DB_COLUMN__SETATTR, SEPG_DB_PROCEDURE__RELABELTO, sepgsql_avc_check_perms(), and sepgsql_avc_check_perms_label().

Referenced by sepgsql_object_relabel().

◆ sepgsql_attribute_setattr()

void sepgsql_attribute_setattr	(	Oid	relOid,
		AttrNumber	attnum
	)

Definition at line 209 of file relation.c.

{
    ObjectAddress object;
    char       *audit_name;
    char        relkind = get_rel_relkind(relOid);
 
    if (relkind != RELKIND_RELATION && relkind != RELKIND_PARTITIONED_TABLE)
        return;
 
    /*
     * check db_column:{setattr} permission
     */
    object.classId = RelationRelationId;
    object.objectId = relOid;
    object.objectSubId = attnum;
    audit_name = getObjectIdentity(&object, false);
 
    sepgsql_avc_check_perms(&object,
                            SEPG_CLASS_DB_COLUMN,
                            SEPG_DB_COLUMN__SETATTR,
                            audit_name,
                            true);
    pfree(audit_name);
}

References attnum, get_rel_relkind(), getObjectIdentity(), pfree(), SEPG_CLASS_DB_COLUMN, SEPG_DB_COLUMN__SETATTR, and sepgsql_avc_check_perms().

Referenced by sepgsql_object_access().

◆ sepgsql_audit_log()

void sepgsql_audit_log	(	bool	denied,
		bool	enforcing,
		const char *	scontext,
		const char *	tcontext,
		uint16	tclass,
		uint32	audited,
		const char *	audit_name
	)

Definition at line 678 of file selinux.c.

{
    StringInfoData buf;
    const char *class_name;
    const char *av_name;
    int         i;
 
    /* lookup name of the object class */
    Assert(tclass < SEPG_CLASS_MAX);
    class_name = selinux_catalog[tclass].class_name;
 
    /* lookup name of the permissions */
    initStringInfo(&buf);
    appendStringInfo(&buf, "%s {",
                     (denied ? "denied" : "allowed"));
    for (i = 0; selinux_catalog[tclass].av[i].av_name; i++)
    {
        if (audited & (1UL << i))
        {
            av_name = selinux_catalog[tclass].av[i].av_name;
            appendStringInfo(&buf, " %s", av_name);
        }
    }
    appendStringInfoString(&buf, " }");
 
    /*
     * Call external audit module, if loaded
     */
    appendStringInfo(&buf, " scontext=%s tcontext=%s tclass=%s",
                     scontext, tcontext, class_name);
    if (audit_name)
        appendStringInfo(&buf, " name=\"%s\"", audit_name);
 
    if (enforcing)
        appendStringInfoString(&buf, " permissive=0");
    else
        appendStringInfoString(&buf, " permissive=1");
 
    ereport(LOG, (errmsg("SELinux: %s", buf.data)));
}

References appendStringInfo(), appendStringInfoString(), Assert(), av_name, buf, class_name, ereport, errmsg(), i, initStringInfo(), LOG, selinux_catalog, and SEPG_CLASS_MAX.

Referenced by sepgsql_avc_check_perms_label().

◆ sepgsql_avc_check_perms()

bool sepgsql_avc_check_perms	(	const ObjectAddress *	tobject,
		uint16	tclass,
		uint32	required,
		const char *	audit_name,
		bool	abort_on_violation
	)

Definition at line 420 of file uavc.c.

{
    char       *tcontext = GetSecurityLabel(tobject, SEPGSQL_LABEL_TAG);
    bool        rc;
 
    rc = sepgsql_avc_check_perms_label(tcontext,
                                       tclass, required,
                                       audit_name, abort_on_violation);
    if (tcontext)
        pfree(tcontext);
 
    return rc;
}

References GetSecurityLabel(), pfree(), generate_unaccent_rules::required, sepgsql_avc_check_perms_label(), and SEPGSQL_LABEL_TAG.

Referenced by check_relation_privileges(), check_schema_perms(), sepgsql_attribute_drop(), sepgsql_attribute_relabel(), sepgsql_attribute_setattr(), sepgsql_database_drop(), sepgsql_database_relabel(), sepgsql_database_setattr(), sepgsql_fmgr_hook(), sepgsql_needs_fmgr_hook(), sepgsql_proc_drop(), sepgsql_proc_execute(), sepgsql_proc_post_create(), sepgsql_proc_relabel(), sepgsql_proc_setattr(), sepgsql_relation_drop(), sepgsql_relation_post_create(), sepgsql_relation_relabel(), sepgsql_relation_setattr(), sepgsql_relation_truncate(), sepgsql_schema_drop(), and sepgsql_schema_relabel().

◆ sepgsql_avc_check_perms_label()

bool sepgsql_avc_check_perms_label	(	const char *	tcontext,
		uint16	tclass,
		uint32	required,
		const char *	audit_name,
		bool	abort_on_violation
	)

Definition at line 337 of file uavc.c.

{
    char       *scontext = sepgsql_get_client_label();
    avc_cache  *cache;
    uint32      denied;
    uint32      audited;
    bool        result;
 
    sepgsql_avc_check_valid();
    do
    {
        result = true;
 
        /*
         * If the target object is unlabeled, we perform the check using the
         * label supplied by sepgsql_avc_unlabeled().
         */
        if (tcontext)
            cache = sepgsql_avc_lookup(scontext, tcontext, tclass);
        else
            cache = sepgsql_avc_lookup(scontext,
                                       sepgsql_avc_unlabeled(), tclass);
 
        denied = required & ~cache->allowed;
 
        /*
         * Compute permissions to be audited
         */
        if (sepgsql_get_debug_audit())
            audited = (denied ? (denied & ~0) : (required & ~0));
        else
            audited = denied ? (denied & cache->auditdeny)
                : (required & cache->auditallow);
 
        if (denied)
        {
            /*
             * In permissive mode or permissive domain, violated permissions
             * shall be audited to the log files at once, and then implicitly
             * allowed to avoid a flood of access denied logs, because the
             * purpose of permissive mode/domain is to collect a violation log
             * that will make it possible to fix up the security policy.
             */
            if (!sepgsql_getenforce() || cache->permissive)
                cache->allowed |= required;
            else
                result = false;
        }
    } while (!sepgsql_avc_check_valid());
 
    /*
     * In the case when we have something auditable actions here,
     * sepgsql_audit_log shall be called with text representation of security
     * labels for both of subject and object. It records this access
     * violation, so DBA will be able to find out unexpected security problems
     * later.
     */
    if (audited != 0 &&
        audit_name != SEPGSQL_AVC_NOAUDIT &&
        sepgsql_get_mode() != SEPGSQL_MODE_INTERNAL)
    {
        sepgsql_audit_log(denied != 0,
                          (sepgsql_getenforce() && !cache->permissive),
                          cache->scontext,
                          cache->tcontext_is_valid ?
                          cache->tcontext : sepgsql_avc_unlabeled(),
                          cache->tclass,
                          audited,
                          audit_name);
    }
 
    if (abort_on_violation && !result)
        ereport(ERROR,
                (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
                 errmsg("SELinux: security policy violation")));
 
    return result;
}

References avc_cache::allowed, avc_cache::auditallow, avc_cache::auditdeny, ereport, errcode(), errmsg(), ERROR, avc_cache::permissive, generate_unaccent_rules::required, avc_cache::scontext, sepgsql_audit_log(), sepgsql_avc_check_valid(), sepgsql_avc_lookup(), SEPGSQL_AVC_NOAUDIT, sepgsql_avc_unlabeled(), sepgsql_get_client_label(), sepgsql_get_debug_audit(), sepgsql_get_mode(), sepgsql_getenforce(), SEPGSQL_MODE_INTERNAL, avc_cache::tclass, avc_cache::tcontext, and avc_cache::tcontext_is_valid.

Referenced by sepgsql_attribute_post_create(), sepgsql_attribute_relabel(), sepgsql_avc_check_perms(), sepgsql_database_post_create(), sepgsql_database_relabel(), sepgsql_fmgr_hook(), sepgsql_proc_post_create(), sepgsql_proc_relabel(), sepgsql_relation_post_create(), sepgsql_relation_relabel(), sepgsql_schema_post_create(), sepgsql_schema_relabel(), and sepgsql_set_client_label().

◆ sepgsql_avc_init()

void sepgsql_avc_init ( void )

Definition at line 488 of file uavc.c.

{
    int         rc;
 
    /*
     * All the avc stuff shall be allocated in avc_mem_cxt
     */
    avc_mem_cxt = AllocSetContextCreate(TopMemoryContext,
                                        "userspace access vector cache",
                                        ALLOCSET_DEFAULT_SIZES);
    memset(avc_slots, 0, sizeof(avc_slots));
    avc_num_caches = 0;
    avc_lru_hint = 0;
    avc_threshold = AVC_DEF_THRESHOLD;
 
    /*
     * SELinux allows to mmap(2) its kernel status page in read-only mode to
     * inform userspace applications its status updating (such as policy
     * reloading) without system-call invocations. This feature is only
     * supported in Linux-2.6.38 or later, however, libselinux provides a
     * fallback mode to know its status using netlink sockets.
     */
    rc = selinux_status_open(1);
    if (rc < 0)
        ereport(ERROR,
                (errcode(ERRCODE_INTERNAL_ERROR),
                 errmsg("SELinux: could not open selinux status : %m")));
    else if (rc > 0)
        ereport(LOG,
                (errmsg("SELinux: kernel status page uses fallback mode")));
 
    /* Arrange to close selinux status page on process exit. */
    on_proc_exit(sepgsql_avc_exit, 0);
}

References ALLOCSET_DEFAULT_SIZES, AllocSetContextCreate, AVC_DEF_THRESHOLD, avc_lru_hint, avc_mem_cxt, avc_num_caches, avc_slots, avc_threshold, ereport, errcode(), errmsg(), ERROR, LOG, on_proc_exit(), sepgsql_avc_exit(), and TopMemoryContext.

Referenced by _PG_init().

◆ sepgsql_avc_trusted_proc()

char * sepgsql_avc_trusted_proc ( Oid functionId )

Definition at line 445 of file uavc.c.

{
    char       *scontext = sepgsql_get_client_label();
    char       *tcontext;
    ObjectAddress tobject;
    avc_cache  *cache;
 
    tobject.classId = ProcedureRelationId;
    tobject.objectId = functionId;
    tobject.objectSubId = 0;
    tcontext = GetSecurityLabel(&tobject, SEPGSQL_LABEL_TAG);
 
    sepgsql_avc_check_valid();
    do
    {
        if (tcontext)
            cache = sepgsql_avc_lookup(scontext, tcontext,
                                       SEPG_CLASS_DB_PROCEDURE);
        else
            cache = sepgsql_avc_lookup(scontext, sepgsql_avc_unlabeled(),
                                       SEPG_CLASS_DB_PROCEDURE);
    } while (!sepgsql_avc_check_valid());
 
    return cache->ncontext;
}

References ObjectAddress::classId, GetSecurityLabel(), avc_cache::ncontext, ObjectAddress::objectId, ObjectAddress::objectSubId, SEPG_CLASS_DB_PROCEDURE, sepgsql_avc_check_valid(), sepgsql_avc_lookup(), sepgsql_avc_unlabeled(), sepgsql_get_client_label(), and SEPGSQL_LABEL_TAG.

Referenced by sepgsql_fmgr_hook(), and sepgsql_needs_fmgr_hook().

◆ sepgsql_compute_avd()

void sepgsql_compute_avd	(	const char *	scontext,
		const char *	tcontext,
		uint16	tclass,
		struct av_decision *	avd
	)

Definition at line 739 of file selinux.c.

{
    const char *tclass_name;
    security_class_t tclass_ex;
    struct av_decision avd_ex;
    int         i,
                deny_unknown = security_deny_unknown();
 
    /* Get external code of the object class */
    Assert(tclass < SEPG_CLASS_MAX);
    Assert(tclass == selinux_catalog[tclass].class_code);
 
    tclass_name = selinux_catalog[tclass].class_name;
    tclass_ex = string_to_security_class(tclass_name);
 
    if (tclass_ex == 0)
    {
        /*
         * If the current security policy does not support permissions
         * corresponding to database objects, we fill up them with dummy data.
         * If security_deny_unknown() returns positive value, undefined
         * permissions should be denied. Otherwise, allowed
         */
        avd->allowed = (security_deny_unknown() > 0 ? 0 : ~0);
        avd->auditallow = 0U;
        avd->auditdeny = ~0U;
        avd->flags = 0;
 
        return;
    }
 
    /*
     * Ask SELinux what is allowed set of permissions on a pair of the
     * security contexts and the given object class.
     */
    if (security_compute_av_flags_raw(scontext,
                                      tcontext,
                                      tclass_ex, 0, &avd_ex) < 0)
        ereport(ERROR,
                (errcode(ERRCODE_INTERNAL_ERROR),
                 errmsg("SELinux could not compute av_decision: "
                        "scontext=%s tcontext=%s tclass=%s: %m",
                        scontext, tcontext, tclass_name)));
 
    /*
     * SELinux returns its access control decision as a set of permissions
     * represented in external code which depends on run-time environment. So,
     * we need to translate it to the internal representation before returning
     * results for the caller.
     */
    memset(avd, 0, sizeof(struct av_decision));
 
    for (i = 0; selinux_catalog[tclass].av[i].av_name; i++)
    {
        access_vector_t av_code_ex;
        const char *av_name = selinux_catalog[tclass].av[i].av_name;
        uint32      av_code = selinux_catalog[tclass].av[i].av_code;
 
        av_code_ex = string_to_av_perm(tclass_ex, av_name);
        if (av_code_ex == 0)
        {
            /* fill up undefined permissions */
            if (!deny_unknown)
                avd->allowed |= av_code;
            avd->auditdeny |= av_code;
 
            continue;
        }
 
        if (avd_ex.allowed & av_code_ex)
            avd->allowed |= av_code;
        if (avd_ex.auditallow & av_code_ex)
            avd->auditallow |= av_code;
        if (avd_ex.auditdeny & av_code_ex)
            avd->auditdeny |= av_code;
    }
}

References Assert(), av_code, av_name, class_code, ereport, errcode(), errmsg(), ERROR, i, selinux_catalog, and SEPG_CLASS_MAX.

Referenced by sepgsql_avc_compute().

◆ sepgsql_compute_create()

char * sepgsql_compute_create	(	const char *	scontext,
		const char *	tcontext,
		uint16	tclass,
		const char *	objname
	)

Definition at line 842 of file selinux.c.

{
    char       *ncontext;
    security_class_t tclass_ex;
    const char *tclass_name;
    char       *result;
 
    /* Get external code of the object class */
    Assert(tclass < SEPG_CLASS_MAX);
 
    tclass_name = selinux_catalog[tclass].class_name;
    tclass_ex = string_to_security_class(tclass_name);
 
    /*
     * Ask SELinux what is the default context for the given object class on a
     * pair of security contexts
     */
    if (security_compute_create_name_raw(scontext,
                                         tcontext,
                                         tclass_ex,
                                         objname,
                                         &ncontext) < 0)
        ereport(ERROR,
                (errcode(ERRCODE_INTERNAL_ERROR),
                 errmsg("SELinux could not compute a new context: "
                        "scontext=%s tcontext=%s tclass=%s: %m",
                        scontext, tcontext, tclass_name)));
 
    /*
     * libselinux returns malloc()'ed string, so we need to copy it on the
     * palloc()'ed region.
     */
    PG_TRY();
    {
        result = pstrdup(ncontext);
    }
    PG_FINALLY();
    {
        freecon(ncontext);
    }
    PG_END_TRY();
 
    return result;
}

References Assert(), ereport, errcode(), errmsg(), ERROR, PG_END_TRY, PG_FINALLY, PG_TRY, pstrdup(), selinux_catalog, and SEPG_CLASS_MAX.

Referenced by sepgsql_attribute_post_create(), sepgsql_avc_compute(), sepgsql_database_post_create(), sepgsql_proc_post_create(), sepgsql_relation_post_create(), and sepgsql_schema_post_create().

◆ sepgsql_database_drop()

void sepgsql_database_drop ( Oid databaseId )

Definition at line 133 of file database.c.

{
    ObjectAddress object;
    char       *audit_name;
 
    /*
     * check db_database:{drop} permission
     */
    object.classId = DatabaseRelationId;
    object.objectId = databaseId;
    object.objectSubId = 0;
    audit_name = getObjectIdentity(&object, false);
 
    sepgsql_avc_check_perms(&object,
                            SEPG_CLASS_DB_DATABASE,
                            SEPG_DB_DATABASE__DROP,
                            audit_name,
                            true);
    pfree(audit_name);
}

References ObjectAddress::classId, getObjectIdentity(), pfree(), SEPG_CLASS_DB_DATABASE, SEPG_DB_DATABASE__DROP, and sepgsql_avc_check_perms().

Referenced by sepgsql_object_access().

◆ sepgsql_database_post_create()

void sepgsql_database_post_create	(	Oid	databaseId,
		const char *	dtemplate
	)

Definition at line 33 of file database.c.

{
    Relation    rel;
    ScanKeyData skey;
    SysScanDesc sscan;
    HeapTuple   tuple;
    char       *tcontext;
    char       *ncontext;
    ObjectAddress object;
    Form_pg_database datForm;
    StringInfoData audit_name;
 
    /*
     * Oid of the source database is not saved in pg_database catalog, so we
     * collect its identifier using contextual information. If NULL, its
     * default is "template1" according to createdb().
     */
    if (!dtemplate)
        dtemplate = "template1";
 
    object.classId = DatabaseRelationId;
    object.objectId = get_database_oid(dtemplate, false);
    object.objectSubId = 0;
 
    tcontext = sepgsql_get_label(object.classId,
                                 object.objectId,
                                 object.objectSubId);
 
    /*
     * check db_database:{getattr} permission
     */
    initStringInfo(&audit_name);
    appendStringInfoString(&audit_name, quote_identifier(dtemplate));
    sepgsql_avc_check_perms_label(tcontext,
                                  SEPG_CLASS_DB_DATABASE,
                                  SEPG_DB_DATABASE__GETATTR,
                                  audit_name.data,
                                  true);
 
    /*
     * Compute a default security label of the newly created database based on
     * a pair of security label of client and source database.
     *
     * XXX - upcoming version of libselinux supports to take object name to
     * handle special treatment on default security label.
     */
    rel = table_open(DatabaseRelationId, AccessShareLock);
 
    ScanKeyInit(&skey,
                Anum_pg_database_oid,
                BTEqualStrategyNumber, F_OIDEQ,
                ObjectIdGetDatum(databaseId));
 
    sscan = systable_beginscan(rel, DatabaseOidIndexId, true,
                               SnapshotSelf, 1, &skey);
    tuple = systable_getnext(sscan);
    if (!HeapTupleIsValid(tuple))
        elog(ERROR, "could not find tuple for database %u", databaseId);
 
    datForm = (Form_pg_database) GETSTRUCT(tuple);
 
    ncontext = sepgsql_compute_create(sepgsql_get_client_label(),
                                      tcontext,
                                      SEPG_CLASS_DB_DATABASE,
                                      NameStr(datForm->datname));
 
    /*
     * check db_database:{create} permission
     */
    resetStringInfo(&audit_name);
    appendStringInfoString(&audit_name,
                           quote_identifier(NameStr(datForm->datname)));
    sepgsql_avc_check_perms_label(ncontext,
                                  SEPG_CLASS_DB_DATABASE,
                                  SEPG_DB_DATABASE__CREATE,
                                  audit_name.data,
                                  true);
 
    systable_endscan(sscan);
    table_close(rel, AccessShareLock);
 
    /*
     * Assign the default security label on the new database
     */
    object.classId = DatabaseRelationId;
    object.objectId = databaseId;
    object.objectSubId = 0;
 
    SetSecurityLabel(&object, SEPGSQL_LABEL_TAG, ncontext);
 
    pfree(ncontext);
    pfree(tcontext);
}

References AccessShareLock, appendStringInfoString(), BTEqualStrategyNumber, StringInfoData::data, elog, ERROR, get_database_oid(), GETSTRUCT(), HeapTupleIsValid, initStringInfo(), NameStr, ObjectIdGetDatum(), pfree(), quote_identifier(), resetStringInfo(), ScanKeyInit(), SEPG_CLASS_DB_DATABASE, SEPG_DB_DATABASE__CREATE, SEPG_DB_DATABASE__GETATTR, sepgsql_avc_check_perms_label(), sepgsql_compute_create(), sepgsql_get_client_label(), sepgsql_get_label(), SEPGSQL_LABEL_TAG, SetSecurityLabel(), SnapshotSelf, systable_beginscan(), systable_endscan(), systable_getnext(), table_close(), and table_open().

Referenced by sepgsql_object_access().

◆ sepgsql_database_relabel()

void sepgsql_database_relabel	(	Oid	databaseId,
		const char *	seclabel
	)

Definition at line 187 of file database.c.

{
    ObjectAddress object;
    char       *audit_name;
 
    object.classId = DatabaseRelationId;
    object.objectId = databaseId;
    object.objectSubId = 0;
    audit_name = getObjectIdentity(&object, false);
 
    /*
     * check db_database:{setattr relabelfrom} permission
     */
    sepgsql_avc_check_perms(&object,
                            SEPG_CLASS_DB_DATABASE,
                            SEPG_DB_DATABASE__SETATTR |
                            SEPG_DB_DATABASE__RELABELFROM,
                            audit_name,
                            true);
 
    /*
     * check db_database:{relabelto} permission
     */
    sepgsql_avc_check_perms_label(seclabel,
                                  SEPG_CLASS_DB_DATABASE,
                                  SEPG_DB_DATABASE__RELABELTO,
                                  audit_name,
                                  true);
    pfree(audit_name);
}

References ObjectAddress::classId, getObjectIdentity(), pfree(), SEPG_CLASS_DB_DATABASE, SEPG_DB_DATABASE__RELABELFROM, SEPG_DB_DATABASE__RELABELTO, SEPG_DB_DATABASE__SETATTR, sepgsql_avc_check_perms(), and sepgsql_avc_check_perms_label().

Referenced by sepgsql_object_relabel().

◆ sepgsql_database_setattr()

void sepgsql_database_setattr ( Oid databaseId )

Definition at line 160 of file database.c.

{
    ObjectAddress object;
    char       *audit_name;
 
    /*
     * check db_database:{setattr} permission
     */
    object.classId = DatabaseRelationId;
    object.objectId = databaseId;
    object.objectSubId = 0;
    audit_name = getObjectIdentity(&object, false);
 
    sepgsql_avc_check_perms(&object,
                            SEPG_CLASS_DB_DATABASE,
                            SEPG_DB_DATABASE__SETATTR,
                            audit_name,
                            true);
    pfree(audit_name);
}

References ObjectAddress::classId, getObjectIdentity(), pfree(), SEPG_CLASS_DB_DATABASE, SEPG_DB_DATABASE__SETATTR, and sepgsql_avc_check_perms().

Referenced by sepgsql_object_access().

◆ sepgsql_dml_privileges()

bool sepgsql_dml_privileges	(	List *	rangeTabls,
		List *	rteperminfos,
		bool	abort_on_violation
	)

Definition at line 282 of file dml.c.

{
    ListCell   *lr;
 
    foreach(lr, rteperminfos)
    {
        RTEPermissionInfo *perminfo = lfirst_node(RTEPermissionInfo, lr);
        uint32      required = 0;
        List       *tableIds;
        ListCell   *li;
 
        /*
         * Find out required permissions
         */
        if (perminfo->requiredPerms & ACL_SELECT)
            required |= SEPG_DB_TABLE__SELECT;
        if (perminfo->requiredPerms & ACL_INSERT)
            required |= SEPG_DB_TABLE__INSERT;
        if (perminfo->requiredPerms & ACL_UPDATE)
        {
            if (!bms_is_empty(perminfo->updatedCols))
                required |= SEPG_DB_TABLE__UPDATE;
            else
                required |= SEPG_DB_TABLE__LOCK;
        }
        if (perminfo->requiredPerms & ACL_DELETE)
            required |= SEPG_DB_TABLE__DELETE;
 
        /*
         * Skip, if nothing to be checked
         */
        if (required == 0)
            continue;
 
        /*
         * If this RangeTblEntry is also supposed to reference inherited
         * tables, we need to check security label of the child tables. So, we
         * expand rte->relid into list of OIDs of inheritance hierarchy, then
         * checker routine will be invoked for each relations.
         */
        if (!perminfo->inh)
            tableIds = list_make1_oid(perminfo->relid);
        else
            tableIds = find_all_inheritors(perminfo->relid, NoLock, NULL);
 
        foreach(li, tableIds)
        {
            Oid         tableOid = lfirst_oid(li);
            Bitmapset  *selectedCols;
            Bitmapset  *insertedCols;
            Bitmapset  *updatedCols;
 
            /*
             * child table has different attribute numbers, so we need to fix
             * up them.
             */
            selectedCols = fixup_inherited_columns(perminfo->relid, tableOid,
                                                   perminfo->selectedCols);
            insertedCols = fixup_inherited_columns(perminfo->relid, tableOid,
                                                   perminfo->insertedCols);
            updatedCols = fixup_inherited_columns(perminfo->relid, tableOid,
                                                  perminfo->updatedCols);
 
            /*
             * check permissions on individual tables
             */
            if (!check_relation_privileges(tableOid,
                                           selectedCols,
                                           insertedCols,
                                           updatedCols,
                                           required, abort_on_violation))
                return false;
        }
        list_free(tableIds);
    }
    return true;
}

References ACL_DELETE, ACL_INSERT, ACL_SELECT, ACL_UPDATE, bms_is_empty, check_relation_privileges(), find_all_inheritors(), fixup_inherited_columns(), RTEPermissionInfo::inh, RTEPermissionInfo::insertedCols, lfirst_node, lfirst_oid, list_free(), list_make1_oid, NoLock, RTEPermissionInfo::relid, generate_unaccent_rules::required, RTEPermissionInfo::requiredPerms, RTEPermissionInfo::selectedCols, SEPG_DB_TABLE__DELETE, SEPG_DB_TABLE__INSERT, SEPG_DB_TABLE__LOCK, SEPG_DB_TABLE__SELECT, SEPG_DB_TABLE__UPDATE, and RTEPermissionInfo::updatedCols.

Referenced by sepgsql_exec_check_perms().

◆ sepgsql_get_client_label()

char * sepgsql_get_client_label ( void )

Definition at line 80 of file label.c.

{
    /* trusted procedure client label override */
    if (client_label_func)
        return client_label_func;
 
    /* uncommitted sepgsql_setcon() value */
    if (client_label_pending)
    {
        pending_label *plabel = llast(client_label_pending);
 
        if (plabel->label)
            return plabel->label;
    }
    else if (client_label_committed)
        return client_label_committed;  /* set by sepgsql_setcon() committed */
 
    /* default label */
    Assert(client_label_peer != NULL);
    return client_label_peer;
}

References Assert(), client_label_committed, client_label_func, client_label_peer, client_label_pending, pending_label::label, and llast.

Referenced by sepgsql_attribute_post_create(), sepgsql_avc_check_perms_label(), sepgsql_avc_trusted_proc(), sepgsql_database_post_create(), sepgsql_getcon(), sepgsql_proc_post_create(), sepgsql_relation_post_create(), sepgsql_schema_post_create(), and sepgsql_set_client_label().

◆ sepgsql_get_debug_audit()

bool sepgsql_get_debug_audit ( void )

Definition at line 74 of file hooks.c.

{
    return sepgsql_debug_audit;
}

References sepgsql_debug_audit.

Referenced by sepgsql_avc_check_perms_label().

◆ sepgsql_get_label()

char * sepgsql_get_label	(	Oid	classId,
		Oid	objectId,
		int32	subId
	)

Definition at line 445 of file label.c.

{
    ObjectAddress object;
    char       *label;
 
    object.classId = classId;
    object.objectId = objectId;
    object.objectSubId = subId;
 
    label = GetSecurityLabel(&object, SEPGSQL_LABEL_TAG);
    if (!label || security_check_context_raw(label))
    {
        char       *unlabeled;
 
        if (security_get_initial_context_raw("unlabeled", &unlabeled) < 0)
            ereport(ERROR,
                    (errcode(ERRCODE_INTERNAL_ERROR),
                     errmsg("SELinux: failed to get initial security label: %m")));
        PG_TRY();
        {
            label = pstrdup(unlabeled);
        }
        PG_FINALLY();
        {
            freecon(unlabeled);
        }
        PG_END_TRY();
    }
    return label;
}

References ereport, errcode(), errmsg(), ERROR, GetSecurityLabel(), label, PG_END_TRY, PG_FINALLY, PG_TRY, pstrdup(), and SEPGSQL_LABEL_TAG.

Referenced by sepgsql_attribute_post_create(), sepgsql_database_post_create(), sepgsql_proc_post_create(), sepgsql_relation_post_create(), and sepgsql_schema_post_create().

◆ sepgsql_get_mode()

int sepgsql_get_mode ( void )

Definition at line 625 of file selinux.c.

{
    return sepgsql_mode;
}

References sepgsql_mode.

Referenced by sepgsql_avc_check_perms_label().

◆ sepgsql_get_permissive()

bool sepgsql_get_permissive ( void )

Definition at line 63 of file hooks.c.

{
    return sepgsql_permissive;
}

References sepgsql_permissive.

Referenced by sepgsql_client_auth().

◆ sepgsql_getenforce()

bool sepgsql_getenforce ( void )

Definition at line 651 of file selinux.c.

{
    if (sepgsql_mode == SEPGSQL_MODE_DEFAULT &&
        selinux_status_getenforce() > 0)
        return true;
 
    return false;
}

References sepgsql_mode, and SEPGSQL_MODE_DEFAULT.

Referenced by check_relation_privileges(), sepgsql_avc_check_perms_label(), and sepgsql_utility_command().

◆ sepgsql_init_client_label()

void sepgsql_init_client_label ( void )

Definition at line 404 of file label.c.

{
    /*
     * Set up dummy client label.
     *
     * XXX - note that PostgreSQL launches background worker process like
     * autovacuum without authentication steps. So, we initialize sepgsql_mode
     * with SEPGSQL_MODE_INTERNAL, and client_label with the security context
     * of server process. Later, it also launches background of user session.
     * In this case, the process is always hooked on post-authentication, and
     * we can initialize the sepgsql_mode and client_label correctly.
     */
    if (getcon_raw(&client_label_peer) < 0)
        ereport(ERROR,
                (errcode(ERRCODE_INTERNAL_ERROR),
                 errmsg("SELinux: failed to get server security label: %m")));
 
    /* Client authentication hook */
    next_client_auth_hook = ClientAuthentication_hook;
    ClientAuthentication_hook = sepgsql_client_auth;
 
    /* Trusted procedure hooks */
    next_needs_fmgr_hook = needs_fmgr_hook;
    needs_fmgr_hook = sepgsql_needs_fmgr_hook;
 
    next_fmgr_hook = fmgr_hook;
    fmgr_hook = sepgsql_fmgr_hook;
 
    /* Transaction/Sub-transaction callbacks */
    RegisterXactCallback(sepgsql_xact_callback, NULL);
    RegisterSubXactCallback(sepgsql_subxact_callback, NULL);
}

References client_label_peer, ClientAuthentication_hook, ereport, errcode(), errmsg(), ERROR, fmgr_hook, needs_fmgr_hook, next_client_auth_hook, next_fmgr_hook, next_needs_fmgr_hook, RegisterSubXactCallback(), RegisterXactCallback(), sepgsql_client_auth(), sepgsql_fmgr_hook(), sepgsql_needs_fmgr_hook(), sepgsql_subxact_callback(), and sepgsql_xact_callback().

Referenced by _PG_init().

◆ sepgsql_is_enabled()

bool sepgsql_is_enabled ( void )

Definition at line 616 of file selinux.c.

{
    return (sepgsql_mode != SEPGSQL_MODE_DISABLED);
}

References sepgsql_mode, and SEPGSQL_MODE_DISABLED.

Referenced by sepgsql_getcon(), sepgsql_mcstrans_in(), sepgsql_mcstrans_out(), and sepgsql_restorecon().

◆ sepgsql_object_relabel()

void sepgsql_object_relabel	(	const ObjectAddress *	object,
		const char *	seclabel
	)

Definition at line 482 of file label.c.

{
    /*
     * validate format of the supplied security label, if it is security
     * context of selinux.
     */
    if (seclabel &&
        security_check_context_raw(seclabel) < 0)
        ereport(ERROR,
                (errcode(ERRCODE_INVALID_NAME),
                 errmsg("SELinux: invalid security label: \"%s\"", seclabel)));
 
    /*
     * Do actual permission checks for each object classes
     */
    switch (object->classId)
    {
        case DatabaseRelationId:
            sepgsql_database_relabel(object->objectId, seclabel);
            break;
 
        case NamespaceRelationId:
            sepgsql_schema_relabel(object->objectId, seclabel);
            break;
 
        case RelationRelationId:
            if (object->objectSubId == 0)
                sepgsql_relation_relabel(object->objectId,
                                         seclabel);
            else
                sepgsql_attribute_relabel(object->objectId,
                                          object->objectSubId,
                                          seclabel);
            break;
 
        case ProcedureRelationId:
            sepgsql_proc_relabel(object->objectId, seclabel);
            break;
 
        default:
            ereport(ERROR,
                    (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
                     errmsg("sepgsql provider does not support labels on %s",
                            getObjectTypeDescription(object, false))));
            break;
    }
}

References ObjectAddress::classId, ereport, errcode(), errmsg(), ERROR, getObjectTypeDescription(), ObjectAddress::objectId, ObjectAddress::objectSubId, sepgsql_attribute_relabel(), sepgsql_database_relabel(), sepgsql_proc_relabel(), sepgsql_relation_relabel(), and sepgsql_schema_relabel().

Referenced by _PG_init(), and exec_object_restorecon().

◆ sepgsql_proc_drop()

void sepgsql_proc_drop ( Oid functionId )

Definition at line 155 of file proc.c.

{
    ObjectAddress object;
    char       *audit_name;
 
    /*
     * check db_schema:{remove_name} permission
     */
    object.classId = NamespaceRelationId;
    object.objectId = get_func_namespace(functionId);
    object.objectSubId = 0;
    audit_name = getObjectIdentity(&object, false);
 
    sepgsql_avc_check_perms(&object,
                            SEPG_CLASS_DB_SCHEMA,
                            SEPG_DB_SCHEMA__REMOVE_NAME,
                            audit_name,
                            true);
    pfree(audit_name);
 
    /*
     * check db_procedure:{drop} permission
     */
    object.classId = ProcedureRelationId;
    object.objectId = functionId;
    object.objectSubId = 0;
    audit_name = getObjectIdentity(&object, false);
 
    sepgsql_avc_check_perms(&object,
                            SEPG_CLASS_DB_PROCEDURE,
                            SEPG_DB_PROCEDURE__DROP,
                            audit_name,
                            true);
    pfree(audit_name);
}

References ObjectAddress::classId, get_func_namespace(), getObjectIdentity(), pfree(), SEPG_CLASS_DB_PROCEDURE, SEPG_CLASS_DB_SCHEMA, SEPG_DB_PROCEDURE__DROP, SEPG_DB_SCHEMA__REMOVE_NAME, and sepgsql_avc_check_perms().

Referenced by sepgsql_object_access().

◆ sepgsql_proc_execute()

void sepgsql_proc_execute ( Oid functionId )

Definition at line 315 of file proc.c.

{
    ObjectAddress object;
    char       *audit_name;
 
    /*
     * check db_procedure:{execute} permission
     */
    object.classId = ProcedureRelationId;
    object.objectId = functionId;
    object.objectSubId = 0;
    audit_name = getObjectIdentity(&object, false);
    sepgsql_avc_check_perms(&object,
                            SEPG_CLASS_DB_PROCEDURE,
                            SEPG_DB_PROCEDURE__EXECUTE,
                            audit_name,
                            true);
    pfree(audit_name);
}

References ObjectAddress::classId, getObjectIdentity(), pfree(), SEPG_CLASS_DB_PROCEDURE, SEPG_DB_PROCEDURE__EXECUTE, and sepgsql_avc_check_perms().

Referenced by sepgsql_object_access().

◆ sepgsql_proc_post_create()

void sepgsql_proc_post_create ( Oid functionId )

Definition at line 37 of file proc.c.

{
    Relation    rel;
    ScanKeyData skey;
    SysScanDesc sscan;
    HeapTuple   tuple;
    char       *nsp_name;
    char       *scontext;
    char       *tcontext;
    char       *ncontext;
    uint32      required;
    int         i;
    StringInfoData audit_name;
    ObjectAddress object;
    Form_pg_proc proForm;
 
    /*
     * Fetch namespace of the new procedure. Because pg_proc entry is not
     * visible right now, we need to scan the catalog using SnapshotSelf.
     */
    rel = table_open(ProcedureRelationId, AccessShareLock);
 
    ScanKeyInit(&skey,
                Anum_pg_proc_oid,
                BTEqualStrategyNumber, F_OIDEQ,
                ObjectIdGetDatum(functionId));
 
    sscan = systable_beginscan(rel, ProcedureOidIndexId, true,
                               SnapshotSelf, 1, &skey);
 
    tuple = systable_getnext(sscan);
    if (!HeapTupleIsValid(tuple))
        elog(ERROR, "could not find tuple for function %u", functionId);
 
    proForm = (Form_pg_proc) GETSTRUCT(tuple);
 
    /*
     * check db_schema:{add_name} permission of the namespace
     */
    object.classId = NamespaceRelationId;
    object.objectId = proForm->pronamespace;
    object.objectSubId = 0;
    sepgsql_avc_check_perms(&object,
                            SEPG_CLASS_DB_SCHEMA,
                            SEPG_DB_SCHEMA__ADD_NAME,
                            getObjectIdentity(&object, false),
                            true);
 
    /*
     * XXX - db_language:{implement} also should be checked here
     */
 
 
    /*
     * Compute a default security label when we create a new procedure object
     * under the specified namespace.
     */
    scontext = sepgsql_get_client_label();
    tcontext = sepgsql_get_label(NamespaceRelationId,
                                 proForm->pronamespace, 0);
    ncontext = sepgsql_compute_create(scontext, tcontext,
                                      SEPG_CLASS_DB_PROCEDURE,
                                      NameStr(proForm->proname));
 
    /*
     * check db_procedure:{create (install)} permission
     */
    initStringInfo(&audit_name);
    nsp_name = get_namespace_name(proForm->pronamespace);
    appendStringInfo(&audit_name, "%s(",
                     quote_qualified_identifier(nsp_name, NameStr(proForm->proname)));
    for (i = 0; i < proForm->pronargs; i++)
    {
        if (i > 0)
            appendStringInfoChar(&audit_name, ',');
 
        object.classId = TypeRelationId;
        object.objectId = proForm->proargtypes.values[i];
        object.objectSubId = 0;
        appendStringInfoString(&audit_name, getObjectIdentity(&object, false));
    }
    appendStringInfoChar(&audit_name, ')');
 
    required = SEPG_DB_PROCEDURE__CREATE;
    if (proForm->proleakproof)
        required |= SEPG_DB_PROCEDURE__INSTALL;
 
    sepgsql_avc_check_perms_label(ncontext,
                                  SEPG_CLASS_DB_PROCEDURE,
                                  required,
                                  audit_name.data,
                                  true);
 
    /*
     * Assign the default security label on a new procedure
     */
    object.classId = ProcedureRelationId;
    object.objectId = functionId;
    object.objectSubId = 0;
    SetSecurityLabel(&object, SEPGSQL_LABEL_TAG, ncontext);
 
    /*
     * Cleanup
     */
    systable_endscan(sscan);
    table_close(rel, AccessShareLock);
 
    pfree(audit_name.data);
    pfree(tcontext);
    pfree(ncontext);
}

References AccessShareLock, appendStringInfo(), appendStringInfoChar(), appendStringInfoString(), BTEqualStrategyNumber, StringInfoData::data, elog, ERROR, get_namespace_name(), getObjectIdentity(), GETSTRUCT(), HeapTupleIsValid, i, initStringInfo(), NameStr, ObjectIdGetDatum(), pfree(), quote_qualified_identifier(), generate_unaccent_rules::required, ScanKeyInit(), SEPG_CLASS_DB_PROCEDURE, SEPG_CLASS_DB_SCHEMA, SEPG_DB_PROCEDURE__CREATE, SEPG_DB_PROCEDURE__INSTALL, SEPG_DB_SCHEMA__ADD_NAME, sepgsql_avc_check_perms(), sepgsql_avc_check_perms_label(), sepgsql_compute_create(), sepgsql_get_client_label(), sepgsql_get_label(), SEPGSQL_LABEL_TAG, SetSecurityLabel(), SnapshotSelf, systable_beginscan(), systable_endscan(), systable_getnext(), table_close(), and table_open().

Referenced by sepgsql_object_access().

◆ sepgsql_proc_relabel()

void sepgsql_proc_relabel	(	Oid	functionId,
		const char *	seclabel
	)

Definition at line 198 of file proc.c.

{
    ObjectAddress object;
    char       *audit_name;
 
    object.classId = ProcedureRelationId;
    object.objectId = functionId;
    object.objectSubId = 0;
    audit_name = getObjectIdentity(&object, false);
 
    /*
     * check db_procedure:{setattr relabelfrom} permission
     */
    sepgsql_avc_check_perms(&object,
                            SEPG_CLASS_DB_PROCEDURE,
                            SEPG_DB_PROCEDURE__SETATTR |
                            SEPG_DB_PROCEDURE__RELABELFROM,
                            audit_name,
                            true);
 
    /*
     * check db_procedure:{relabelto} permission
     */
    sepgsql_avc_check_perms_label(seclabel,
                                  SEPG_CLASS_DB_PROCEDURE,
                                  SEPG_DB_PROCEDURE__RELABELTO,
                                  audit_name,
                                  true);
    pfree(audit_name);
}

References ObjectAddress::classId, getObjectIdentity(), pfree(), SEPG_CLASS_DB_PROCEDURE, SEPG_DB_PROCEDURE__RELABELFROM, SEPG_DB_PROCEDURE__RELABELTO, SEPG_DB_PROCEDURE__SETATTR, sepgsql_avc_check_perms(), and sepgsql_avc_check_perms_label().

Referenced by sepgsql_object_relabel().

◆ sepgsql_proc_setattr()

void sepgsql_proc_setattr ( Oid functionId )

Definition at line 235 of file proc.c.

{
    Relation    rel;
    ScanKeyData skey;
    SysScanDesc sscan;
    HeapTuple   oldtup;
    HeapTuple   newtup;
    Form_pg_proc oldform;
    Form_pg_proc newform;
    uint32      required;
    ObjectAddress object;
    char       *audit_name;
 
    /*
     * Fetch newer catalog
     */
    rel = table_open(ProcedureRelationId, AccessShareLock);
 
    ScanKeyInit(&skey,
                Anum_pg_proc_oid,
                BTEqualStrategyNumber, F_OIDEQ,
                ObjectIdGetDatum(functionId));
 
    sscan = systable_beginscan(rel, ProcedureOidIndexId, true,
                               SnapshotSelf, 1, &skey);
    newtup = systable_getnext(sscan);
    if (!HeapTupleIsValid(newtup))
        elog(ERROR, "could not find tuple for function %u", functionId);
    newform = (Form_pg_proc) GETSTRUCT(newtup);
 
    /*
     * Fetch older catalog
     */
    oldtup = SearchSysCache1(PROCOID, ObjectIdGetDatum(functionId));
    if (!HeapTupleIsValid(oldtup))
        elog(ERROR, "cache lookup failed for function %u", functionId);
    oldform = (Form_pg_proc) GETSTRUCT(oldtup);
 
    /*
     * Does this ALTER command takes operation to namespace?
     */
    if (newform->pronamespace != oldform->pronamespace)
    {
        sepgsql_schema_remove_name(oldform->pronamespace);
        sepgsql_schema_add_name(oldform->pronamespace);
    }
    if (strcmp(NameStr(newform->proname), NameStr(oldform->proname)) != 0)
        sepgsql_schema_rename(oldform->pronamespace);
 
    /*
     * check db_procedure:{setattr (install)} permission
     */
    required = SEPG_DB_PROCEDURE__SETATTR;
    if (!oldform->proleakproof && newform->proleakproof)
        required |= SEPG_DB_PROCEDURE__INSTALL;
 
    object.classId = ProcedureRelationId;
    object.objectId = functionId;
    object.objectSubId = 0;
    audit_name = getObjectIdentity(&object, false);
 
    sepgsql_avc_check_perms(&object,
                            SEPG_CLASS_DB_PROCEDURE,
                            required,
                            audit_name,
                            true);
    /* cleanups */
    pfree(audit_name);
 
    ReleaseSysCache(oldtup);
    systable_endscan(sscan);
    table_close(rel, AccessShareLock);
}

References AccessShareLock, BTEqualStrategyNumber, elog, ERROR, getObjectIdentity(), GETSTRUCT(), HeapTupleIsValid, NameStr, ObjectIdGetDatum(), pfree(), ReleaseSysCache(), generate_unaccent_rules::required, ScanKeyInit(), SearchSysCache1(), SEPG_CLASS_DB_PROCEDURE, SEPG_DB_PROCEDURE__INSTALL, SEPG_DB_PROCEDURE__SETATTR, sepgsql_avc_check_perms(), sepgsql_schema_add_name(), sepgsql_schema_remove_name(), sepgsql_schema_rename(), SnapshotSelf, systable_beginscan(), systable_endscan(), systable_getnext(), table_close(), and table_open().

Referenced by sepgsql_object_access().

◆ sepgsql_relation_drop()

void sepgsql_relation_drop ( Oid relOid )

Definition at line 416 of file relation.c.

{
    ObjectAddress object;
    char       *audit_name;
    uint16_t    tclass = 0;
    char        relkind = get_rel_relkind(relOid);
 
    switch (relkind)
    {
        case RELKIND_RELATION:
        case RELKIND_PARTITIONED_TABLE:
            tclass = SEPG_CLASS_DB_TABLE;
            break;
        case RELKIND_SEQUENCE:
            tclass = SEPG_CLASS_DB_SEQUENCE;
            break;
        case RELKIND_VIEW:
            tclass = SEPG_CLASS_DB_VIEW;
            break;
        case RELKIND_INDEX:
            /* ignore indexes on toast tables */
            if (get_rel_namespace(relOid) == PG_TOAST_NAMESPACE)
                return;
            /* other indexes are handled specially below; no need for tclass */
            break;
        default:
            /* ignore other relkinds */
            return;
    }
 
    /*
     * check db_schema:{remove_name} permission
     */
    object.classId = NamespaceRelationId;
    object.objectId = get_rel_namespace(relOid);
    object.objectSubId = 0;
    audit_name = getObjectIdentity(&object, false);
 
    sepgsql_avc_check_perms(&object,
                            SEPG_CLASS_DB_SCHEMA,
                            SEPG_DB_SCHEMA__REMOVE_NAME,
                            audit_name,
                            true);
    pfree(audit_name);
 
    /* deal with indexes specially */
    if (relkind == RELKIND_INDEX)
    {
        sepgsql_index_modify(relOid);
        return;
    }
 
    /*
     * check db_table/sequence/view:{drop} permission
     */
    object.classId = RelationRelationId;
    object.objectId = relOid;
    object.objectSubId = 0;
    audit_name = getObjectIdentity(&object, false);
 
    sepgsql_avc_check_perms(&object,
                            tclass,
                            SEPG_DB_TABLE__DROP,
                            audit_name,
                            true);
    pfree(audit_name);
 
    /*
     * check db_column:{drop} permission
     */
    if (relkind == RELKIND_RELATION || relkind == RELKIND_PARTITIONED_TABLE)
    {
        Form_pg_attribute attForm;
        CatCList   *attrList;
        HeapTuple   atttup;
        int         i;
 
        attrList = SearchSysCacheList1(ATTNUM, ObjectIdGetDatum(relOid));
        for (i = 0; i < attrList->n_members; i++)
        {
            atttup = &attrList->members[i]->tuple;
            attForm = (Form_pg_attribute) GETSTRUCT(atttup);
 
            if (attForm->attisdropped)
                continue;
 
            object.classId = RelationRelationId;
            object.objectId = relOid;
            object.objectSubId = attForm->attnum;
            audit_name = getObjectIdentity(&object, false);
 
            sepgsql_avc_check_perms(&object,
                                    SEPG_CLASS_DB_COLUMN,
                                    SEPG_DB_COLUMN__DROP,
                                    audit_name,
                                    true);
            pfree(audit_name);
        }
        ReleaseCatCacheList(attrList);
    }
}

References get_rel_namespace(), get_rel_relkind(), getObjectIdentity(), GETSTRUCT(), i, catclist::members, catclist::n_members, ObjectIdGetDatum(), pfree(), ReleaseCatCacheList(), SearchSysCacheList1, SEPG_CLASS_DB_COLUMN, SEPG_CLASS_DB_SCHEMA, SEPG_CLASS_DB_SEQUENCE, SEPG_CLASS_DB_TABLE, SEPG_CLASS_DB_VIEW, SEPG_DB_COLUMN__DROP, SEPG_DB_SCHEMA__REMOVE_NAME, SEPG_DB_TABLE__DROP, sepgsql_avc_check_perms(), sepgsql_index_modify(), and catctup::tuple.

Referenced by sepgsql_object_access().

◆ sepgsql_relation_post_create()

void sepgsql_relation_post_create ( Oid relOid )

Definition at line 240 of file relation.c.

{
    Relation    rel;
    ScanKeyData skey;
    SysScanDesc sscan;
    HeapTuple   tuple;
    Form_pg_class classForm;
    ObjectAddress object;
    uint16_t    tclass;
    char       *scontext;       /* subject */
    char       *tcontext;       /* schema */
    char       *rcontext;       /* relation */
    char       *ccontext;       /* column */
    char       *nsp_name;
    StringInfoData audit_name;
 
    /*
     * Fetch catalog record of the new relation. Because pg_class entry is not
     * visible right now, we need to scan the catalog using SnapshotSelf.
     */
    rel = table_open(RelationRelationId, AccessShareLock);
 
    ScanKeyInit(&skey,
                Anum_pg_class_oid,
                BTEqualStrategyNumber, F_OIDEQ,
                ObjectIdGetDatum(relOid));
 
    sscan = systable_beginscan(rel, ClassOidIndexId, true,
                               SnapshotSelf, 1, &skey);
 
    tuple = systable_getnext(sscan);
    if (!HeapTupleIsValid(tuple))
        elog(ERROR, "could not find tuple for relation %u", relOid);
 
    classForm = (Form_pg_class) GETSTRUCT(tuple);
 
    /* ignore indexes on toast tables */
    if (classForm->relkind == RELKIND_INDEX &&
        classForm->relnamespace == PG_TOAST_NAMESPACE)
        goto out;
 
    /*
     * check db_schema:{add_name} permission of the namespace
     */
    object.classId = NamespaceRelationId;
    object.objectId = classForm->relnamespace;
    object.objectSubId = 0;
    sepgsql_avc_check_perms(&object,
                            SEPG_CLASS_DB_SCHEMA,
                            SEPG_DB_SCHEMA__ADD_NAME,
                            getObjectIdentity(&object, false),
                            true);
 
    switch (classForm->relkind)
    {
        case RELKIND_RELATION:
        case RELKIND_PARTITIONED_TABLE:
            tclass = SEPG_CLASS_DB_TABLE;
            break;
        case RELKIND_SEQUENCE:
            tclass = SEPG_CLASS_DB_SEQUENCE;
            break;
        case RELKIND_VIEW:
            tclass = SEPG_CLASS_DB_VIEW;
            break;
        case RELKIND_INDEX:
            /* deal with indexes specially; no need for tclass */
            sepgsql_index_modify(relOid);
            goto out;
        default:
            /* ignore other relkinds */
            goto out;
    }
 
    /*
     * Compute a default security label when we create a new relation object
     * under the specified namespace.
     */
    scontext = sepgsql_get_client_label();
    tcontext = sepgsql_get_label(NamespaceRelationId,
                                 classForm->relnamespace, 0);
    rcontext = sepgsql_compute_create(scontext, tcontext, tclass,
                                      NameStr(classForm->relname));
 
    /*
     * check db_xxx:{create} permission
     */
    nsp_name = get_namespace_name(classForm->relnamespace);
    initStringInfo(&audit_name);
    appendStringInfo(&audit_name, "%s.%s",
                     quote_identifier(nsp_name),
                     quote_identifier(NameStr(classForm->relname)));
    sepgsql_avc_check_perms_label(rcontext,
                                  tclass,
                                  SEPG_DB_DATABASE__CREATE,
                                  audit_name.data,
                                  true);
 
    /*
     * Assign the default security label on the new regular or partitioned
     * relation.
     */
    object.classId = RelationRelationId;
    object.objectId = relOid;
    object.objectSubId = 0;
    SetSecurityLabel(&object, SEPGSQL_LABEL_TAG, rcontext);
 
    /*
     * We also assign a default security label on columns of a new table.
     */
    if (classForm->relkind == RELKIND_RELATION ||
        classForm->relkind == RELKIND_PARTITIONED_TABLE)
    {
        Relation    arel;
        ScanKeyData akey;
        SysScanDesc ascan;
        HeapTuple   atup;
        Form_pg_attribute attForm;
 
        arel = table_open(AttributeRelationId, AccessShareLock);
 
        ScanKeyInit(&akey,
                    Anum_pg_attribute_attrelid,
                    BTEqualStrategyNumber, F_OIDEQ,
                    ObjectIdGetDatum(relOid));
 
        ascan = systable_beginscan(arel, AttributeRelidNumIndexId, true,
                                   SnapshotSelf, 1, &akey);
 
        while (HeapTupleIsValid(atup = systable_getnext(ascan)))
        {
            attForm = (Form_pg_attribute) GETSTRUCT(atup);
 
            resetStringInfo(&audit_name);
            appendStringInfo(&audit_name, "%s.%s.%s",
                             quote_identifier(nsp_name),
                             quote_identifier(NameStr(classForm->relname)),
                             quote_identifier(NameStr(attForm->attname)));
 
            ccontext = sepgsql_compute_create(scontext,
                                              rcontext,
                                              SEPG_CLASS_DB_COLUMN,
                                              NameStr(attForm->attname));
 
            /*
             * check db_column:{create} permission
             */
            sepgsql_avc_check_perms_label(ccontext,
                                          SEPG_CLASS_DB_COLUMN,
                                          SEPG_DB_COLUMN__CREATE,
                                          audit_name.data,
                                          true);
 
            object.classId = RelationRelationId;
            object.objectId = relOid;
            object.objectSubId = attForm->attnum;
            SetSecurityLabel(&object, SEPGSQL_LABEL_TAG, ccontext);
 
            pfree(ccontext);
        }
        systable_endscan(ascan);
        table_close(arel, AccessShareLock);
    }
    pfree(rcontext);
 
out:
    systable_endscan(sscan);
    table_close(rel, AccessShareLock);
}

References AccessShareLock, appendStringInfo(), BTEqualStrategyNumber, StringInfoData::data, elog, ERROR, get_namespace_name(), getObjectIdentity(), GETSTRUCT(), HeapTupleIsValid, initStringInfo(), NameStr, ObjectIdGetDatum(), pfree(), quote_identifier(), resetStringInfo(), ScanKeyInit(), SEPG_CLASS_DB_COLUMN, SEPG_CLASS_DB_SCHEMA, SEPG_CLASS_DB_SEQUENCE, SEPG_CLASS_DB_TABLE, SEPG_CLASS_DB_VIEW, SEPG_DB_COLUMN__CREATE, SEPG_DB_DATABASE__CREATE, SEPG_DB_SCHEMA__ADD_NAME, sepgsql_avc_check_perms(), sepgsql_avc_check_perms_label(), sepgsql_compute_create(), sepgsql_get_client_label(), sepgsql_get_label(), sepgsql_index_modify(), SEPGSQL_LABEL_TAG, SetSecurityLabel(), SnapshotSelf, systable_beginscan(), systable_endscan(), systable_getnext(), table_close(), and table_open().

Referenced by sepgsql_object_access().

◆ sepgsql_relation_relabel()

void sepgsql_relation_relabel	(	Oid	relOid,
		const char *	seclabel
	)

Definition at line 564 of file relation.c.

{
    ObjectAddress object;
    char       *audit_name;
    char        relkind = get_rel_relkind(relOid);
    uint16_t    tclass = 0;
 
    if (relkind == RELKIND_RELATION || relkind == RELKIND_PARTITIONED_TABLE)
        tclass = SEPG_CLASS_DB_TABLE;
    else if (relkind == RELKIND_SEQUENCE)
        tclass = SEPG_CLASS_DB_SEQUENCE;
    else if (relkind == RELKIND_VIEW)
        tclass = SEPG_CLASS_DB_VIEW;
    else
        ereport(ERROR,
                (errcode(ERRCODE_WRONG_OBJECT_TYPE),
                 errmsg("cannot set security labels on relations except "
                        "for tables, sequences or views")));
 
    object.classId = RelationRelationId;
    object.objectId = relOid;
    object.objectSubId = 0;
    audit_name = getObjectIdentity(&object, false);
 
    /*
     * check db_xxx:{setattr relabelfrom} permission
     */
    sepgsql_avc_check_perms(&object,
                            tclass,
                            SEPG_DB_TABLE__SETATTR |
                            SEPG_DB_TABLE__RELABELFROM,
                            audit_name,
                            true);
 
    /*
     * check db_xxx:{relabelto} permission
     */
    sepgsql_avc_check_perms_label(seclabel,
                                  tclass,
                                  SEPG_DB_TABLE__RELABELTO,
                                  audit_name,
                                  true);
    pfree(audit_name);
}

References ereport, errcode(), errmsg(), ERROR, get_rel_relkind(), getObjectIdentity(), pfree(), SEPG_CLASS_DB_SEQUENCE, SEPG_CLASS_DB_TABLE, SEPG_CLASS_DB_VIEW, SEPG_DB_TABLE__RELABELFROM, SEPG_DB_TABLE__RELABELTO, SEPG_DB_TABLE__SETATTR, sepgsql_avc_check_perms(), and sepgsql_avc_check_perms_label().

Referenced by sepgsql_object_relabel().

◆ sepgsql_relation_setattr()

void sepgsql_relation_setattr ( Oid relOid )

Definition at line 615 of file relation.c.

{
    Relation    rel;
    ScanKeyData skey;
    SysScanDesc sscan;
    HeapTuple   oldtup;
    HeapTuple   newtup;
    Form_pg_class oldform;
    Form_pg_class newform;
    ObjectAddress object;
    char       *audit_name;
    uint16_t    tclass;
 
    switch (get_rel_relkind(relOid))
    {
        case RELKIND_RELATION:
        case RELKIND_PARTITIONED_TABLE:
            tclass = SEPG_CLASS_DB_TABLE;
            break;
        case RELKIND_SEQUENCE:
            tclass = SEPG_CLASS_DB_SEQUENCE;
            break;
        case RELKIND_VIEW:
            tclass = SEPG_CLASS_DB_VIEW;
            break;
        case RELKIND_INDEX:
            /* deal with indexes specially */
            sepgsql_index_modify(relOid);
            return;
        default:
            /* other relkinds don't need additional work */
            return;
    }
 
    /*
     * Fetch newer catalog
     */
    rel = table_open(RelationRelationId, AccessShareLock);
 
    ScanKeyInit(&skey,
                Anum_pg_class_oid,
                BTEqualStrategyNumber, F_OIDEQ,
                ObjectIdGetDatum(relOid));
 
    sscan = systable_beginscan(rel, ClassOidIndexId, true,
                               SnapshotSelf, 1, &skey);
 
    newtup = systable_getnext(sscan);
    if (!HeapTupleIsValid(newtup))
        elog(ERROR, "could not find tuple for relation %u", relOid);
    newform = (Form_pg_class) GETSTRUCT(newtup);
 
    /*
     * Fetch older catalog
     */
    oldtup = SearchSysCache1(RELOID, ObjectIdGetDatum(relOid));
    if (!HeapTupleIsValid(oldtup))
        elog(ERROR, "cache lookup failed for relation %u", relOid);
    oldform = (Form_pg_class) GETSTRUCT(oldtup);
 
    /*
     * Does this ALTER command takes operation to namespace?
     */
    if (newform->relnamespace != oldform->relnamespace)
    {
        sepgsql_schema_remove_name(oldform->relnamespace);
        sepgsql_schema_add_name(newform->relnamespace);
    }
    if (strcmp(NameStr(newform->relname), NameStr(oldform->relname)) != 0)
        sepgsql_schema_rename(oldform->relnamespace);
 
    /*
     * XXX - In the future version, db_tuple:{use} of system catalog entry
     * shall be checked, if tablespace configuration is changed.
     */
 
    /*
     * check db_xxx:{setattr} permission
     */
    object.classId = RelationRelationId;
    object.objectId = relOid;
    object.objectSubId = 0;
    audit_name = getObjectIdentity(&object, false);
 
    sepgsql_avc_check_perms(&object,
                            tclass,
                            SEPG_DB_TABLE__SETATTR,
                            audit_name,
                            true);
    pfree(audit_name);
 
    ReleaseSysCache(oldtup);
    systable_endscan(sscan);
    table_close(rel, AccessShareLock);
}

References AccessShareLock, BTEqualStrategyNumber, elog, ERROR, get_rel_relkind(), getObjectIdentity(), GETSTRUCT(), HeapTupleIsValid, NameStr, ObjectIdGetDatum(), pfree(), ReleaseSysCache(), ScanKeyInit(), SearchSysCache1(), SEPG_CLASS_DB_SEQUENCE, SEPG_CLASS_DB_TABLE, SEPG_CLASS_DB_VIEW, SEPG_DB_TABLE__SETATTR, sepgsql_avc_check_perms(), sepgsql_index_modify(), sepgsql_schema_add_name(), sepgsql_schema_remove_name(), sepgsql_schema_rename(), SnapshotSelf, systable_beginscan(), systable_endscan(), systable_getnext(), table_close(), and table_open().

Referenced by sepgsql_object_access(), and sepgsql_relation_setattr_extra().

◆ sepgsql_relation_truncate()

void sepgsql_relation_truncate ( Oid relOid )

Definition at line 524 of file relation.c.

{
    ObjectAddress object;
    char       *audit_name;
    uint16_t    tclass = 0;
    char        relkind = get_rel_relkind(relOid);
 
    switch (relkind)
    {
        case RELKIND_RELATION:
        case RELKIND_PARTITIONED_TABLE:
            tclass = SEPG_CLASS_DB_TABLE;
            break;
        default:
            /* ignore other relkinds */
            return;
    }
 
    /*
     * check db_table:{truncate} permission
     */
    object.classId = RelationRelationId;
    object.objectId = relOid;
    object.objectSubId = 0;
    audit_name = getObjectIdentity(&object, false);
 
    sepgsql_avc_check_perms(&object,
                            tclass,
                            SEPG_DB_TABLE__TRUNCATE,
                            audit_name,
                            true);
    pfree(audit_name);
}

References get_rel_relkind(), getObjectIdentity(), pfree(), SEPG_CLASS_DB_TABLE, SEPG_DB_TABLE__TRUNCATE, and sepgsql_avc_check_perms().

Referenced by sepgsql_object_access().

◆ sepgsql_schema_add_name()

void sepgsql_schema_add_name ( Oid namespaceId )

Definition at line 217 of file schema.c.

{
    check_schema_perms(namespaceId, SEPG_DB_SCHEMA__ADD_NAME, true);
}

References check_schema_perms(), and SEPG_DB_SCHEMA__ADD_NAME.

Referenced by sepgsql_proc_setattr(), and sepgsql_relation_setattr().

◆ sepgsql_schema_drop()

void sepgsql_schema_drop ( Oid namespaceId )

Definition at line 114 of file schema.c.

{
    ObjectAddress object;
    char       *audit_name;
 
    /*
     * check db_schema:{drop} permission
     */
    object.classId = NamespaceRelationId;
    object.objectId = namespaceId;
    object.objectSubId = 0;
    audit_name = getObjectIdentity(&object, false);
 
    sepgsql_avc_check_perms(&object,
                            SEPG_CLASS_DB_SCHEMA,
                            SEPG_DB_SCHEMA__DROP,
                            audit_name,
                            true);
    pfree(audit_name);
}

References ObjectAddress::classId, getObjectIdentity(), pfree(), SEPG_CLASS_DB_SCHEMA, SEPG_DB_SCHEMA__DROP, and sepgsql_avc_check_perms().

Referenced by sepgsql_object_access().

◆ sepgsql_schema_post_create()

void sepgsql_schema_post_create ( Oid namespaceId )

Definition at line 36 of file schema.c.

{
    Relation    rel;
    ScanKeyData skey;
    SysScanDesc sscan;
    HeapTuple   tuple;
    char       *tcontext;
    char       *ncontext;
    const char *nsp_name;
    ObjectAddress object;
    Form_pg_namespace nspForm;
    StringInfoData audit_name;
 
    /*
     * Compute a default security label when we create a new schema object
     * under the working database.
     *
     * XXX - upcoming version of libselinux supports to take object name to
     * handle special treatment on default security label; such as special
     * label on "pg_temp" schema.
     */
    rel = table_open(NamespaceRelationId, AccessShareLock);
 
    ScanKeyInit(&skey,
                Anum_pg_namespace_oid,
                BTEqualStrategyNumber, F_OIDEQ,
                ObjectIdGetDatum(namespaceId));
 
    sscan = systable_beginscan(rel, NamespaceOidIndexId, true,
                               SnapshotSelf, 1, &skey);
    tuple = systable_getnext(sscan);
    if (!HeapTupleIsValid(tuple))
        elog(ERROR, "could not find tuple for namespace %u", namespaceId);
 
    nspForm = (Form_pg_namespace) GETSTRUCT(tuple);
    nsp_name = NameStr(nspForm->nspname);
    if (strncmp(nsp_name, "pg_temp_", 8) == 0)
        nsp_name = "pg_temp";
    else if (strncmp(nsp_name, "pg_toast_temp_", 14) == 0)
        nsp_name = "pg_toast_temp";
 
    tcontext = sepgsql_get_label(DatabaseRelationId, MyDatabaseId, 0);
    ncontext = sepgsql_compute_create(sepgsql_get_client_label(),
                                      tcontext,
                                      SEPG_CLASS_DB_SCHEMA,
                                      nsp_name);
 
    /*
     * check db_schema:{create}
     */
    initStringInfo(&audit_name);
    appendStringInfoString(&audit_name, quote_identifier(nsp_name));
    sepgsql_avc_check_perms_label(ncontext,
                                  SEPG_CLASS_DB_SCHEMA,
                                  SEPG_DB_SCHEMA__CREATE,
                                  audit_name.data,
                                  true);
    systable_endscan(sscan);
    table_close(rel, AccessShareLock);
 
    /*
     * Assign the default security label on a new procedure
     */
    object.classId = NamespaceRelationId;
    object.objectId = namespaceId;
    object.objectSubId = 0;
    SetSecurityLabel(&object, SEPGSQL_LABEL_TAG, ncontext);
 
    pfree(ncontext);
    pfree(tcontext);
}

References AccessShareLock, appendStringInfoString(), BTEqualStrategyNumber, StringInfoData::data, elog, ERROR, GETSTRUCT(), HeapTupleIsValid, initStringInfo(), MyDatabaseId, NameStr, ObjectIdGetDatum(), pfree(), quote_identifier(), ScanKeyInit(), SEPG_CLASS_DB_SCHEMA, SEPG_DB_SCHEMA__CREATE, sepgsql_avc_check_perms_label(), sepgsql_compute_create(), sepgsql_get_client_label(), sepgsql_get_label(), SEPGSQL_LABEL_TAG, SetSecurityLabel(), SnapshotSelf, systable_beginscan(), systable_endscan(), systable_getnext(), table_close(), and table_open().

Referenced by sepgsql_object_access().

◆ sepgsql_schema_relabel()

void sepgsql_schema_relabel	(	Oid	namespaceId,
		const char *	seclabel
	)

Definition at line 142 of file schema.c.

{
    ObjectAddress object;
    char       *audit_name;
 
    object.classId = NamespaceRelationId;
    object.objectId = namespaceId;
    object.objectSubId = 0;
    audit_name = getObjectIdentity(&object, false);
 
    /*
     * check db_schema:{setattr relabelfrom} permission
     */
    sepgsql_avc_check_perms(&object,
                            SEPG_CLASS_DB_SCHEMA,
                            SEPG_DB_SCHEMA__SETATTR |
                            SEPG_DB_SCHEMA__RELABELFROM,
                            audit_name,
                            true);
 
    /*
     * check db_schema:{relabelto} permission
     */
    sepgsql_avc_check_perms_label(seclabel,
                                  SEPG_CLASS_DB_SCHEMA,
                                  SEPG_DB_SCHEMA__RELABELTO,
                                  audit_name,
                                  true);
    pfree(audit_name);
}

References ObjectAddress::classId, getObjectIdentity(), pfree(), SEPG_CLASS_DB_SCHEMA, SEPG_DB_SCHEMA__RELABELFROM, SEPG_DB_SCHEMA__RELABELTO, SEPG_DB_SCHEMA__SETATTR, sepgsql_avc_check_perms(), and sepgsql_avc_check_perms_label().

Referenced by sepgsql_object_relabel().

◆ sepgsql_schema_remove_name()

void sepgsql_schema_remove_name ( Oid namespaceId )

Definition at line 223 of file schema.c.

{
    check_schema_perms(namespaceId, SEPG_DB_SCHEMA__REMOVE_NAME, true);
}

References check_schema_perms(), and SEPG_DB_SCHEMA__REMOVE_NAME.

Referenced by sepgsql_proc_setattr(), and sepgsql_relation_setattr().

◆ sepgsql_schema_rename()

void sepgsql_schema_rename ( Oid namespaceId )

Definition at line 229 of file schema.c.

{
    check_schema_perms(namespaceId,
                       SEPG_DB_SCHEMA__ADD_NAME |
                       SEPG_DB_SCHEMA__REMOVE_NAME,
                       true);
}

References check_schema_perms(), SEPG_DB_SCHEMA__ADD_NAME, and SEPG_DB_SCHEMA__REMOVE_NAME.

Referenced by sepgsql_proc_setattr(), and sepgsql_relation_setattr().

◆ sepgsql_schema_search()

bool sepgsql_schema_search	(	Oid	namespaceId,
		bool	abort_on_violation
	)

Definition at line 209 of file schema.c.

{
    return check_schema_perms(namespaceId,
                              SEPG_DB_SCHEMA__SEARCH,
                              abort_on_violation);
}

References check_schema_perms(), and SEPG_DB_SCHEMA__SEARCH.

Referenced by sepgsql_object_access().

◆ sepgsql_schema_setattr()

void sepgsql_schema_setattr ( Oid namespaceId )

Definition at line 202 of file schema.c.

{
    check_schema_perms(namespaceId, SEPG_DB_SCHEMA__SETATTR, true);
}

References check_schema_perms(), and SEPG_DB_SCHEMA__SETATTR.

Referenced by sepgsql_object_access().

◆ sepgsql_set_mode()

int sepgsql_set_mode ( int new_mode )

Definition at line 634 of file selinux.c.

{
    int         old_mode = sepgsql_mode;
 
    sepgsql_mode = new_mode;
 
    return old_mode;
}

References sepgsql_mode.

Referenced by _PG_init(), and sepgsql_client_auth().

Macros

Functions

Macro Definition Documentation

◆ SEPG_BLK_FILE__CREATE

◆ SEPG_BLK_FILE__GETATTR

◆ SEPG_BLK_FILE__READ

◆ SEPG_BLK_FILE__RENAME

◆ SEPG_BLK_FILE__UNLINK

◆ SEPG_BLK_FILE__WRITE

◆ SEPG_CHR_FILE__CREATE

◆ SEPG_CHR_FILE__GETATTR

◆ SEPG_CHR_FILE__READ

◆ SEPG_CHR_FILE__RENAME

◆ SEPG_CHR_FILE__UNLINK

◆ SEPG_CHR_FILE__WRITE

◆ SEPG_CLASS_BLK_FILE

◆ SEPG_CLASS_CHR_FILE

◆ SEPG_CLASS_DB_BLOB

◆ SEPG_CLASS_DB_COLUMN

◆ SEPG_CLASS_DB_DATABASE

◆ SEPG_CLASS_DB_LANGUAGE

◆ SEPG_CLASS_DB_PROCEDURE

◆ SEPG_CLASS_DB_SCHEMA

◆ SEPG_CLASS_DB_SEQUENCE

◆ SEPG_CLASS_DB_TABLE

◆ SEPG_CLASS_DB_TUPLE

◆ SEPG_CLASS_DB_VIEW

◆ SEPG_CLASS_DIR

◆ SEPG_CLASS_FIFO_FILE

◆ SEPG_CLASS_FILE

◆ SEPG_CLASS_LNK_FILE

◆ SEPG_CLASS_MAX

◆ SEPG_CLASS_PROCESS

◆ SEPG_CLASS_SOCK_FILE

◆ SEPG_DB_BLOB__CREATE

◆ SEPG_DB_BLOB__DROP

◆ SEPG_DB_BLOB__EXPORT

◆ SEPG_DB_BLOB__GETATTR

◆ SEPG_DB_BLOB__IMPORT

◆ SEPG_DB_BLOB__READ

◆ SEPG_DB_BLOB__RELABELFROM

◆ SEPG_DB_BLOB__RELABELTO

◆ SEPG_DB_BLOB__SETATTR

◆ SEPG_DB_BLOB__WRITE

◆ SEPG_DB_COLUMN__CREATE

◆ SEPG_DB_COLUMN__DROP

◆ SEPG_DB_COLUMN__GETATTR

◆ SEPG_DB_COLUMN__INSERT

◆ SEPG_DB_COLUMN__RELABELFROM

◆ SEPG_DB_COLUMN__RELABELTO

◆ SEPG_DB_COLUMN__SELECT

◆ SEPG_DB_COLUMN__SETATTR

◆ SEPG_DB_COLUMN__UPDATE

◆ SEPG_DB_DATABASE__ACCESS

◆ SEPG_DB_DATABASE__CREATE

◆ SEPG_DB_DATABASE__DROP

◆ SEPG_DB_DATABASE__GETATTR

◆ SEPG_DB_DATABASE__LOAD_MODULE

◆ SEPG_DB_DATABASE__RELABELFROM

◆ SEPG_DB_DATABASE__RELABELTO

◆ SEPG_DB_DATABASE__SETATTR

◆ SEPG_DB_LANGUAGE__CREATE

◆ SEPG_DB_LANGUAGE__DROP

◆ SEPG_DB_LANGUAGE__EXECUTE

◆ SEPG_DB_LANGUAGE__GETATTR

◆ SEPG_DB_LANGUAGE__IMPLEMENT

◆ SEPG_DB_LANGUAGE__RELABELFROM

◆ SEPG_DB_LANGUAGE__RELABELTO

◆ SEPG_DB_LANGUAGE__SETATTR

◆ SEPG_DB_PROCEDURE__CREATE

◆ SEPG_DB_PROCEDURE__DROP

◆ SEPG_DB_PROCEDURE__ENTRYPOINT

◆ SEPG_DB_PROCEDURE__EXECUTE

◆ SEPG_DB_PROCEDURE__GETATTR

◆ SEPG_DB_PROCEDURE__INSTALL

◆ SEPG_DB_PROCEDURE__RELABELFROM

◆ SEPG_DB_PROCEDURE__RELABELTO

◆ SEPG_DB_PROCEDURE__SETATTR

◆ SEPG_DB_SCHEMA__ADD_NAME

◆ SEPG_DB_SCHEMA__CREATE