Movatterモバイル変換


[0]ホーム

URL:


Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

Commitaa2b237

Browse files
committed
sepgsql cleanups.
This is needed to match recent changes elsewhere. Along the way, somerenaming for clarity.KaiGai Kohei
1 parent46c508f commitaa2b237

File tree

10 files changed

+33
-23
lines changed

10 files changed

+33
-23
lines changed

‎contrib/sepgsql/database.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@
1212

1313
#include"access/genam.h"
1414
#include"access/heapam.h"
15+
#include"access/htup_details.h"
1516
#include"access/sysattr.h"
1617
#include"catalog/dependency.h"
1718
#include"catalog/pg_database.h"

‎contrib/sepgsql/dml.c

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@
1010
*/
1111
#include"postgres.h"
1212

13+
#include"access/htup_details.h"
1314
#include"access/sysattr.h"
1415
#include"access/tupdesc.h"
1516
#include"catalog/catalog.h"
@@ -148,7 +149,7 @@ check_relation_privileges(Oid relOid,
148149
Bitmapset*selected,
149150
Bitmapset*modified,
150151
uint32required,
151-
boolabort)
152+
boolabort_on_violation)
152153
{
153154
ObjectAddressobject;
154155
char*audit_name;
@@ -194,7 +195,7 @@ check_relation_privileges(Oid relOid,
194195
SEPG_CLASS_DB_TABLE,
195196
required,
196197
audit_name,
197-
abort);
198+
abort_on_violation);
198199
break;
199200

200201
caseRELKIND_SEQUENCE:
@@ -205,15 +206,15 @@ check_relation_privileges(Oid relOid,
205206
SEPG_CLASS_DB_SEQUENCE,
206207
SEPG_DB_SEQUENCE__GET_VALUE,
207208
audit_name,
208-
abort);
209+
abort_on_violation);
209210
break;
210211

211212
caseRELKIND_VIEW:
212213
result=sepgsql_avc_check_perms(&object,
213214
SEPG_CLASS_DB_VIEW,
214215
SEPG_DB_VIEW__EXPAND,
215216
audit_name,
216-
abort);
217+
abort_on_violation);
217218
break;
218219

219220
default:
@@ -264,7 +265,7 @@ check_relation_privileges(Oid relOid,
264265
SEPG_CLASS_DB_COLUMN,
265266
column_perms,
266267
audit_name,
267-
abort);
268+
abort_on_violation);
268269
pfree(audit_name);
269270

270271
if (!result)
@@ -279,7 +280,7 @@ check_relation_privileges(Oid relOid,
279280
* Entrypoint of the DML permission checks
280281
*/
281282
bool
282-
sepgsql_dml_privileges(List*rangeTabls,boolabort)
283+
sepgsql_dml_privileges(List*rangeTabls,boolabort_on_violation)
283284
{
284285
ListCell*lr;
285286

@@ -351,7 +352,7 @@ sepgsql_dml_privileges(List *rangeTabls, bool abort)
351352
if (!check_relation_privileges(tableOid,
352353
selectedCols,
353354
modifiedCols,
354-
required,abort))
355+
required,abort_on_violation))
355356
return false;
356357
}
357358
list_free(tableIds);

‎contrib/sepgsql/hooks.c

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -265,9 +265,9 @@ static void
265265
sepgsql_utility_command(Node*parsetree,
266266
constchar*queryString,
267267
ParamListInfoparams,
268-
boolisTopLevel,
269268
DestReceiver*dest,
270-
char*completionTag)
269+
char*completionTag,
270+
ProcessUtilityContextcontext)
271271
{
272272
sepgsql_context_info_tsaved_context_info=sepgsql_context_info;
273273
ListCell*cell;
@@ -328,10 +328,10 @@ sepgsql_utility_command(Node *parsetree,
328328

329329
if (next_ProcessUtility_hook)
330330
(*next_ProcessUtility_hook) (parsetree,queryString,params,
331-
isTopLevel,dest,completionTag);
331+
dest,completionTag,context);
332332
else
333333
standard_ProcessUtility(parsetree,queryString,params,
334-
isTopLevel,dest,completionTag);
334+
dest,completionTag,context);
335335
}
336336
PG_CATCH();
337337
{

‎contrib/sepgsql/label.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@
1111
#include"postgres.h"
1212

1313
#include"access/heapam.h"
14+
#include"access/htup_details.h"
1415
#include"access/genam.h"
1516
#include"access/xact.h"
1617
#include"catalog/catalog.h"

‎contrib/sepgsql/proc.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,12 +12,14 @@
1212

1313
#include"access/genam.h"
1414
#include"access/heapam.h"
15+
#include"access/htup_details.h"
1516
#include"access/sysattr.h"
1617
#include"catalog/dependency.h"
1718
#include"catalog/indexing.h"
1819
#include"catalog/pg_namespace.h"
1920
#include"catalog/pg_proc.h"
2021
#include"commands/seclabel.h"
22+
#include"lib/stringinfo.h"
2123
#include"utils/builtins.h"
2224
#include"utils/fmgroids.h"
2325
#include"utils/lsyscache.h"

‎contrib/sepgsql/relation.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@
1212

1313
#include"access/genam.h"
1414
#include"access/heapam.h"
15+
#include"access/htup_details.h"
1516
#include"access/sysattr.h"
1617
#include"catalog/indexing.h"
1718
#include"catalog/dependency.h"
@@ -20,6 +21,7 @@
2021
#include"catalog/pg_namespace.h"
2122
#include"commands/seclabel.h"
2223
#include"utils/fmgroids.h"
24+
#include"utils/catcache.h"
2325
#include"utils/lsyscache.h"
2426
#include"utils/syscache.h"
2527
#include"utils/tqual.h"

‎contrib/sepgsql/schema.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@
1212

1313
#include"access/genam.h"
1414
#include"access/heapam.h"
15+
#include"access/htup_details.h"
1516
#include"access/sysattr.h"
1617
#include"catalog/dependency.h"
1718
#include"catalog/indexing.h"

‎contrib/sepgsql/selinux.c

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -893,15 +893,15 @@ sepgsql_compute_create(const char *scontext,
893893
* tclass: class code (SEPG_CLASS_*) of the object being referenced
894894
* required: a mask of required permissions (SEPG_<class>__<perm>)
895895
* audit_name: a human readable object name for audit logs, or NULL.
896-
*abort: true, ifcaller wants to raise an error on access violation
896+
*abort_on_violation: true, iferror shall be raised on access violation
897897
*/
898898
bool
899899
sepgsql_check_perms(constchar*scontext,
900900
constchar*tcontext,
901901
uint16tclass,
902902
uint32required,
903903
constchar*audit_name,
904-
boolabort)
904+
boolabort_on_violation)
905905
{
906906
structav_decisionavd;
907907
uint32denied;
@@ -937,7 +937,7 @@ sepgsql_check_perms(const char *scontext,
937937
audit_name);
938938
}
939939

940-
if (!result&&abort)
940+
if (!result&&abort_on_violation)
941941
ereport(ERROR,
942942
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
943943
errmsg("SELinux: security policy violation")));

‎contrib/sepgsql/sepgsql.h

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -247,7 +247,7 @@ extern bool sepgsql_check_perms(const char *scontext,
247247
uint16tclass,
248248
uint32required,
249249
constchar*audit_name,
250-
boolabort);
250+
boolabort_on_violation);
251251

252252
/*
253253
* uavc.c
@@ -257,12 +257,12 @@ extern bool sepgsql_avc_check_perms_label(const char *tcontext,
257257
uint16tclass,
258258
uint32required,
259259
constchar*audit_name,
260-
boolabort);
260+
boolabort_on_violation);
261261
externboolsepgsql_avc_check_perms(constObjectAddress*tobject,
262262
uint16tclass,
263263
uint32required,
264264
constchar*audit_name,
265-
boolabort);
265+
boolabort_on_violation);
266266
externchar*sepgsql_avc_trusted_proc(OidfunctionId);
267267
externvoidsepgsql_avc_init(void);
268268

@@ -285,7 +285,7 @@ extern Datum sepgsql_restorecon(PG_FUNCTION_ARGS);
285285
/*
286286
* dml.c
287287
*/
288-
externboolsepgsql_dml_privileges(List*rangeTabls,boolabort);
288+
externboolsepgsql_dml_privileges(List*rangeTabls,boolabort_on_violation);
289289

290290
/*
291291
* database.c

‎contrib/sepgsql/uavc.c

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -335,7 +335,7 @@ sepgsql_avc_lookup(const char *scontext, const char *tcontext, uint16 tclass)
335335
*
336336
* It returns 'true', if the security policy suggested to allow the required
337337
* permissions. Otherwise, it returns 'false' or raises an error according
338-
* to the 'abort' argument.
338+
* to the 'abort_on_violation' argument.
339339
* The 'tobject' and 'tclass' identify the target object being referenced,
340340
* and 'required' is a bitmask of permissions (SEPG_*__*) defined for each
341341
* object classes.
@@ -345,7 +345,8 @@ sepgsql_avc_lookup(const char *scontext, const char *tcontext, uint16 tclass)
345345
bool
346346
sepgsql_avc_check_perms_label(constchar*tcontext,
347347
uint16tclass,uint32required,
348-
constchar*audit_name,boolabort)
348+
constchar*audit_name,
349+
boolabort_on_violation)
349350
{
350351
char*scontext=sepgsql_get_client_label();
351352
avc_cache*cache;
@@ -415,7 +416,7 @@ sepgsql_avc_check_perms_label(const char *tcontext,
415416
audit_name);
416417
}
417418

418-
if (abort&& !result)
419+
if (abort_on_violation&& !result)
419420
ereport(ERROR,
420421
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
421422
errmsg("SELinux: security policy violation")));
@@ -426,14 +427,15 @@ sepgsql_avc_check_perms_label(const char *tcontext,
426427
bool
427428
sepgsql_avc_check_perms(constObjectAddress*tobject,
428429
uint16tclass,uint32required,
429-
constchar*audit_name,boolabort)
430+
constchar*audit_name,
431+
boolabort_on_violation)
430432
{
431433
char*tcontext=GetSecurityLabel(tobject,SEPGSQL_LABEL_TAG);
432434
boolrc;
433435

434436
rc=sepgsql_avc_check_perms_label(tcontext,
435437
tclass,required,
436-
audit_name,abort);
438+
audit_name,abort_on_violation);
437439
if (tcontext)
438440
pfree(tcontext);
439441

0 commit comments

Comments
 (0)

[8]ページ先頭

©2009-2025 Movatter.jp