sepgsql cleanups.

This is needed to match recent changes elsewhere.  Along the way, some
renaming for clarity.

KaiGai Kohei

Author: robertmhaas

contrib/sepgsql/database.c

@@ -12,6 +12,7 @@
 
 #include "access/genam.h"
 #include "access/heapam.h"
+#include "access/htup_details.h"
 #include "access/sysattr.h"
 #include "catalog/dependency.h"
 #include "catalog/pg_database.h"

contrib/sepgsql/dml.c

@@ -10,6 +10,7 @@
  */
 #include "postgres.h"
 
+#include "access/htup_details.h"
 #include "access/sysattr.h"
 #include "access/tupdesc.h"
 #include "catalog/catalog.h"
@@ -148,7 +149,7 @@ check_relation_privileges(Oid relOid,
 						  Bitmapset *selected,
 						  Bitmapset *modified,
 						  uint32 required,
-						  bool abort)
+						  bool abort_on_violation)
 {
 	ObjectAddress object;
 	char	   *audit_name;
@@ -194,7 +195,7 @@ check_relation_privileges(Oid relOid,
 											 SEPG_CLASS_DB_TABLE,
 											 required,
 											 audit_name,
-											 abort);
+											 abort_on_violation);
 			break;
 
 		case RELKIND_SEQUENCE:
@@ -205,15 +206,15 @@ check_relation_privileges(Oid relOid,
 												 SEPG_CLASS_DB_SEQUENCE,
 												 SEPG_DB_SEQUENCE__GET_VALUE,
 												 audit_name,
-												 abort);
+												 abort_on_violation);
 			break;
 
 		case RELKIND_VIEW:
 			result = sepgsql_avc_check_perms(&object,
 											 SEPG_CLASS_DB_VIEW,
 											 SEPG_DB_VIEW__EXPAND,
 											 audit_name,
-											 abort);
+											 abort_on_violation);
 			break;
 
 		default:
@@ -264,7 +265,7 @@ check_relation_privileges(Oid relOid,
 										 SEPG_CLASS_DB_COLUMN,
 										 column_perms,
 										 audit_name,
-										 abort);
+										 abort_on_violation);
 		pfree(audit_name);
 
 		if (!result)
@@ -279,7 +280,7 @@ check_relation_privileges(Oid relOid,
  * Entrypoint of the DML permission checks
  */
 bool
-sepgsql_dml_privileges(List *rangeTabls, bool abort)
+sepgsql_dml_privileges(List *rangeTabls, bool abort_on_violation)
 {
 	ListCell   *lr;
 
@@ -351,7 +352,7 @@ sepgsql_dml_privileges(List *rangeTabls, bool abort)
 			if (!check_relation_privileges(tableOid,
 										   selectedCols,
 										   modifiedCols,
-										   required, abort))
+										   required, abort_on_violation))
 				return false;
 		}
 		list_free(tableIds);

contrib/sepgsql/hooks.c

@@ -265,9 +265,9 @@ static void
 sepgsql_utility_command(Node *parsetree,
 						const char *queryString,
 						ParamListInfo params,
-						bool isTopLevel,
 						DestReceiver *dest,
-						char *completionTag)
+						char *completionTag,
+						ProcessUtilityContext context)
 {
 	sepgsql_context_info_t saved_context_info = sepgsql_context_info;
 	ListCell   *cell;
@@ -328,10 +328,10 @@ sepgsql_utility_command(Node *parsetree,
 
 		if (next_ProcessUtility_hook)
 			(*next_ProcessUtility_hook) (parsetree, queryString, params,
-										 isTopLevel, dest, completionTag);
+										 dest, completionTag, context);
 		else
 			standard_ProcessUtility(parsetree, queryString, params,
-									isTopLevel, dest, completionTag);
+									dest, completionTag, context);
 	}
 	PG_CATCH();
 	{

contrib/sepgsql/label.c

@@ -11,6 +11,7 @@
 #include "postgres.h"
 
 #include "access/heapam.h"
+#include "access/htup_details.h"
 #include "access/genam.h"
 #include "access/xact.h"
 #include "catalog/catalog.h"

contrib/sepgsql/proc.c

@@ -12,12 +12,14 @@
 
 #include "access/genam.h"
 #include "access/heapam.h"
+#include "access/htup_details.h"
 #include "access/sysattr.h"
 #include "catalog/dependency.h"
 #include "catalog/indexing.h"
 #include "catalog/pg_namespace.h"
 #include "catalog/pg_proc.h"
 #include "commands/seclabel.h"
+#include "lib/stringinfo.h"
 #include "utils/builtins.h"
 #include "utils/fmgroids.h"
 #include "utils/lsyscache.h"

contrib/sepgsql/relation.c

@@ -12,6 +12,7 @@
 
 #include "access/genam.h"
 #include "access/heapam.h"
+#include "access/htup_details.h"
 #include "access/sysattr.h"
 #include "catalog/indexing.h"
 #include "catalog/dependency.h"
@@ -20,6 +21,7 @@
 #include "catalog/pg_namespace.h"
 #include "commands/seclabel.h"
 #include "utils/fmgroids.h"
+#include "utils/catcache.h"
 #include "utils/lsyscache.h"
 #include "utils/syscache.h"
 #include "utils/tqual.h"

contrib/sepgsql/schema.c

@@ -12,6 +12,7 @@
 
 #include "access/genam.h"
 #include "access/heapam.h"
+#include "access/htup_details.h"
 #include "access/sysattr.h"
 #include "catalog/dependency.h"
 #include "catalog/indexing.h"

contrib/sepgsql/selinux.c

@@ -893,15 +893,15 @@ sepgsql_compute_create(const char *scontext,
  * tclass: class code (SEPG_CLASS_*) of the object being referenced
  * required: a mask of required permissions (SEPG_<class>__<perm>)
  * audit_name: a human readable object name for audit logs, or NULL.
- * abort: true, if caller wants to raise an error on access violation
+ * abort_on_violation: true, if error shall be raised on access violation
  */
 bool
 sepgsql_check_perms(const char *scontext,
 					const char *tcontext,
 					uint16 tclass,
 					uint32 required,
 					const char *audit_name,
-					bool abort)
+					bool abort_on_violation)
 {
 	struct av_decision avd;
 	uint32		denied;
@@ -937,7 +937,7 @@ sepgsql_check_perms(const char *scontext,
 						  audit_name);
 	}
 
-	if (!result && abort)
+	if (!result && abort_on_violation)
 		ereport(ERROR,
 				(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
 				 errmsg("SELinux: security policy violation")));

contrib/sepgsql/sepgsql.h

@@ -247,7 +247,7 @@ extern bool sepgsql_check_perms(const char *scontext,
 					uint16 tclass,
 					uint32 required,
 					const char *audit_name,
-					bool abort);
+					bool abort_on_violation);
 
 /*
  * uavc.c
@@ -257,12 +257,12 @@ extern bool sepgsql_avc_check_perms_label(const char *tcontext,
 							  uint16 tclass,
 							  uint32 required,
 							  const char *audit_name,
-							  bool abort);
+							  bool abort_on_violation);
 extern bool sepgsql_avc_check_perms(const ObjectAddress *tobject,
 						uint16 tclass,
 						uint32 required,
 						const char *audit_name,
-						bool abort);
+						bool abort_on_violation);
 extern char *sepgsql_avc_trusted_proc(Oid functionId);
 extern void sepgsql_avc_init(void);
 
@@ -285,7 +285,7 @@ extern Datum sepgsql_restorecon(PG_FUNCTION_ARGS);
 /*
  * dml.c
  */
-extern bool sepgsql_dml_privileges(List *rangeTabls, bool abort);
+extern bool sepgsql_dml_privileges(List *rangeTabls, bool abort_on_violation);
 
 /*
  * database.c

contrib/sepgsql/uavc.c

@@ -335,7 +335,7 @@ sepgsql_avc_lookup(const char *scontext, const char *tcontext, uint16 tclass)
  *
  * It returns 'true', if the security policy suggested to allow the required
  * permissions. Otherwise, it returns 'false' or raises an error according
- * to the 'abort' argument.
+ * to the 'abort_on_violation' argument.
  * The 'tobject' and 'tclass' identify the target object being referenced,
  * and 'required' is a bitmask of permissions (SEPG_*__*) defined for each
  * object classes.
@@ -345,7 +345,8 @@ sepgsql_avc_lookup(const char *scontext, const char *tcontext, uint16 tclass)
 bool
 sepgsql_avc_check_perms_label(const char *tcontext,
 							  uint16 tclass, uint32 required,
-							  const char *audit_name, bool abort)
+							  const char *audit_name,
+							  bool abort_on_violation)
 {
 	char	   *scontext = sepgsql_get_client_label();
 	avc_cache  *cache;
@@ -415,7 +416,7 @@ sepgsql_avc_check_perms_label(const char *tcontext,
 						  audit_name);
 	}
 
-	if (abort && !result)
+	if (abort_on_violation && !result)
 		ereport(ERROR,
 				(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
 				 errmsg("SELinux: security policy violation")));
@@ -426,14 +427,15 @@ sepgsql_avc_check_perms_label(const char *tcontext,
 bool
 sepgsql_avc_check_perms(const ObjectAddress *tobject,
 						uint16 tclass, uint32 required,
-						const char *audit_name, bool abort)
+						const char *audit_name,
+						bool abort_on_violation)
 {
 	char	   *tcontext = GetSecurityLabel(tobject, SEPGSQL_LABEL_TAG);
 	bool		rc;
 
 	rc = sepgsql_avc_check_perms_label(tcontext,
 									   tclass, required,
-									   audit_name, abort);
+									   audit_name, abort_on_violation);
 	if (tcontext)
 		pfree(tcontext);