Skip site navigation (1) Skip section navigation (2)

Re: Label switcher function

From: Robert Haas <robertmhaas(at)gmail(dot)com>
To: KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
Cc: KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Label switcher function
Date: 2010-11-18 02:30:56
Message-ID: AANLkTinShD7=1j3ZYjdxqUBpVqDPtBcVUbmmbY5tEwmR@mail.gmail.com (view raw or flat)
Thread:
Lists: pgsql-hackers 
2010/11/17 KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>:
> I revised my patch as I attached.
>
> The hook function is modified and consolidated as follows:
>
>  typedef enum FunctionCallEventType
>  {
>     FCET_BE_HOOKED,
>     FCET_PREPARE,
>     FCET_START,
>     FCET_END,
>     FCET_ABORT,
>  } FunctionCallEventType;
>
>  typedef Datum (*function_call_event_type)(Oid functionId,
>                                            FunctionCallEventType event,
>                                            Datum event_arg);
>  extern PGDLLIMPORT function_call_event_type function_call_event_hook;
>
> Unlike the subject of this e-mail, now it does not focus on only switching
> security labels during execution of a certain functions.
> For example, we may use this hook to track certain functions for security
> auditing, performance tuning, and others.
>
> In the case of SE-PgSQL, it shall return BoolGetDatum(true), if the target
> function is configured as a trusted procedure, then, this invocation will
> be hooked by fmgr_security_definer. In the first call, it shall compute
> the security context to be assigned during execution on FCET_PREPARE event.
> Then, it switches to the computed label on the FCET_START event, and
> restore it on the FCET_END or ECET_ABORT event.

This seems like it's a lot simpler than before, which is good.  It
looks to me as though there should really be two separate hooks,
though, one for what is now FCET_BE_HOOKED and one for everything
else.  For FCET_BE_HOOKED, you want a function that takes an Oid and
returns a bool.  For the other event types, the functionId and event
arguments are OK, but I think you should forget about the save_datum
stuff and just always pass fcache->flinfo and &fcache->private.  The
plugin can get the effect of save_datum by passing around whatever
state it needs to hold on to using fcache->private.  So:

bool (*needs_function_call_hook)(Oid fn_oid);
void (*function_call_hook)(Oid fn_oid, FunctionCallEventType event,
FmgrInfo flinfo, Datum *private);

Another general comment is that you've not done a very complete job
updating the comments; there are several of them in fmgr.c that are no
longer accurate.  Also, please zap the unnecessary whitespace changes.

Thanks,

-- 
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

In response to

Responses

pgsql-hackers by date

Next:From: Bruce MomjianDate: 2010-11-18 02:54:33
Subject: Re: Re: [BUGS] BUG #5650: Postgres service showing as stopped when in fact it is running
Previous:From: Robert HaasDate: 2010-11-18 01:53:17
Subject: Re: Label switcher function

Privacy Policy | About PostgreSQL
Copyright © 1996-2013 The PostgreSQL Global Development Group