rpms/sepostgresql/devel sepostgresql-pgace-8.3RC2-2.patch, 1.1, 1.2 sepostgresql-sepgsql-8.3RC2-2.patch, 1.1, 1.2 sepostgresql.init, 1.11, 1.12 sepostgresql.spec, 1.11, 1.12 sepostgresql.te, 1.11, 1.12

KaiGai Kohei (kaigai) fedora-extras-commits at redhat.com
Tue Jan 22 12:23:42 UTC 2008 

Author: kaigai

Update of /cvs/pkgs/rpms/sepostgresql/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13143

Modified Files:
	sepostgresql-pgace-8.3RC2-2.patch 
	sepostgresql-sepgsql-8.3RC2-2.patch sepostgresql.init 
	sepostgresql.spec sepostgresql.te 
Log Message:
BUGFIX:
 - HeapInsert/HeapUpdate hooks called ReadBuffer without any locks.
 - Unexpected behavior in SELECT ... INTO t2 FROM t1 statement.



sepostgresql-pgace-8.3RC2-2.patch:

Index: sepostgresql-pgace-8.3RC2-2.patch
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/devel/sepostgresql-pgace-8.3RC2-2.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- sepostgresql-pgace-8.3RC2-2.patch	20 Jan 2008 07:59:04 -0000	1.1
+++ sepostgresql-pgace-8.3RC2-2.patch	22 Jan 2008 12:23:23 -0000	1.2
@@ -1875,8 +1875,8 @@
 +endif
 diff -rpNU3 base/src/backend/security/pgaceCommon.c pgace/src/backend/security/pgaceCommon.c
 --- base/src/backend/security/pgaceCommon.c	1970-01-01 09:00:00.000000000 +0900
-+++ pgace/src/backend/security/pgaceCommon.c	2007-11-26 15:04:25.000000000 +0900
-@@ -0,0 +1,707 @@
++++ pgace/src/backend/security/pgaceCommon.c	2008-01-22 14:28:47.000000000 +0900
+@@ -0,0 +1,713 @@
 +/*
 + * src/backend/security/pgaceCommon.c
 + *   Common part of PostgreSQL Access Control Extension
@@ -1892,10 +1892,12 @@
 +#include "catalog/pg_attribute.h"
 +#include "catalog/pg_largeobject.h"
 +#include "catalog/pg_security.h"
++#include "catalog/pg_type.h"
 +#include "executor/executor.h"
 +#include "miscadmin.h"
 +#include "nodes/makefuncs.h"
 +#include "nodes/parsenodes.h"
++#include "parser/parse_expr.h"
 +#include "security/pgace.h"
 +#include "utils/builtins.h"
 +#include "utils/fmgroids.h"
@@ -1921,8 +1923,12 @@
 +
 +		if (tle->resjunk)
 +			continue;
-+		if (!strcmp(tle->resname, SECURITY_SYSATTR_NAME))
++		if (!strcmp(tle->resname, SECURITY_SYSATTR_NAME)) {
++			if (exprType(tle->expr) != SECLABELOID)
++				elog(ERROR, "type mismatch in explicit labeling");
 +			tle->resjunk = true;
++			break;
++		}
 +	}
 +}
 +

sepostgresql-sepgsql-8.3RC2-2.patch:

Index: sepostgresql-sepgsql-8.3RC2-2.patch
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/devel/sepostgresql-sepgsql-8.3RC2-2.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- sepostgresql-sepgsql-8.3RC2-2.patch	20 Jan 2008 07:59:04 -0000	1.1
+++ sepostgresql-sepgsql-8.3RC2-2.patch	22 Jan 2008 12:23:23 -0000	1.2
@@ -1229,8 +1229,8 @@
 +}
 diff -rpNU3 pgace/src/backend/security/sepgsql/hooks.c sepgsql/src/backend/security/sepgsql/hooks.c
 --- pgace/src/backend/security/sepgsql/hooks.c	1970-01-01 09:00:00.000000000 +0900
-+++ sepgsql/src/backend/security/sepgsql/hooks.c	2008-01-10 10:43:53.000000000 +0900
-@@ -0,0 +1,656 @@
++++ sepgsql/src/backend/security/sepgsql/hooks.c	2008-01-22 13:52:55.000000000 +0900
+@@ -0,0 +1,658 @@
 +/*
 + * src/backend/sepgsqlHooks.c
 + *   SE-PostgreSQL hooks
@@ -1263,6 +1263,7 @@
 +	HeapTuple oldtup;
 +
 +	buffer = ReadBuffer(rel, ItemPointerGetBlockNumber(tid));
++	LockBuffer(buffer, BUFFER_LOCK_SHARE);
 +
 +	dp = (PageHeader) BufferGetPage(buffer);
 +	lp = PageGetItemId(dp, ItemPointerGetOffsetNumber(tid));
@@ -1273,8 +1274,9 @@
 +	tuple.t_len = ItemIdGetLength(lp);
 +	tuple.t_self = *tid;
 +	tuple.t_tableOid = RelationGetRelid(rel);
-+
 +	oldtup = heap_copytuple(&tuple);
++
++	LockBuffer(buffer, BUFFER_LOCK_UNLOCK);
 +	ReleaseBuffer(buffer);
 +
 +	return oldtup;


Index: sepostgresql.init
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/devel/sepostgresql.init,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- sepostgresql.init	20 Jan 2008 07:59:04 -0000	1.11
+++ sepostgresql.init	22 Jan 2008 12:23:23 -0000	1.12
@@ -9,7 +9,7 @@
 
 PGVERSION="8.3RC2"
 PGMAJORVERSION=`echo "$PGVERSION" | sed 's/^\([0-9]*\.[0-9a-z]*\).*$/\1/'`
-SEPGVERSION="2.52"
+SEPGVERSION="2.56"
 
 # source function library
 . /etc/rc.d/init.d/functions


Index: sepostgresql.spec
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/devel/sepostgresql.spec,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- sepostgresql.spec	20 Jan 2008 07:59:04 -0000	1.11
+++ sepostgresql.spec	22 Jan 2008 12:23:23 -0000	1.12
@@ -13,7 +13,7 @@
 Summary: Security Enhanced PostgreSQL
 Name: sepostgresql
 Version: 8.3RC2
-Release: 2.52%{?sepgsql_extension}%{?dist}
+Release: 2.56%{?sepgsql_extension}%{?dist}
 License: BSD
 Group: Applications/Databases
 Url: http://code.google.com/p/sepgsql/
@@ -204,6 +204,10 @@
 %attr(700,sepgsql,sepgsql) %dir %{_localstatedir}/lib/sepgsql/backups
 
 %changelog
+* Tue Jan 22 2008 <kaigai at kaigai.gr.jp> - sepostgresql-8.3RC2-2.56
+- BUGFIX: lack of locks when refering buffer pages at update/delete hooks
+- BUGFIX: explicit labeling using SELECT ... INTO statement.
+
 * Sun Jan 20 2008 <kaigai at kaigai.gr.jp> - sepostgresql-8.3RC2-2.52
 - shares /usr/lib/pgsql/*.so libraries, with original postgresql.
 


Index: sepostgresql.te
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/devel/sepostgresql.te,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- sepostgresql.te	20 Jan 2008 07:59:04 -0000	1.11
+++ sepostgresql.te	22 Jan 2008 12:23:23 -0000	1.12
@@ -1,4 +1,4 @@
-policy_module(sepostgresql, 2.52)
+policy_module(sepostgresql, 2.56)
 
 gen_require(`
 	all_userspace_class_perms

More information about the fedora-extras-commits mailing list