diff --git a/.github/workflows/pgindent.yml b/.github/workflows/pgindent.yml new file mode 100644 index 0000000000000..745b02be5c725 --- /dev/null +++ b/.github/workflows/pgindent.yml @@ -0,0 +1,34 @@ +name: PgIndent +on: + pull_request: + workflow_dispatch: + +defaults: + run: + working-directory: ./src + +jobs: + check: + name: Check + runs-on: ubuntu-22.04 + steps: + + - name: Clone repository + uses: actions/checkout@v4 + with: + path: 'src' + submodules: recursive + + - name: Install dependencies + run: ci_scripts/ubuntu-deps.sh + + - name: Build postgres + run: ci_scripts/make-build.sh debug + + - name: Update typedefs + run: ci_scripts/dump-typedefs.sh + + - name: Run pgindent + run: ci_scripts/run-pgindent.sh --check --diff + + diff --git a/.gitignore b/.gitignore index a880c1e3838db..049dc2cc016d6 100644 --- a/.gitignore +++ b/.gitignore @@ -44,3 +44,4 @@ lib*.pc /Release/ /tmp_install/ /portlock/ +/*.typedefs diff --git a/ci_scripts/dump-typedefs.sh b/ci_scripts/dump-typedefs.sh new file mode 100755 index 0000000000000..a8bb1e66c471b --- /dev/null +++ b/ci_scripts/dump-typedefs.sh @@ -0,0 +1,32 @@ +SCRIPT_DIR="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )" +cd "$SCRIPT_DIR/../" + +if ! test -f src/backend/postgres; then + echo "src/backend/postgres doesn't exists, run make-build.sh first in debug mode" + exit 1 +fi + +if ! test -f contrib/pg_tde/pg_tde.so; then + echo "contrib/pg_tde/pg_tde.so doesn't exists, run make-build.sh first in debug mode" + exit 1 +fi + +objdump -W src/backend/postgres |\ + egrep -A3 DW_TAG_typedef |\ + perl -e ' while (<>) { chomp; @flds = split;next unless (1 < @flds);\ + next if $flds[0] ne "DW_AT_name" && $flds[1] ne "DW_AT_name";\ + next if $flds[-1] =~ /^DW_FORM_str/;\ + print $flds[-1],"\n"; }' |\ + sort | uniq > percona.typedefs + +objdump -W contrib/pg_tde/pg_tde.so |\ + egrep -A3 DW_TAG_typedef |\ + perl -e ' while (<>) { chomp; @flds = split;next unless (1 < @flds);\ + next if $flds[0] ne "DW_AT_name" && $flds[1] ne "DW_AT_name";\ + next if $flds[-1] =~ /^DW_FORM_str/;\ + print $flds[-1],"\n"; }' |\ + sort | uniq > tde.typedefs + +# Combine with original typedefs + +cat percona.typedefs tde.typedefs src/tools/pgindent/typedefs.list | sort | uniq > combined.typedefs diff --git a/ci_scripts/make-build.sh b/ci_scripts/make-build.sh index 9450e115c52b8..ebfec59ef8fb2 100755 --- a/ci_scripts/make-build.sh +++ b/ci_scripts/make-build.sh @@ -14,4 +14,5 @@ if [ "$1" = "debugoptimized" ]; then fi ./configure --enable-debug --enable-cassert --enable-tap-tests --prefix=$INSTALL_DIR -make install-world -j \ No newline at end of file +make install-world -j + diff --git a/ci_scripts/make-test.sh b/ci_scripts/make-test.sh index 4477175139dc2..e9022432fb398 100755 --- a/ci_scripts/make-test.sh +++ b/ci_scripts/make-test.sh @@ -7,4 +7,5 @@ INSTALL_DIR="$SCRIPT_DIR/../../pginst" cd "$SCRIPT_DIR/../" -make check-world \ No newline at end of file +make check-world + diff --git a/ci_scripts/run-pgindent.sh b/ci_scripts/run-pgindent.sh new file mode 100755 index 0000000000000..d03da1345a6c0 --- /dev/null +++ b/ci_scripts/run-pgindent.sh @@ -0,0 +1,19 @@ + +SCRIPT_DIR="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )" +INSTALL_DIR="$SCRIPT_DIR/../../pginst" +cd "$SCRIPT_DIR/../" + +if ! test -f combined.typedefs; then + echo "combined.typedefs doesn't exists, run dump-typedefs.sh first" + exit 1 +fi + +cd src/tools/pg_bsd_indent +make install + +cd "$SCRIPT_DIR/../" + + +export PATH=$SCRIPT_DIR/../src/tools/pgindent/:$INSTALL_DIR/bin/:$PATH + +pgindent --typedefs=combined.typedefs "$@" . \ No newline at end of file diff --git a/contrib/pg_tde/src/access/pg_tde_ddl.c b/contrib/pg_tde/src/access/pg_tde_ddl.c index cb14738b0b6b8..d800e93a421b1 100644 --- a/contrib/pg_tde/src/access/pg_tde_ddl.c +++ b/contrib/pg_tde/src/access/pg_tde_ddl.c @@ -33,7 +33,7 @@ static void tdeheap_object_access_hook(ObjectAccessType access, Oid classId, Oid objectId, int subId, void *arg) { - Relation rel = NULL; + Relation rel = NULL; if (prev_object_access_hook) prev_object_access_hook(access, classId, objectId, subId, arg); diff --git a/contrib/pg_tde/src/access/pg_tde_slot.c b/contrib/pg_tde/src/access/pg_tde_slot.c index 7decf7ac55c02..ef71322da620c 100644 --- a/contrib/pg_tde/src/access/pg_tde_slot.c +++ b/contrib/pg_tde/src/access/pg_tde_slot.c @@ -56,7 +56,7 @@ tdeheap_tts_buffer_heap_init(TupleTableSlot *slot) static void tdeheap_tts_buffer_heap_release(TupleTableSlot *slot) { - // nop + /* nop */ } static void @@ -242,12 +242,12 @@ tdeheap_tts_buffer_heap_copyslot(TupleTableSlot *dstslot, TupleTableSlot *srcslo bdstslot->base.tuple = &bdstslot->base.tupdata; /* - * copy the decrypted buffer content as well - * We only need to copy buffer upto tuple size + * copy the decrypted buffer content as well We only need to copy + * buffer upto tuple size */ memcpy(bdstslot->decrypted_buffer, bsrcslot->decrypted_buffer, HEAPTUPLESIZE + bsrcslot->base.tuple->t_len); slot_copytuple(bdstslot->decrypted_buffer, bsrcslot->base.tuple); - bdstslot->base.tuple->t_data = ((HeapTuple)bdstslot->decrypted_buffer)->t_data; + bdstslot->base.tuple->t_data = ((HeapTuple) bdstslot->decrypted_buffer)->t_data; } } @@ -359,16 +359,16 @@ static pg_attribute_always_inline void tdeheap_slot_deform_heap_tuple(TupleTableSlot *slot, HeapTuple tuple, uint32 *offp, int natts) { - TupleDesc tupleDesc = slot->tts_tupleDescriptor; - Datum *values = slot->tts_values; - bool *isnull = slot->tts_isnull; + TupleDesc tupleDesc = slot->tts_tupleDescriptor; + Datum *values = slot->tts_values; + bool *isnull = slot->tts_isnull; HeapTupleHeader tup = tuple->t_data; - bool hasnulls = HeapTupleHasNulls(tuple); - int attnum; - char *tp; /* ptr to tuple data */ - uint32 off; /* offset in tuple data */ - bits8 *bp = tup->t_bits; /* ptr to null bitmap in tuple */ - bool slow; /* can we use/set attcacheoff? */ + bool hasnulls = HeapTupleHasNulls(tuple); + int attnum; + char *tp; /* ptr to tuple data */ + uint32 off; /* offset in tuple data */ + bits8 *bp = tup->t_bits; /* ptr to null bitmap in tuple */ + bool slow; /* can we use/set attcacheoff? */ /* We can only fetch as many attributes as the tuple has. */ natts = Min(HeapTupleHeaderGetNatts(tuple->t_data), natts); @@ -458,7 +458,7 @@ tdeheap_slot_deform_heap_tuple(TupleTableSlot *slot, HeapTuple tuple, uint32 *of static HeapTuple slot_copytuple(void *buffer, HeapTuple tuple) { - HeapTuple newTuple; + HeapTuple newTuple; if (!HeapTupleIsValid(tuple) || tuple->t_data == NULL) return NULL; diff --git a/contrib/pg_tde/src/access/pg_tde_tdemap.c b/contrib/pg_tde/src/access/pg_tde_tdemap.c index 198f6a1254343..0e02581238396 100644 --- a/contrib/pg_tde/src/access/pg_tde_tdemap.c +++ b/contrib/pg_tde/src/access/pg_tde_tdemap.c @@ -63,28 +63,28 @@ typedef struct TDEFileHeader { - int32 file_version; + int32 file_version; TDEPrincipalKeyInfo principal_key_info; } TDEFileHeader; typedef struct TDEMapEntry { RelFileNumber relNumber; - uint32 flags; - int32 key_index; + uint32 flags; + int32 key_index; } TDEMapEntry; typedef struct TDEMapFilePath { - char map_path[MAXPGPATH]; - char keydata_path[MAXPGPATH]; -} TDEMapFilePath; + char map_path[MAXPGPATH]; + char keydata_path[MAXPGPATH]; +} TDEMapFilePath; typedef struct RelKeyCacheRec { RelFileNumber rel_number; - RelKeyData key; + RelKeyData key; } RelKeyCacheRec; /* @@ -102,30 +102,31 @@ typedef struct RelKeyCacheRec */ typedef struct RelKeyCache { - RelKeyCacheRec *data; /* must be a multiple of a memory page (usually 4Kb) */ - int len; /* num of RelKeyCacheRecs currenty in cache */ - int cap; /* max amount of RelKeyCacheRec data can fit */ + RelKeyCacheRec *data; /* must be a multiple of a memory page + * (usually 4Kb) */ + int len; /* num of RelKeyCacheRecs currenty in cache */ + int cap; /* max amount of RelKeyCacheRec data can fit */ } RelKeyCache; RelKeyCache *tde_rel_key_cache = NULL; static int32 pg_tde_process_map_entry(const RelFileLocator *rlocator, uint32 key_type, char *db_map_path, off_t *offset, bool should_delete); static RelKeyData *pg_tde_read_keydata(char *db_keydata_path, int32 key_index, TDEPrincipalKey *principal_key); -static int pg_tde_open_file_basic(char *tde_filename, int fileFlags, bool ignore_missing); -static int pg_tde_file_header_read(char *tde_filename, int fd, TDEFileHeader *fheader, bool *is_new_file, off_t *bytes_read); +static int pg_tde_open_file_basic(char *tde_filename, int fileFlags, bool ignore_missing); +static int pg_tde_file_header_read(char *tde_filename, int fd, TDEFileHeader *fheader, bool *is_new_file, off_t *bytes_read); static bool pg_tde_read_one_map_entry(int fd, const RelFileLocator *rlocator, int flags, TDEMapEntry *map_entry, off_t *offset); static RelKeyData *pg_tde_read_one_keydata(int keydata_fd, int32 key_index, TDEPrincipalKey *principal_key); -static int pg_tde_open_file(char *tde_filename, TDEPrincipalKeyInfo *principal_key_info, bool update_header, int fileFlags, bool *is_new_file, off_t *curr_pos); +static int pg_tde_open_file(char *tde_filename, TDEPrincipalKeyInfo *principal_key_info, bool update_header, int fileFlags, bool *is_new_file, off_t *curr_pos); static RelKeyData *pg_tde_get_key_from_cache(RelFileNumber rel_number, uint32 key_type); #ifndef FRONTEND -static int pg_tde_file_header_write(char *tde_filename, int fd, TDEPrincipalKeyInfo *principal_key_info, off_t *bytes_written); +static int pg_tde_file_header_write(char *tde_filename, int fd, TDEPrincipalKeyInfo *principal_key_info, off_t *bytes_written); static int32 pg_tde_write_map_entry(const RelFileLocator *rlocator, uint32 entry_type, char *db_map_path, TDEPrincipalKeyInfo *principal_key_info); static off_t pg_tde_write_one_map_entry(int fd, const RelFileLocator *rlocator, uint32 flags, int32 key_index, TDEMapEntry *map_entry, off_t *offset); static void pg_tde_write_keydata(char *db_keydata_path, TDEPrincipalKeyInfo *principal_key_info, int32 key_index, RelKeyData *enc_rel_key_data); static void pg_tde_write_one_keydata(int keydata_fd, int32 key_index, RelKeyData *enc_rel_key_data); -static int keyrotation_init_file(TDEPrincipalKeyInfo *new_principal_key_info, char *rotated_filename, char *filename, bool *is_new_file, off_t *curr_pos); +static int keyrotation_init_file(TDEPrincipalKeyInfo *new_principal_key_info, char *rotated_filename, char *filename, bool *is_new_file, off_t *curr_pos); static void finalize_key_rotation(char *m_path_old, char *k_path_old, char *m_path_new, char *k_path_new); RelKeyData * @@ -156,8 +157,8 @@ pg_tde_create_key_map_entry(const RelFileLocator *newrlocator, uint32 entry_type RelKeyData *rel_key_data; RelKeyData *enc_rel_key_data; TDEPrincipalKey *principal_key; - XLogRelKey xlrec; - LWLock *lock_pk = tde_lwlock_enc_keys(); + XLogRelKey xlrec; + LWLock *lock_pk = tde_lwlock_enc_keys(); LWLockAcquire(lock_pk, LW_EXCLUSIVE); principal_key = GetPrincipalKey(newrlocator->dbOid, LW_EXCLUSIVE); @@ -212,7 +213,7 @@ const char * tde_sprint_key(InternalKey *k) { static char buf[256]; - int i; + int i; for (i = 0; i < sizeof(k->key); i++) sprintf(buf + i, "%02X", k->key[i]); @@ -227,7 +228,7 @@ tde_sprint_key(InternalKey *k) RelKeyData * tde_create_rel_key(RelFileNumber rel_num, InternalKey *key, TDEPrincipalKeyInfo *principal_key_info) { - RelKeyData rel_key_data; + RelKeyData rel_key_data; memcpy(&rel_key_data.principal_key_id, &principal_key_info->keyId, sizeof(TDEPrincipalKeyId)); memcpy(&rel_key_data.internal_key, key, sizeof(InternalKey)); @@ -244,7 +245,7 @@ RelKeyData * tde_encrypt_rel_key(TDEPrincipalKey *principal_key, RelKeyData *rel_key_data, Oid dbOid) { RelKeyData *enc_rel_key_data; - size_t enc_key_bytes; + size_t enc_key_bytes; AesEncryptKey(principal_key, dbOid, rel_key_data, &enc_rel_key_data, &enc_key_bytes); @@ -258,8 +259,8 @@ tde_encrypt_rel_key(TDEPrincipalKey *principal_key, RelKeyData *rel_key_data, Oi void pg_tde_delete_tde_files(Oid dbOid) { - char db_map_path[MAXPGPATH] = {0}; - char db_keydata_path[MAXPGPATH] = {0}; + char db_map_path[MAXPGPATH] = {0}; + char db_keydata_path[MAXPGPATH] = {0}; /* Set the file paths */ pg_tde_set_db_file_paths(dbOid, db_map_path, db_keydata_path); @@ -281,22 +282,23 @@ pg_tde_delete_tde_files(Oid dbOid) bool pg_tde_save_principal_key(TDEPrincipalKeyInfo *principal_key_info, bool truncate_existing, bool update_header) { - int map_fd = -1; - int keydata_fd = -1; - off_t curr_pos = 0; - bool is_new_map = false; - bool is_new_key_data = false; - char db_map_path[MAXPGPATH] = {0}; - char db_keydata_path[MAXPGPATH] = {0}; - int file_flags = O_RDWR | O_CREAT; + int map_fd = -1; + int keydata_fd = -1; + off_t curr_pos = 0; + bool is_new_map = false; + bool is_new_key_data = false; + char db_map_path[MAXPGPATH] = {0}; + char db_keydata_path[MAXPGPATH] = {0}; + int file_flags = O_RDWR | O_CREAT; /* Set the file paths */ pg_tde_set_db_file_paths(principal_key_info->databaseId, db_map_path, db_keydata_path); ereport(DEBUG2, - (errmsg("pg_tde_save_principal_key"), - errdetail("truncate_existing:%s update_header:%s", truncate_existing?"YES":"NO", update_header?"YES":"NO"))); + (errmsg("pg_tde_save_principal_key"), + errdetail("truncate_existing:%s update_header:%s", truncate_existing ? "YES" : "NO", update_header ? "YES" : "NO"))); + /* * Create or truncate these map and keydata files. */ @@ -320,7 +322,7 @@ static int pg_tde_file_header_write(char *tde_filename, int fd, TDEPrincipalKeyInfo *principal_key_info, off_t *bytes_written) { TDEFileHeader fheader; - size_t sz = sizeof(TDEPrincipalKeyInfo); + size_t sz = sizeof(TDEPrincipalKeyInfo); Assert(principal_key_info); @@ -366,13 +368,13 @@ pg_tde_file_header_write(char *tde_filename, int fd, TDEPrincipalKeyInfo *princi static int32 pg_tde_write_map_entry(const RelFileLocator *rlocator, uint32 entry_type, char *db_map_path, TDEPrincipalKeyInfo *principal_key_info) { - int map_fd = -1; - int32 key_index = 0; + int map_fd = -1; + int32 key_index = 0; TDEMapEntry map_entry; - bool is_new_file; - off_t curr_pos = 0; - off_t prev_pos = 0; - bool found = false; + bool is_new_file; + off_t curr_pos = 0; + off_t prev_pos = 0; + bool found = false; /* Open and validate file for basic correctness. */ map_fd = pg_tde_open_file(db_map_path, principal_key_info, false, O_RDWR | O_CREAT, &is_new_file, &curr_pos); @@ -422,7 +424,7 @@ pg_tde_write_map_entry(const RelFileLocator *rlocator, uint32 entry_type, char * static off_t pg_tde_write_one_map_entry(int fd, const RelFileLocator *rlocator, uint32 flags, int32 key_index, TDEMapEntry *map_entry, off_t *offset) { - int bytes_written = 0; + int bytes_written = 0; Assert(map_entry); @@ -437,9 +439,9 @@ pg_tde_write_one_map_entry(int fd, const RelFileLocator *rlocator, uint32 flags, /* Add the entry to the file */ if (bytes_written != MAP_ENTRY_SIZE) { - char db_map_path[MAXPGPATH] = {0}; + char db_map_path[MAXPGPATH] = {0}; - // TODO: this seems like a bad idea? + /* TODO: this seems like a bad idea? */ pg_tde_set_db_file_paths(rlocator->dbOid, db_map_path, NULL); ereport(ERROR, (errcode_for_file_access(), @@ -448,9 +450,9 @@ pg_tde_write_one_map_entry(int fd, const RelFileLocator *rlocator, uint32 flags, } if (pg_fsync(fd) != 0) { - char db_map_path[MAXPGPATH] = {0}; + char db_map_path[MAXPGPATH] = {0}; - // TODO: this seems like a bad idea? + /* TODO: this seems like a bad idea? */ pg_tde_set_db_file_paths(rlocator->dbOid, db_map_path, NULL); ereport(data_sync_elevel(ERROR), (errcode_for_file_access(), @@ -472,9 +474,9 @@ pg_tde_write_one_map_entry(int fd, const RelFileLocator *rlocator, uint32 flags, static void pg_tde_write_keydata(char *db_keydata_path, TDEPrincipalKeyInfo *principal_key_info, int32 key_index, RelKeyData *enc_rel_key_data) { - File fd = -1; - bool is_new_file; - off_t curr_pos = 0; + File fd = -1; + bool is_new_file; + off_t curr_pos = 0; /* Open and validate file for basic correctness. */ fd = pg_tde_open_file(db_keydata_path, principal_key_info, false, O_RDWR | O_CREAT, &is_new_file, &curr_pos); @@ -492,7 +494,7 @@ pg_tde_write_keydata(char *db_keydata_path, TDEPrincipalKeyInfo *principal_key_i static void pg_tde_write_one_keydata(int fd, int32 key_index, RelKeyData *enc_rel_key_data) { - off_t curr_pos; + off_t curr_pos; Assert(fd != -1); @@ -502,7 +504,7 @@ pg_tde_write_one_keydata(int fd, int32 key_index, RelKeyData *enc_rel_key_data) /* TODO: pgstat_report_wait_start / pgstat_report_wait_end */ if (pg_pwrite(fd, &enc_rel_key_data->internal_key, INTERNAL_KEY_DAT_LEN, curr_pos) != INTERNAL_KEY_DAT_LEN) { - // TODO: what now? File is corrupted + /* TODO: what now? File is corrupted */ ereport(ERROR, (errcode_for_file_access(), errmsg("could not write tde key data file: %m"))); @@ -526,9 +528,9 @@ pg_tde_write_one_keydata(int fd, int32 key_index, RelKeyData *enc_rel_key_data) void pg_tde_write_key_map_entry(const RelFileLocator *rlocator, RelKeyData *enc_rel_key_data, TDEPrincipalKeyInfo *principal_key_info) { - int32 key_index = 0; - char db_map_path[MAXPGPATH] = {0}; - char db_keydata_path[MAXPGPATH] = {0}; + int32 key_index = 0; + char db_map_path[MAXPGPATH] = {0}; + char db_keydata_path[MAXPGPATH] = {0}; Assert(rlocator); @@ -549,11 +551,11 @@ pg_tde_write_key_map_entry(const RelFileLocator *rlocator, RelKeyData *enc_rel_k void pg_tde_delete_key_map_entry(const RelFileLocator *rlocator, uint32 key_type) { - int32 key_index = 0; - off_t offset = 0; - LWLock *lock_files = tde_lwlock_enc_keys(); - char db_map_path[MAXPGPATH] = {0}; - char db_keydata_path[MAXPGPATH] = {0}; + int32 key_index = 0; + off_t offset = 0; + LWLock *lock_files = tde_lwlock_enc_keys(); + char db_map_path[MAXPGPATH] = {0}; + char db_keydata_path[MAXPGPATH] = {0}; Assert(rlocator); @@ -591,14 +593,14 @@ pg_tde_delete_key_map_entry(const RelFileLocator *rlocator, uint32 key_type) * * The offset allows us to simply seek to the desired location and mark the entry * as MAP_ENTRY_FREE without needing any further processing. - * + * * A caller should hold an EXCLUSIVE tde_lwlock_enc_keys lock. */ void pg_tde_free_key_map_entry(const RelFileLocator *rlocator, uint32 key_type, off_t offset) { - int32 key_index = 0; - char db_map_path[MAXPGPATH] = {0}; + int32 key_index = 0; + char db_map_path[MAXPGPATH] = {0}; Assert(rlocator); @@ -664,25 +666,25 @@ pg_tde_perform_rotate_key(TDEPrincipalKey *principal_key, TDEPrincipalKey *new_p #define NEW_PRINCIPAL_KEY 1 #define PRINCIPAL_KEY_COUNT 2 - off_t curr_pos[PRINCIPAL_KEY_COUNT] = {0}; - off_t prev_pos[PRINCIPAL_KEY_COUNT] = {0}; - int32 key_index[PRINCIPAL_KEY_COUNT] = {0}; + off_t curr_pos[PRINCIPAL_KEY_COUNT] = {0}; + off_t prev_pos[PRINCIPAL_KEY_COUNT] = {0}; + int32 key_index[PRINCIPAL_KEY_COUNT] = {0}; RelKeyData *rel_key_data[PRINCIPAL_KEY_COUNT]; RelKeyData *enc_rel_key_data[PRINCIPAL_KEY_COUNT]; - int m_fd[PRINCIPAL_KEY_COUNT] = {-1}; - int k_fd[PRINCIPAL_KEY_COUNT] = {-1}; - char m_path[PRINCIPAL_KEY_COUNT][MAXPGPATH]; - char k_path[PRINCIPAL_KEY_COUNT][MAXPGPATH]; - bool found = false; - off_t read_pos_tmp = 0; - bool is_new_file; - off_t map_size; - off_t keydata_size; + int m_fd[PRINCIPAL_KEY_COUNT] = {-1}; + int k_fd[PRINCIPAL_KEY_COUNT] = {-1}; + char m_path[PRINCIPAL_KEY_COUNT][MAXPGPATH]; + char k_path[PRINCIPAL_KEY_COUNT][MAXPGPATH]; + bool found = false; + off_t read_pos_tmp = 0; + bool is_new_file; + off_t map_size; + off_t keydata_size; XLogPrincipalKeyRotate *xlrec; - off_t xlrec_size; - char db_map_path[MAXPGPATH] = {0}; - char db_keydata_path[MAXPGPATH] = {0}; - bool success = true; + off_t xlrec_size; + char db_map_path[MAXPGPATH] = {0}; + char db_keydata_path[MAXPGPATH] = {0}; + bool success = true; /* Set the file paths */ pg_tde_set_db_file_paths(principal_key->keyInfo.databaseId, @@ -760,8 +762,10 @@ pg_tde_perform_rotate_key(TDEPrincipalKey *principal_key, TDEPrincipalKey *new_p /* TODO: pgstat_report_wait_start / pgstat_report_wait_end */ /* TODO: error handling */ - if(pg_pread(m_fd[NEW_PRINCIPAL_KEY], xlrec->buff, xlrec->map_size, 0) == -1) success = false; - if(pg_pread(k_fd[NEW_PRINCIPAL_KEY], &xlrec->buff[xlrec->map_size], xlrec->keydata_size, 0) == -1) success = false; + if (pg_pread(m_fd[NEW_PRINCIPAL_KEY], xlrec->buff, xlrec->map_size, 0) == -1) + success = false; + if (pg_pread(k_fd[NEW_PRINCIPAL_KEY], &xlrec->buff[xlrec->map_size], xlrec->keydata_size, 0) == -1) + success = false; /* Close the files */ close(m_fd[NEW_PRINCIPAL_KEY]); @@ -793,16 +797,16 @@ bool pg_tde_write_map_keydata_files(off_t map_size, char *m_file_data, off_t keydata_size, char *k_file_data) { TDEFileHeader *fheader; - char m_path_new[MAXPGPATH]; - char k_path_new[MAXPGPATH]; - int m_fd_new; - int k_fd_new; - bool is_new_file; - off_t curr_pos = 0; - off_t read_pos_tmp = 0; - char db_map_path[MAXPGPATH] = {0}; - char db_keydata_path[MAXPGPATH] = {0}; - bool is_err = false; + char m_path_new[MAXPGPATH]; + char k_path_new[MAXPGPATH]; + int m_fd_new; + int k_fd_new; + bool is_new_file; + off_t curr_pos = 0; + off_t read_pos_tmp = 0; + char db_map_path[MAXPGPATH] = {0}; + char db_keydata_path[MAXPGPATH] = {0}; + bool is_err = false; /* Let's get the header. Buff should start with the map file header. */ fheader = (TDEFileHeader *) m_file_data; @@ -863,15 +867,15 @@ pg_tde_write_map_keydata_files(off_t map_size, char *m_file_data, off_t keydata_ return !is_err; } -/* +/* * Saves the relation key with the new relfilenode. * Needed by ALTER TABLE SET TABLESPACE for example. */ void pg_tde_move_rel_key(const RelFileLocator *newrlocator, const RelFileLocator *oldrlocator) { - RelKeyData *rel_key; - RelKeyData *enc_key; + RelKeyData *rel_key; + RelKeyData *enc_key; TDEPrincipalKey *principal_key; XLogRelKey xlrec; char db_map_path[MAXPGPATH] = {0}; @@ -909,9 +913,10 @@ pg_tde_move_rel_key(const RelFileLocator *newrlocator, const RelFileLocator *old XLogRegisterData((char *) oldrlocator, sizeof(RelFileLocator)); XLogInsert(RM_TDERMGR_ID, XLOG_TDE_FREE_MAP_ENTRY); - /* Clean-up map/dat entries. It will also remove physical files (*.map, - * *.dat and keyring) if it was the last tde_heap_basic relation in the old - * locator AND it was a custom tablespace. + /* + * Clean-up map/dat entries. It will also remove physical files (*.map, + * *.dat and keyring) if it was the last tde_heap_basic relation in the + * old locator AND it was a custom tablespace. */ pg_tde_free_key_map_entry(oldrlocator, MAP_ENTRY_VALID, offset); @@ -920,7 +925,7 @@ pg_tde_move_rel_key(const RelFileLocator *newrlocator, const RelFileLocator *old pfree(enc_key); } -#endif /* !FRONTEND */ +#endif /* !FRONTEND */ /* * Reads the key of the required relation. It identifies its map entry and then simply @@ -929,14 +934,14 @@ pg_tde_move_rel_key(const RelFileLocator *newrlocator, const RelFileLocator *old RelKeyData * pg_tde_get_key_from_file(const RelFileLocator *rlocator, uint32 key_type, bool no_map_ok) { - int32 key_index = 0; + int32 key_index = 0; TDEPrincipalKey *principal_key; RelKeyData *rel_key_data; RelKeyData *enc_rel_key_data; - off_t offset = 0; - LWLock *lock_pk = tde_lwlock_enc_keys(); - char db_map_path[MAXPGPATH] = {0}; - char db_keydata_path[MAXPGPATH] = {0}; + off_t offset = 0; + LWLock *lock_pk = tde_lwlock_enc_keys(); + char db_map_path[MAXPGPATH] = {0}; + char db_keydata_path[MAXPGPATH] = {0}; Assert(rlocator); @@ -998,13 +1003,13 @@ pg_tde_get_key_from_file(const RelFileLocator *rlocator, uint32 key_type, bool n static int32 pg_tde_process_map_entry(const RelFileLocator *rlocator, uint32 key_type, char *db_map_path, off_t *offset, bool should_delete) { - File map_fd = -1; - int32 key_index = 0; + File map_fd = -1; + int32 key_index = 0; TDEMapEntry map_entry; - bool is_new_file; - bool found = false; - off_t prev_pos = 0; - off_t curr_pos = 0; + bool is_new_file; + bool found = false; + off_t prev_pos = 0; + off_t curr_pos = 0; Assert(offset); @@ -1084,10 +1089,10 @@ pg_tde_process_map_entry(const RelFileLocator *rlocator, uint32 key_type, char * static RelKeyData * pg_tde_read_keydata(char *db_keydata_path, int32 key_index, TDEPrincipalKey *principal_key) { - int fd = -1; + int fd = -1; RelKeyData *enc_rel_key_data; - off_t read_pos = 0; - bool is_new_file; + off_t read_pos = 0; + bool is_new_file; /* Open and validate file for basic correctness. */ fd = pg_tde_open_file(db_keydata_path, &principal_key->keyInfo, false, O_RDONLY, &is_new_file, &read_pos); @@ -1109,7 +1114,7 @@ RelKeyData * tde_decrypt_rel_key(TDEPrincipalKey *principal_key, RelKeyData *enc_rel_key_data, Oid dbOid) { RelKeyData *rel_key_data = NULL; - size_t key_bytes; + size_t key_bytes; AesDecryptKey(principal_key, dbOid, &rel_key_data, enc_rel_key_data, &key_bytes); @@ -1137,10 +1142,10 @@ tde_decrypt_rel_key(TDEPrincipalKey *principal_key, RelKeyData *enc_rel_key_data static int pg_tde_open_file(char *tde_filename, TDEPrincipalKeyInfo *principal_key_info, bool update_header, int fileFlags, bool *is_new_file, off_t *curr_pos) { - int fd = -1; + int fd = -1; TDEFileHeader fheader; - off_t bytes_read = 0; - off_t bytes_written = 0; + off_t bytes_read = 0; + off_t bytes_written = 0; /* * Ensuring that we always open the file in binary mode. The caller must @@ -1170,7 +1175,7 @@ pg_tde_open_file(char *tde_filename, TDEPrincipalKeyInfo *principal_key_info, bo static int pg_tde_open_file_basic(char *tde_filename, int fileFlags, bool ignore_missing) { - int fd = -1; + int fd = -1; /* * Ensuring that we always open the file in binary mode. The caller must @@ -1233,8 +1238,8 @@ pg_tde_file_header_read(char *tde_filename, int fd, TDEFileHeader *fheader, bool static bool pg_tde_read_one_map_entry(File map_file, const RelFileLocator *rlocator, int flags, TDEMapEntry *map_entry, off_t *offset) { - bool found; - off_t bytes_read = 0; + bool found; + off_t bytes_read = 0; Assert(map_entry); Assert(offset); @@ -1265,7 +1270,7 @@ static RelKeyData * pg_tde_read_one_keydata(int keydata_fd, int32 key_index, TDEPrincipalKey *principal_key) { RelKeyData *enc_rel_key_data; - off_t read_pos = 0; + off_t read_pos = 0; /* Allocate and fill in the structure */ enc_rel_key_data = (RelKeyData *) palloc(sizeof(RelKeyData)); @@ -1278,7 +1283,7 @@ pg_tde_read_one_keydata(int keydata_fd, int32 key_index, TDEPrincipalKey *princi /* Check if the file has a valid key */ if ((read_pos + INTERNAL_KEY_DAT_LEN) > lseek(keydata_fd, 0, SEEK_END)) { - char db_keydata_path[MAXPGPATH] = {0}; + char db_keydata_path[MAXPGPATH] = {0}; pg_tde_set_db_file_paths(principal_key->keyInfo.databaseId, NULL, db_keydata_path); ereport(FATAL, @@ -1313,12 +1318,12 @@ pg_tde_read_one_keydata(int keydata_fd, int32 key_index, TDEPrincipalKey *princi TDEPrincipalKeyInfo * pg_tde_get_principal_key_info(Oid dbOid) { - int fd = -1; + int fd = -1; TDEFileHeader fheader; TDEPrincipalKeyInfo *principal_key_info = NULL; - bool is_new_file = false; - off_t bytes_read = 0; - char db_map_path[MAXPGPATH] = {0}; + bool is_new_file = false; + off_t bytes_read = 0; + char db_map_path[MAXPGPATH] = {0}; /* Set the file paths */ pg_tde_set_db_file_paths(dbOid, db_map_path, NULL); @@ -1343,7 +1348,7 @@ pg_tde_get_principal_key_info(Oid dbOid) */ if (!is_new_file) { - size_t sz = sizeof(TDEPrincipalKeyInfo); + size_t sz = sizeof(TDEPrincipalKeyInfo); principal_key_info = (TDEPrincipalKeyInfo *) palloc(sz); memcpy(principal_key_info, &fheader.principal_key_info, sz); @@ -1370,7 +1375,8 @@ GetRelationKey(RelFileLocator rel, uint32 key_type, bool no_map_ok) if (key != NULL) { - RelKeyData* cached_key = pg_tde_put_key_into_cache(rel.relNumber, key); + RelKeyData *cached_key = pg_tde_put_key_into_cache(rel.relNumber, key); + pfree(key); return cached_key; } @@ -1469,20 +1475,18 @@ pg_tde_put_key_into_cache(RelFileNumber rel_num, RelKeyData *key) */ if (tde_rel_key_cache->len == tde_rel_key_cache->cap) { - size_t size; - size_t old_size; + size_t size; + size_t old_size; RelKeyCacheRec *cachePage; old_size = TYPEALIGN(pageSize, (tde_rel_key_cache->cap) * sizeof(RelKeyCacheRec)); - /* TODO: consider some formula for less allocations when caching a lot - * of objects. But on the other, hand it'll use more memory... - * E.g.: - * if (old_size < 0x8000) - * size = old_size * 2; - * else - * size = TYPEALIGN(pageSize, old_size + ((old_size + 3*256) >> 2)); - * + /* + * TODO: consider some formula for less allocations when caching a + * lot of objects. But on the other, hand it'll use more memory... + * E.g.: if (old_size < 0x8000) size = old_size * 2; else size = + * TYPEALIGN(pageSize, old_size + ((old_size + 3*256) >> 2)); + * */ size = old_size + pageSize; diff --git a/contrib/pg_tde/src/access/pg_tde_xlog.c b/contrib/pg_tde/src/access/pg_tde_xlog.c index 588aa08c0f0fc..7828e39680325 100644 --- a/contrib/pg_tde/src/access/pg_tde_xlog.c +++ b/contrib/pg_tde/src/access/pg_tde_xlog.c @@ -32,7 +32,7 @@ void tdeheap_rmgr_redo(XLogReaderState *record) { - uint8 info = XLogRecGetInfo(record) & ~XLR_INFO_MASK; + uint8 info = XLogRecGetInfo(record) & ~XLR_INFO_MASK; if (info == XLOG_TDE_ADD_RELATION_KEY) { @@ -99,7 +99,7 @@ tdeheap_rmgr_redo(XLogReaderState *record) void tdeheap_rmgr_desc(StringInfo buf, XLogReaderState *record) { - uint8 info = XLogRecGetInfo(record) & ~XLR_INFO_MASK; + uint8 info = XLogRecGetInfo(record) & ~XLR_INFO_MASK; if (info == XLOG_TDE_ADD_RELATION_KEY) { diff --git a/contrib/pg_tde/src/access/pg_tde_xlog_encrypt.c b/contrib/pg_tde/src/access/pg_tde_xlog_encrypt.c index a437ca9074a9a..2db06d59366a7 100644 --- a/contrib/pg_tde/src/access/pg_tde_xlog_encrypt.c +++ b/contrib/pg_tde/src/access/pg_tde_xlog_encrypt.c @@ -43,7 +43,7 @@ static XLogPageHeaderData EncryptCurrentPageHrd; static ssize_t TDEXLogWriteEncryptedPages(int fd, const void *buf, size_t count, off_t offset); static char *TDEXLogEncryptBuf = NULL; -static int XLOGChooseNumBuffers(void); +static int XLOGChooseNumBuffers(void); void XLogInitGUC(void) @@ -64,7 +64,7 @@ XLogInitGUC(void) static int XLOGChooseNumBuffers(void) { - int xbuffers; + int xbuffers; xbuffers = NBuffers / 32; if (xbuffers > (wal_segment_size / XLOG_BLCKSZ)) @@ -80,7 +80,7 @@ XLOGChooseNumBuffers(void) Size TDEXLogEncryptBuffSize(void) { - int xbuffers; + int xbuffers; xbuffers = (XLOGbuffers == -1) ? XLOGChooseNumBuffers() : XLOGbuffers; return (Size) XLOG_BLCKSZ * xbuffers; @@ -99,7 +99,7 @@ TDEXLogEncryptBuffSize(void) void TDEXLogShmemInit(void) { - bool foundBuf; + bool foundBuf; if (EncryptXLog) { @@ -119,14 +119,14 @@ TDEXLogShmemInit(void) static ssize_t TDEXLogWriteEncryptedPages(int fd, const void *buf, size_t count, off_t offset) { - char iv_prefix[16] = {0,}; - size_t data_size = 0; + char iv_prefix[16] = {0,}; + size_t data_size = 0; XLogPageHeader curr_page_hdr = &EncryptCurrentPageHrd; XLogPageHeader enc_buf_page = NULL; RelKeyData *key = GetTdeGlobaleRelationKey(GLOBAL_SPACE_RLOCATOR(XLOG_TDE_OID)); - off_t enc_off; - size_t page_size = XLOG_BLCKSZ - offset % XLOG_BLCKSZ; - uint32 iv_ctr = 0; + off_t enc_off; + size_t page_size = XLOG_BLCKSZ - offset % XLOG_BLCKSZ; + uint32 iv_ctr = 0; #ifdef TDE_XLOG_DEBUG elog(DEBUG1, "write encrypted WAL, pages amount: %d, size: %lu offset: %ld", count / (Size) XLOG_BLCKSZ, count, offset); @@ -226,14 +226,14 @@ tdeheap_xlog_seg_write(int fd, const void *buf, size_t count, off_t offset) ssize_t tdeheap_xlog_seg_read(int fd, void *buf, size_t count, off_t offset) { - ssize_t readsz; - char iv_prefix[16] = {0,}; - size_t data_size = 0; + ssize_t readsz; + char iv_prefix[16] = {0,}; + size_t data_size = 0; XLogPageHeader curr_page_hdr = &DecryptCurrentPageHrd; RelKeyData *key = GetTdeGlobaleRelationKey(GLOBAL_SPACE_RLOCATOR(XLOG_TDE_OID)); - size_t page_size = XLOG_BLCKSZ - offset % XLOG_BLCKSZ; - off_t dec_off; - uint32 iv_ctr = 0; + size_t page_size = XLOG_BLCKSZ - offset % XLOG_BLCKSZ; + off_t dec_off; + uint32 iv_ctr = 0; #ifdef TDE_XLOG_DEBUG elog(DEBUG1, "read from a WAL segment, pages amount: %d, size: %lu offset: %ld", count / (Size) XLOG_BLCKSZ, count, offset); @@ -312,4 +312,4 @@ SetXLogPageIVPrefix(TimeLineID tli, XLogRecPtr lsn, char *iv_prefix) iv_prefix[11] = (lsn & 0xFF); } -#endif /* PERCONA_EXT */ +#endif /* PERCONA_EXT */ diff --git a/contrib/pg_tde/src/catalog/tde_global_space.c b/contrib/pg_tde/src/catalog/tde_global_space.c index dcb2f7df49a8f..1ee6a6b474b53 100644 --- a/contrib/pg_tde/src/catalog/tde_global_space.c +++ b/contrib/pg_tde/src/catalog/tde_global_space.c @@ -42,14 +42,14 @@ static void init_keys(void); static void init_default_keyring(void); static TDEPrincipalKey *create_principal_key(const char *key_name, GenericKeyring *keyring, Oid dbOid); -#endif /* !FRONTEND */ +#endif /* !FRONTEND */ void TDEInitGlobalKeys(const char *dir) { #ifndef FRONTEND - char db_map_path[MAXPGPATH] = {0}; + char db_map_path[MAXPGPATH] = {0}; pg_tde_set_db_file_paths(GLOBAL_DATA_TDE_OID, db_map_path, NULL); if (access(db_map_path, F_OK) == -1) @@ -87,14 +87,14 @@ init_default_keyring(void) { if (GetAllKeyringProviders(GLOBAL_DATA_TDE_OID) == NIL) { - char path[MAXPGPATH] = {0}; + char path[MAXPGPATH] = {0}; static KeyringProvideRecord provider = { .provider_name = KEYRING_DEFAULT_NAME, .provider_type = FILE_KEY_PROVIDER, }; - char *data_path = make_absolute_path(PG_TDE_DATA_DIR); + char *data_path = make_absolute_path(PG_TDE_DATA_DIR); join_path_components(path, data_path, KEYRING_DEFAULT_FILE_NAME); free(data_path); @@ -177,7 +177,7 @@ static TDEPrincipalKey * create_principal_key(const char *key_name, GenericKeyring *keyring, Oid dbOid) { TDEPrincipalKey *principalKey; - keyInfo *keyInfo = NULL; + keyInfo *keyInfo = NULL; principalKey = palloc(sizeof(TDEPrincipalKey)); principalKey->keyInfo.databaseId = dbOid; @@ -201,6 +201,6 @@ create_principal_key(const char *key_name, GenericKeyring *keyring, Oid dbOid) return principalKey; } -#endif /* FRONTEND */ +#endif /* FRONTEND */ -#endif /* PERCONA_EXT */ +#endif /* PERCONA_EXT */ diff --git a/contrib/pg_tde/src/catalog/tde_keyring.c b/contrib/pg_tde/src/catalog/tde_keyring.c index 29f9007830e7a..6c2be0cd257b9 100644 --- a/contrib/pg_tde/src/catalog/tde_keyring.c +++ b/contrib/pg_tde/src/catalog/tde_keyring.c @@ -69,18 +69,18 @@ static void simple_list_free(SimplePtrList *list); static List *scan_key_provider_file(ProviderScanType scanType, void *scanKey, Oid dbOid); PG_FUNCTION_INFO_V1(pg_tde_add_key_provider_internal); -Datum pg_tde_add_key_provider_internal(PG_FUNCTION_ARGS); +Datum pg_tde_add_key_provider_internal(PG_FUNCTION_ARGS); PG_FUNCTION_INFO_V1(pg_tde_list_all_key_providers); -Datum pg_tde_list_all_key_providers(PG_FUNCTION_ARGS); +Datum pg_tde_list_all_key_providers(PG_FUNCTION_ARGS); #define PG_TDE_LIST_PROVIDERS_COLS 4 static void key_provider_startup_cleanup(int tde_tbl_count, XLogExtensionInstall *ext_info, bool redo, void *arg); static const char *get_keyring_provider_typename(ProviderType p_type); -static uint32 write_key_provider_info(KeyringProvideRecord *provider, - Oid database_id, off_t position, - bool error_if_exists, bool write_xlog); +static uint32 write_key_provider_info(KeyringProvideRecord *provider, + Oid database_id, off_t position, + bool error_if_exists, bool write_xlog); static Size initialize_shared_state(void *start_address); static Size required_shared_mem_size(void); @@ -183,7 +183,7 @@ GenericKeyring * GetKeyProviderByName(const char *provider_name, Oid dbOid) { GenericKeyring *keyring = NULL; - List *providers = scan_key_provider_file(PROVIDER_SCAN_BY_NAME, (void *) provider_name, dbOid); + List *providers = scan_key_provider_file(PROVIDER_SCAN_BY_NAME, (void *) provider_name, dbOid); if (providers != NIL) { @@ -205,12 +205,13 @@ static uint32 write_key_provider_info(KeyringProvideRecord *provider, Oid database_id, off_t position, bool error_if_exists, bool write_xlog) { - off_t bytes_written = 0; - off_t curr_pos = 0; - int fd; - // Named max, but global key provider oids are stored as negative numbers! - int max_provider_id = 0; - char kp_info_path[MAXPGPATH] = {0}; + off_t bytes_written = 0; + off_t curr_pos = 0; + int fd; + + /* Named max, but global key provider oids are stored as negative numbers! */ + int max_provider_id = 0; + char kp_info_path[MAXPGPATH] = {0}; KeyringProvideRecord existing_provider; Assert(provider != NULL); @@ -241,7 +242,7 @@ write_key_provider_info(KeyringProvideRecord *provider, Oid database_id, LWLockRelease(tde_provider_info_lock()); ereport(error_if_exists ? ERROR : DEBUG1, (errcode(ERRCODE_DUPLICATE_OBJECT), - errmsg("key provider \"%s\" already exists", provider->provider_name))); + errmsg("key provider \"%s\" already exists", provider->provider_name))); if (!error_if_exists) { @@ -253,7 +254,7 @@ write_key_provider_info(KeyringProvideRecord *provider, Oid database_id, max_provider_id = abs(existing_provider.provider_id); } provider->provider_id = max_provider_id + 1; - if(database_id == GLOBAL_DATA_TDE_OID) + if (database_id == GLOBAL_DATA_TDE_OID) { provider->provider_id = -provider->provider_id; } @@ -317,7 +318,7 @@ write_key_provider_info(KeyringProvideRecord *provider, Oid database_id, * Save the key provider info to the file */ uint32 -save_new_key_provider_info(KeyringProvideRecord* provider, Oid databaseId, bool write_xlog) +save_new_key_provider_info(KeyringProvideRecord *provider, Oid databaseId, bool write_xlog) { return write_key_provider_info(provider, databaseId, -1, true, write_xlog); } @@ -341,12 +342,12 @@ cleanup_key_provider_info(Oid databaseId) Datum pg_tde_add_key_provider_internal(PG_FUNCTION_ARGS) { - char *provider_type = text_to_cstring(PG_GETARG_TEXT_PP(0)); - char *provider_name = text_to_cstring(PG_GETARG_TEXT_PP(1)); - char *options = text_to_cstring(PG_GETARG_TEXT_PP(2)); - bool is_global = PG_GETARG_BOOL(3); + char *provider_type = text_to_cstring(PG_GETARG_TEXT_PP(0)); + char *provider_name = text_to_cstring(PG_GETARG_TEXT_PP(1)); + char *options = text_to_cstring(PG_GETARG_TEXT_PP(2)); + bool is_global = PG_GETARG_BOOL(3); KeyringProvideRecord provider; - Oid dbOid = is_global ? GLOBAL_DATA_TDE_OID : MyDatabaseId; + Oid dbOid = is_global ? GLOBAL_DATA_TDE_OID : MyDatabaseId; strncpy(provider.options, options, sizeof(provider.options)); strncpy(provider.provider_name, provider_name, sizeof(provider.provider_name)); @@ -359,10 +360,10 @@ pg_tde_add_key_provider_internal(PG_FUNCTION_ARGS) Datum pg_tde_list_all_key_providers(PG_FUNCTION_ARGS) { - List *all_providers = GetAllKeyringProviders(PG_NARGS() == 1 ? GLOBAL_DATA_TDE_OID : MyDatabaseId); - ListCell *lc; + List *all_providers = GetAllKeyringProviders(PG_NARGS() == 1 ? GLOBAL_DATA_TDE_OID : MyDatabaseId); + ListCell *lc; Tuplestorestate *tupstore; - TupleDesc tupdesc; + TupleDesc tupdesc; MemoryContext per_query_ctx; MemoryContext oldcontext; ReturnSetInfo *rsinfo = (ReturnSetInfo *) fcinfo->resultinfo; @@ -394,10 +395,10 @@ pg_tde_list_all_key_providers(PG_FUNCTION_ARGS) foreach(lc, all_providers) { - Datum values[PG_TDE_LIST_PROVIDERS_COLS] = {0}; - bool nulls[PG_TDE_LIST_PROVIDERS_COLS] = {0}; + Datum values[PG_TDE_LIST_PROVIDERS_COLS] = {0}; + bool nulls[PG_TDE_LIST_PROVIDERS_COLS] = {0}; GenericKeyring *keyring = (GenericKeyring *) lfirst(lc); - int i = 0; + int i = 0; values[i++] = Int32GetDatum(keyring->keyring_id); values[i++] = CStringGetTextDatum(keyring->provider_name); @@ -414,9 +415,9 @@ pg_tde_list_all_key_providers(PG_FUNCTION_ARGS) GenericKeyring * GetKeyProviderByID(int provider_id, Oid dbOid) { - Oid realOid = provider_id < 0 ? GLOBAL_DATA_TDE_OID : dbOid; + Oid realOid = provider_id < 0 ? GLOBAL_DATA_TDE_OID : dbOid; GenericKeyring *keyring = NULL; - List *providers = scan_key_provider_file(PROVIDER_SCAN_BY_ID, &provider_id, realOid); + List *providers = scan_key_provider_file(PROVIDER_SCAN_BY_ID, &provider_id, realOid); if (providers != NIL) { @@ -426,13 +427,13 @@ GetKeyProviderByID(int provider_id, Oid dbOid) return keyring; } -#endif /* !FRONTEND */ +#endif /* !FRONTEND */ #ifdef FRONTEND GenericKeyring * GetKeyProviderByID(int provider_id, Oid dbOid) { - Oid realOid = provider_id < 0 ? GLOBAL_DATA_TDE_OID : dbOid; + Oid realOid = provider_id < 0 ? GLOBAL_DATA_TDE_OID : dbOid; GenericKeyring *keyring = NULL; SimplePtrList *providers = scan_key_provider_file(PROVIDER_SCAN_BY_ID, &provider_id, realOid); @@ -459,7 +460,7 @@ simple_list_free(SimplePtrList *list) cell = next; } } -#endif /* FRONTEND */ +#endif /* FRONTEND */ /* * Scan the key provider info file and can also apply filter based on scanType @@ -471,12 +472,12 @@ static SimplePtrList * #endif scan_key_provider_file(ProviderScanType scanType, void *scanKey, Oid dbOid) { - off_t curr_pos = 0; - int fd; - char kp_info_path[MAXPGPATH] = {0}; + off_t curr_pos = 0; + int fd; + char kp_info_path[MAXPGPATH] = {0}; KeyringProvideRecord provider; #ifndef FRONTEND - List *providers_list = NIL; + List *providers_list = NIL; #else SimplePtrList *providers_list = NULL; #endif @@ -573,7 +574,7 @@ load_keyring_provider_options(ProviderType provider_type, char *keyring_options) return (GenericKeyring *) load_vaultV2_keyring_provider_options(keyring_options); break; case KMIP_KEY_PROVIDER: - return (GenericKeyring *)load_kmip_keyring_provider_options(keyring_options); + return (GenericKeyring *) load_kmip_keyring_provider_options(keyring_options); break; default: break; @@ -666,7 +667,7 @@ load_kmip_keyring_provider_options(char *keyring_options) static void debug_print_kerying(GenericKeyring *keyring) { - int debug_level = DEBUG2; + int debug_level = DEBUG2; elog(debug_level, "Keyring type: %d", keyring->type); elog(debug_level, "Keyring name: %s", keyring->provider_name); @@ -682,12 +683,12 @@ debug_print_kerying(GenericKeyring *keyring) elog(debug_level, "Vault Keyring Mount Path: %s", ((VaultV2Keyring *) keyring)->vault_mount_path); elog(debug_level, "Vault Keyring CA Path: %s", ((VaultV2Keyring *) keyring)->vault_ca_path); break; - case KMIP_KEY_PROVIDER: - elog(debug_level, "KMIP Keyring Host: %s", ((KmipKeyring *)keyring)->kmip_host); - elog(debug_level, "KMIP Keyring Port: %s", ((KmipKeyring *)keyring)->kmip_port); - elog(debug_level, "KMIP Keyring CA Path: %s", ((KmipKeyring *)keyring)->kmip_ca_path); - elog(debug_level, "KMIP Keyring Cert Path: %s", ((KmipKeyring *)keyring)->kmip_cert_path); - break; + case KMIP_KEY_PROVIDER: + elog(debug_level, "KMIP Keyring Host: %s", ((KmipKeyring *) keyring)->kmip_host); + elog(debug_level, "KMIP Keyring Port: %s", ((KmipKeyring *) keyring)->kmip_port); + elog(debug_level, "KMIP Keyring CA Path: %s", ((KmipKeyring *) keyring)->kmip_ca_path); + elog(debug_level, "KMIP Keyring Cert Path: %s", ((KmipKeyring *) keyring)->kmip_cert_path); + break; case UNKNOWN_KEY_PROVIDER: elog(debug_level, "Unknown Keyring "); break; @@ -706,7 +707,7 @@ get_keyring_infofile_path(char *resPath, Oid dbOid) static bool fetch_next_key_provider(int fd, off_t *curr_pos, KeyringProvideRecord *provider) { - off_t bytes_read = 0; + off_t bytes_read = 0; Assert(provider != NULL); Assert(fd >= 0); diff --git a/contrib/pg_tde/src/catalog/tde_keyring_parse_opts.c b/contrib/pg_tde/src/catalog/tde_keyring_parse_opts.c index f94459d3b290f..10b499bf62783 100644 --- a/contrib/pg_tde/src/catalog/tde_keyring_parse_opts.c +++ b/contrib/pg_tde/src/catalog/tde_keyring_parse_opts.c @@ -110,7 +110,7 @@ typedef struct JsonKeyringState * Caller's options to be set from JSON values. Expected either * `VaultV2Keyring` or `FileKeyring` */ - void *provider_opts; + void *provider_opts; /* * A field hierarchy of the current branch, field[level] is the current @@ -119,17 +119,17 @@ typedef struct JsonKeyringState */ JsonKeyringField field[MAX_JSON_DEPTH]; JsonKeringSemState state; - int level; + int level; /* * The rest of the scalar fields might be in the JSON document but has no * direct value for the caller. Although we need them for the values * extraction or state tracking. */ - char *kring_type; - char *field_type; - char *extern_url; - char *extern_path; + char *kring_type; + char *field_type; + char *extern_url; + char *extern_path; } JsonKeyringState; static JsonParseErrorType json_kring_scalar(void *state, char *token, JsonTokenType tokentype); @@ -433,18 +433,18 @@ json_kring_assign_scalar(JsonKeyringState *parse, JsonKeyringField field, char * strncpy(vault->vault_ca_path, value, sizeof(vault->vault_ca_path)); break; - case JK_KMIP_HOST: - strncpy(kmip->kmip_host, value, sizeof(kmip->kmip_host)); - break; - case JK_KMIP_PORT: - strncpy(kmip->kmip_port, value, sizeof(kmip->kmip_port)); - break; - case JK_KMIP_CA_PATH: - strncpy(kmip->kmip_ca_path, value, sizeof(kmip->kmip_ca_path)); - break; - case JK_KMIP_CERT_PATH: - strncpy(kmip->kmip_cert_path, value, sizeof(kmip->kmip_cert_path)); - break; + case JK_KMIP_HOST: + strncpy(kmip->kmip_host, value, sizeof(kmip->kmip_host)); + break; + case JK_KMIP_PORT: + strncpy(kmip->kmip_port, value, sizeof(kmip->kmip_port)); + break; + case JK_KMIP_CA_PATH: + strncpy(kmip->kmip_ca_path, value, sizeof(kmip->kmip_ca_path)); + break; + case JK_KMIP_CERT_PATH: + strncpy(kmip->kmip_cert_path, value, sizeof(kmip->kmip_cert_path)); + break; default: elog(DEBUG1, "json keyring: unexpected scalar field %d", field); @@ -488,8 +488,8 @@ get_remote_kring_value(const char *url, const char *field_name) static char * get_file_kring_value(const char *path, const char *field_name) { - int fd = -1; - char *val; + int fd = -1; + char *val; fd = BasicOpenFile(path, O_RDONLY); if (fd < 0) @@ -500,7 +500,7 @@ get_file_kring_value(const char *path, const char *field_name) /* TODO: we never pfree it */ val = palloc0(MAX_CONFIG_FILE_DATA_LENGTH); - if(pg_pread(fd, val, MAX_CONFIG_FILE_DATA_LENGTH, 0) == -1) + if (pg_pread(fd, val, MAX_CONFIG_FILE_DATA_LENGTH, 0) == -1) { elog(WARNING, "failed to read file %s for %s", path, field_name); pfree(val); diff --git a/contrib/pg_tde/src/catalog/tde_principal_key.c b/contrib/pg_tde/src/catalog/tde_principal_key.c index bc15702d18207..0a0aaf9bbdc50 100644 --- a/contrib/pg_tde/src/catalog/tde_principal_key.c +++ b/contrib/pg_tde/src/catalog/tde_principal_key.c @@ -41,16 +41,16 @@ #include -bool AllowInheritGlobalProviders = true; +bool AllowInheritGlobalProviders = true; #ifndef FRONTEND typedef struct TdePrincipalKeySharedState { LWLockPadded *Locks; - int hashTrancheId; + int hashTrancheId; dshash_table_handle hashHandle; - void *rawDsaArea; /* DSA area pointer */ + void *rawDsaArea; /* DSA area pointer */ } TdePrincipalKeySharedState; @@ -85,11 +85,11 @@ static TDEPrincipalKey *get_principal_key_from_cache(Oid dbOid); static void push_principal_key_to_cache(TDEPrincipalKey *principalKey); static Datum pg_tde_get_key_info(PG_FUNCTION_ARGS, Oid dbOid); static bool set_principal_key_with_keyring(const char *key_name, - const char *provider_name, - Oid providerOid, - Oid dbOid, - bool ensure_new_key); -static TDEPrincipalKey *alter_keyprovider_for_principal_key(GenericKeyring *newKeyring,Oid dbOid); + const char *provider_name, + Oid providerOid, + Oid dbOid, + bool ensure_new_key); +static TDEPrincipalKey *alter_keyprovider_for_principal_key(GenericKeyring *newKeyring, Oid dbOid); static const TDEShmemSetupRoutine principal_key_info_shmem_routine = { .init_shared_state = initialize_shared_state, @@ -228,18 +228,18 @@ update_principal_key_info(TDEPrincipalKeyInfo *principal_key_info) } bool -set_principal_key_with_keyring(const char *key_name, const char* provider_name, +set_principal_key_with_keyring(const char *key_name, const char *provider_name, Oid providerOid, Oid dbOid, bool ensure_new_key) { TDEPrincipalKey *curr_principal_key = NULL; TDEPrincipalKey *new_principal_key = NULL; LWLock *lock_files = tde_lwlock_enc_keys(); bool already_has_key = false; - GenericKeyring* new_keyring; + GenericKeyring *new_keyring; const keyInfo *keyInfo = NULL; - bool success = true; + bool success = true; - if(AllowInheritGlobalProviders == false && providerOid != dbOid) + if (AllowInheritGlobalProviders == false && providerOid != dbOid) { ereport(ERROR, (errmsg("Usage of global key providers is disabled. Enable it with pg_tde.inherit_global_providers = ON"))); @@ -264,10 +264,11 @@ set_principal_key_with_keyring(const char *key_name, const char* provider_name, if (provider_name != NULL) { new_keyring = GetKeyProviderByName(provider_name, providerOid); - } else + } + else { new_keyring = GetKeyProviderByID(curr_principal_key->keyInfo.keyringId, - curr_principal_key->keyInfo.databaseId); + curr_principal_key->keyInfo.databaseId); } if (providerOid != dbOid && new_keyring->keyring_id > 0) @@ -279,6 +280,7 @@ set_principal_key_with_keyring(const char *key_name, const char* provider_name, { KeyringReturnCodes kr_ret; keyInfo = KeyringGetKey(new_keyring, key_name, false, &kr_ret); + if (kr_ret != KEYRING_CODE_SUCCESS && kr_ret != KEYRING_CODE_RESOURCE_NOT_AVAILABLE) { ereport(ERROR, @@ -288,7 +290,7 @@ set_principal_key_with_keyring(const char *key_name, const char* provider_name, } } - if (keyInfo != NULL && ensure_new_key) + if (keyInfo !=NULL && ensure_new_key) { LWLockRelease(lock_files); @@ -318,6 +320,7 @@ set_principal_key_with_keyring(const char *key_name, const char* provider_name, strncpy(new_principal_key->keyInfo.keyId.versioned_name, key_name, TDE_KEY_NAME_LEN); gettimeofday(&new_principal_key->keyInfo.creationTime, NULL); new_principal_key->keyLength = keyInfo->data.len; + memcpy(new_principal_key->keyData, keyInfo->data.data, keyInfo->data.len); if (!already_has_key) @@ -331,10 +334,12 @@ set_principal_key_with_keyring(const char *key_name, const char* provider_name, XLogInsert(RM_TDERMGR_ID, XLOG_TDE_ADD_PRINCIPAL_KEY); push_principal_key_to_cache(new_principal_key); - } else + } + else { /* key rotation */ - bool is_rotated = pg_tde_perform_rotate_key(curr_principal_key, new_principal_key); + bool is_rotated = pg_tde_perform_rotate_key(curr_principal_key, new_principal_key); + if (is_rotated && !TDEisInGlobalSpace(curr_principal_key->keyInfo.databaseId)) { clear_principal_key_cache(curr_principal_key->keyInfo.databaseId); @@ -355,10 +360,10 @@ set_principal_key_with_keyring(const char *key_name, const char* provider_name, TDEPrincipalKey * alter_keyprovider_for_principal_key(GenericKeyring *newKeyring, Oid dbOid) { - TDEPrincipalKeyInfo *principalKeyInfo = NULL; + TDEPrincipalKeyInfo *principalKeyInfo = NULL; TDEPrincipalKey *principal_key = NULL; - LWLock *lock_files = tde_lwlock_enc_keys(); + LWLock *lock_files = tde_lwlock_enc_keys(); Assert(newKeyring != NULL); LWLockAcquire(lock_files, LW_EXCLUSIVE); @@ -367,19 +372,19 @@ alter_keyprovider_for_principal_key(GenericKeyring *newKeyring, Oid dbOid) if (principalKeyInfo == NULL) { - LWLockRelease(lock_files); - ereport(ERROR, - (errmsg("Principal key not set for the database"), - errhint("Use set_principal_key interface to set the principal key"))); + LWLockRelease(lock_files); + ereport(ERROR, + (errmsg("Principal key not set for the database"), + errhint("Use set_principal_key interface to set the principal key"))); } if (newKeyring->keyring_id == principalKeyInfo->keyringId) { - LWLockRelease(lock_files); - ereport(ERROR, - (errmsg("New key provider is same as the current key provider"))); - } - /* update the key provider in principal key info */ + LWLockRelease(lock_files); + ereport(ERROR, + (errmsg("New key provider is same as the current key provider"))); + } + /* update the key provider in principal key info */ ereport(DEBUG2, (errmsg("Changing keyprovider ID from :%d to %d", principalKeyInfo->keyringId, newKeyring->keyring_id))); @@ -388,9 +393,9 @@ alter_keyprovider_for_principal_key(GenericKeyring *newKeyring, Oid dbOid) update_principal_key_info(principalKeyInfo); - /* XLog the new key*/ + /* XLog the new key */ XLogBeginInsert(); - XLogRegisterData((char *)principalKeyInfo, sizeof(TDEPrincipalKeyInfo)); + XLogRegisterData((char *) principalKeyInfo, sizeof(TDEPrincipalKeyInfo)); XLogInsert(RM_TDERMGR_ID, XLOG_TDE_UPDATE_PRINCIPAL_KEY); /* clear the cache as well */ @@ -406,10 +411,10 @@ alter_keyprovider_for_principal_key(GenericKeyring *newKeyring, Oid dbOid) bool AlterPrincipalKeyKeyring(const char *provider_name) { - TDEPrincipalKey *principal_key = alter_keyprovider_for_principal_key(GetKeyProviderByName(provider_name, MyDatabaseId), - MyDatabaseId); + TDEPrincipalKey *principal_key = alter_keyprovider_for_principal_key(GetKeyProviderByName(provider_name, MyDatabaseId), + MyDatabaseId); - return (principal_key != NULL); + return (principal_key != NULL); } /* @@ -418,7 +423,7 @@ AlterPrincipalKeyKeyring(const char *provider_name) bool xl_tde_perform_rotate_key(XLogPrincipalKeyRotate *xlrec) { - bool ret; + bool ret; ret = pg_tde_write_map_keydata_files(xlrec->map_size, xlrec->buff, xlrec->keydata_size, &xlrec->buff[xlrec->map_size]); clear_principal_key_cache(xlrec->databaseId); @@ -435,9 +440,9 @@ GetPrincipalKeyProviderId(void) { TDEPrincipalKey *principalKey = NULL; TDEPrincipalKeyInfo *principalKeyInfo = NULL; - Oid keyringId = InvalidOid; - Oid dbOid = MyDatabaseId; - LWLock *lock_files = tde_lwlock_enc_keys(); + Oid keyringId = InvalidOid; + Oid dbOid = MyDatabaseId; + LWLock *lock_files = tde_lwlock_enc_keys(); LWLockAcquire(lock_files, LW_SHARED); @@ -506,8 +511,8 @@ static void push_principal_key_to_cache(TDEPrincipalKey *principalKey) { TDEPrincipalKey *cacheEntry = NULL; - Oid databaseId = principalKey->keyInfo.databaseId; - bool found = false; + Oid databaseId = principalKey->keyInfo.databaseId; + bool found = false; cacheEntry = dshash_find_or_insert(get_principal_key_Hash(), &databaseId, &found); @@ -580,41 +585,44 @@ Datum pg_tde_set_principal_key_internal(PG_FUNCTION_ARGS); Datum pg_tde_set_principal_key_internal(PG_FUNCTION_ARGS) { - char *principal_key_name = text_to_cstring(PG_GETARG_TEXT_PP(0)); - int is_global = PG_GETARG_INT32(1); - char *provider_name = PG_ARGISNULL(2) ? NULL : text_to_cstring(PG_GETARG_TEXT_PP(2)); - bool ensure_new_key = PG_GETARG_BOOL(3); - bool success; - Oid providerOid = MyDatabaseId; - Oid dbOid = MyDatabaseId; - + char *principal_key_name = text_to_cstring(PG_GETARG_TEXT_PP(0)); + int is_global = PG_GETARG_INT32(1); + char *provider_name = PG_ARGISNULL(2) ? NULL : text_to_cstring(PG_GETARG_TEXT_PP(2)); + bool ensure_new_key = PG_GETARG_BOOL(3); + bool success; + Oid providerOid = MyDatabaseId; + Oid dbOid = MyDatabaseId; + ereport(LOG, (errmsg("Setting principal key [%s : %s] for the database", principal_key_name, provider_name))); - - if (is_global == 1) /* using a global provider for the current database */ + + if (is_global == 1) /* using a global provider for the current + * database */ { providerOid = GLOBAL_DATA_TDE_OID; } - if (is_global == 2) /* using a globla provider for the global (wal) database */ + if (is_global == 2) /* using a globla provider for the global + * (wal) database */ { providerOid = GLOBAL_DATA_TDE_OID; dbOid = GLOBAL_DATA_TDE_OID; } success = set_principal_key_with_keyring(principal_key_name, - provider_name, - providerOid, - dbOid, - ensure_new_key); + provider_name, + providerOid, + dbOid, + ensure_new_key); PG_RETURN_BOOL(success); } PG_FUNCTION_INFO_V1(pg_tde_alter_principal_key_keyring); -Datum pg_tde_alter_principal_key_keyring(PG_FUNCTION_ARGS); +Datum pg_tde_alter_principal_key_keyring(PG_FUNCTION_ARGS); -Datum pg_tde_alter_principal_key_keyring(PG_FUNCTION_ARGS) +Datum +pg_tde_alter_principal_key_keyring(PG_FUNCTION_ARGS) { - char *provider_name = text_to_cstring(PG_GETARG_TEXT_PP(0)); - bool ret; + char *provider_name = text_to_cstring(PG_GETARG_TEXT_PP(0)); + bool ret; ereport(LOG, (errmsg("Altering principal key provider to \"%s\" for the database", provider_name))); ret = AlterPrincipalKeyKeyring(provider_name); @@ -625,8 +633,8 @@ PG_FUNCTION_INFO_V1(pg_tde_principal_key_info_internal); Datum pg_tde_principal_key_info_internal(PG_FUNCTION_ARGS) { - Oid dbOid = MyDatabaseId; - bool is_global = PG_GETARG_BOOL(0); + Oid dbOid = MyDatabaseId; + bool is_global = PG_GETARG_BOOL(0); if (is_global) { @@ -639,11 +647,11 @@ pg_tde_principal_key_info_internal(PG_FUNCTION_ARGS) static Datum pg_tde_get_key_info(PG_FUNCTION_ARGS, Oid dbOid) { - TupleDesc tupdesc; - Datum values[6]; - bool isnull[6]; - HeapTuple tuple; - Datum result; + TupleDesc tupdesc; + Datum values[6]; + bool isnull[6]; + HeapTuple tuple; + Datum result; TDEPrincipalKey *principal_key; TimestampTz ts; GenericKeyring *keyring; @@ -665,7 +673,7 @@ pg_tde_get_key_info(PG_FUNCTION_ARGS, Oid dbOid) PG_RETURN_NULL(); } - keyring = GetKeyProviderByID(principal_key->keyInfo.keyringId, principal_key->keyInfo.databaseId); + keyring = GetKeyProviderByID(principal_key->keyInfo.keyringId, principal_key->keyInfo.databaseId); /* Initialize the values and null flags */ @@ -744,17 +752,18 @@ get_principal_key_from_keyring(Oid dbOid) Assert(dbOid == principalKey->keyInfo.databaseId); #ifndef FRONTEND - /* We don't store global space key in cache */ - if (!TDEisInGlobalSpace(dbOid)) - { - push_principal_key_to_cache(principalKey); - - /* If we do store key in cache we want to return a cache reference - * rather then a palloc'ed copy. - */ - pfree(principalKey); - principalKey = get_principal_key_from_cache(dbOid); - } + /* We don't store global space key in cache */ + if (!TDEisInGlobalSpace(dbOid)) + { + push_principal_key_to_cache(principalKey); + + /* + * If we do store key in cache we want to return a cache reference + * rather then a palloc'ed copy. + */ + pfree(principalKey); + principalKey = get_principal_key_from_cache(dbOid); + } #endif if (principalKeyInfo) @@ -808,13 +817,14 @@ GetPrincipalKey(Oid dbOid, LWLockMode lockMode) #ifndef FRONTEND -void PrincipalKeyGucInit() +void +PrincipalKeyGucInit() { - DefineCustomBoolVariable("pg_tde.inherit_global_providers", /* name */ - "Allow using global key providers for databases.", /* short_desc */ + DefineCustomBoolVariable("pg_tde.inherit_global_providers", /* name */ + "Allow using global key providers for databases.", /* short_desc */ NULL, /* long_desc */ &AllowInheritGlobalProviders, /* value address */ - true, /* boot value */ + true, /* boot value */ PGC_POSTMASTER, /* context */ 0, /* flags */ NULL, /* check_hook */ @@ -823,4 +833,4 @@ void PrincipalKeyGucInit() ); } -#endif \ No newline at end of file +#endif diff --git a/contrib/pg_tde/src/common/pg_tde_shmem.c b/contrib/pg_tde/src/common/pg_tde_shmem.c index 1d0277785500c..e330c76dd90a7 100644 --- a/contrib/pg_tde/src/common/pg_tde_shmem.c +++ b/contrib/pg_tde/src/common/pg_tde_shmem.c @@ -17,24 +17,24 @@ typedef struct TdeSharedState { - LWLock *principalKeyLock; - int principalKeyHashTrancheId; - void *rawDsaArea; /* DSA area pointer to store cache hashes */ + LWLock *principalKeyLock; + int principalKeyHashTrancheId; + void *rawDsaArea; /* DSA area pointer to store cache hashes */ dshash_table_handle principalKeyHashHandle; } TdeSharedState; typedef struct TDELocalState { TdeSharedState *sharedTdeState; - dsa_area **dsa; /* local dsa area for backend attached to the + dsa_area **dsa; /* local dsa area for backend attached to the * dsa area created by postmaster at startup. */ dshash_table *principalKeySharedHash; -} TDELocalState; +} TDELocalState; static void tde_shmem_shutdown(int code, Datum arg); -List *registeredShmemRequests = NIL; -bool shmemInited = false; +List *registeredShmemRequests = NIL; +bool shmemInited = false; void RegisterShmemRequest(const TDEShmemSetupRoutine *routine) @@ -46,8 +46,8 @@ RegisterShmemRequest(const TDEShmemSetupRoutine *routine) Size TdeRequiredSharedMemorySize(void) { - Size sz = 0; - ListCell *lc; + Size sz = 0; + ListCell *lc; foreach(lc, registeredShmemRequests) { @@ -69,9 +69,9 @@ TdeRequiredLocksCount(void) void TdeShmemInit(void) { - bool found; + bool found; TdeSharedState *tdeState; - Size required_shmem_size = TdeRequiredSharedMemorySize(); + Size required_shmem_size = TdeRequiredSharedMemorySize(); LWLockAcquire(AddinShmemInitLock, LW_EXCLUSIVE); /* Create or attach to the shared memory state */ @@ -81,11 +81,11 @@ TdeShmemInit(void) if (!found) { /* First time through ... */ - char *p = (char *) tdeState; - dsa_area *dsa; - ListCell *lc; - Size used_size = 0; - Size dsa_area_size; + char *p = (char *) tdeState; + dsa_area *dsa; + ListCell *lc; + Size used_size = 0; + Size dsa_area_size; p += MAXALIGN(sizeof(TdeSharedState)); used_size += MAXALIGN(sizeof(TdeSharedState)); @@ -137,7 +137,7 @@ TdeShmemInit(void) static void tde_shmem_shutdown(int code, Datum arg) { - ListCell *lc; + ListCell *lc; foreach(lc, registeredShmemRequests) { diff --git a/contrib/pg_tde/src/common/pg_tde_utils.c b/contrib/pg_tde/src/common/pg_tde_utils.c index a41209c7e7972..cec3ab4293c0e 100644 --- a/contrib/pg_tde/src/common/pg_tde_utils.c +++ b/contrib/pg_tde/src/common/pg_tde_utils.c @@ -33,16 +33,16 @@ PG_FUNCTION_INFO_V1(pg_tde_internal_has_key); Datum pg_tde_internal_has_key(PG_FUNCTION_ARGS) { - Oid tableOid = InvalidOid; - Oid dbOid = MyDatabaseId; - TDEPrincipalKey* principalKey = NULL; - + Oid tableOid = InvalidOid; + Oid dbOid = MyDatabaseId; + TDEPrincipalKey *principalKey = NULL; + if (!PG_ARGISNULL(0)) { tableOid = PG_GETARG_OID(0); } - if(tableOid == InvalidOid) + if (tableOid == InvalidOid) { PG_RETURN_BOOL(false); } @@ -51,7 +51,7 @@ pg_tde_internal_has_key(PG_FUNCTION_ARGS) principalKey = GetPrincipalKey(dbOid, LW_SHARED); LWLockRelease(tde_lwlock_enc_keys()); - if(principalKey == NULL) + if (principalKey == NULL) { PG_RETURN_BOOL(false); } @@ -62,9 +62,9 @@ pg_tde_internal_has_key(PG_FUNCTION_ARGS) RelKeyData *rkd; if ( - #ifdef PERCONA_EXT - rel->rd_rel->relam != get_tde_table_am_oid() && - #endif +#ifdef PERCONA_EXT + rel->rd_rel->relam != get_tde_table_am_oid() && +#endif rel->rd_rel->relam != get_tde_basic_table_am_oid()) { table_close(rel, lockmode); @@ -74,7 +74,7 @@ pg_tde_internal_has_key(PG_FUNCTION_ARGS) rkd = GetSMGRRelationKey(rel->rd_locator); table_close(rel, lockmode); - + PG_RETURN_BOOL(rkd != NULL); } } @@ -85,11 +85,11 @@ pg_tde_internal_has_key(PG_FUNCTION_ARGS) List * get_all_tde_tables(void) { - Relation pg_class; + Relation pg_class; SysScanDesc scan; - HeapTuple tuple; - List *tde_tables = NIL; - Oid am_oid = get_tde_basic_table_am_oid(); + HeapTuple tuple; + List *tde_tables = NIL; + Oid am_oid = get_tde_basic_table_am_oid(); /* Open the pg_class table */ pg_class = table_open(RelationRelationId, AccessShareLock); @@ -123,8 +123,8 @@ get_all_tde_tables(void) int get_tde_tables_count(void) { - List *tde_tables = get_all_tde_tables(); - int count = list_length(tde_tables); + List *tde_tables = get_all_tde_tables(); + int count = list_length(tde_tables); list_free(tde_tables); return count; diff --git a/contrib/pg_tde/src/encryption/enc_aes.c b/contrib/pg_tde/src/encryption/enc_aes.c index 50081dbf68f91..440cbb234bbbe 100644 --- a/contrib/pg_tde/src/encryption/enc_aes.c +++ b/contrib/pg_tde/src/encryption/enc_aes.c @@ -46,12 +46,12 @@ const EVP_CIPHER *cipher = NULL; const EVP_CIPHER *cipher2 = NULL; -int cipher_block_size = 0; +int cipher_block_size = 0; void AesInit(void) { - static int initialized = 0; + static int initialized = 0; if (!initialized) { @@ -60,8 +60,8 @@ AesInit(void) cipher = EVP_aes_128_cbc(); cipher_block_size = EVP_CIPHER_block_size(cipher); - //== buffer size - cipher2 = EVP_aes_128_ecb(); + /* == buffer size */ + cipher2 = EVP_aes_128_ecb(); initialized = 1; } @@ -106,7 +106,7 @@ AesRunCtr(EVP_CIPHER_CTX **ctxPtr, int enc, const unsigned char *key, const unsi static void AesRunCbc(int enc, const unsigned char *key, const unsigned char *iv, const unsigned char *in, int in_len, unsigned char *out, int *out_len) { - int out_len_final = 0; + int out_len_final = 0; EVP_CIPHER_CTX *ctx = NULL; ctx = EVP_CIPHER_CTX_new(); diff --git a/contrib/pg_tde/src/encryption/enc_tde.c b/contrib/pg_tde/src/encryption/enc_tde.c index 53906141d5b91..f78bcd0493420 100644 --- a/contrib/pg_tde/src/encryption/enc_tde.c +++ b/contrib/pg_tde/src/encryption/enc_tde.c @@ -184,10 +184,10 @@ pg_tde_crypt(const char *iv_prefix, uint32 start_offset, const char *data, uint3 void pg_tde_crypt_tuple(HeapTuple tuple, HeapTuple out_tuple, RelKeyData *key, const char *context) { - char iv_prefix[16] = {0}; - uint32 data_len = tuple->t_len - tuple->t_data->t_hoff; - char *tup_data = (char *) tuple->t_data + tuple->t_data->t_hoff; - char *out_data = (char *) out_tuple->t_data + out_tuple->t_data->t_hoff; + char iv_prefix[16] = {0}; + uint32 data_len = tuple->t_len - tuple->t_data->t_hoff; + char *tup_data = (char *) tuple->t_data + tuple->t_data->t_hoff; + char *out_data = (char *) out_tuple->t_data + out_tuple->t_data->t_hoff; SetIVPrefix(&tuple->t_self, iv_prefix); @@ -215,12 +215,12 @@ PGTdePageAddItemExtended(RelFileLocator rel, int flags) { OffsetNumber off = PageAddItemExtended(page, item, size, offsetNumber, flags); - PageHeader phdr = (PageHeader) page; + PageHeader phdr = (PageHeader) page; unsigned long header_size = ((HeapTupleHeader) item)->t_hoff; - char iv_prefix[16] = {0,}; - char *toAddr = ((char *) phdr) + phdr->pd_upper + header_size; - char *data = item + header_size; - uint32 data_len = size - header_size; + char iv_prefix[16] = {0,}; + char *toAddr = ((char *) phdr) + phdr->pd_upper + header_size; + char *data = item + header_size; + uint32 data_len = size - header_size; /* ctid stored in item is incorrect (not set) at this point */ ItemPointerData ip; diff --git a/contrib/pg_tde/src/include/access/pg_tde_ddl.h b/contrib/pg_tde/src/include/access/pg_tde_ddl.h index ed58588f38a43..f69b8dfc1e831 100644 --- a/contrib/pg_tde/src/include/access/pg_tde_ddl.h +++ b/contrib/pg_tde/src/include/access/pg_tde_ddl.h @@ -14,4 +14,4 @@ extern void SetupTdeDDLHooks(void); -#endif /* PG_TDE_DDL_H */ +#endif /* PG_TDE_DDL_H */ diff --git a/contrib/pg_tde/src/include/access/pg_tde_slot.h b/contrib/pg_tde/src/include/access/pg_tde_slot.h index 9a8ed82368c91..efbddf46fe012 100644 --- a/contrib/pg_tde/src/include/access/pg_tde_slot.h +++ b/contrib/pg_tde/src/include/access/pg_tde_slot.h @@ -29,8 +29,8 @@ typedef struct TDEBufferHeapTupleTableSlot * reference to that buffer. (TTS_FLAG_SHOULDFREE should not be set in * such a case, since presumably base.tuple is pointing into the buffer.) */ - Buffer buffer; /* tuple's buffer, or InvalidBuffer */ - char decrypted_buffer[BLCKSZ]; + Buffer buffer; /* tuple's buffer, or InvalidBuffer */ + char decrypted_buffer[BLCKSZ]; RelKeyData *cached_relation_key; } TDEBufferHeapTupleTableSlot; @@ -47,4 +47,4 @@ extern TupleTableSlot *PGTdeExecStoreBufferHeapTuple(Relation rel, TupleTableSlot *slot, Buffer buffer); -#endif /* PG_TDE_SLOT_H */ +#endif /* PG_TDE_SLOT_H */ diff --git a/contrib/pg_tde/src/include/access/pg_tde_tdemap.h b/contrib/pg_tde/src/include/access/pg_tde_tdemap.h index bba4fba62f2a6..4c5663fe00a86 100644 --- a/contrib/pg_tde/src/include/access/pg_tde_tdemap.h +++ b/contrib/pg_tde/src/include/access/pg_tde_tdemap.h @@ -24,14 +24,14 @@ typedef struct InternalKey { - /* - * DO NOT re-arrange fields! - * Any changes should be aligned with pg_tde_read/write_one_keydata() + /* + * DO NOT re-arrange fields! Any changes should be aligned with + * pg_tde_read/write_one_keydata() */ - uint8 key[INTERNAL_KEY_LEN]; - uint32 rel_type; + uint8 key[INTERNAL_KEY_LEN]; + uint32 rel_type; - void* ctx; + void *ctx; } InternalKey; #define INTERNAL_KEY_DAT_LEN offsetof(InternalKey, ctx) @@ -45,8 +45,8 @@ typedef struct RelKeyData typedef struct XLogRelKey { - RelFileLocator rlocator; - RelKeyData relKey; + RelFileLocator rlocator; + RelKeyData relKey; TDEPrincipalKeyInfo pkInfo; } XLogRelKey; @@ -91,4 +91,4 @@ const char *tde_sprint_key(InternalKey *k); extern RelKeyData *pg_tde_put_key_into_cache(RelFileNumber rel_num, RelKeyData *key); -#endif /* PG_TDE_MAP_H */ +#endif /* PG_TDE_MAP_H */ diff --git a/contrib/pg_tde/src/include/access/pg_tde_xlog.h b/contrib/pg_tde/src/include/access/pg_tde_xlog.h index c064e0178627c..66e6c7c99ed42 100644 --- a/contrib/pg_tde/src/include/access/pg_tde_xlog.h +++ b/contrib/pg_tde/src/include/access/pg_tde_xlog.h @@ -39,5 +39,5 @@ static const RmgrData tdeheap_rmgr = { .rm_identify = tdeheap_rmgr_identify }; -#endif /* !FRONTEND */ -#endif /* PG_TDE_XLOG_H */ +#endif /* !FRONTEND */ +#endif /* PG_TDE_XLOG_H */ diff --git a/contrib/pg_tde/src/include/access/pg_tde_xlog_encrypt.h b/contrib/pg_tde/src/include/access/pg_tde_xlog_encrypt.h index 4812a9cd5a0bb..8ffc1539689db 100644 --- a/contrib/pg_tde/src/include/access/pg_tde_xlog_encrypt.h +++ b/contrib/pg_tde/src/include/access/pg_tde_xlog_encrypt.h @@ -30,6 +30,6 @@ static const XLogSmgr tde_xlog_smgr = { extern void TDEXLogSmgrInit(void); extern void XLogInitGUC(void); -#endif /* PERCONA_EXT */ +#endif /* PERCONA_EXT */ -#endif /* PG_TDE_XLOGENCRYPT_H */ +#endif /* PG_TDE_XLOGENCRYPT_H */ diff --git a/contrib/pg_tde/src/include/access/pg_tde_xlog_encrypt_fe.h b/contrib/pg_tde/src/include/access/pg_tde_xlog_encrypt_fe.h index 4717afb7fb770..dbf173b3549b8 100644 --- a/contrib/pg_tde/src/include/access/pg_tde_xlog_encrypt_fe.h +++ b/contrib/pg_tde/src/include/access/pg_tde_xlog_encrypt_fe.h @@ -26,6 +26,6 @@ TDEInitGlobalKeys(kring_dir); \ TDEXLogSmgrInit() -#endif /* PERCONA_EXT */ +#endif /* PERCONA_EXT */ #endif /* PG_TDE_XLOGENCRYPT_FE_H */ diff --git a/contrib/pg_tde/src/include/catalog/keyring_min.h b/contrib/pg_tde/src/include/catalog/keyring_min.h index 6db81f7b2debc..65264d3aa5cee 100644 --- a/contrib/pg_tde/src/include/catalog/keyring_min.h +++ b/contrib/pg_tde/src/include/catalog/keyring_min.h @@ -8,15 +8,16 @@ typedef unsigned int Oid; -#define MAX_PROVIDER_NAME_LEN 128 /* pg_tde_key_provider's provider_name size*/ -#define MAX_VAULT_V2_KEY_LEN 128 /* From hashi corp docs */ +#define MAX_PROVIDER_NAME_LEN 128 /* pg_tde_key_provider's provider_name + * size */ +#define MAX_VAULT_V2_KEY_LEN 128 /* From hashi corp docs */ #define MAX_KEYRING_OPTION_LEN 1024 typedef enum ProviderType { - UNKNOWN_KEY_PROVIDER, - FILE_KEY_PROVIDER, - VAULT_V2_KEY_PROVIDER, - KMIP_KEY_PROVIDER, + UNKNOWN_KEY_PROVIDER, + FILE_KEY_PROVIDER, + VAULT_V2_KEY_PROVIDER, + KMIP_KEY_PROVIDER, } ProviderType; #define TDE_KEY_NAME_LEN 256 @@ -25,19 +26,19 @@ typedef enum ProviderType typedef struct keyName { - char name[TDE_KEY_NAME_LEN]; + char name[TDE_KEY_NAME_LEN]; } keyName; typedef struct keyData { unsigned char data[MAX_KEY_DATA_SIZE]; - unsigned len; + unsigned len; } keyData; typedef struct keyInfo { - keyName name; - keyData data; + keyName name; + keyData data; } keyInfo; typedef enum KeyringReturnCodes @@ -55,16 +56,17 @@ typedef enum KeyringReturnCodes /* Base type for all keyring */ typedef struct GenericKeyring { - ProviderType type; /* Must be the first field */ - int keyring_id; - char provider_name[MAX_PROVIDER_NAME_LEN]; - char options[MAX_KEYRING_OPTION_LEN]; /* User provided options string*/ + ProviderType type; /* Must be the first field */ + int keyring_id; + char provider_name[MAX_PROVIDER_NAME_LEN]; + char options[MAX_KEYRING_OPTION_LEN]; /* User provided options + * string */ } GenericKeyring; typedef struct TDEKeyringRoutine { - keyInfo *(*keyring_get_key) (GenericKeyring *keyring, const char *key_name, bool throw_error, KeyringReturnCodes * returnCode); - KeyringReturnCodes(*keyring_store_key) (GenericKeyring *keyring, keyInfo *key, bool throw_error); + keyInfo *(*keyring_get_key) (GenericKeyring *keyring, const char *key_name, bool throw_error, KeyringReturnCodes *returnCode); + KeyringReturnCodes (*keyring_store_key) (GenericKeyring *keyring, keyInfo *key, bool throw_error); } TDEKeyringRoutine; /* @@ -77,26 +79,26 @@ typedef struct TDEKeyringRoutine typedef struct FileKeyring { - GenericKeyring keyring; /* Must be the first field */ - char file_name[MAXPGPATH]; + GenericKeyring keyring; /* Must be the first field */ + char file_name[MAXPGPATH]; } FileKeyring; typedef struct VaultV2Keyring { - GenericKeyring keyring; /* Must be the first field */ - char vault_token[MAX_VAULT_V2_KEY_LEN]; - char vault_url[MAXPGPATH]; - char vault_ca_path[MAXPGPATH]; - char vault_mount_path[MAXPGPATH]; + GenericKeyring keyring; /* Must be the first field */ + char vault_token[MAX_VAULT_V2_KEY_LEN]; + char vault_url[MAXPGPATH]; + char vault_ca_path[MAXPGPATH]; + char vault_mount_path[MAXPGPATH]; } VaultV2Keyring; typedef struct KmipKeyring { - GenericKeyring keyring; /* Must be the first field */ - char kmip_host[MAXPGPATH]; - char kmip_port[32]; - char kmip_ca_path[MAXPGPATH]; - char kmip_cert_path[MAXPGPATH]; + GenericKeyring keyring; /* Must be the first field */ + char kmip_host[MAXPGPATH]; + char kmip_port[32]; + char kmip_ca_path[MAXPGPATH]; + char kmip_cert_path[MAXPGPATH]; } KmipKeyring; -#endif \ No newline at end of file +#endif diff --git a/contrib/pg_tde/src/include/catalog/tde_global_space.h b/contrib/pg_tde/src/include/catalog/tde_global_space.h index 0656ef4d2d758..dbc3a0739d1fd 100644 --- a/contrib/pg_tde/src/include/catalog/tde_global_space.h +++ b/contrib/pg_tde/src/include/catalog/tde_global_space.h @@ -35,4 +35,4 @@ extern void TDEInitGlobalKeys(const char *dir); -#endif /* TDE_GLOBAL_CATALOG_H */ +#endif /* TDE_GLOBAL_CATALOG_H */ diff --git a/contrib/pg_tde/src/include/catalog/tde_keyring.h b/contrib/pg_tde/src/include/catalog/tde_keyring.h index 48d9b131a1bc8..5665489562ca0 100644 --- a/contrib/pg_tde/src/include/catalog/tde_keyring.h +++ b/contrib/pg_tde/src/include/catalog/tde_keyring.h @@ -20,15 +20,15 @@ /* This record goes into key provider info file */ typedef struct KeyringProvideRecord { - int provider_id; - char provider_name[MAX_PROVIDER_NAME_LEN]; - char options[MAX_KEYRING_OPTION_LEN]; + int provider_id; + char provider_name[MAX_PROVIDER_NAME_LEN]; + char options[MAX_KEYRING_OPTION_LEN]; ProviderType provider_type; } KeyringProvideRecord; typedef struct KeyringProviderXLRecord { - Oid database_id; - off_t offset_in_file; + Oid database_id; + off_t offset_in_file; KeyringProvideRecord provider; } KeyringProviderXLRecord; @@ -38,10 +38,10 @@ extern GenericKeyring *GetKeyProviderByID(int provider_id, Oid dbOid); extern ProviderType get_keyring_provider_from_typename(char *provider_type); extern void cleanup_key_provider_info(Oid databaseId); extern void InitializeKeyProviderInfo(void); -extern uint32 save_new_key_provider_info(KeyringProvideRecord *provider, - Oid databaseId, bool write_xlog); +extern uint32 save_new_key_provider_info(KeyringProvideRecord *provider, + Oid databaseId, bool write_xlog); extern uint32 redo_key_provider_info(KeyringProviderXLRecord *xlrec); extern bool ParseKeyringJSONOptions(ProviderType provider_type, void *out_opts, char *in_buf, int buf_len); -#endif /* TDE_KEYRING_H */ +#endif /* TDE_KEYRING_H */ diff --git a/contrib/pg_tde/src/include/catalog/tde_principal_key.h b/contrib/pg_tde/src/include/catalog/tde_principal_key.h index f9c595d02a8cb..256f9df1eb88f 100644 --- a/contrib/pg_tde/src/include/catalog/tde_principal_key.h +++ b/contrib/pg_tde/src/include/catalog/tde_principal_key.h @@ -25,15 +25,15 @@ typedef struct TDEPrincipalKeyId { - char name[PRINCIPAL_KEY_NAME_LEN]; - char versioned_name[PRINCIPAL_KEY_NAME_LEN + 4]; + char name[PRINCIPAL_KEY_NAME_LEN]; + char versioned_name[PRINCIPAL_KEY_NAME_LEN + 4]; } TDEPrincipalKeyId; typedef struct TDEPrincipalKeyInfo { - Oid databaseId; - Oid userId; - Oid keyringId; + Oid databaseId; + Oid userId; + Oid keyringId; struct timeval creationTime; TDEPrincipalKeyId keyId; } TDEPrincipalKeyInfo; @@ -42,15 +42,15 @@ typedef struct TDEPrincipalKey { TDEPrincipalKeyInfo keyInfo; unsigned char keyData[MAX_KEY_DATA_SIZE]; - uint32 keyLength; + uint32 keyLength; } TDEPrincipalKey; typedef struct XLogPrincipalKeyRotate { - Oid databaseId; - off_t map_size; - off_t keydata_size; - char buff[FLEXIBLE_ARRAY_MEMBER]; + Oid databaseId; + off_t map_size; + off_t keydata_size; + char buff[FLEXIBLE_ARRAY_MEMBER]; } XLogPrincipalKeyRotate; #define SizeoOfXLogPrincipalKeyRotate offsetof(XLogPrincipalKeyRotate, buff) @@ -74,4 +74,4 @@ extern bool xl_tde_perform_rotate_key(XLogPrincipalKeyRotate *xlrec); extern void PrincipalKeyGucInit(void); -#endif /* PG_TDE_PRINCIPAL_KEY_H */ +#endif /* PG_TDE_PRINCIPAL_KEY_H */ diff --git a/contrib/pg_tde/src/include/common/pg_tde_shmem.h b/contrib/pg_tde/src/include/common/pg_tde_shmem.h index db555bf22cb49..680e03f2776ab 100644 --- a/contrib/pg_tde/src/include/common/pg_tde_shmem.h +++ b/contrib/pg_tde/src/include/common/pg_tde_shmem.h @@ -23,7 +23,7 @@ typedef enum /* Must be the last entry in the enum */ TDE_LWLOCK_COUNT -} TDELockTypes; +} TDELockTypes; typedef struct TDEShmemSetupRoutine { @@ -34,24 +34,24 @@ typedef struct TDEShmemSetupRoutine * area acquired. The argument to the function is the start of the shared * memory address that can be used to store the shared data structures. */ - Size (*init_shared_state) (void *raw_dsa_area); + Size (*init_shared_state) (void *raw_dsa_area); /* * shmem_startup gets called at the time of postmaster shutdown */ - void (*shmem_kill) (int code, Datum arg); + void (*shmem_kill) (int code, Datum arg); /* * The callback must return the size of the shared memory acquired. */ - Size (*required_shared_mem_size) (void); + Size (*required_shared_mem_size) (void); /* * Gets called after all shared memory structures are initialized and here * you can create shared memory hash tables or any other shared objects * that needs to live in DSA area. */ - void (*init_dsa_area_objects) (dsa_area *dsa, void *raw_dsa_area); + void (*init_dsa_area_objects) (dsa_area *dsa, void *raw_dsa_area); } TDEShmemSetupRoutine; /* Interface to register the shared memory requests */ @@ -60,4 +60,4 @@ extern void TdeShmemInit(void); extern Size TdeRequiredSharedMemorySize(void); extern int TdeRequiredLocksCount(void); -#endif /* PG_TDE_SHMEM_H */ +#endif /* PG_TDE_SHMEM_H */ diff --git a/contrib/pg_tde/src/include/common/pg_tde_utils.h b/contrib/pg_tde/src/include/common/pg_tde_utils.h index 02909fada59fd..64a21de523138 100644 --- a/contrib/pg_tde/src/include/common/pg_tde_utils.h +++ b/contrib/pg_tde/src/include/common/pg_tde_utils.h @@ -17,8 +17,8 @@ extern Oid get_tde_basic_table_am_oid(void); extern Oid get_tde_table_am_oid(void); extern List *get_all_tde_tables(void); extern int get_tde_tables_count(void); -#endif /* !FRONTEND */ +#endif /* !FRONTEND */ extern void pg_tde_set_data_dir(const char *dir); -extern char* pg_tde_get_tde_data_dir(void); -#endif /* PG_TDE_UTILS_H */ +extern char *pg_tde_get_tde_data_dir(void); +#endif /* PG_TDE_UTILS_H */ diff --git a/contrib/pg_tde/src/include/encryption/enc_aes.h b/contrib/pg_tde/src/include/encryption/enc_aes.h index 5d3901e373637..882e3dba2459a 100644 --- a/contrib/pg_tde/src/include/encryption/enc_aes.h +++ b/contrib/pg_tde/src/include/encryption/enc_aes.h @@ -16,11 +16,11 @@ #define NUM_AES_BLOCKS_IN_BATCH 200 #define DATA_BYTES_PER_AES_BATCH (NUM_AES_BLOCKS_IN_BATCH * AES_BLOCK_SIZE) -void AesInit(void); +void AesInit(void); extern void Aes128EncryptedZeroBlocks(void *ctxPtr, const unsigned char *key, const char *iv_prefix, uint64_t blockNumber1, uint64_t blockNumber2, unsigned char *out); /* Only used for testing */ extern void AesEncrypt(const unsigned char *key, const unsigned char *iv, const unsigned char *in, int in_len, unsigned char *out, int *out_len); extern void AesDecrypt(const unsigned char *key, const unsigned char *iv, const unsigned char *in, int in_len, unsigned char *out, int *out_len); -#endif /* ENC_AES_H */ +#endif /* ENC_AES_H */ diff --git a/contrib/pg_tde/src/include/encryption/enc_tde.h b/contrib/pg_tde/src/include/encryption/enc_tde.h index 552888b317dfd..a5a4f3a70d2d9 100644 --- a/contrib/pg_tde/src/include/encryption/enc_tde.h +++ b/contrib/pg_tde/src/include/encryption/enc_tde.h @@ -55,4 +55,4 @@ extern OffsetNumber extern void AesEncryptKey(const TDEPrincipalKey *principal_key, Oid dbOid, RelKeyData *rel_key_data, RelKeyData **p_enc_rel_key_data, size_t *enc_key_bytes); extern void AesDecryptKey(const TDEPrincipalKey *principal_key, Oid dbOid, RelKeyData **p_rel_key_data, RelKeyData *enc_rel_key_data, size_t *key_bytes); -#endif /* ENC_TDE_H */ +#endif /* ENC_TDE_H */ diff --git a/contrib/pg_tde/src/include/keyring/keyring_api.h b/contrib/pg_tde/src/include/keyring/keyring_api.h index 25f08be29edab..1801aa8d4911a 100644 --- a/contrib/pg_tde/src/include/keyring/keyring_api.h +++ b/contrib/pg_tde/src/include/keyring/keyring_api.h @@ -15,8 +15,8 @@ extern bool RegisterKeyProvider(const TDEKeyringRoutine *routine, ProviderType type); extern KeyringReturnCodes KeyringStoreKey(GenericKeyring *keyring, keyInfo *key, bool throw_error); -extern keyInfo *KeyringGetKey(GenericKeyring *keyring, const char *key_name, bool throw_error, KeyringReturnCodes * returnCode); +extern keyInfo *KeyringGetKey(GenericKeyring *keyring, const char *key_name, bool throw_error, KeyringReturnCodes *returnCode); extern keyInfo *KeyringGenerateNewKeyAndStore(GenericKeyring *keyring, const char *key_name, unsigned key_len, bool throw_error); extern keyInfo *KeyringGenerateNewKey(const char *key_name, unsigned key_len); -#endif /* KEYRING_API_H */ +#endif /* KEYRING_API_H */ diff --git a/contrib/pg_tde/src/include/keyring/keyring_curl.h b/contrib/pg_tde/src/include/keyring/keyring_curl.h index 6eef5ada14c3e..13b4d778d0fe7 100644 --- a/contrib/pg_tde/src/include/keyring/keyring_curl.h +++ b/contrib/pg_tde/src/include/keyring/keyring_curl.h @@ -21,12 +21,12 @@ typedef struct CurlString { - char *ptr; - size_t len; + char *ptr; + size_t len; } CurlString; -extern CURL * keyringCurl; +extern CURL *keyringCurl; -bool curlSetupSession(const char *url, const char *caFile, CurlString *outStr); +bool curlSetupSession(const char *url, const char *caFile, CurlString *outStr); -#endif /* //KEYRING_CURL_H */ +#endif /* //KEYRING_CURL_H */ diff --git a/contrib/pg_tde/src/include/keyring/keyring_file.h b/contrib/pg_tde/src/include/keyring/keyring_file.h index 9945dbd7f291d..804f71d5787c3 100644 --- a/contrib/pg_tde/src/include/keyring/keyring_file.h +++ b/contrib/pg_tde/src/include/keyring/keyring_file.h @@ -14,4 +14,4 @@ extern bool InstallFileKeyring(void); -#endif /* KEYRING_FILE_H */ +#endif /* KEYRING_FILE_H */ diff --git a/contrib/pg_tde/src/include/keyring/keyring_kmip.h b/contrib/pg_tde/src/include/keyring/keyring_kmip.h index f168202cc0f08..596b17b321bc1 100644 --- a/contrib/pg_tde/src/include/keyring/keyring_kmip.h +++ b/contrib/pg_tde/src/include/keyring/keyring_kmip.h @@ -14,6 +14,6 @@ extern bool InstallKmipKeyring(void); -void kmip_ereport(bool throw_error, const char *msg, int errCode); +void kmip_ereport(bool throw_error, const char *msg, int errCode); -#endif // KEYRING_KMIP_H +#endif /* // KEYRING_KMIP_H */ diff --git a/contrib/pg_tde/src/include/keyring/keyring_vault.h b/contrib/pg_tde/src/include/keyring/keyring_vault.h index c86a963c45bef..84dc345f793d2 100644 --- a/contrib/pg_tde/src/include/keyring/keyring_vault.h +++ b/contrib/pg_tde/src/include/keyring/keyring_vault.h @@ -14,4 +14,4 @@ extern bool InstallVaultV2Keyring(void); -#endif /* KEYRING_FILE_H */ +#endif /* KEYRING_FILE_H */ diff --git a/contrib/pg_tde/src/include/pg_tde.h b/contrib/pg_tde/src/include/pg_tde.h index c8046373e017c..695d085587bb7 100644 --- a/contrib/pg_tde/src/include/pg_tde.h +++ b/contrib/pg_tde/src/include/pg_tde.h @@ -12,7 +12,7 @@ typedef struct XLogExtensionInstall { - Oid database_id; + Oid database_id; } XLogExtensionInstall; typedef void (*pg_tde_on_ext_install_callback) (int tde_tbl_count, XLogExtensionInstall *ext_info, bool redo, void *arg); @@ -22,4 +22,4 @@ extern void on_ext_install(pg_tde_on_ext_install_callback function, void *arg); extern void extension_install_redo(XLogExtensionInstall *xlrec); extern void pg_tde_init_data_dir(void); -#endif /* PG_TDE_H */ +#endif /* PG_TDE_H */ diff --git a/contrib/pg_tde/src/include/pg_tde_defines.h b/contrib/pg_tde/src/include/pg_tde_defines.h index 9aeee11a7c649..15102a1d06248 100644 --- a/contrib/pg_tde/src/include/pg_tde_defines.h +++ b/contrib/pg_tde/src/include/pg_tde_defines.h @@ -47,4 +47,4 @@ /* ---------- */ -#endif /* PG_TDE_DEFINES_H */ +#endif /* PG_TDE_DEFINES_H */ diff --git a/contrib/pg_tde/src/include/pg_tde_defs.h b/contrib/pg_tde/src/include/pg_tde_defs.h index 6d33312cbc3e5..1402c6a8fbef5 100644 --- a/contrib/pg_tde/src/include/pg_tde_defs.h +++ b/contrib/pg_tde/src/include/pg_tde_defs.h @@ -13,4 +13,4 @@ extern const char *pg_tde_package_string(void); extern const char *pg_tde_package_name(void); extern const char *pg_tde_package_version(void); -#endif /* PG_TDE_DEFS_H */ +#endif /* PG_TDE_DEFS_H */ diff --git a/contrib/pg_tde/src/include/pg_tde_event_capture.h b/contrib/pg_tde/src/include/pg_tde_event_capture.h index e3c15ff42d103..89eb2ac562a93 100644 --- a/contrib/pg_tde/src/include/pg_tde_event_capture.h +++ b/contrib/pg_tde/src/include/pg_tde_event_capture.h @@ -20,11 +20,11 @@ typedef enum TdeCreateEventType typedef struct TdeCreateEvent { TdeCreateEventType eventType; /* DDL statement type */ - bool encryptMode; /* true when the table uses encryption */ - Oid baseTableOid; /* Oid of table on which index is being + bool encryptMode; /* true when the table uses encryption */ + Oid baseTableOid; /* Oid of table on which index is being * created on. For create table statement this * contains InvalidOid */ - RangeVar *relation; /* Reference to the parsed relation from + RangeVar *relation; /* Reference to the parsed relation from * create statement */ } TdeCreateEvent; diff --git a/contrib/pg_tde/src/include/smgr/pg_tde_smgr.h b/contrib/pg_tde/src/include/smgr/pg_tde_smgr.h index 72070adf2fa3f..d56c9ac04e138 100644 --- a/contrib/pg_tde/src/include/smgr/pg_tde_smgr.h +++ b/contrib/pg_tde/src/include/smgr/pg_tde_smgr.h @@ -12,4 +12,4 @@ extern void RegisterStorageMgr(void); -#endif /* PG_TDE_SMGR_H */ +#endif /* PG_TDE_SMGR_H */ diff --git a/contrib/pg_tde/src/include/transam/pg_tde_xact_handler.h b/contrib/pg_tde/src/include/transam/pg_tde_xact_handler.h index 524f8acb53632..4cde60f71e21e 100644 --- a/contrib/pg_tde/src/include/transam/pg_tde_xact_handler.h +++ b/contrib/pg_tde/src/include/transam/pg_tde_xact_handler.h @@ -18,4 +18,4 @@ extern void pg_tde_subxact_callback(SubXactEvent event, SubTransactionId mySubid extern void RegisterEntryForDeletion(const RelFileLocator *rlocator, off_t map_entry_offset, bool atCommit); -#endif /* PG_TDE_XACT_HANDLER_H */ +#endif /* PG_TDE_XACT_HANDLER_H */ diff --git a/contrib/pg_tde/src/keyring/keyring_api.c b/contrib/pg_tde/src/keyring/keyring_api.c index 8fa56716d0d45..c9637d4bb4a11 100644 --- a/contrib/pg_tde/src/keyring/keyring_api.c +++ b/contrib/pg_tde/src/keyring/keyring_api.c @@ -23,7 +23,7 @@ typedef struct KeyProviders } KeyProviders; #ifndef FRONTEND -List *registeredKeyProviders = NIL; +List *registeredKeyProviders = NIL; #else SimplePtrList registeredKeyProviders = {NULL, NULL}; #endif @@ -33,7 +33,7 @@ static KeyProviders *find_key_provider(ProviderType type); static KeyProviders * find_key_provider(ProviderType type) { - ListCell *lc; + ListCell *lc; foreach(lc, registeredKeyProviders) { @@ -102,10 +102,10 @@ RegisterKeyProvider(const TDEKeyringRoutine *routine, ProviderType type) } keyInfo * -KeyringGetKey(GenericKeyring *keyring, const char *key_name, bool throw_error, KeyringReturnCodes * returnCode) +KeyringGetKey(GenericKeyring *keyring, const char *key_name, bool throw_error, KeyringReturnCodes *returnCode) { KeyProviders *kp = find_key_provider(keyring->type); - int ereport_level = throw_error ? ERROR : WARNING; + int ereport_level = throw_error ? ERROR : WARNING; if (kp == NULL) { @@ -121,7 +121,7 @@ KeyringReturnCodes KeyringStoreKey(GenericKeyring *keyring, keyInfo *key, bool throw_error) { KeyProviders *kp = find_key_provider(keyring->type); - int ereport_level = throw_error ? ERROR : WARNING; + int ereport_level = throw_error ? ERROR : WARNING; if (kp == NULL) { @@ -135,7 +135,7 @@ KeyringStoreKey(GenericKeyring *keyring, keyInfo *key, bool throw_error) keyInfo * KeyringGenerateNewKey(const char *key_name, unsigned key_len) { - keyInfo *key; + keyInfo *key; Assert(key_len <= 32); key = palloc(sizeof(keyInfo)); @@ -152,8 +152,8 @@ KeyringGenerateNewKey(const char *key_name, unsigned key_len) keyInfo * KeyringGenerateNewKeyAndStore(GenericKeyring *keyring, const char *key_name, unsigned key_len, bool throw_error) { - keyInfo *key = KeyringGenerateNewKey(key_name, key_len); - int ereport_level = throw_error ? ERROR : WARNING; + keyInfo *key = KeyringGenerateNewKey(key_name, key_len); + int ereport_level = throw_error ? ERROR : WARNING; if (key == NULL) { @@ -165,7 +165,7 @@ KeyringGenerateNewKeyAndStore(GenericKeyring *keyring, const char *key_name, uns { pfree(key); ereport(ereport_level, - (errmsg("Failed to store key on keyring. Please check the keyring configuration."))); + (errmsg("Failed to store key on keyring. Please check the keyring configuration."))); return NULL; } return key; diff --git a/contrib/pg_tde/src/keyring/keyring_curl.c b/contrib/pg_tde/src/keyring/keyring_curl.c index 693121711b0f7..5c2a58e76c686 100644 --- a/contrib/pg_tde/src/keyring/keyring_curl.c +++ b/contrib/pg_tde/src/keyring/keyring_curl.c @@ -14,13 +14,13 @@ #include "keyring/keyring_curl.h" #include "pg_tde_defines.h" -CURL *keyringCurl = NULL; +CURL *keyringCurl = NULL; static size_t write_func(void *ptr, size_t size, size_t nmemb, struct CurlString *s) { - size_t new_len = s->len + size * nmemb; + size_t new_len = s->len + size * nmemb; s->ptr = repalloc(s->ptr, new_len + 1); if (s->ptr == NULL) diff --git a/contrib/pg_tde/src/keyring/keyring_file.c b/contrib/pg_tde/src/keyring/keyring_file.c index 7eb73c4035e29..2dae20323eff3 100644 --- a/contrib/pg_tde/src/keyring/keyring_file.c +++ b/contrib/pg_tde/src/keyring/keyring_file.c @@ -26,7 +26,7 @@ #include #include -static keyInfo *get_key_by_name(GenericKeyring *keyring, const char *key_name, bool throw_error, KeyringReturnCodes * return_code); +static keyInfo *get_key_by_name(GenericKeyring *keyring, const char *key_name, bool throw_error, KeyringReturnCodes *return_code); static KeyringReturnCodes set_key_by_name(GenericKeyring *keyring, keyInfo *key, bool throw_error); const TDEKeyringRoutine keyringFileRoutine = { @@ -42,14 +42,14 @@ InstallFileKeyring(void) static keyInfo * -get_key_by_name(GenericKeyring *keyring, const char *key_name, bool throw_error, KeyringReturnCodes * return_code) +get_key_by_name(GenericKeyring *keyring, const char *key_name, bool throw_error, KeyringReturnCodes *return_code) { - keyInfo *key = NULL; - int fd = -1; + keyInfo *key = NULL; + int fd = -1; FileKeyring *file_keyring = (FileKeyring *) keyring; - off_t bytes_read = 0; - off_t curr_pos = 0; - int ereport_level = throw_error ? ERROR : WARNING; + off_t bytes_read = 0; + off_t curr_pos = 0; + int ereport_level = throw_error ? ERROR : WARNING; *return_code = KEYRING_CODE_SUCCESS; @@ -100,13 +100,13 @@ get_key_by_name(GenericKeyring *keyring, const char *key_name, bool throw_error, static KeyringReturnCodes set_key_by_name(GenericKeyring *keyring, keyInfo *key, bool throw_error) { - off_t bytes_written = 0; - off_t curr_pos = 0; - int fd; + off_t bytes_written = 0; + off_t curr_pos = 0; + int fd; FileKeyring *file_keyring = (FileKeyring *) keyring; keyInfo *existing_key; KeyringReturnCodes return_code = KEYRING_CODE_SUCCESS; - int ereport_level = throw_error ? ERROR : WARNING; + int ereport_level = throw_error ? ERROR : WARNING; Assert(key != NULL); /* See if the key with same name already exists */ diff --git a/contrib/pg_tde/src/keyring/keyring_kmip.c b/contrib/pg_tde/src/keyring/keyring_kmip.c index 5d9533f0ff981..aa2dd6b5281ee 100644 --- a/contrib/pg_tde/src/keyring/keyring_kmip.c +++ b/contrib/pg_tde/src/keyring/keyring_kmip.c @@ -33,230 +33,233 @@ static KeyringReturnCodes set_key_by_name(GenericKeyring *keyring, keyInfo *key, static keyInfo *get_key_by_name(GenericKeyring *keyring, const char *key_name, bool throw_error, KeyringReturnCodes *return_code); const TDEKeyringRoutine keyringKmipRoutine = { - .keyring_get_key = get_key_by_name, - .keyring_store_key = set_key_by_name}; + .keyring_get_key = get_key_by_name, +.keyring_store_key = set_key_by_name}; -bool InstallKmipKeyring(void) +bool +InstallKmipKeyring(void) { - return RegisterKeyProvider(&keyringKmipRoutine, KMIP_KEY_PROVIDER); + return RegisterKeyProvider(&keyringKmipRoutine, KMIP_KEY_PROVIDER); } typedef struct KmipCtx { - SSL_CTX *ssl; - BIO *bio; + SSL_CTX *ssl; + BIO *bio; } KmipCtx; -static bool kmipSslConnect(KmipCtx *ctx, KmipKeyring *kmip_keyring, bool throw_error) +static bool +kmipSslConnect(KmipCtx *ctx, KmipKeyring *kmip_keyring, bool throw_error) { - SSL *ssl = NULL; - ctx->ssl = SSL_CTX_new(SSLv23_method()); - - if (SSL_CTX_use_certificate_file(ctx->ssl, kmip_keyring->kmip_cert_path, SSL_FILETYPE_PEM) != 1) - { - kmip_ereport(throw_error, "SSL error: Loading the client certificate failed", 0); - SSL_CTX_free(ctx->ssl); - return false; - } - - if (SSL_CTX_use_PrivateKey_file(ctx->ssl, kmip_keyring->kmip_cert_path, SSL_FILETYPE_PEM) != 1) - { - SSL_CTX_free(ctx->ssl); - kmip_ereport(throw_error, "SSL error: Loading the client key failed", 0); - return false; - } - - if (SSL_CTX_load_verify_locations(ctx->ssl, kmip_keyring->kmip_ca_path, NULL) != 1) - { - SSL_CTX_free(ctx->ssl); - kmip_ereport(throw_error, "SSL error: Loading the CA certificate failed", 0); - return false; - } - - ctx->bio = BIO_new_ssl_connect(ctx->ssl); - if (ctx->bio == NULL) - { - SSL_CTX_free(ctx->ssl); - kmip_ereport(throw_error, "SSL error: BIO_new_ssl_connect failed", 0); - return false; - } - - BIO_get_ssl(ctx->bio, &ssl); - SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY); - BIO_set_conn_hostname(ctx->bio, kmip_keyring->kmip_host); - BIO_set_conn_port(ctx->bio, kmip_keyring->kmip_port); - if (BIO_do_connect(ctx->bio) != 1) - { - BIO_free_all(ctx->bio); - SSL_CTX_free(ctx->ssl); - kmip_ereport(throw_error, "SSL error: BIO_do_connect failed", 0); - return false; - } - - return true; + SSL *ssl = NULL; + + ctx->ssl = SSL_CTX_new(SSLv23_method()); + + if (SSL_CTX_use_certificate_file(ctx->ssl, kmip_keyring->kmip_cert_path, SSL_FILETYPE_PEM) != 1) + { + kmip_ereport(throw_error, "SSL error: Loading the client certificate failed", 0); + SSL_CTX_free(ctx->ssl); + return false; + } + + if (SSL_CTX_use_PrivateKey_file(ctx->ssl, kmip_keyring->kmip_cert_path, SSL_FILETYPE_PEM) != 1) + { + SSL_CTX_free(ctx->ssl); + kmip_ereport(throw_error, "SSL error: Loading the client key failed", 0); + return false; + } + + if (SSL_CTX_load_verify_locations(ctx->ssl, kmip_keyring->kmip_ca_path, NULL) != 1) + { + SSL_CTX_free(ctx->ssl); + kmip_ereport(throw_error, "SSL error: Loading the CA certificate failed", 0); + return false; + } + + ctx->bio = BIO_new_ssl_connect(ctx->ssl); + if (ctx->bio == NULL) + { + SSL_CTX_free(ctx->ssl); + kmip_ereport(throw_error, "SSL error: BIO_new_ssl_connect failed", 0); + return false; + } + + BIO_get_ssl(ctx->bio, &ssl); + SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY); + BIO_set_conn_hostname(ctx->bio, kmip_keyring->kmip_host); + BIO_set_conn_port(ctx->bio, kmip_keyring->kmip_port); + if (BIO_do_connect(ctx->bio) != 1) + { + BIO_free_all(ctx->bio); + SSL_CTX_free(ctx->ssl); + kmip_ereport(throw_error, "SSL error: BIO_do_connect failed", 0); + return false; + } + + return true; } static KeyringReturnCodes set_key_by_name(GenericKeyring *keyring, keyInfo *key, bool throw_error) { - KmipCtx ctx; - KmipKeyring *kmip_keyring = (KmipKeyring *)keyring; - int result; - int id_max_len = 64; - char *idp = NULL; - - Attribute a[4]; - enum cryptographic_algorithm algorithm = KMIP_CRYPTOALG_AES; - int32 length = key->data.len * 8; - int32 mask = KMIP_CRYPTOMASK_ENCRYPT | KMIP_CRYPTOMASK_DECRYPT; - Name ts; - TextString ts2 = {0, 0}; - TemplateAttribute ta = {0}; - - if (!kmipSslConnect(&ctx, kmip_keyring, throw_error)) - { - return KEYRING_CODE_INVALID_RESPONSE; - } - - for (int i = 0; i < 4; i++) - { - kmip_init_attribute(&a[i]); - } - - a[0].type = KMIP_ATTR_CRYPTOGRAPHIC_ALGORITHM; - a[0].value = &algorithm; - - a[1].type = KMIP_ATTR_CRYPTOGRAPHIC_LENGTH; - a[1].value = &length; - - a[2].type = KMIP_ATTR_CRYPTOGRAPHIC_USAGE_MASK; - a[2].value = &mask; - - ts2.value = key->name.name; - ts2.size = kmip_strnlen_s(key->name.name, 250); - ts.value = &ts2; - ts.type = KMIP_NAME_UNINTERPRETED_TEXT_STRING; - a[3].type = KMIP_ATTR_NAME; - a[3].value = &ts; - - ta.attributes = a; - ta.attribute_count = ARRAY_LENGTH(a); - - result = kmip_bio_register_symmetric_key(ctx.bio, &ta, (char *)key->data.data, key->data.len, &idp, &id_max_len); - - BIO_free_all(ctx.bio); - SSL_CTX_free(ctx.ssl); - - if (result != 0) - { - kmip_ereport(throw_error, "KMIP server reported error on register symmetric key: %i", result); - return KEYRING_CODE_INVALID_RESPONSE; - } - - return KEYRING_CODE_SUCCESS; + KmipCtx ctx; + KmipKeyring *kmip_keyring = (KmipKeyring *) keyring; + int result; + int id_max_len = 64; + char *idp = NULL; + + Attribute a[4]; + enum cryptographic_algorithm algorithm = KMIP_CRYPTOALG_AES; + int32 length = key->data.len * 8; + int32 mask = KMIP_CRYPTOMASK_ENCRYPT | KMIP_CRYPTOMASK_DECRYPT; + Name ts; + TextString ts2 = {0, 0}; + TemplateAttribute ta = {0}; + + if (!kmipSslConnect(&ctx, kmip_keyring, throw_error)) + { + return KEYRING_CODE_INVALID_RESPONSE; + } + + for (int i = 0; i < 4; i++) + { + kmip_init_attribute(&a[i]); + } + + a[0].type = KMIP_ATTR_CRYPTOGRAPHIC_ALGORITHM; + a[0].value = &algorithm; + + a[1].type = KMIP_ATTR_CRYPTOGRAPHIC_LENGTH; + a[1].value = &length; + + a[2].type = KMIP_ATTR_CRYPTOGRAPHIC_USAGE_MASK; + a[2].value = &mask; + + ts2.value = key->name.name; + ts2.size = kmip_strnlen_s(key->name.name, 250); + ts.value = &ts2; + ts.type = KMIP_NAME_UNINTERPRETED_TEXT_STRING; + a[3].type = KMIP_ATTR_NAME; + a[3].value = &ts; + + ta.attributes = a; + ta.attribute_count = ARRAY_LENGTH(a); + + result = kmip_bio_register_symmetric_key(ctx.bio, &ta, (char *) key->data.data, key->data.len, &idp, &id_max_len); + + BIO_free_all(ctx.bio); + SSL_CTX_free(ctx.ssl); + + if (result != 0) + { + kmip_ereport(throw_error, "KMIP server reported error on register symmetric key: %i", result); + return KEYRING_CODE_INVALID_RESPONSE; + } + + return KEYRING_CODE_SUCCESS; } -void * - palloc(size_t); +void *palloc(size_t); -void pfree(void *); +void pfree(void *); -static keyInfo *get_key_by_name(GenericKeyring *keyring, const char *key_name, bool throw_error, KeyringReturnCodes *return_code) +static keyInfo * +get_key_by_name(GenericKeyring *keyring, const char *key_name, bool throw_error, KeyringReturnCodes *return_code) { - keyInfo *key = NULL; - KmipKeyring *kmip_keyring = (KmipKeyring *)keyring; - char *id = 0; - KmipCtx ctx; - - *return_code = KEYRING_CODE_SUCCESS; - - if (!kmipSslConnect(&ctx, kmip_keyring, throw_error)) - { - return NULL; - } - - // 1. locate key - - { - int upto = 0; - int result; - LocateResponse locate_result; - Name ts; - TextString ts2 = {0, 0}; - Attribute a[3]; - enum object_type loctype = KMIP_OBJTYPE_SYMMETRIC_KEY; - - for (int i = 0; i < 3; i++) - { - kmip_init_attribute(&a[i]); - } - - a[0].type = KMIP_ATTR_OBJECT_TYPE; - a[0].value = &loctype; - - ts2.value = (char *)key_name; - ts2.size = kmip_strnlen_s(key_name, 250); - ts.value = &ts2; - ts.type = KMIP_NAME_UNINTERPRETED_TEXT_STRING; - a[1].type = KMIP_ATTR_NAME; - a[1].value = &ts; - - // 16 is hard coded: seems like the most vault supports? - result = kmip_bio_locate(ctx.bio, a, 2, &locate_result, 16, upto); - - if (result != 0) - { - *return_code = KEYRING_CODE_RESOURCE_NOT_AVAILABLE; - BIO_free_all(ctx.bio); - SSL_CTX_free(ctx.ssl); - return NULL; - } - - if (locate_result.ids_size == 0) - { - BIO_free_all(ctx.bio); - SSL_CTX_free(ctx.ssl); - return NULL; - } - - if (locate_result.ids_size > 1) - { - fprintf(stderr, "KMIP ERR: %li\n", locate_result.ids_size); - kmip_ereport(throw_error, "KMIP server contains multiple results for key, ignoring", 0); - *return_code = KEYRING_CODE_RESOURCE_NOT_AVAILABLE; - BIO_free_all(ctx.bio); - SSL_CTX_free(ctx.ssl); - return NULL; - } - - id = locate_result.ids[0]; - } - - // 2. get key - - key = palloc(sizeof(keyInfo)); - - { - - char *keyp = NULL; - int result = kmip_bio_get_symmetric_key(ctx.bio, id, strlen(id), &keyp, (int *)&key->data.len); - - if (result != 0) - { - kmip_ereport(throw_error, "KMIP server LOCATEd key, but GET failed with %i", result); - *return_code = KEYRING_CODE_RESOURCE_NOT_AVAILABLE; - pfree(key); - BIO_free_all(ctx.bio); - SSL_CTX_free(ctx.ssl); - return NULL; - } - - strncpy((char *)key->data.data, keyp, MAX_KEY_DATA_SIZE); - free(keyp); - } - - BIO_free_all(ctx.bio); - SSL_CTX_free(ctx.ssl); - - return key; + keyInfo *key = NULL; + KmipKeyring *kmip_keyring = (KmipKeyring *) keyring; + char *id = 0; + KmipCtx ctx; + + *return_code = KEYRING_CODE_SUCCESS; + + if (!kmipSslConnect(&ctx, kmip_keyring, throw_error)) + { + return NULL; + } + + /* 1. locate key */ + + { + int upto = 0; + int result; + LocateResponse locate_result; + Name ts; + TextString ts2 = {0, 0}; + Attribute a[3]; + enum object_type loctype = KMIP_OBJTYPE_SYMMETRIC_KEY; + + for (int i = 0; i < 3; i++) + { + kmip_init_attribute(&a[i]); + } + + a[0].type = KMIP_ATTR_OBJECT_TYPE; + a[0].value = &loctype; + + ts2.value = (char *) key_name; + ts2.size = kmip_strnlen_s(key_name, 250); + ts.value = &ts2; + ts.type = KMIP_NAME_UNINTERPRETED_TEXT_STRING; + a[1].type = KMIP_ATTR_NAME; + a[1].value = &ts; + + /* 16 is hard coded: seems like the most vault supports? */ + result = kmip_bio_locate(ctx.bio, a, 2, &locate_result, 16, upto); + + if (result != 0) + { + *return_code = KEYRING_CODE_RESOURCE_NOT_AVAILABLE; + BIO_free_all(ctx.bio); + SSL_CTX_free(ctx.ssl); + return NULL; + } + + if (locate_result.ids_size == 0) + { + BIO_free_all(ctx.bio); + SSL_CTX_free(ctx.ssl); + return NULL; + } + + if (locate_result.ids_size > 1) + { + fprintf(stderr, "KMIP ERR: %li\n", locate_result.ids_size); + kmip_ereport(throw_error, "KMIP server contains multiple results for key, ignoring", 0); + *return_code = KEYRING_CODE_RESOURCE_NOT_AVAILABLE; + BIO_free_all(ctx.bio); + SSL_CTX_free(ctx.ssl); + return NULL; + } + + id = locate_result.ids[0]; + } + + /* 2. get key */ + + key = palloc(sizeof(keyInfo)); + + { + + char *keyp = NULL; + int result = kmip_bio_get_symmetric_key(ctx.bio, id, strlen(id), &keyp, (int *) &key->data.len); + + if (result != 0) + { + kmip_ereport(throw_error, "KMIP server LOCATEd key, but GET failed with %i", result); + *return_code = KEYRING_CODE_RESOURCE_NOT_AVAILABLE; + pfree(key); + BIO_free_all(ctx.bio); + SSL_CTX_free(ctx.ssl); + return NULL; + } + + strncpy((char *) key->data.data, keyp, MAX_KEY_DATA_SIZE); + free(keyp); + } + + BIO_free_all(ctx.bio); + SSL_CTX_free(ctx.ssl); + + return key; } diff --git a/contrib/pg_tde/src/keyring/keyring_kmip_ereport.c b/contrib/pg_tde/src/keyring/keyring_kmip_ereport.c index d05d79b7d0ed4..3d8a080c07d26 100644 --- a/contrib/pg_tde/src/keyring/keyring_kmip_ereport.c +++ b/contrib/pg_tde/src/keyring/keyring_kmip_ereport.c @@ -7,19 +7,21 @@ #include "pg_tde_fe.h" #endif -void kmip_ereport(bool throw_error, const char *msg, int errCode) +void +kmip_ereport(bool throw_error, const char *msg, int errCode) { - int ereport_level = throw_error ? ERROR : WARNING; - if (errCode != 0) - { - ereport(ereport_level, (errmsg(msg, errCode))); - } - else - { - #pragma GCC diagnostic push - #pragma GCC diagnostic ignored "-Wformat-security" - // TODO: how to do this properly? - elog(ereport_level, (msg)); - #pragma GCC diagnostic pop - } -} \ No newline at end of file + int ereport_level = throw_error ? ERROR : WARNING; + + if (errCode != 0) + { + ereport(ereport_level, (errmsg(msg, errCode))); + } + else + { +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wformat-security" + /* TODO: how to do this properly? */ + elog(ereport_level, (msg)); +#pragma GCC diagnostic pop + } +} diff --git a/contrib/pg_tde/src/keyring/keyring_vault.c b/contrib/pg_tde/src/keyring/keyring_vault.c index 6fe54408679fa..9951953cdf9d6 100644 --- a/contrib/pg_tde/src/keyring/keyring_vault.c +++ b/contrib/pg_tde/src/keyring/keyring_vault.c @@ -69,7 +69,7 @@ static char *get_keyring_vault_url(VaultV2Keyring *keyring, const char *key_name static bool curl_perform(VaultV2Keyring *keyring, const char *url, CurlString *outStr, long *httpCode, const char *postData); static KeyringReturnCodes set_key_by_name(GenericKeyring *keyring, keyInfo *key, bool throw_error); -static keyInfo *get_key_by_name(GenericKeyring *keyring, const char *key_name, bool throw_error, KeyringReturnCodes * return_code); +static keyInfo *get_key_by_name(GenericKeyring *keyring, const char *key_name, bool throw_error, KeyringReturnCodes *return_code); const TDEKeyringRoutine keyringVaultV2Routine = { .keyring_get_key = get_key_by_name, @@ -88,7 +88,7 @@ curl_setup_token(VaultV2Keyring *keyring) { if (curlList == NULL) { - char tokenHeader[256]; + char tokenHeader[256]; strcpy(tokenHeader, "X-Vault-Token:"); strcat(tokenHeader, keyring->vault_token); @@ -170,13 +170,13 @@ static KeyringReturnCodes set_key_by_name(GenericKeyring *keyring, keyInfo *key, bool throw_error) { VaultV2Keyring *vault_keyring = (VaultV2Keyring *) keyring; - char url[VAULT_URL_MAX_LEN]; - CurlString str; - long httpCode = 0; - char jsonText[512]; + char url[VAULT_URL_MAX_LEN]; + CurlString str; + long httpCode = 0; + char jsonText[512]; char keyData[64]; - int keyLen = 0; - int ereport_level = throw_error ? ERROR : WARNING; + int keyLen = 0; + int ereport_level = throw_error ? ERROR : WARNING; Assert(key != NULL); @@ -186,7 +186,7 @@ set_key_by_name(GenericKeyring *keyring, keyInfo *key, bool throw_error) */ /* Simpler than using the limited pg json api */ keyLen = pg_b64_encode((char *) key->data.data, key->data.len, keyData, 64); - keyData[keyLen] = 0; + keyData[ keyLen] = 0; snprintf(jsonText, 512, "{\"data\":{\"key\":\"%s\"}}", keyData); @@ -218,17 +218,17 @@ set_key_by_name(GenericKeyring *keyring, keyInfo *key, bool throw_error) } static keyInfo * -get_key_by_name(GenericKeyring *keyring, const char *key_name, bool throw_error, KeyringReturnCodes * return_code) +get_key_by_name(GenericKeyring *keyring, const char *key_name, bool throw_error, KeyringReturnCodes *return_code) { VaultV2Keyring *vault_keyring = (VaultV2Keyring *) keyring; - keyInfo *key = NULL; - char url[VAULT_URL_MAX_LEN]; - CurlString str; - long httpCode = 0; + keyInfo *key = NULL; + char url[VAULT_URL_MAX_LEN]; + CurlString str; + long httpCode = 0; JsonParseErrorType json_error; JsonLexContext *jlex = NULL; JsonVaultRespState parse; - int ereport_level = throw_error ? ERROR : WARNING; + int ereport_level = throw_error ? ERROR : WARNING; const char *responseKey; @@ -391,7 +391,7 @@ json_resp_scalar(void *state, char *token, JsonTokenType tokentype) parse->field = JRESP_F_UNUSED; break; default: - // NOP + /* NOP */ break; } return JSON_SUCCESS; diff --git a/contrib/pg_tde/src/pg_tde.c b/contrib/pg_tde/src/pg_tde.c index 419d36dc74e5a..60cf02aece6b8 100644 --- a/contrib/pg_tde/src/pg_tde.c +++ b/contrib/pg_tde/src/pg_tde.c @@ -49,15 +49,15 @@ PG_MODULE_MAGIC; struct OnExtInstall { pg_tde_on_ext_install_callback function; - void *arg; + void *arg; }; static struct OnExtInstall on_ext_install_list[MAX_ON_INSTALLS]; static int on_ext_install_index = 0; static void run_extension_install_callbacks(XLogExtensionInstall *xlrec, bool redo); -void _PG_init(void); -Datum pg_tde_extension_initialize(PG_FUNCTION_ARGS); -Datum pg_tde_version(PG_FUNCTION_ARGS); +void _PG_init(void); +Datum pg_tde_extension_initialize(PG_FUNCTION_ARGS); +Datum pg_tde_version(PG_FUNCTION_ARGS); static shmem_startup_hook_type prev_shmem_startup_hook = NULL; static shmem_request_hook_type prev_shmem_request_hook = NULL; @@ -116,7 +116,7 @@ _PG_init(void) #ifdef PERCONA_EXT XLogInitGUC(); #endif - + PrincipalKeyGucInit(); prev_shmem_request_hook = shmem_request_hook; shmem_request_hook = tde_shmem_request; @@ -193,7 +193,7 @@ pg_tde_init_data_dir(void) if (MakePGDirectory(PG_TDE_DATA_DIR) < 0) ereport(ERROR, (errcode_for_file_access(), - errmsg("could not create tde directory \"%s\": %m", + errmsg("could not create tde directory \"%s\": %m", PG_TDE_DATA_DIR))); } } @@ -205,8 +205,8 @@ pg_tde_init_data_dir(void) static void run_extension_install_callbacks(XLogExtensionInstall *xlrec, bool redo) { - int i; - int tde_table_count = 0; + int i; + int tde_table_count = 0; /* * Get the number of tde tables in this database should always be zero. diff --git a/contrib/pg_tde/src/pg_tde_event_capture.c b/contrib/pg_tde/src/pg_tde_event_capture.c index 1a7518f5d487d..76f1e67004f2b 100644 --- a/contrib/pg_tde/src/pg_tde_event_capture.c +++ b/contrib/pg_tde/src/pg_tde_event_capture.c @@ -136,8 +136,9 @@ pg_tde_ddl_command_start_capture(PG_FUNCTION_ARGS) foreach(lcmd, stmt->cmds) { AlterTableCmd *cmd = (AlterTableCmd *) lfirst(lcmd); - if (cmd->subtype == AT_SetAccessMethod && - ((cmd->name != NULL && strcmp(cmd->name, "tde_heap")==0) || + + if (cmd->subtype == AT_SetAccessMethod && + ((cmd->name != NULL && strcmp(cmd->name, "tde_heap") == 0) || (cmd->name == NULL && strcmp(default_table_access_method, "tde_heap") == 0)) ) { @@ -149,9 +150,10 @@ pg_tde_ddl_command_start_capture(PG_FUNCTION_ARGS) if (tdeCurrentCreateEvent.encryptMode) { - TDEPrincipalKey * principal_key; - Oid relationId = RangeVarGetRelid(stmt->relation, NoLock, true); + TDEPrincipalKey *principal_key; + Oid relationId = RangeVarGetRelid(stmt->relation, NoLock, true); Relation rel = table_open(relationId, lockmode); + table_close(rel, lockmode); LWLockAcquire(tde_lwlock_enc_keys(), LW_SHARED); diff --git a/contrib/pg_tde/src/smgr/pg_tde_smgr.c b/contrib/pg_tde/src/smgr/pg_tde_smgr.c index 357467dc194b0..3d06ddb818a4f 100644 --- a/contrib/pg_tde/src/smgr/pg_tde_smgr.c +++ b/contrib/pg_tde/src/smgr/pg_tde_smgr.c @@ -19,14 +19,14 @@ typedef struct TDESMgrRelationData * for md.c; per-fork arrays of the number of open segments * (md_num_open_segs) and the segments themselves (md_seg_fds). */ - int md_num_open_segs[MAX_FORKNUM + 1]; + int md_num_open_segs[MAX_FORKNUM + 1]; struct _MdfdVec *md_seg_fds[MAX_FORKNUM + 1]; - bool encrypted_relation; - RelKeyData relKey; -} TDESMgrRelationData; + bool encrypted_relation; + RelKeyData relKey; +} TDESMgrRelationData; -typedef TDESMgrRelationData * TDESMgrRelation; +typedef TDESMgrRelationData *TDESMgrRelation; /* * we only encrypt main and init forks @@ -38,7 +38,7 @@ tde_is_encryption_required(TDESMgrRelation tdereln, ForkNumber forknum) } static RelKeyData * -tde_smgr_get_key(SMgrRelation reln, RelFileLocator* old_locator, bool can_create) +tde_smgr_get_key(SMgrRelation reln, RelFileLocator *old_locator, bool can_create) { TdeCreateEvent *event; RelKeyData *rkd; @@ -86,12 +86,13 @@ tde_smgr_get_key(SMgrRelation reln, RelFileLocator* old_locator, bool can_create } /* check if we had a key for the old locator, if there's one */ - if(old_locator != NULL && can_create) + if (old_locator != NULL && can_create) { RelKeyData *rkd2 = GetSMGRRelationKey(*old_locator); - if(rkd2!=NULL) + + if (rkd2 != NULL) { - // create a new key for the new file + /* create a new key for the new file */ return pg_tde_create_key_map_entry(&reln->smgr_rlocator.locator, TDE_KEY_TYPE_SMGR); } } @@ -112,9 +113,9 @@ tde_mdwritev(SMgrRelation reln, ForkNumber forknum, BlockNumber blocknum, } else { - unsigned char *local_blocks = palloc(BLCKSZ * (nblocks + 1)); - unsigned char *local_blocks_aligned = (unsigned char *) TYPEALIGN(PG_IO_ALIGN_SIZE, local_blocks); - void **local_buffers = palloc(sizeof(void *) * nblocks); + unsigned char *local_blocks = palloc(BLCKSZ * (nblocks + 1)); + unsigned char *local_blocks_aligned = (unsigned char *) TYPEALIGN(PG_IO_ALIGN_SIZE, local_blocks); + void **local_buffers = palloc(sizeof(void *) * nblocks); AesInit(); @@ -126,14 +127,14 @@ tde_mdwritev(SMgrRelation reln, ForkNumber forknum, BlockNumber blocknum, local_buffers[i] = &local_blocks_aligned[i * BLCKSZ]; - + memcpy(iv + 4, &bn, sizeof(BlockNumber)); AesEncrypt(rkd->internal_key.key, iv, ((unsigned char **) buffers)[i], BLCKSZ, local_buffers[i], &out_len); } mdwritev(reln, forknum, blocknum, - (const void**) local_buffers, nblocks, skipFsync); + (const void **) local_buffers, nblocks, skipFsync); pfree(local_blocks); pfree(local_buffers); @@ -155,7 +156,7 @@ tde_mdextend(SMgrRelation reln, ForkNumber forknum, BlockNumber blocknum, { unsigned char *local_blocks = palloc(BLCKSZ * (1 + 1)); unsigned char *local_blocks_aligned = (unsigned char *) TYPEALIGN(PG_IO_ALIGN_SIZE, local_blocks); - int out_len = BLCKSZ; + int out_len = BLCKSZ; unsigned char iv[16] = { 0, }; @@ -175,7 +176,7 @@ static void tde_mdreadv(SMgrRelation reln, ForkNumber forknum, BlockNumber blocknum, void **buffers, BlockNumber nblocks) { - int out_len = BLCKSZ; + int out_len = BLCKSZ; TDESMgrRelation tdereln = (TDESMgrRelation) reln; RelKeyData *rkd = &tdereln->relKey; @@ -228,6 +229,7 @@ tde_mdcreate(RelFileLocator relold, SMgrRelation reln, ForkNumber forknum, bool { TDESMgrRelation tdereln = (TDESMgrRelation) reln; RelKeyData *key; + /* * This is the only function that gets called during actual CREATE * TABLE/INDEX (EVENT TRIGGER) diff --git a/contrib/pg_tde/src/transam/pg_tde_xact_handler.c b/contrib/pg_tde/src/transam/pg_tde_xact_handler.c index 0f9d680555eee..2d940ecd0d43b 100644 --- a/contrib/pg_tde/src/transam/pg_tde_xact_handler.c +++ b/contrib/pg_tde/src/transam/pg_tde_xact_handler.c @@ -20,10 +20,10 @@ typedef struct PendingMapEntryDelete { - off_t map_entry_offset; /* map entry offset */ + off_t map_entry_offset; /* map entry offset */ RelFileLocator rlocator; /* main for use as relation OID */ - bool atCommit; /* T=delete at commit; F=delete at abort */ - int nestLevel; /* xact nesting level of request */ + bool atCommit; /* T=delete at commit; F=delete at abort */ + int nestLevel; /* xact nesting level of request */ struct PendingMapEntryDelete *next; /* linked-list link */ } PendingMapEntryDelete; @@ -103,18 +103,18 @@ do_pending_deletes(bool isCommit) PendingMapEntryDelete *prev; PendingMapEntryDelete *next; - LWLockAcquire(tde_lwlock_enc_keys(), LW_EXCLUSIVE); + LWLockAcquire(tde_lwlock_enc_keys(), LW_EXCLUSIVE); - prev = NULL; - for (pending = pendingDeletes; pending != NULL; pending = next) - { - next = pending->next; - if (pending->nestLevel != nestLevel) - { - /* outer-level entries should not be processed yet */ - prev = pending; - continue; - } + prev = NULL; + for (pending = pendingDeletes; pending != NULL; pending = next) + { + next = pending->next; + if (pending->nestLevel != nestLevel) + { + /* outer-level entries should not be processed yet */ + prev = pending; + continue; + } /* unlink list entry first, so we don't retry on failure */ if (prev) @@ -132,9 +132,9 @@ do_pending_deletes(bool isCommit) pfree(pending); /* prev does not change */ - } + } - LWLockRelease(tde_lwlock_enc_keys()); + LWLockRelease(tde_lwlock_enc_keys()); } diff --git a/src/backend/access/gist/gistscan.c b/src/backend/access/gist/gistscan.c index e05801e2f5bf1..89b12edd4edbb 100644 --- a/src/backend/access/gist/gistscan.c +++ b/src/backend/access/gist/gistscan.c @@ -251,7 +251,7 @@ gistrescan(IndexScanDesc scan, ScanKey key, int nkeys, for (i = 0; i < scan->numberOfKeys; i++) { - ScanKey skey = scan->keyData + i; + ScanKey skey = scan->keyData +i; /* * Copy consistent support function to ScanKey structure instead diff --git a/src/backend/access/heap/heapam_handler.c b/src/backend/access/heap/heapam_handler.c index 25174a3495b16..87ec4a367fa8f 100644 --- a/src/backend/access/heap/heapam_handler.c +++ b/src/backend/access/heap/heapam_handler.c @@ -587,7 +587,7 @@ heapam_relation_set_new_filelocator(Relation rel, SMgrRelation srel; RelFileLocator oldlocator = rel->rd_locator; - + /* * Initialize to the minimum XID that could put tuples in the table. We * know that no xacts older than RecentXmin are still running, so that diff --git a/src/backend/access/index/genam.c b/src/backend/access/index/genam.c index b123acc5a6091..d92fe6cfe0710 100644 --- a/src/backend/access/index/genam.c +++ b/src/backend/access/index/genam.c @@ -143,7 +143,7 @@ RelationGetIndexScan(Relation indexRelation, int nkeys, int norderbys) void IndexScanEnd(IndexScanDesc scan) { - if (scan->keyData != NULL) + if (scan->keyData !=NULL) pfree(scan->keyData); if (scan->orderByData != NULL) pfree(scan->orderByData); diff --git a/src/backend/access/nbtree/nbtree.c b/src/backend/access/nbtree/nbtree.c index 59155a7bea69d..04241660fa8a7 100644 --- a/src/backend/access/nbtree/nbtree.c +++ b/src/backend/access/nbtree/nbtree.c @@ -433,7 +433,7 @@ btendscan(IndexScanDesc scan) /* No need to invalidate positions, the RAM is about to be freed. */ /* Release storage */ - if (so->keyData != NULL) + if (so->keyData !=NULL) pfree(so->keyData); /* so->arrayKeys and so->orderProcs are in arrayContext */ if (so->arrayContext != NULL) diff --git a/src/backend/access/nbtree/nbtutils.c b/src/backend/access/nbtree/nbtutils.c index 8d047d8873f7d..6c0aaba3b9b77 100644 --- a/src/backend/access/nbtree/nbtutils.c +++ b/src/backend/access/nbtree/nbtutils.c @@ -566,7 +566,7 @@ _bt_preprocess_array_keys_final(IndexScanDesc scan, int *keyDataMap) for (int output_ikey = 0; output_ikey < so->numberOfKeys; output_ikey++) { - ScanKey outkey = so->keyData + output_ikey; + ScanKey outkey = so->keyData +output_ikey; int input_ikey; bool found PG_USED_FOR_ASSERTS_ONLY = false; @@ -1471,7 +1471,7 @@ _bt_rewind_nonrequired_arrays(IndexScanDesc scan, ScanDirection dir) for (int ikey = 0; ikey < so->numberOfKeys; ikey++) { - ScanKey cur = so->keyData + ikey; + ScanKey cur = so->keyData +ikey; BTArrayKeyInfo *array = NULL; int first_elem_dir; @@ -1557,7 +1557,7 @@ _bt_tuple_before_array_skeys(IndexScanDesc scan, ScanDirection dir, for (int ikey = sktrig; ikey < so->numberOfKeys; ikey++) { - ScanKey cur = so->keyData + ikey; + ScanKey cur = so->keyData +ikey; Datum tupdatum; bool tupnull; int32 result; @@ -1833,7 +1833,7 @@ _bt_advance_array_keys(IndexScanDesc scan, BTReadPageState *pstate, for (int ikey = 0; ikey < so->numberOfKeys; ikey++) { - ScanKey cur = so->keyData + ikey; + ScanKey cur = so->keyData +ikey; BTArrayKeyInfo *array = NULL; Datum tupdatum; bool required = false, @@ -3006,7 +3006,7 @@ _bt_verify_arrays_bt_first(IndexScanDesc scan, ScanDirection dir) for (int ikey = 0; ikey < so->numberOfKeys; ikey++) { - ScanKey cur = so->keyData + ikey; + ScanKey cur = so->keyData +ikey; BTArrayKeyInfo *array = NULL; int first_elem_dir; @@ -3048,7 +3048,7 @@ _bt_verify_keys_with_arraykeys(IndexScanDesc scan) for (int ikey = 0; ikey < so->numberOfKeys; ikey++) { - ScanKey cur = so->keyData + ikey; + ScanKey cur = so->keyData +ikey; BTArrayKeyInfo *array; if (cur->sk_strategy != BTEqualStrategyNumber || @@ -3686,7 +3686,7 @@ _bt_check_compare(IndexScanDesc scan, ScanDirection dir, for (; *ikey < so->numberOfKeys; (*ikey)++) { - ScanKey key = so->keyData + *ikey; + ScanKey key = so->keyData +*ikey; Datum datum; bool isNull; bool requiredSameDir = false, diff --git a/src/backend/access/table/tableam.c b/src/backend/access/table/tableam.c index 9242fd58dddf4..00c2230115458 100644 --- a/src/backend/access/table/tableam.c +++ b/src/backend/access/table/tableam.c @@ -763,4 +763,4 @@ Oid get_tde_table_am_oid(void) { return get_table_am_oid("tde_heap", false); -} \ No newline at end of file +} diff --git a/src/backend/access/transam/xlogreader.c b/src/backend/access/transam/xlogreader.c index 8a9555443d237..6a7e879c99aaf 100644 --- a/src/backend/access/transam/xlogreader.c +++ b/src/backend/access/transam/xlogreader.c @@ -64,16 +64,16 @@ static void WALOpenSegmentInit(WALOpenSegment *seg, WALSegmentContext *segcxt, */ #define DEFAULT_DECODE_BUFFER_SIZE (64 * 1024) -/* +/* * XLog storage manager * * TODO: should be in xlog.c or new xlog_smgr.c ? * Now it's here because pg_rewind and other tools compile only - * w/ xlogreader.c + * w/ xlogreader.c */ const XLogSmgr *xlog_smgr = &xlog_smgr_standard; -void +void SetXLogSmgr(const XLogSmgr *xlsmgr) { xlog_smgr = xlsmgr; diff --git a/src/backend/storage/buffer/bufmgr.c b/src/backend/storage/buffer/bufmgr.c index 120e00f4e1760..6c7792f08c92b 100644 --- a/src/backend/storage/buffer/bufmgr.c +++ b/src/backend/storage/buffer/bufmgr.c @@ -4799,7 +4799,7 @@ CreateAndCopyRelationData(RelFileLocator src_rlocator, { if (smgrexists(src_rel, forkNum)) { - // TODO: for sure? + /* TODO: for sure? */ smgrcreate(src_rel->smgr_rlocator.locator, dst_rel, forkNum, false); /* diff --git a/src/backend/storage/smgr/md.c b/src/backend/storage/smgr/md.c index 1608fa8c1245a..328cba4c0dd59 100644 --- a/src/backend/storage/smgr/md.c +++ b/src/backend/storage/smgr/md.c @@ -84,12 +84,13 @@ typedef struct _MdfdVec } MdfdVec; static MemoryContext MdCxt; /* context for all MdfdVec objects */ -SMgrId MdSMgrId; +SMgrId MdSMgrId; typedef struct MdSMgrRelationData { /* parent data */ SMgrRelationData reln; + /* * for md.c; per-fork arrays of the number of open segments * (md_num_open_segs) and the segments themselves (md_seg_fds). @@ -133,10 +134,11 @@ typedef MdSMgrRelationData *MdSMgrRelation; #define EXTENSION_DONT_OPEN (1 << 5) -void mdsmgr_register(void) +void +mdsmgr_register(void) { /* magnetic disk */ - f_smgr md_smgr = (f_smgr) { + f_smgr md_smgr = (f_smgr) { .name = MdSMgrName, .smgr_init = mdinit, .smgr_shutdown = NULL, @@ -237,7 +239,8 @@ mdcreate(RelFileLocator relold, SMgrRelation reln, ForkNumber forknum, bool isRe char *path; File fd; MdSMgrRelation mdreln = (MdSMgrRelation) reln; - // Assert(reln->smgr_which == MdSMgrId); + + /* Assert(reln->smgr_which == MdSMgrId); */ if (isRedo && mdreln->md_num_open_segs[forknum] > 0) return; /* created and opened already... */ @@ -728,6 +731,7 @@ void mdopen(SMgrRelation reln) { MdSMgrRelation mdreln = (MdSMgrRelation) reln; + /* mark it not open */ for (int forknum = 0; forknum <= MAX_FORKNUM; forknum++) mdreln->md_num_open_segs[forknum] = 0; @@ -1086,6 +1090,7 @@ mdwriteback(SMgrRelation reln, ForkNumber forknum, BlockNumber blocknum, BlockNumber nblocks) { MdSMgrRelation mdreln = (MdSMgrRelation) reln; + Assert((io_direct_flags & IO_DIRECT_DATA) == 0); /* diff --git a/src/backend/storage/smgr/smgr.c b/src/backend/storage/smgr/smgr.c index 3f6417c1f18b4..86e664eca2bfd 100644 --- a/src/backend/storage/smgr/smgr.c +++ b/src/backend/storage/smgr/smgr.c @@ -66,12 +66,12 @@ static f_smgr *smgrsw; -static int NSmgr = 0; +static int NSmgr = 0; static Size LargestSMgrRelationSize = 0; -char *storage_manager_string; -SMgrId storage_manager_id; +char *storage_manager_string; +SMgrId storage_manager_id; /* * Each backend has a hashtable that stores all extant SMgrRelation objects. @@ -88,7 +88,7 @@ static void smgrdestroy(SMgrRelation reln); SMgrId smgr_register(const f_smgr *smgr, Size smgrrelation_size) { - SMgrId my_id; + SMgrId my_id; MemoryContext old; if (process_shared_preload_libraries_done) @@ -202,6 +202,7 @@ smgropen(RelFileLocator rlocator, ProcNumber backend) { /* First time through: initialize the hash table */ HASHCTL ctl; + LargestSMgrRelationSize = MAXALIGN(LargestSMgrRelationSize); Assert(NSmgr > 0); diff --git a/src/backend/utils/adt/jsonb_gin.c b/src/backend/utils/adt/jsonb_gin.c index b03d94f82b8e2..41a7cba65e876 100644 --- a/src/backend/utils/adt/jsonb_gin.c +++ b/src/backend/utils/adt/jsonb_gin.c @@ -117,7 +117,7 @@ struct JsonPathGinNode typedef struct JsonPathGinPathItem { struct JsonPathGinPathItem *parent; - Datum keyName; /* key name (for '.key' path item) or NULL */ + Datum keyName; /* key name (for '.key' path item) or NULL */ JsonPathItemType type; /* type of jsonpath item */ } JsonPathGinPathItem; @@ -278,7 +278,7 @@ static bool jsonb_ops__add_path_item(JsonPathGinPath *path, JsonPathItem *jsp) { JsonPathGinPathItem *pentry; - Datum keyName; + Datum keyName; switch (jsp->type) { @@ -292,6 +292,7 @@ jsonb_ops__add_path_item(JsonPathGinPath *path, JsonPathItem *jsp) char *key = jspGetString(jsp, &len); keyName = make_text_key(JGINFLAG_KEY, key, len); + break; } @@ -300,6 +301,7 @@ jsonb_ops__add_path_item(JsonPathGinPath *path, JsonPathItem *jsp) case jpiAnyArray: case jpiIndexArray: keyName = PointerGetDatum(NULL); + break; default: @@ -311,6 +313,7 @@ jsonb_ops__add_path_item(JsonPathGinPath *path, JsonPathItem *jsp) pentry->type = jsp->type; pentry->keyName = keyName; + pentry->parent = path->items; path->items = pentry; diff --git a/src/backend/utils/misc/percona.c b/src/backend/utils/misc/percona.c index 7d65209bc609a..a202dc9d99e92 100644 --- a/src/backend/utils/misc/percona.c +++ b/src/backend/utils/misc/percona.c @@ -12,4 +12,4 @@ #include "postgres.h" #include "utils/percona.h" -const int percona_api_version = PERCONA_API_VERSION; +const int percona_api_version = PERCONA_API_VERSION; diff --git a/src/bin/pg_waldump/pg_waldump.c b/src/bin/pg_waldump/pg_waldump.c index ff3ca091e567b..7350e131e8c65 100644 --- a/src/bin/pg_waldump/pg_waldump.c +++ b/src/bin/pg_waldump/pg_waldump.c @@ -765,34 +765,34 @@ usage(void) printf(_(" %s [OPTION]... [STARTSEG [ENDSEG]]\n"), progname); printf(_("\nOptions:\n")); printf(_(" -b, --bkp-details output detailed information about backup blocks\n")); - printf(_(" -B, --block=N with --relation, only show records that modify block N\n")); - printf(_(" -e, --end=RECPTR stop reading at WAL location RECPTR\n")); - printf(_(" -f, --follow keep retrying after reaching end of WAL\n")); - printf(_(" -F, --fork=FORK only show records that modify blocks in fork FORK;\n" - " valid names are main, fsm, vm, init\n")); - printf(_(" -n, --limit=N number of records to display\n")); - printf(_(" -p, --path=PATH directory in which to find WAL segment files or a\n" - " directory with a ./pg_wal that contains such files\n" - " (default: current directory, ./pg_wal, $PGDATA/pg_wal)\n")); + printf(_(" -B, --block=N with --relation, only show records that modify block N\n")); + printf(_(" -e, --end=RECPTR stop reading at WAL location RECPTR\n")); + printf(_(" -f, --follow keep retrying after reaching end of WAL\n")); + printf(_(" -F, --fork=FORK only show records that modify blocks in fork FORK;\n" + " valid names are main, fsm, vm, init\n")); + printf(_(" -n, --limit=N number of records to display\n")); + printf(_(" -p, --path=PATH directory in which to find WAL segment files or a\n" + " directory with a ./pg_wal that contains such files\n" + " (default: current directory, ./pg_wal, $PGDATA/pg_wal)\n")); #ifdef PERCONA_EXT - printf(_(" -k, --keyring-path=PATH directory in which to find keyring config files for WAL\n" - " such files are pg_tde.map, pg_tde.dat, and pg_tde_keyrings\n" - " (it will not try to decrypt WAL if not set)\n")); + printf(_(" -k, --keyring-path=PATH directory in which to find keyring config files for WAL\n" + " such files are pg_tde.map, pg_tde.dat, and pg_tde_keyrings\n" + " (it will not try to decrypt WAL if not set)\n")); #endif - printf(_(" -q, --quiet do not print any output, except for errors\n")); - printf(_(" -r, --rmgr=RMGR only show records generated by resource manager RMGR;\n" - " use --rmgr=list to list valid resource manager names\n")); - printf(_(" -R, --relation=T/D/R only show records that modify blocks in relation T/D/R\n")); - printf(_(" -s, --start=RECPTR start reading at WAL location RECPTR\n")); - printf(_(" -t, --timeline=TLI timeline from which to read WAL records\n" - " (default: 1 or the value used in STARTSEG)\n")); - printf(_(" -V, --version output version information, then exit\n")); - printf(_(" -w, --fullpage only show records with a full page write\n")); - printf(_(" -x, --xid=XID only show records with transaction ID XID\n")); - printf(_(" -z, --stats[=record] show statistics instead of records\n" - " (optionally, show per-record statistics)\n")); - printf(_(" --save-fullpage=DIR save full page images to DIR\n")); - printf(_(" -?, --help show this help, then exit\n")); + printf(_(" -q, --quiet do not print any output, except for errors\n")); + printf(_(" -r, --rmgr=RMGR only show records generated by resource manager RMGR;\n" + " use --rmgr=list to list valid resource manager names\n")); + printf(_(" -R, --relation=T/D/R only show records that modify blocks in relation T/D/R\n")); + printf(_(" -s, --start=RECPTR start reading at WAL location RECPTR\n")); + printf(_(" -t, --timeline=TLI timeline from which to read WAL records\n" + " (default: 1 or the value used in STARTSEG)\n")); + printf(_(" -V, --version output version information, then exit\n")); + printf(_(" -w, --fullpage only show records with a full page write\n")); + printf(_(" -x, --xid=XID only show records with transaction ID XID\n")); + printf(_(" -z, --stats[=record] show statistics instead of records\n" + " (optionally, show per-record statistics)\n")); + printf(_(" --save-fullpage=DIR save full page images to DIR\n")); + printf(_(" -?, --help show this help, then exit\n")); printf(_("\nReport bugs to <%s>.\n"), PACKAGE_BUGREPORT); printf(_("%s home page: <%s>\n"), PACKAGE_NAME, PACKAGE_URL); } @@ -951,8 +951,8 @@ main(int argc, char **argv) break; #ifdef PERCONA_EXT case 'k': - kringdir = pg_strdup(optarg); - break; + kringdir = pg_strdup(optarg); + break; #endif case 'q': config.quiet = true; @@ -1127,13 +1127,14 @@ main(int argc, char **argv) } #ifdef PERCONA_EXT - /* - * Make possible to read ecrypted WAL - */ - if (kringdir != NULL) - { - TDE_XLOG_INIT(kringdir); - } + + /* + * Make possible to read ecrypted WAL + */ + if (kringdir != NULL) + { + TDE_XLOG_INIT(kringdir); + } #endif if (config.save_fullpage_path != NULL) diff --git a/src/include/access/nbtree.h b/src/include/access/nbtree.h index 749304334809e..0eff2344147e3 100644 --- a/src/include/access/nbtree.h +++ b/src/include/access/nbtree.h @@ -1042,7 +1042,7 @@ typedef struct BTScanOpaqueData /* these fields are set by _bt_preprocess_keys(): */ bool qual_ok; /* false if qual can never be satisfied */ int numberOfKeys; /* number of preprocessed scan keys */ - ScanKey keyData; /* array of preprocessed scan keys */ + ScanKey keyData; /* array of preprocessed scan keys */ /* workspace for SK_SEARCHARRAY support */ int numArrayKeys; /* number of equality-type array keys */ diff --git a/src/include/access/spgist_private.h b/src/include/access/spgist_private.h index e7cbe10a89b5c..1b096b9c287e2 100644 --- a/src/include/access/spgist_private.h +++ b/src/include/access/spgist_private.h @@ -199,7 +199,7 @@ typedef struct SpGistScanOpaqueData /* Index quals to be passed to opclass (null-related quals removed) */ int numberOfKeys; /* number of index qualifier conditions */ - ScanKey keyData; /* array of index qualifier descriptors */ + ScanKey keyData; /* array of index qualifier descriptors */ int numberOfOrderBys; /* number of ordering operators */ int numberOfNonNullOrderBys; /* number of ordering operators * with non-NULL arguments */ diff --git a/src/include/access/xlog.h b/src/include/access/xlog.h index 4df3d76ad8a1d..ae2835f6a8636 100644 --- a/src/include/access/xlog.h +++ b/src/include/access/xlog.h @@ -58,7 +58,7 @@ extern PGDLLIMPORT int wal_decode_buffer_size; extern PGDLLIMPORT int CheckPointSegments; -typedef void (*checkpoint_create_hook_type)(const CheckPoint *); +typedef void (*checkpoint_create_hook_type) (const CheckPoint *); extern PGDLLIMPORT checkpoint_create_hook_type checkpoint_create_hook; /* Archive modes */ diff --git a/src/include/access/xlog_smgr.h b/src/include/access/xlog_smgr.h index 05a9d45f30433..08875b95d5e50 100644 --- a/src/include/access/xlog_smgr.h +++ b/src/include/access/xlog_smgr.h @@ -6,10 +6,11 @@ #include /* XLog storage manager interface */ -typedef struct XLogSmgr { - ssize_t (*seg_read) (int fd, void *buf, size_t count, off_t offset); +typedef struct XLogSmgr +{ + ssize_t (*seg_read) (int fd, void *buf, size_t count, off_t offset); - ssize_t (*seg_write) (int fd, const void *buf, size_t count, off_t offset); + ssize_t (*seg_write) (int fd, const void *buf, size_t count, off_t offset); } XLogSmgr; /* Default (standard) XLog storage manager */ diff --git a/src/include/nodes/parsenodes.h b/src/include/nodes/parsenodes.h index 67c90a2bd328d..0ed589426af86 100644 --- a/src/include/nodes/parsenodes.h +++ b/src/include/nodes/parsenodes.h @@ -945,7 +945,7 @@ typedef struct PartitionRangeDatum typedef struct SinglePartitionSpec { NodeTag type; -} SinglePartitionSpec; +} SinglePartitionSpec; /* * PartitionCmd - info for ALTER TABLE/INDEX ATTACH/DETACH PARTITION commands diff --git a/src/include/storage/smgr.h b/src/include/storage/smgr.h index c487ea93028a2..fd3400388bf85 100644 --- a/src/include/storage/smgr.h +++ b/src/include/storage/smgr.h @@ -58,7 +58,8 @@ typedef struct SMgrRelationData * submodules. Do not touch them from elsewhere. */ SMgrId smgr_which; /* storage manager selector */ - int smgrrelation_size; /* size of this struct, incl. smgr-specific data */ + int smgrrelation_size; /* size of this struct, incl. + * smgr-specific data */ /* * Pinning support. If unpinned (ie. pincount == 0), 'node' is a list diff --git a/src/include/utils/percona.h b/src/include/utils/percona.h index 58ad738a24d6d..87bad00df784a 100644 --- a/src/include/utils/percona.h +++ b/src/include/utils/percona.h @@ -14,15 +14,16 @@ extern const PGDLLIMPORT int percona_api_version; -static inline bool check_percona_api_version(void) +static inline bool +check_percona_api_version(void) { - if (PERCONA_API_VERSION != percona_api_version) - { - elog(FATAL, "Percona API version mismatch, the extension was built against a different PostgreSQL version!"); - return false; - } + if (PERCONA_API_VERSION != percona_api_version) + { + elog(FATAL, "Percona API version mismatch, the extension was built against a different PostgreSQL version!"); + return false; + } - return true; + return true; } -#endif // PERCONA__H__ \ No newline at end of file +#endif diff --git a/src/test/regress/pg_regress.c b/src/test/regress/pg_regress.c index 5dfd189d43b07..4cc0c35418fc7 100644 --- a/src/test/regress/pg_regress.c +++ b/src/test/regress/pg_regress.c @@ -103,7 +103,7 @@ char *expecteddir = "."; char *bindir = PGBINDIR; char *launcher = NULL; static _stringlist *loadextension = NULL; -char *exec_sql = NULL; +char *exec_sql = NULL; static int max_connections = 0; static int max_concurrent_tests = 0; static char *encoding = NULL; @@ -1984,9 +1984,10 @@ create_database(const char *dbname) */ for (sl = loadextension; sl != NULL; sl = sl->next) psql_command(dbname, "CREATE EXTENSION IF NOT EXISTS \"%s\"", sl->str); + /* - * Percona extension - * Execute any additional sql commands provided by caller + * Percona extension Execute any additional sql commands provided by + * caller */ if (exec_sql) { @@ -1997,10 +1998,10 @@ create_database(const char *dbname) if (sql_file == NULL) { bail("could not open \"%s\" to read extra setup file: %s", - exec_sql, strerror(errno)); + exec_sql, strerror(errno)); } while (fgets(line_buf, sizeof(line_buf), sql_file) != NULL) - psql_command(dbname,"%s",line_buf); + psql_command(dbname, "%s", line_buf); fclose(sql_file); } } diff --git a/src/tools/pgindent/exclude_file_patterns b/src/tools/pgindent/exclude_file_patterns index 68aae9b97a49b..03ad8b50887d9 100644 --- a/src/tools/pgindent/exclude_file_patterns +++ b/src/tools/pgindent/exclude_file_patterns @@ -63,3 +63,8 @@ src/tools/pg_bsd_indent/.* /tmp_install/ # ... and for paranoia's sake, don't touch git stuff. /\.git/ +# Percona excludes +contrib/pg_tde/src16/.* +contrib/pg_tde/src17.* +contrib/pg_tde/src/libkmip/.* +src/backend/nodes/nodetags.h