Use OpenTransientFile() instead of BasicOpenFile()

jeltz · jeltz · commit e636b10ea5b1 · 2025-06-06T17:09:41.000+02:00
By using OpenTransientFile() we do not have to close file descriptors on
error plus PostgreSQL will check if we have forgot to close any files on
commit.

This change made us find one instance where we had forgot to close a
file which is also fixed in this commit.
diff --git a/contrib/pg_tde/src/access/pg_tde_tdemap.c b/contrib/pg_tde/src/access/pg_tde_tdemap.c
@@ -177,7 +177,7 @@ pg_tde_save_principal_key_redo(const TDESignedPrincipalKeyInfo *signed_key_info)
 	LWLockAcquire(tde_lwlock_enc_keys(), LW_EXCLUSIVE);
 
 	map_fd = pg_tde_open_file_write(db_map_path, signed_key_info, false, &curr_pos);
-	close(map_fd);
+	CloseTransientFile(map_fd);
 
 	LWLockRelease(tde_lwlock_enc_keys());
 }
@@ -216,7 +216,7 @@ pg_tde_save_principal_key(const TDEPrincipalKey *principal_key, bool write_xlog)
 	}
 
 	map_fd = pg_tde_open_file_write(db_map_path, &signed_key_Info, true, &curr_pos);
-	close(map_fd);
+	CloseTransientFile(map_fd);
 }
 
 /*
@@ -365,7 +365,7 @@ pg_tde_write_key_map_entry(const RelFileLocator *rlocator, const InternalKey *re
 	/* Write the given entry at curr_pos; i.e. the free entry. */
 	pg_tde_write_one_map_entry(map_fd, &write_map_entry, &curr_pos, db_map_path);
 
-	close(map_fd);
+	CloseTransientFile(map_fd);
 }
 
 /*
@@ -410,7 +410,7 @@ pg_tde_free_key_map_entry(const RelFileLocator rlocator)
 		}
 	}
 
-	close(map_fd);
+	CloseTransientFile(map_fd);
 
 	LWLockRelease(tde_lwlock_enc_keys());
 }
@@ -490,8 +490,8 @@ pg_tde_perform_rotate_key(TDEPrincipalKey *principal_key, TDEPrincipalKey *new_p
 		pfree(rel_key_data);
 	}
 
-	close(old_fd);
-	close(new_fd);
+	CloseTransientFile(old_fd);
+	CloseTransientFile(new_fd);
 
 	/*
 	 * Do the final steps - replace the current _map with the file with new
@@ -589,7 +589,7 @@ pg_tde_wal_last_key_set_lsn(XLogRecPtr lsn, const char *keyfile_path)
 	}
 
 	LWLockRelease(lock_pk);
-	close(fd);
+	CloseTransientFile(fd);
 }
 
 /*
@@ -649,7 +649,7 @@ pg_tde_find_map_entry(const RelFileLocator *rlocator, TDEMapEntryType key_type,
 		}
 	}
 
-	close(map_fd);
+	CloseTransientFile(map_fd);
 
 	return found;
 }
@@ -688,7 +688,7 @@ pg_tde_count_relations(Oid dbOid)
 			count++;
 	}
 
-	close(map_fd);
+	CloseTransientFile(map_fd);
 
 	LWLockRelease(lock_pk);
 
@@ -764,7 +764,7 @@ pg_tde_open_file_basic(const char *tde_filename, int fileFlags, bool ignore_miss
 {
 	int			fd;
 
-	fd = BasicOpenFile(tde_filename, fileFlags);
+	fd = OpenTransientFile(tde_filename, fileFlags);
 	if (fd < 0 && !(errno == ENOENT && ignore_missing == true))
 	{
 		ereport(ERROR,
@@ -792,7 +792,6 @@ pg_tde_file_header_read(const char *tde_filename, int fd, TDEFileHeader *fheader
 	if (*bytes_read != TDE_FILE_HEADER_SIZE
 		|| fheader->file_version != PG_TDE_FILEMAGIC)
 	{
-		close(fd);
 		ereport(FATAL,
 				errcode_for_file_access(),
 				errmsg("TDE map file \"%s\" is corrupted: %m", tde_filename));
@@ -870,7 +869,7 @@ pg_tde_get_principal_key_info(Oid dbOid)
 
 	pg_tde_file_header_read(db_map_path, fd, &fheader, &bytes_read);
 
-	close(fd);
+	CloseTransientFile(fd);
 
 	/*
 	 * It's not a new file. So we can copy the principal key info from the
@@ -1008,6 +1007,7 @@ pg_tde_read_last_wal_key(void)
 	if (fsize == TDE_FILE_HEADER_SIZE)
 	{
 		LWLockRelease(lock_pk);
+		CloseTransientFile(fd);
 		return NULL;
 	}
 
@@ -1016,7 +1016,7 @@ pg_tde_read_last_wal_key(void)
 
 	rel_key_data = tde_decrypt_rel_key(principal_key, &map_entry);
 	LWLockRelease(lock_pk);
-	close(fd);
+	CloseTransientFile(fd);
 
 	return rel_key_data;
 }
@@ -1064,7 +1064,7 @@ pg_tde_fetch_wal_keys(XLogRecPtr start_lsn)
 		wal_rec = pg_tde_add_wal_key_to_cache(&stub_key, InvalidXLogRecPtr);
 
 		LWLockRelease(lock_pk);
-		close(fd);
+		CloseTransientFile(fd);
 		return wal_rec;
 	}
 
@@ -1094,7 +1094,7 @@ pg_tde_fetch_wal_keys(XLogRecPtr start_lsn)
 		}
 	}
 	LWLockRelease(lock_pk);
-	close(fd);
+	CloseTransientFile(fd);
 
 	return return_wal_rec;
 }
diff --git a/contrib/pg_tde/src/catalog/tde_keyring.c b/contrib/pg_tde/src/catalog/tde_keyring.c
@@ -476,13 +476,12 @@ save_new_key_provider_info(KeyringProviderRecord *provider, Oid databaseId)
 
 		if (strcmp(existing_provider.provider_name, provider->provider_name) == 0)
 		{
-			close(fd);
 			ereport(ERROR,
 					errcode(ERRCODE_DUPLICATE_OBJECT),
 					errmsg("Key provider \"%s\" already exists.", provider->provider_name));
 		}
 	}
-	close(fd);
+	CloseTransientFile(fd);
 
 	if (max_provider_id == PG_INT32_MAX)
 	{
@@ -610,7 +609,7 @@ write_key_provider_info(KeyringProviderRecordInFile *record, bool write_xlog)
 	Assert(LWLockHeldByMeInMode(tde_provider_info_lock(), LW_EXCLUSIVE));
 
 	get_keyring_infofile_path(kp_info_path, record->database_id);
-	fd = BasicOpenFile(kp_info_path, O_CREAT | O_RDWR | PG_BINARY);
+	fd = OpenTransientFile(kp_info_path, O_CREAT | O_RDWR | PG_BINARY);
 	if (fd < 0)
 	{
 		ereport(ERROR,
@@ -638,20 +637,18 @@ write_key_provider_info(KeyringProviderRecordInFile *record, bool write_xlog)
 							  record->offset_in_file);
 	if (bytes_written != sizeof(KeyringProviderRecord))
 	{
-		close(fd);
 		ereport(ERROR,
 				errcode_for_file_access(),
 				errmsg("key provider info file \"%s\" can't be written: %m",
 					   kp_info_path));
 	}
 	if (pg_fsync(fd) != 0)
 	{
-		close(fd);
 		ereport(ERROR,
 				errcode_for_file_access(),
 				errmsg("could not fsync file \"%s\": %m", kp_info_path));
 	}
-	close(fd);
+	CloseTransientFile(fd);
 }
 
 /* Returns true if the record is found, false otherwise. */
@@ -678,15 +675,15 @@ get_keyring_info_file_record_by_name(char *provider_name, Oid database_id,
 			record->database_id = database_id;
 			record->offset_in_file = current_file_offset;
 			record->provider = existing_provider;
-			close(fd);
+			CloseTransientFile(fd);
 			return true;
 		}
 
 		current_file_offset = next_file_offset;
 	}
 
 	/* No matching key provider found */
-	close(fd);
+	CloseTransientFile(fd);
 	return false;
 }
 
@@ -750,7 +747,7 @@ scan_key_provider_file(ProviderScanType scanType, void *scanKey, Oid dbOid)
 
 	LWLockAcquire(tde_provider_info_lock(), LW_SHARED);
 
-	fd = BasicOpenFile(kp_info_path, PG_BINARY);
+	fd = OpenTransientFile(kp_info_path, PG_BINARY);
 	if (fd < 0)
 	{
 		LWLockRelease(tde_provider_info_lock());
@@ -801,7 +798,7 @@ scan_key_provider_file(ProviderScanType scanType, void *scanKey, Oid dbOid)
 			}
 		}
 	}
-	close(fd);
+	CloseTransientFile(fd);
 	LWLockRelease(tde_provider_info_lock());
 	return providers_list;
 }
@@ -994,7 +991,7 @@ open_keyring_infofile(Oid database_id, int flags)
 	char		kp_info_path[MAXPGPATH];
 
 	get_keyring_infofile_path(kp_info_path, database_id);
-	fd = BasicOpenFile(kp_info_path, flags | PG_BINARY);
+	fd = OpenTransientFile(kp_info_path, flags | PG_BINARY);
 	if (fd < 0)
 	{
 		ereport(ERROR,
@@ -1022,7 +1019,6 @@ fetch_next_key_provider(int fd, off_t *curr_pos, KeyringProviderRecord *provider
 		return false;
 	if (bytes_read != sizeof(KeyringProviderRecord))
 	{
-		close(fd);
 		/* Corrupt file */
 		ereport(ERROR,
 				errcode_for_file_access(),
diff --git a/contrib/pg_tde/src/include/pg_tde_fe.h b/contrib/pg_tde/src/include/pg_tde_fe.h
@@ -85,7 +85,8 @@ static int	tde_fe_error_level = 0;
 #define LW_EXCLUSIVE NULL
 #define tde_lwlock_enc_keys() NULL
 
-#define BasicOpenFile(fileName, fileFlags) open(fileName, fileFlags, PG_FILE_MODE_OWNER)
+#define OpenTransientFile(fileName, fileFlags) open(fileName, fileFlags, PG_FILE_MODE_OWNER)
+#define CloseTransientFile(fd) close(fd)
 #define AllocateFile(name, mode) fopen(name, mode)
 #define FreeFile(file) fclose(file)
 
diff --git a/contrib/pg_tde/src/keyring/keyring_file.c b/contrib/pg_tde/src/keyring/keyring_file.c
@@ -53,7 +53,7 @@ get_key_by_name(GenericKeyring *keyring, const char *key_name, KeyringReturnCode
 
 	*return_code = KEYRING_CODE_SUCCESS;
 
-	fd = BasicOpenFile(file_keyring->file_name, PG_BINARY);
+	fd = OpenTransientFile(file_keyring->file_name, PG_BINARY);
 	if (fd < 0)
 		return NULL;
 
@@ -69,13 +69,13 @@ get_key_by_name(GenericKeyring *keyring, const char *key_name, KeyringReturnCode
 			 * Empty keyring file is considered as a valid keyring file that
 			 * has no keys
 			 */
-			close(fd);
+			CloseTransientFile(fd);
 			pfree(key);
 			return NULL;
 		}
 		if (bytes_read != sizeof(KeyInfo))
 		{
-			close(fd);
+			CloseTransientFile(fd);
 			pfree(key);
 			/* Corrupt file */
 			*return_code = KEYRING_CODE_DATA_CORRUPTED;
@@ -88,11 +88,11 @@ get_key_by_name(GenericKeyring *keyring, const char *key_name, KeyringReturnCode
 		}
 		if (strncasecmp(key->name, key_name, sizeof(key->name)) == 0)
 		{
-			close(fd);
+			CloseTransientFile(fd);
 			return key;
 		}
 	}
-	close(fd);
+	CloseTransientFile(fd);
 	pfree(key);
 	return NULL;
 }
@@ -116,7 +116,7 @@ set_key_by_name(GenericKeyring *keyring, KeyInfo *key)
 				errmsg("Key with name %s already exists in keyring", key->name));
 	}
 
-	fd = BasicOpenFile(file_keyring->file_name, O_CREAT | O_RDWR | PG_BINARY);
+	fd = OpenTransientFile(file_keyring->file_name, O_CREAT | O_RDWR | PG_BINARY);
 	if (fd < 0)
 	{
 		ereport(ERROR,
@@ -128,7 +128,6 @@ set_key_by_name(GenericKeyring *keyring, KeyInfo *key)
 	bytes_written = pg_pwrite(fd, key, sizeof(KeyInfo), curr_pos);
 	if (bytes_written != sizeof(KeyInfo))
 	{
-		close(fd);
 		ereport(ERROR,
 				errcode_for_file_access(),
 				errmsg("keyring file \"%s\" can't be written: %m",
@@ -137,20 +136,19 @@ set_key_by_name(GenericKeyring *keyring, KeyInfo *key)
 
 	if (pg_fsync(fd) != 0)
 	{
-		close(fd);
 		ereport(ERROR,
 				errcode_for_file_access(),
 				errmsg("could not fsync file \"%s\": %m",
 					   file_keyring->file_name));
 	}
-	close(fd);
+	CloseTransientFile(fd);
 }
 
 static void
 validate(GenericKeyring *keyring)
 {
 	FileKeyring *file_keyring = (FileKeyring *) keyring;
-	int			fd = BasicOpenFile(file_keyring->file_name, O_CREAT | O_RDWR | PG_BINARY);
+	int			fd = OpenTransientFile(file_keyring->file_name, O_CREAT | O_RDWR | PG_BINARY);
 
 	if (fd < 0)
 	{
@@ -159,5 +157,5 @@ validate(GenericKeyring *keyring)
 				errmsg("Failed to open keyring file %s: %m", file_keyring->file_name));
 	}
 
-	close(fd);
+	CloseTransientFile(fd);
 }

Original file line number	Diff line number	Diff line change
`@@ -177,7 +177,7 @@ pg_tde_save_principal_key_redo(const TDESignedPrincipalKeyInfo *signed_key_info)`
`177`	`177`	`LWLockAcquire(tde_lwlock_enc_keys(), LW_EXCLUSIVE);`
`178`	`178`
`179`	`179`	`map_fd = pg_tde_open_file_write(db_map_path, signed_key_info, false, &curr_pos);`
`180`		`- close(map_fd);`
	`180`	`+ CloseTransientFile(map_fd);`
`181`	`181`
`182`	`182`	`LWLockRelease(tde_lwlock_enc_keys());`
`183`	`183`	`}`
`@@ -216,7 +216,7 @@ pg_tde_save_principal_key(const TDEPrincipalKey *principal_key, bool write_xlog)`
`216`	`216`	`}`
`217`	`217`
`218`	`218`	`map_fd = pg_tde_open_file_write(db_map_path, &signed_key_Info, true, &curr_pos);`
`219`		`- close(map_fd);`
	`219`	`+ CloseTransientFile(map_fd);`
`220`	`220`	`}`
`221`	`221`
`222`	`222`	`/*`
`@@ -365,7 +365,7 @@ pg_tde_write_key_map_entry(const RelFileLocator rlocator, const InternalKey re`
`365`	`365`	`/* Write the given entry at curr_pos; i.e. the free entry. */`
`366`	`366`	`pg_tde_write_one_map_entry(map_fd, &write_map_entry, &curr_pos, db_map_path);`
`367`	`367`
`368`		`- close(map_fd);`
	`368`	`+ CloseTransientFile(map_fd);`
`369`	`369`	`}`
`370`	`370`
`371`	`371`	`/*`
`@@ -410,7 +410,7 @@ pg_tde_free_key_map_entry(const RelFileLocator rlocator)`
`410`	`410`	`}`
`411`	`411`	`}`
`412`	`412`
`413`		`- close(map_fd);`
	`413`	`+ CloseTransientFile(map_fd);`
`414`	`414`
`415`	`415`	`LWLockRelease(tde_lwlock_enc_keys());`
`416`	`416`	`}`
`@@ -490,8 +490,8 @@ pg_tde_perform_rotate_key(TDEPrincipalKey principal_key, TDEPrincipalKey new_p`
`490`	`490`	`pfree(rel_key_data);`
`491`	`491`	`}`
`492`	`492`
`493`		`- close(old_fd);`
`494`		`- close(new_fd);`
	`493`	`+ CloseTransientFile(old_fd);`
	`494`	`+ CloseTransientFile(new_fd);`
`495`	`495`
`496`	`496`	`/*`
`497`	`497`	`* Do the final steps - replace the current _map with the file with new`
`@@ -589,7 +589,7 @@ pg_tde_wal_last_key_set_lsn(XLogRecPtr lsn, const char *keyfile_path)`
`589`	`589`	`}`
`590`	`590`
`591`	`591`	`LWLockRelease(lock_pk);`
`592`		`- close(fd);`
	`592`	`+ CloseTransientFile(fd);`
`593`	`593`	`}`
`594`	`594`
`595`	`595`	`/*`
`@@ -649,7 +649,7 @@ pg_tde_find_map_entry(const RelFileLocator *rlocator, TDEMapEntryType key_type,`
`649`	`649`	`}`
`650`	`650`	`}`
`651`	`651`
`652`		`- close(map_fd);`
	`652`	`+ CloseTransientFile(map_fd);`
`653`	`653`
`654`	`654`	`return found;`
`655`	`655`	`}`
`@@ -688,7 +688,7 @@ pg_tde_count_relations(Oid dbOid)`
`688`	`688`	`count++;`
`689`	`689`	`}`
`690`	`690`
`691`		`- close(map_fd);`
	`691`	`+ CloseTransientFile(map_fd);`
`692`	`692`
`693`	`693`	`LWLockRelease(lock_pk);`
`694`	`694`
`@@ -764,7 +764,7 @@ pg_tde_open_file_basic(const char *tde_filename, int fileFlags, bool ignore_miss`
`764`	`764`	`{`
`765`	`765`	`int fd;`
`766`	`766`
`767`		`- fd = BasicOpenFile(tde_filename, fileFlags);`
	`767`	`+ fd = OpenTransientFile(tde_filename, fileFlags);`
`768`	`768`	`if (fd < 0 && !(errno == ENOENT && ignore_missing == true))`
`769`	`769`	`{`
`770`	`770`	`ereport(ERROR,`
`@@ -792,7 +792,6 @@ pg_tde_file_header_read(const char tde_filename, int fd, TDEFileHeader fheader`
`792`	`792`	`if (*bytes_read != TDE_FILE_HEADER_SIZE`
`793`	`793`	`\|\| fheader->file_version != PG_TDE_FILEMAGIC)`
`794`	`794`	`{`
`795`		`- close(fd);`
`796`	`795`	`ereport(FATAL,`
`797`	`796`	`errcode_for_file_access(),`
`798`	`797`	`errmsg("TDE map file \"%s\" is corrupted: %m", tde_filename));`
`@@ -870,7 +869,7 @@ pg_tde_get_principal_key_info(Oid dbOid)`
`870`	`869`
`871`	`870`	`pg_tde_file_header_read(db_map_path, fd, &fheader, &bytes_read);`
`872`	`871`
`873`		`- close(fd);`
	`872`	`+ CloseTransientFile(fd);`
`874`	`873`
`875`	`874`	`/*`
`876`	`875`	`* It's not a new file. So we can copy the principal key info from the`
`@@ -1008,6 +1007,7 @@ pg_tde_read_last_wal_key(void)`
`1008`	`1007`	`if (fsize == TDE_FILE_HEADER_SIZE)`
`1009`	`1008`	`{`
`1010`	`1009`	`LWLockRelease(lock_pk);`
	`1010`	`+ CloseTransientFile(fd);`
`1011`	`1011`	`return NULL;`
`1012`	`1012`	`}`
`1013`	`1013`
`@@ -1016,7 +1016,7 @@ pg_tde_read_last_wal_key(void)`
`1016`	`1016`
`1017`	`1017`	`rel_key_data = tde_decrypt_rel_key(principal_key, &map_entry);`
`1018`	`1018`	`LWLockRelease(lock_pk);`
`1019`		`- close(fd);`
	`1019`	`+ CloseTransientFile(fd);`
`1020`	`1020`
`1021`	`1021`	`return rel_key_data;`
`1022`	`1022`	`}`
`@@ -1064,7 +1064,7 @@ pg_tde_fetch_wal_keys(XLogRecPtr start_lsn)`
`1064`	`1064`	`wal_rec = pg_tde_add_wal_key_to_cache(&stub_key, InvalidXLogRecPtr);`
`1065`	`1065`
`1066`	`1066`	`LWLockRelease(lock_pk);`
`1067`		`- close(fd);`
	`1067`	`+ CloseTransientFile(fd);`
`1068`	`1068`	`return wal_rec;`
`1069`	`1069`	`}`
`1070`	`1070`
`@@ -1094,7 +1094,7 @@ pg_tde_fetch_wal_keys(XLogRecPtr start_lsn)`
`1094`	`1094`	`}`
`1095`	`1095`	`}`
`1096`	`1096`	`LWLockRelease(lock_pk);`
`1097`		`- close(fd);`
	`1097`	`+ CloseTransientFile(fd);`
`1098`	`1098`
`1099`	`1099`	`return return_wal_rec;`
`1100`	`1100`	`}`
Original file line number	Diff line number	Diff line change
`@@ -476,13 +476,12 @@ save_new_key_provider_info(KeyringProviderRecord *provider, Oid databaseId)`
`476`	`476`
`477`	`477`	`if (strcmp(existing_provider.provider_name, provider->provider_name) == 0)`
`478`	`478`	`{`
`479`		`- close(fd);`
`480`	`479`	`ereport(ERROR,`
`481`	`480`	`errcode(ERRCODE_DUPLICATE_OBJECT),`
`482`	`481`	`errmsg("Key provider \"%s\" already exists.", provider->provider_name));`
`483`	`482`	`}`
`484`	`483`	`}`
`485`		`- close(fd);`
	`484`	`+ CloseTransientFile(fd);`
`486`	`485`
`487`	`486`	`if (max_provider_id == PG_INT32_MAX)`
`488`	`487`	`{`
`@@ -610,7 +609,7 @@ write_key_provider_info(KeyringProviderRecordInFile *record, bool write_xlog)`
`610`	`609`	`Assert(LWLockHeldByMeInMode(tde_provider_info_lock(), LW_EXCLUSIVE));`
`611`	`610`
`612`	`611`	`get_keyring_infofile_path(kp_info_path, record->database_id);`
`613`		`- fd = BasicOpenFile(kp_info_path, O_CREAT \| O_RDWR \| PG_BINARY);`
	`612`	`+ fd = OpenTransientFile(kp_info_path, O_CREAT \| O_RDWR \| PG_BINARY);`
`614`	`613`	`if (fd < 0)`
`615`	`614`	`{`
`616`	`615`	`ereport(ERROR,`
`@@ -638,20 +637,18 @@ write_key_provider_info(KeyringProviderRecordInFile *record, bool write_xlog)`
`638`	`637`	`record->offset_in_file);`
`639`	`638`	`if (bytes_written != sizeof(KeyringProviderRecord))`
`640`	`639`	`{`
`641`		`- close(fd);`
`642`	`640`	`ereport(ERROR,`
`643`	`641`	`errcode_for_file_access(),`
`644`	`642`	`errmsg("key provider info file \"%s\" can't be written: %m",`
`645`	`643`	`kp_info_path));`
`646`	`644`	`}`
`647`	`645`	`if (pg_fsync(fd) != 0)`
`648`	`646`	`{`
`649`		`- close(fd);`
`650`	`647`	`ereport(ERROR,`
`651`	`648`	`errcode_for_file_access(),`
`652`	`649`	`errmsg("could not fsync file \"%s\": %m", kp_info_path));`
`653`	`650`	`}`
`654`		`- close(fd);`
	`651`	`+ CloseTransientFile(fd);`
`655`	`652`	`}`
`656`	`653`
`657`	`654`	`/* Returns true if the record is found, false otherwise. */`
`@@ -678,15 +675,15 @@ get_keyring_info_file_record_by_name(char *provider_name, Oid database_id,`
`678`	`675`	`record->database_id = database_id;`
`679`	`676`	`record->offset_in_file = current_file_offset;`
`680`	`677`	`record->provider = existing_provider;`
`681`		`- close(fd);`
	`678`	`+ CloseTransientFile(fd);`
`682`	`679`	`return true;`
`683`	`680`	`}`
`684`	`681`
`685`	`682`	`current_file_offset = next_file_offset;`
`686`	`683`	`}`
`687`	`684`
`688`	`685`	`/* No matching key provider found */`
`689`		`- close(fd);`
	`686`	`+ CloseTransientFile(fd);`
`690`	`687`	`return false;`
`691`	`688`	`}`
`692`	`689`
`@@ -750,7 +747,7 @@ scan_key_provider_file(ProviderScanType scanType, void *scanKey, Oid dbOid)`
`750`	`747`
`751`	`748`	`LWLockAcquire(tde_provider_info_lock(), LW_SHARED);`
`752`	`749`
`753`		`- fd = BasicOpenFile(kp_info_path, PG_BINARY);`
	`750`	`+ fd = OpenTransientFile(kp_info_path, PG_BINARY);`
`754`	`751`	`if (fd < 0)`
`755`	`752`	`{`
`756`	`753`	`LWLockRelease(tde_provider_info_lock());`
`@@ -801,7 +798,7 @@ scan_key_provider_file(ProviderScanType scanType, void *scanKey, Oid dbOid)`
`801`	`798`	`}`
`802`	`799`	`}`
`803`	`800`	`}`
`804`		`- close(fd);`
	`801`	`+ CloseTransientFile(fd);`
`805`	`802`	`LWLockRelease(tde_provider_info_lock());`
`806`	`803`	`return providers_list;`
`807`	`804`	`}`
`@@ -994,7 +991,7 @@ open_keyring_infofile(Oid database_id, int flags)`
`994`	`991`	`char kp_info_path[MAXPGPATH];`
`995`	`992`
`996`	`993`	`get_keyring_infofile_path(kp_info_path, database_id);`
`997`		`- fd = BasicOpenFile(kp_info_path, flags \| PG_BINARY);`
	`994`	`+ fd = OpenTransientFile(kp_info_path, flags \| PG_BINARY);`
`998`	`995`	`if (fd < 0)`
`999`	`996`	`{`
`1000`	`997`	`ereport(ERROR,`
`@@ -1022,7 +1019,6 @@ fetch_next_key_provider(int fd, off_t curr_pos, KeyringProviderRecord provider`
`1022`	`1019`	`return false;`
`1023`	`1020`	`if (bytes_read != sizeof(KeyringProviderRecord))`
`1024`	`1021`	`{`
`1025`		`- close(fd);`
`1026`	`1022`	`/* Corrupt file */`
`1027`	`1023`	`ereport(ERROR,`
`1028`	`1024`	`errcode_for_file_access(),`
Original file line number	Diff line number	Diff line change
`@@ -53,7 +53,7 @@ get_key_by_name(GenericKeyring keyring, const char key_name, KeyringReturnCode`
`53`	`53`
`54`	`54`	`*return_code = KEYRING_CODE_SUCCESS;`
`55`	`55`
`56`		`- fd = BasicOpenFile(file_keyring->file_name, PG_BINARY);`
	`56`	`+ fd = OpenTransientFile(file_keyring->file_name, PG_BINARY);`
`57`	`57`	`if (fd < 0)`
`58`	`58`	`return NULL;`
`59`	`59`
`@@ -69,13 +69,13 @@ get_key_by_name(GenericKeyring keyring, const char key_name, KeyringReturnCode`
`69`	`69`	`* Empty keyring file is considered as a valid keyring file that`
`70`	`70`	`* has no keys`
`71`	`71`	`*/`
`72`		`- close(fd);`
	`72`	`+ CloseTransientFile(fd);`
`73`	`73`	`pfree(key);`
`74`	`74`	`return NULL;`
`75`	`75`	`}`
`76`	`76`	`if (bytes_read != sizeof(KeyInfo))`
`77`	`77`	`{`
`78`		`- close(fd);`
	`78`	`+ CloseTransientFile(fd);`
`79`	`79`	`pfree(key);`
`80`	`80`	`/* Corrupt file */`
`81`	`81`	`*return_code = KEYRING_CODE_DATA_CORRUPTED;`
`@@ -88,11 +88,11 @@ get_key_by_name(GenericKeyring keyring, const char key_name, KeyringReturnCode`
`88`	`88`	`}`
`89`	`89`	`if (strncasecmp(key->name, key_name, sizeof(key->name)) == 0)`
`90`	`90`	`{`
`91`		`- close(fd);`
	`91`	`+ CloseTransientFile(fd);`
`92`	`92`	`return key;`
`93`	`93`	`}`
`94`	`94`	`}`
`95`		`- close(fd);`
	`95`	`+ CloseTransientFile(fd);`
`96`	`96`	`pfree(key);`
`97`	`97`	`return NULL;`
`98`	`98`	`}`
`@@ -116,7 +116,7 @@ set_key_by_name(GenericKeyring keyring, KeyInfo key)`
`116`	`116`	`errmsg("Key with name %s already exists in keyring", key->name));`
`117`	`117`	`}`
`118`	`118`
`119`		`- fd = BasicOpenFile(file_keyring->file_name, O_CREAT \| O_RDWR \| PG_BINARY);`
	`119`	`+ fd = OpenTransientFile(file_keyring->file_name, O_CREAT \| O_RDWR \| PG_BINARY);`
`120`	`120`	`if (fd < 0)`
`121`	`121`	`{`
`122`	`122`	`ereport(ERROR,`
`@@ -128,7 +128,6 @@ set_key_by_name(GenericKeyring keyring, KeyInfo key)`
`128`	`128`	`bytes_written = pg_pwrite(fd, key, sizeof(KeyInfo), curr_pos);`
`129`	`129`	`if (bytes_written != sizeof(KeyInfo))`
`130`	`130`	`{`
`131`		`- close(fd);`
`132`	`131`	`ereport(ERROR,`
`133`	`132`	`errcode_for_file_access(),`
`134`	`133`	`errmsg("keyring file \"%s\" can't be written: %m",`
`@@ -137,20 +136,19 @@ set_key_by_name(GenericKeyring keyring, KeyInfo key)`
`137`	`136`
`138`	`137`	`if (pg_fsync(fd) != 0)`
`139`	`138`	`{`
`140`		`- close(fd);`
`141`	`139`	`ereport(ERROR,`
`142`	`140`	`errcode_for_file_access(),`
`143`	`141`	`errmsg("could not fsync file \"%s\": %m",`
`144`	`142`	`file_keyring->file_name));`
`145`	`143`	`}`
`146`		`- close(fd);`
	`144`	`+ CloseTransientFile(fd);`
`147`	`145`	`}`
`148`	`146`
`149`	`147`	`static void`
`150`	`148`	`validate(GenericKeyring *keyring)`
`151`	`149`	`{`
`152`	`150`	`FileKeyring file_keyring = (FileKeyring ) keyring;`
`153`		`- int fd = BasicOpenFile(file_keyring->file_name, O_CREAT \| O_RDWR \| PG_BINARY);`
	`151`	`+ int fd = OpenTransientFile(file_keyring->file_name, O_CREAT \| O_RDWR \| PG_BINARY);`
`154`	`152`
`155`	`153`	`if (fd < 0)`
`156`	`154`	`{`
`@@ -159,5 +157,5 @@ validate(GenericKeyring *keyring)`
`159`	`157`	`errmsg("Failed to open keyring file %s: %m", file_keyring->file_name));`
`160`	`158`	`}`
`161`	`159`
`162`		`- close(fd);`
	`160`	`+ CloseTransientFile(fd);`
`163`	`161`	`}`