Re: Updates of SE-PostgreSQL 8.4devel patches (r1608) - Mailing list pgsql-hackers

From KaiGai Kohei
Subject Re: Updates of SE-PostgreSQL 8.4devel patches (r1608)
Date
Msg-id 49A6E72F.20003@kaigai.gr.jp
Whole thread Raw
In response to Re: Updates of SE-PostgreSQL 8.4devel patches (r1608)  (Bruce Momjian <bruce@momjian.us>)
List pgsql-hackers
Bruce Momjian wrote:
> KaiGai Kohei wrote:
>> The series of SE-PostgreSQL patches for v8.4 were updated:
>> [1/5] http://sepgsql.googlecode.com/files/sepgsql-core-8.4devel-r1608.patch
>> [2/5] http://sepgsql.googlecode.com/files/sepgsql-utils-8.4devel-r1608.patch
>> [3/5] http://sepgsql.googlecode.com/files/sepgsql-policy-8.4devel-r1608.patch
>> [4/5] http://sepgsql.googlecode.com/files/sepgsql-docs-8.4devel-r1608.patch
>> [5/5] http://sepgsql.googlecode.com/files/sepgsql-tests-8.4devel-r1608.patch
>>
>> - List of updates:
>>   * bugfix: sepgsqlCheckProcedureEntrypoint() was invoked twice when
>>     security invoker functions are invoked.
>>
>> Rest of parts are unchanged. Don't mind contracted filename.
>> Please comment anything. It will help to improve our code.
> 
> I did an analysis of the "core" file:
> 
>     http://sepgsql.googlecode.com/files/sepgsql-core-8.4devel-r1608.patch
> 
>     changed lines      3226
>     new files          4075
>     syscatalog         9977
>     ----
>     total             17278
> 
> The good news is that 3226 is the affect on the non-system-catalog main
> core code, and is a context diff size, not total changed lines.

Hum...? What utility did you use to compute the lines?
It seems to me the changed lines except for system catalogs are larger than
actual one.

The diffstat says: 65 files changed, 4769 insertions(+), 11 deletions(-), 4945 modifications(!)

The (4244 + 500) of 4945 modifications come from pg_proc.h and pg_attribute.h
due to a new field to store security label of procedures and columns.

The new files adds 4014 in total, so rest of (755 + 11 + 201 = 967) lines are
estimated changes in the main core code.

Anyway, I believe the burden of reviewer became smaller than the prior
full-set version.

Thanks,

-------------------------------------------------------------
[kaigai@masu ~]$ diffstat ~/sepgsql-core-8.4devel-r1608.patch configure                                     |  113
configure.in                                 |   13 src/Makefile.global.in                        |    1
src/backend/Makefile                         |    7 src/backend/access/heap/heapam.c              |   12
src/backend/bootstrap/bootparse.y            |    4 src/backend/bootstrap/bootstrap.c             |    3
src/backend/catalog/aclchk.c                 |   11 src/backend/catalog/heap.c                    |   94
src/backend/catalog/index.c                  |    8 src/backend/catalog/pg_aggregate.c            |    3
src/backend/catalog/pg_proc.c                |    9 src/backend/catalog/toasting.c                |    3
src/backend/commands/cluster.c               |    4 src/backend/commands/copy.c                   |    9
src/backend/commands/dbcommands.c            |   33 src/backend/commands/foreigncmds.c            |    7
src/backend/commands/functioncmds.c          |   77 src/backend/commands/lockcmds.c               |    4
src/backend/commands/proclang.c              |    6 src/backend/commands/tablecmds.c              |   99
src/backend/commands/trigger.c               |    6 src/backend/executor/execMain.c               |   22
src/backend/nodes/copyfuncs.c                |   25 src/backend/nodes/equalfuncs.c                |   21
src/backend/nodes/outfuncs.c                 |   28 src/backend/nodes/readfuncs.c                 |   41
src/backend/optimizer/plan/planner.c         |    1 src/backend/parser/gram.y                     |   63
src/backend/postmaster/postmaster.c          |   43 src/backend/rewrite/rewriteHandler.c          |    6
src/backend/security/Makefile                |   11 src/backend/security/sepgsql/Makefile         |   16
src/backend/security/sepgsql/avc.c           | 1157 +++++++ src/backend/security/sepgsql/checker.c        |  902 +++++
src/backend/security/sepgsql/core.c          |  235 + src/backend/security/sepgsql/dummy.c          |   37
src/backend/security/sepgsql/hooks.c         |  576 +++ src/backend/security/sepgsql/label.c          |  360 ++
src/backend/security/sepgsql/perms.c         |  463 ++ src/backend/storage/ipc/ipci.c                |    2
src/backend/tcop/utility.c                   |    5 src/backend/utils/cache/catcache.c            |   32
src/backend/utils/cache/syscache.c           |   15 src/backend/utils/fmgr/dfmgr.c                |   10
src/backend/utils/fmgr/fmgr.c                |    8 src/backend/utils/init/postinit.c             |   11
src/backend/utils/misc/guc.c                 |   18 src/backend/utils/misc/postgresql.conf.sample |    3
src/include/catalog/heap.h                   |    9 src/include/catalog/pg_attribute.h            |  500 !!!
src/include/catalog/pg_class.h               |   12 src/include/catalog/pg_database.h             |    6
src/include/catalog/pg_proc.h                | 4244 !!!!!!!!!!!!!!!!!!!!!!!!!! src/include/catalog/pg_proc_fn.h
    |    3 src/include/fmgr.h                            |   10 src/include/nodes/nodes.h                     |    3
src/include/nodes/parsenodes.h               |   30 src/include/nodes/plannodes.h                 |    2
src/include/pg_config.h.in                   |    3 src/include/security/sepgsql.h                |  257 +
src/include/storage/lwlock.h                 |    1 src/include/utils/catcache.h                  |    1
src/include/utils/errcodes.h                 |    5 src/include/utils/syscache.h                  |    2 65 files
changed,4769 insertions(+), 11 deletions(-), 4945 modifications(!)
 

-- 
KaiGai Kohei <kaigai@kaigai.gr.jp>


pgsql-hackers by date:

Previous
From: Robert Haas
Date:
Subject: Re: xpath processing brain dead
Next
From: Dave Gudeman
Date:
Subject: a proposal for an extendable deparser