Re: [HACKERS] Updates of SE-PostgreSQL 8.4devel patches (r1608)

Thu, 26 Feb 2009 11:02:40 -0800 

Bruce Momjian wrote:

KaiGai Kohei wrote:

The series of SE-PostgreSQL patches for v8.4 were updated:
[1/5] http://sepgsql.googlecode.com/files/sepgsql-core-8.4devel-r1608.patch
[2/5] http://sepgsql.googlecode.com/files/sepgsql-utils-8.4devel-r1608.patch
[3/5] http://sepgsql.googlecode.com/files/sepgsql-policy-8.4devel-r1608.patch
[4/5] http://sepgsql.googlecode.com/files/sepgsql-docs-8.4devel-r1608.patch
[5/5] http://sepgsql.googlecode.com/files/sepgsql-tests-8.4devel-r1608.patch

- List of updates:
  * bugfix: sepgsqlCheckProcedureEntrypoint() was invoked twice when
    security invoker functions are invoked.

Rest of parts are unchanged. Don't mind contracted filename.
Please comment anything. It will help to improve our code.


I did an analysis of the "core" file:

        http://sepgsql.googlecode.com/files/sepgsql-core-8.4devel-r1608.patch

        changed lines      3226
        new files          4075
        syscatalog         9977
        ----
        total             17278

The good news is that 3226 is the affect on the non-system-catalog main
core code, and is a context diff size, not total changed lines.


Hum...? What utility did you use to compute the lines?
It seems to me the changed lines except for system catalogs are larger than
actual one.

The diffstat says:
 65 files changed, 4769 insertions(+), 11 deletions(-), 4945 modifications(!)

The (4244 + 500) of 4945 modifications come from pg_proc.h and pg_attribute.h
due to a new field to store security label of procedures and columns.

The new files adds 4014 in total, so rest of (755 + 11 + 201 = 967) lines are
estimated changes in the main core code.

Anyway, I believe the burden of reviewer became smaller than the prior
full-set version.

Thanks,

-------------------------------------------------------------
[kai...@masu ~]$ diffstat ~/sepgsql-core-8.4devel-r1608.patch
 configure                                     |  113
 configure.in                                  |   13
 src/Makefile.global.in                        |    1
 src/backend/Makefile                          |    7
 src/backend/access/heap/heapam.c              |   12
 src/backend/bootstrap/bootparse.y             |    4
 src/backend/bootstrap/bootstrap.c             |    3
 src/backend/catalog/aclchk.c                  |   11
 src/backend/catalog/heap.c                    |   94
 src/backend/catalog/index.c                   |    8
 src/backend/catalog/pg_aggregate.c            |    3
 src/backend/catalog/pg_proc.c                 |    9
 src/backend/catalog/toasting.c                |    3
 src/backend/commands/cluster.c                |    4
 src/backend/commands/copy.c                   |    9
 src/backend/commands/dbcommands.c             |   33
 src/backend/commands/foreigncmds.c            |    7
 src/backend/commands/functioncmds.c           |   77
 src/backend/commands/lockcmds.c               |    4
 src/backend/commands/proclang.c               |    6
 src/backend/commands/tablecmds.c              |   99
 src/backend/commands/trigger.c                |    6
 src/backend/executor/execMain.c               |   22
 src/backend/nodes/copyfuncs.c                 |   25
 src/backend/nodes/equalfuncs.c                |   21
 src/backend/nodes/outfuncs.c                  |   28
 src/backend/nodes/readfuncs.c                 |   41
 src/backend/optimizer/plan/planner.c          |    1
 src/backend/parser/gram.y                     |   63
 src/backend/postmaster/postmaster.c           |   43
 src/backend/rewrite/rewriteHandler.c          |    6
 src/backend/security/Makefile                 |   11
 src/backend/security/sepgsql/Makefile         |   16
 src/backend/security/sepgsql/avc.c            | 1157 +++++++
 src/backend/security/sepgsql/checker.c        |  902 +++++
 src/backend/security/sepgsql/core.c           |  235 +
 src/backend/security/sepgsql/dummy.c          |   37
 src/backend/security/sepgsql/hooks.c          |  576 +++
 src/backend/security/sepgsql/label.c          |  360 ++
 src/backend/security/sepgsql/perms.c          |  463 ++
 src/backend/storage/ipc/ipci.c                |    2
 src/backend/tcop/utility.c                    |    5
 src/backend/utils/cache/catcache.c            |   32
 src/backend/utils/cache/syscache.c            |   15
 src/backend/utils/fmgr/dfmgr.c                |   10
 src/backend/utils/fmgr/fmgr.c                 |    8
 src/backend/utils/init/postinit.c             |   11
 src/backend/utils/misc/guc.c                  |   18
 src/backend/utils/misc/postgresql.conf.sample |    3
 src/include/catalog/heap.h                    |    9
 src/include/catalog/pg_attribute.h            |  500 !!!
 src/include/catalog/pg_class.h                |   12
 src/include/catalog/pg_database.h             |    6
 src/include/catalog/pg_proc.h                 | 4244 !!!!!!!!!!!!!!!!!!!!!!!!!!
 src/include/catalog/pg_proc_fn.h              |    3
 src/include/fmgr.h                            |   10
 src/include/nodes/nodes.h                     |    3
 src/include/nodes/parsenodes.h                |   30
 src/include/nodes/plannodes.h                 |    2
 src/include/pg_config.h.in                    |    3
 src/include/security/sepgsql.h                |  257 +
 src/include/storage/lwlock.h                  |    1
 src/include/utils/catcache.h                  |    1
 src/include/utils/errcodes.h                  |    5
 src/include/utils/syscache.h                  |    2
 65 files changed, 4769 insertions(+), 11 deletions(-), 4945 modifications(!)

--
KaiGai Kohei <kai...@kaigai.gr.jp>

--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Reply via email to