| From: | Kohei Kaigai <Kohei(dot)Kaigai(at)EMEA(dot)NEC(dot)COM> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | Yeb Havinga <yebhavinga(at)gmail(dot)com>, Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp>, PgHacker <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [v9.1] sepgsql - userspace access vector cache |
| Date: | 2011-07-20 16:25:41 |
| Message-ID: | D0C1A1F8BF513F469926E6C71461D9EC01DB31@EX10MBX02.EU.NEC.COM |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> On Wed, Jul 20, 2011 at 12:04 PM, Kohei Kaigai
> <Kohei(dot)Kaigai(at)emea(dot)nec(dot)com> wrote:
> > The sepgsql_restorecon(NULL) assigns default security label on all the
> > database objects being controlled, thus, its workload caches security
> > label (including text data) of these objects.
> > So, ~5MB of difference is an upper limit of syscache usage because of
> > SECLABELOID.
>
> No, it's not. It's just the upper limit of how large it can be on an
> *empty* database. A real database could have hundreds of tables and
> views and thousands of columns. To say nothing of large objects.
>
Ah, sorry, you are correct.
Regarding to large objects, GetSecurityLabel() is modified not to use
SECLABELOID to flood of the syscache.
Thanks,
--
NEC Europe Ltd, SAP Global Competence Center
KaiGai Kohei <kohei(dot)kaigai(at)emea(dot)nec(dot)com>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Kohei Kaigai | 2011-07-20 16:40:06 | Re: [v9.1] sepgsql - userspace access vector cache |
| Previous Message | Robert Haas | 2011-07-20 16:21:59 | Re: [v9.1] sepgsql - userspace access vector cache |