From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
---|---|
To: | Yeb Havinga <yebhavinga(at)gmail(dot)com> |
Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Kohei Kaigai <Kohei(dot)Kaigai(at)emea(dot)nec(dot)com>, Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp>, PgHacker <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: [v9.1] sepgsql - userspace access vector cache |
Date: | 2011-07-21 19:29:49 |
Message-ID: | CA+TgmobPyRi6e3UXOxjB9nqOsO6_mGa92Bb0Rq9D4reUnnZWSQ@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Thu, Jul 21, 2011 at 3:25 PM, Yeb Havinga <yebhavinga(at)gmail(dot)com> wrote:
> Is it possible to only include the syscache on --enable-selinux
> configurations? It would imply physical data incompatibility with standard
> configurations, but that's also true for e.g. the block size.
Not really. SECURITY LABEL is supposedly a generic facility that can
be used by a variety of providers, and the regression tests load a
dummy provider which works on any platform to test that it hasn't
gotten broken.
> Also, the tests I did with varying bucket sizes suggested that decreasing
> the syscache to 256 didn't show a significant performance decrease compared
> to the 2048 #buckets, for the restorecon test, which hits over 3000 objects
> with security labels. My guess is that that is a fair middle of the road
> database schema size. Are you unwilling to pay the startup overhead for a
> extra 256 syscache?
Not sure. I'd rather not, if it's easy to rejigger things so we don't
have to. I don't think this is necessarily a hard problem to solve -
it's just that no one has tried yet.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
From | Date | Subject | |
---|---|---|---|
Next Message | Yeb Havinga | 2011-07-21 19:32:54 | Re: [v9.1] sepgsql - userspace access vector cache |
Previous Message | Dave Page | 2011-07-21 19:29:41 | Re: sinval synchronization considered harmful |