From ce0ce5c137d52c36e5204890ea8061a0ec772240 Mon Sep 17 00:00:00 2001 From: Muhammad Usama Date: Tue, 27 Feb 2024 11:59:13 +0500 Subject: [PATCH] Taking care of review comments Adjusting provider_name length in pg_tde_key_provider catalog definition and adding a TODO note for implementing an eviction policy for the master key cache. --- pg_tde--1.0.sql | 2 +- src/catalog/tde_master_key.c | 9 ++++++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/pg_tde--1.0.sql b/pg_tde--1.0.sql index 4668cdc7..2191c64d 100644 --- a/pg_tde--1.0.sql +++ b/pg_tde--1.0.sql @@ -10,7 +10,7 @@ CREATE SCHEMA percona_tde; -- and we do not want to encrypt this table using pg_tde. CREATE TABLE percona_tde.pg_tde_key_provider(provider_id SERIAL, keyring_type VARCHAR(10) CHECK (keyring_type IN ('file', 'vault-v2')), - provider_name VARCHAR(256) UNIQUE NOT NULL, options JSON, PRIMARY KEY(provider_id)) using heap; + provider_name VARCHAR(255) UNIQUE NOT NULL, options JSON, PRIMARY KEY(provider_id)) using heap; -- If you want to add new provider types, you need to make appropriate changes -- in include/catalog/tde_keyring.h and src/catalog/tde_keyring.c files. diff --git a/src/catalog/tde_master_key.c b/src/catalog/tde_master_key.c index 3e238221..dd8d4c06 100644 --- a/src/catalog/tde_master_key.c +++ b/src/catalog/tde_master_key.c @@ -475,7 +475,14 @@ get_master_key_from_cache(bool acquire_lock) } /* - * push the master key for current database to the shared memory cache + * Push the master key for current database to the shared memory cache. + * TODO: Add eviction policy + * For now we just keep pushing the master keys to the cache and do not have + * any eviction policy. We have one master key for a database, so at max, + * we could have as many entries in the cache as the number of databases. + * Which in practice would not be a huge number, but still we need to have + * some eviction policy in place. Moreover, we need to have some mechanism to + * remove the cache entry when the database is dropped. */ static void push_master_key_to_cache(TDEMasterKey *masterKey)