Remove the SECURITY_ROW_LEVEL_DISABLED security context bit.

This commit's parent made superfluous the bit's sole usage.  Referential
integrity checks have long run as the subject table's owner, and that
now implies RLS bypass.  Safe use of the bit was tricky, requiring
strict control over the SQL expressions evaluating therein.  Back-patch
to 9.5, where the bit was introduced.

Based on a patch by Stephen Frost.

1 files changed, 2 insertions, 10 deletions

diff --git a/src/backend/utils/cache/plancache.c b/src/backend/utils/cache/plancache.c
index 525794fb644..1be20fcd9aa 100644
--- a/src/backend/utils/cache/plancache.c
+++ b/src/backend/utils/cache/plancache.c
@@ -204,7 +204,6 @@ CreateCachedPlan(Node *raw_parse_tree,
 	plansource->total_custom_cost = 0;
 	plansource->num_custom_plans = 0;
 	plansource->hasRowSecurity = false;
-	plansource->rowSecurityDisabled = InRowLevelSecurityDisabled();
 	plansource->row_security_env = row_security;
 	plansource->planUserId = InvalidOid;
 
@@ -601,17 +600,10 @@ RevalidateCachedQuery(CachedPlanSource *plansource)
 	}
 
 	/*
-	 * Check if row security is enabled for this query and things have changed
-	 * such that we need to invalidate this plan and rebuild it.  Note that if
-	 * row security was explicitly disabled (eg: this is a FK check plan) then
-	 * we don't invalidate due to RLS.
-	 *
-	 * Otherwise, if the plan has a possible RLS dependency, force a replan if
-	 * either the role under which the plan was planned or the row_security
-	 * setting has been changed.
+	 * If the plan has a possible RLS dependency, force a replan if either the
+	 * role or the row_security setting has changed.
 	 */
 	if (plansource->is_valid
-		&& !plansource->rowSecurityDisabled
 		&& plansource->hasRowSecurity
 		&& (plansource->planUserId != GetUserId()
 			|| plansource->row_security_env != row_security))