privilege: limit the privileges in memory schemas

[tangenta]

What problem does this PR solve?

Issue Number: close #35205

Problem Summary:

In the previous implementation, metrics_schema.t isn't one of the metrics tables, so the privilege checker is skipped. However, because the memory databases are not persist in storage, DDL hangs because of "database not exists" error.

What is changed and how it works?

This PR disallows users run CREATE/ALTER/DROP/INSERT/UPDATE/DELETE statements on any tables in memory databases.

Check List

Tests

• Unit test
• Integration test
• Manual test (add detailed scripts or steps below)
• No code

Side effects

• Performance regression: Consumes more CPU
• Performance regression: Consumes more Memory
• Breaking backward compatibility

After this PR, the following operations on memory tables are not supported anymore:

• information_schema: REFERENCES, EXECUTE, SHOW VIEW, LOCK TABLES.
• performance_schema: CREATE, LOCK TABLES.
• metrics_schema: CREATE, CREATE VIEW. REFERENCES, EXECUTE, SHOW VIEW, LOCK TABLES.

Documentation

• Affects user behaviors
• Contains syntax changes
• Contains variable changes
• Contains experimental features
• Changes MySQL compatibility

Release note

Please refer to Release Notes Language Style Guide to write a quality release note.

Fix an issue that client stuck when create table in metrics_schema.

[ti-chi-bot]

[REVIEW NOTIFICATION]

This pull request has been approved by:

• djshow832
• tiancaiamao

To complete the pull request process, please ask the reviewers in the list to review by filling /cc @reviewer in the comment.
After your PR has acquired the required number of LGTMs, you can assign this pull request to the committer in the list by filling /assign @committer in the comment to help you merge this pull request.

The full list of commands accepted by this bot can be found here.

Reviewer can indicate their review by submitting an approval review.
Reviewer can cancel approval by submitting a request changes review.

[djshow832]

This PR also disallows creating views on performance_schema and metrics_schema.

[tangenta]

MySQL cannot create views in performance_schema.

mysql> create view performance_schema.v as select * from test.t;
ERROR 1044 (42000): Access denied for user 'root'@'%' to database 'performance_schema'

[tiancaiamao]

/merge

[ti-chi-bot]

This pull request has been accepted and is ready to merge.

Commit hash: 8541168

[sre-bot]

Code Coverage Details: https://codecov.io/github/pingcap/tidb/commit/dae3ffd7b783c3bfc4d6758de7c72e2125d87eae

[hawkingrei]

/run-mysql-test

[Defined2014]

/unhold

[ti-srebot]

cherry pick to release-4.0 in PR #35329

[ti-srebot]

cherry pick to release-5.0 in PR #35330

[ti-srebot]

cherry pick to release-5.1 in PR #35331

[ti-srebot]

cherry pick to release-5.2 in PR #35332

[ti-srebot]

cherry pick to release-5.3 in PR #35333

[ti-srebot]

cherry pick to release-5.4 in PR #35334

[ti-srebot]

cherry pick to release-6.0 in PR #35335

[ti-srebot]

cherry pick to release-6.1 in PR #35336

[sre-bot]

TiDB MergeCI notify

✅ Well Done! New fixed [1] after this pr merged.

CI Name	Result	Duration	Compare with Parent commit
idc-jenkins-ci-tidb/integration-common-test	🔴 failed 2, success 9, total 11	21 min	Existing failure
idc-jenkins-ci-tidb/common-test	✅ all 12 tests passed	11 min	Fixed
idc-jenkins-ci/integration-cdc-test	🟢 all 35 tests passed	26 min	Existing passed
idc-jenkins-ci-tidb/sqllogic-test-2	🟢 all 28 tests passed	7 min 14 sec	Existing passed
idc-jenkins-ci-tidb/integration-ddl-test	🟢 all 6 tests passed	6 min 43 sec	Existing passed
idc-jenkins-ci-tidb/tics-test	🟢 all 1 tests passed	5 min 54 sec	Existing passed
idc-jenkins-ci-tidb/sqllogic-test-1	🟢 all 26 tests passed	5 min 44 sec	Existing passed
idc-jenkins-ci-tidb/mybatis-test	🟢 all 1 tests passed	3 min 45 sec	Existing passed
idc-jenkins-ci-tidb/integration-compatibility-test	🟢 all 1 tests passed	3 min 34 sec	Existing passed
idc-jenkins-ci-tidb/plugin-test	🟢 build success, plugin test success	4min	Existing passed