Commit graph

860 commits

Author SHA1 Message Date
Sergei Golubchik
34e01f80e4 restore innodb_encrypt_tables validation function
that was apparently lost in 20c23048:

  commit 20c23048c1
  Author: Jan Lindström <jan.lindstrom@mariadb.com>
  Date:   Sun May 17 14:14:16 2015 +0300

      MDEV-8164: Server crashes in pfs_mutex_enter_func after fil_crypt_is_closing

This also reverts 8635c4b4:

  commit 8635c4b4e6
  Author: Jan Lindström <jan.lindstrom@mariadb.com>
  Date:   Thu May 21 11:02:03 2015 +0300

      Fix test failure.
2015-05-28 14:41:48 +02:00
Jan Lindström
a25ccd4f83 MDEV-8238: Tables with encryption=yes using file_key_management plugin are not encrypted
Analysis: Problem was that encryption was skipped.

Fixed by making sure that tables with ENCRYPTED=YES are encrypted.
2015-05-27 16:52:36 +03:00
Jan Lindström
2bea4bd9ed MDEV-8233: InnoDB: Assertion failure in fil_page_decompress with encrypted tables
Analysis: Problem was that used compression method needs to be stored
to the page.

Fixed by storing compression method after key_version to the page.
2015-05-27 15:34:10 +03:00
Jan Lindström
8c0ea281bf MDEV-8213: encryption.encryption_force, encryption.encrypt_and_grep fail with valgrind warnings (Invalid read)
Analysis: Problem was that code used old pointer.

Fixed by using correct pointer.
2015-05-26 16:09:36 +03:00
Jan Lindström
536112dd30 MDEV-8195: InnoDB: Error: trying to access tablespace 11262 page no. 7, InnoDB: but the tablespace does not exist or is just being dropped.
Analysis: Problem was that we did try to read from tablespace
that was being dropped.

Fixed by introducing a new function to find a tablespace only
if it is not being dropped currently and adding this check
before trying to read pages from tablespace.
2015-05-21 15:32:49 +03:00
Jan Lindström
925b64124a MDEV-8182: Failing assertion: 1 == UT_LIST_GET_LEN(space->chain)
Analysis: At fil_spage_get_space there is small change that space
is found from tablespace list but we have not yet created node
for it (and added it to space->chain) and as we hold fil_system
mutex here fil_node_create can't continue.

Fixed by allowing UT_LIST_GET_LEN(space->chain) == 0|| 1 and
introducint two new functions that access filespace list
and before returning space check that node is also created.
2015-05-20 20:32:10 +03:00
Jan Lindström
3e55ef26d4 MDEV-8173: InnoDB; Failing assertion: crypt_data->type == 1
Make sure that when we publish the crypt_data we access the
memory cache of the tablespace crypt_data. Make sure that
crypt_data is stored whenever it is really needed.

All this is not yet enough in my opinion because:

sql/encryption.cc has DBUG_ASSERT(scheme->type == 1) i.e.
crypt_data->type == CRYPT_SCHEME_1

However, for InnoDB point of view we have global crypt_data
for every tablespace. When we change variables on crypt_data
we take mutex. However, when we use crypt_data for
encryption/decryption we use pointer to this global
structure and no mutex to protect against changes on
crypt_data.

Tablespace encryption starts in fil_crypt_start_encrypting_space
from crypt_data that has crypt_data->type = CRYPT_SCHEME_UNENCRYPTED
and later we write page 0 CRYPT_SCHEME_1 and finally whe publish
that to memory cache.
2015-05-20 14:10:07 +03:00
Jan Lindström
20c23048c1 MDEV-8164: Server crashes in pfs_mutex_enter_func after fil_crypt_is_closing or alike
Analysis: Problem was that tablespaces not encrypted might not have
crypt_data stored on disk.

Fixed by always creating crypt_data to memory cache of the tablespace.

MDEV-8138: strange results from encrypt-and-grep test

Analysis: crypt_data->type is not updated correctly on memory
cache. This caused problem with state tranfer on
encrypted => unencrypted => encrypted.

Fixed by updating memory cache of crypt_data->type correctly based on
current srv_encrypt_tables value to either CRYPT_SCHEME_1 or
CRYPT_SCHEME_UNENCRYPTED.
2015-05-18 13:28:13 +03:00
Sergei Golubchik
54672a4f1e MDEV-8043 innodb tablespace encryption
"use after free" bug, when a thread replaces space->crypt_data
and frees the old crypt_data object while it's being used
by another thread.
2015-05-15 18:12:03 +02:00
Sergei Golubchik
e5989d52a7 InnoDB: simplify innobase_compression_algorithm_validate() 2015-05-15 18:12:03 +02:00
Sergei Golubchik
8815fb3d45 MDEV-8158 InnoDB: Failing assertion: new_state->key_version != ENCRYPTION_KEY_VERSION_INVALID on dynamic change of encryption variables
don't allow to enable srv_encrypt_tables if no
encryption plugin is loaded
2015-05-15 18:12:02 +02:00
Sergei Golubchik
8258a34800 InnoDB: check if scrubbing is enabled before scanning the tablespace 2015-05-15 18:12:02 +02:00
Sergei Golubchik
a94cabd503 MDEV-8159 InnoDB: Failing assertion: key_state->key_id
to simplify various checks, set crypt_data->key_id even
for not encrypted tablespaces
2015-05-15 18:12:02 +02:00
Sergei Golubchik
2300fe2e0e Identical key derivation code in XtraDB/InnoDB/Aria
* Extract it into the "encryption_scheme" service.
* Make these engines to use the service, remove duplicate code.
* Change MY_AES_xxx error codes, to return them safely
  from encryption_scheme_encrypt/decrypt without conflicting
  with ENCRYPTION_SCHEME_KEY_INVALID error
2015-05-15 18:12:01 +02:00
Jan Lindström
f8cacd03a7 MDEV-8143: InnoDB: Database page corruption on disk or a failed file read
Analysis: Problem was that we did create crypt data for encrypted table but
this new crypt data was not written to page 0. Instead a default crypt data
was written to page 0 at table creation.

Fixed by explicitly writing new crypt data to page 0 after successfull
table creation.
2015-05-14 11:32:24 +03:00
Sergei Golubchik
16b6ec2e37 MDEV-8130 Wrong error code/message while encrypting a partitioned InnoDB table
when checking for a flag, use & not ==
2015-05-13 14:27:18 +02:00
Sergei Golubchik
def48e623a MDEV-8141 InnoDB: background encryption thread uses FIL_DEFAULT_ENCRYPTION_KEY
* check key version per key id (that is, per tablespace).
* wake encryption thread when a tablespace needs re-encryption
2015-05-13 14:27:17 +02:00
Sergei Golubchik
a583976e78 MDEV-8015 InnoDB: Failing assertion: new_state->key_version != ENCRYPTION_KEY_VERSION_INVALID
InnoDB: refuse to start if encryption is requested but no
encryption plugin is available
2015-05-13 14:27:17 +02:00
Sergei Golubchik
b4777bfc11 cleanup, use encryption_key_id_exists() where appropriate 2015-05-13 14:27:17 +02:00
Jan Lindström
58e8db2eb3 MDEV-7942: InnoDB: abuse of UNIV_LIKELY()/UNIV_UNLIKELY()
UNIV_LIKELY()/UNIV_UNLIKELY() hints are supposed to improve branch prediction.
Currently, they're expected to work only if cond evaluates to TRUE or FALSE.

However there're a few conditions that may evaluate to different values, e.g.:

page/page0zip.cc:		if (UNIV_LIKELY(c_stream->avail_in)) {
page/page0zip.cc:			if (UNIV_LIKELY(c_stream->avail_in)) {
dict/dict0mem.cc:		if (UNIV_LIKELY(i) && UNIV_UNLIKELY(!table->col_names)) {

Fixed these conditions so that they evaluate TRUE/FALSE.
2015-05-11 14:31:42 +03:00
Jan Lindström
ecfc3de57e MDEV-8129: Compilation warnings in log0crypt.cc
Fix incorrect types and compiler warnings.
2015-05-11 12:22:13 +03:00
Sergei Golubchik
5fdb14542a MDEV-8021 "InnoDB: Tablespace id 4 encrypted but encryption service not available. Can't continue opening tablespace" on server restart when there are encrypted tables
key id was written in the wrong place on the tablespace first page
(thus its value could not be read back later)
2015-05-09 11:19:36 +02:00
Jan Lindström
d259376fd8 MDEV-8041: InnoDB redo log encryption
Merged new version of InnoDB/XtraDB redo log encryption from Google
provided by Jonas Oreland.
2015-05-09 11:13:00 +03:00
Jan Lindström
3832bda1ba Fix compiler error if compiler does not support c99 style
initializers.
2015-05-07 18:30:42 +03:00
Jan Lindström
b975685036 Merge pull request #54 from openquery/MDEV-8053-c99-style-for-structure-members-10.1
c99 style for assigning structure members
2015-05-06 16:48:17 +03:00
Jan Lindström
bad81f23f6 MDEV-8046: Server crashes in pfs_mutex_enter_func on select from I_S.INNODB_TABLESPACES_ENCRYPTION if InnoDB is disabled
Problem was that information schema tables innodb_tablespaces_encryption and
innodb_tablespaces_scrubbing where missing required check is InnoDB enabled
or not.
2015-05-06 15:16:28 +03:00
Jan Lindström
2f25c653ad MDEV-8074: Failing assertion: mutex->magic_n == MUTEX_MAGIC_N in file sync0sync.cc line 508
Problem was that e.g. on crash recovery fil_space_crypt_close_tablespace
and fil_space_crypt_mark_space_closing access mutex that is not yet
initialized. Mutex is naturally initialized only if encryption is
configured.
2015-05-06 14:11:30 +03:00
Jan Lindström
53382ac128 MDEV-8079: Crash when running MariaDB Debug with InnoDB on Windows
Problem was that std::vector was allocated using calloc instead of
new, this caused vector constructor not being called and vector
metadata not initialized.
2015-05-01 14:23:08 +03:00
Daniel Black
3d801e606b c99 style for assigning structure members 2015-04-27 21:08:52 +10:00
Kristian Nielsen
791b0ab5db Merge 10.0 -> 10.1 2015-04-20 13:21:58 +02:00
Kristian Nielsen
167332597f Merge 10.0 -> 10.1.
Conflicts:
	mysql-test/suite/multi_source/multisource.result
	sql/sql_base.cc
2015-04-17 15:18:44 +02:00
Sergei Golubchik
4a7472bbf2 fix a crash in innodb.innodb-wl5522-zip,xtradb
dereferencing of the uninitialized pointer bpade->slot
(when compiled without UNIV_DEBUG)
2015-04-11 00:28:42 +02:00
Sergei Golubchik
a73676b2e6 Merge branch '10.1' into bb-10.1-serg 2015-04-10 19:32:14 +02:00
Sergei Golubchik
966b236612 add support for --innodb-encrypt-tables=FORCE
this will prevent user from creating tables with ENCRYPTED=OFF
2015-04-10 02:53:32 +02:00
Sergei Golubchik
dab6c83744 allow srv_encrypt_tables and ENCRYPTED=YES to be used together 2015-04-10 02:51:06 +02:00
Sergei Golubchik
bc9f118e29 rename table attribute ENCRYPTION=ON/OFF to ENCRYPTED=YES/NO 2015-04-10 02:51:01 +02:00
Sergei Golubchik
ea764f5f52 s/innodb_default_encryption_key/innodb_default_encryption_key_id/
and make it a session variable, not global, as any decent
default sysvar for a table attribute should be
2015-04-10 02:40:10 +02:00
Sergei Golubchik
92ff523619 change ENCRYPTION_KEY_ID to be HA_TOPTION_SYSVAR
instead of manually implenting "default from a sysvar" in the code
2015-04-10 02:39:36 +02:00
Sergei Golubchik
0a9052f591 Store the key id in the tablespace and read it back 2015-04-09 19:36:12 +02:00
Sergei Golubchik
97d5de4ccf Add encryption key id to the API as a distinct concept
which is separate from the encryption key version
2015-04-09 19:35:40 +02:00
Sergei Golubchik
5dffda3ccc Merge branch 'bb-10.1-jan-encryption' into bb-10.1-serg
With changes:

* update tests to pass (new encryption/encryption_key_id syntax).
* not merged the code that makes engine aware of the encryption mode
  (CRYPT_SCHEME_1_CBC, CRYPT_SCHEME_1_CTR, storing it on disk, etc),
  because now the encryption plugin is handling it.
* compression+encryption did not work in either branch before the
  merge - and it does not work after the merge. it might be more
  broken after the merge though - some of that code was not merged.
* page checksumming code was not moved (moving of page checksumming
  from fil_space_encrypt() to fil_space_decrypt was not merged).
* restored deleted lines in buf_page_get_frame(), otherwise
  innodb_scrub test failed.
2015-04-09 19:27:40 +02:00
Sergei Golubchik
129e960179 fix log_blocks_crypt() to actually decrypt the encrypted log
It used to double-encrypt it, relying on the fact that second
encrypt() call was (like XOR) negating the effect of the
first one.
2015-04-09 19:06:11 +02:00
Sergei Golubchik
d6b912c64d update XtraDB/InnoDB plugin maturity to match the server
because of encryption changes - make it beta and let
it mature together with the server
2015-04-09 18:44:02 +02:00
Sergei Golubchik
f130da7b00 clarify/simplify new innodb sysvars: help texts 2015-04-09 18:42:45 +02:00
Sergei Golubchik
87cf86519e clarify/simplify new innodb sysvars: innodb-scrub-force-testing
rename to innodb-debug-force-scrubbing
2015-04-09 18:42:45 +02:00
Sergei Golubchik
19e76814b7 clarify/simplify new innodb sysvars: innodb-scrub-log-interval
rename to innodb-scrub-log-speed
2015-04-09 18:42:45 +02:00
Sergei Golubchik
72c8b3fcb2 small cleanups as per review 2015-04-09 18:42:44 +02:00
Sergei Golubchik
4d40a7d133 remove now-empty my_aes.{h,cc}
move remaning defines to my_crypt, add MY_ namespace prefix
2015-04-09 18:42:44 +02:00
Sergei Golubchik
65e7826070 renames to follow single consistent naming style
with namespace prefixes
2015-04-09 18:42:44 +02:00
Sergei Golubchik
bb1b61b312 encryption plugin controls the encryption
* no --encryption-algorithm option anymore
* encrypt/decrypt methods in the encryption plugin
* ecnrypt/decrypt methods in the encryption_km service
* file_km plugin has --file-key-management-encryption-algorithm
* debug_km always uses aes_cbc
* example_km changes between aes_cbc and aes_ecb for different key versions
2015-04-09 18:42:43 +02:00