MDEV-13834: Upgrade failure from 10.1 innodb_encrypt_log

log_crypt_101_read_block(): Mimic MariaDB 10.1, and use the first encryption key if the key for the checkpoint cannot be found. Redo log encryption key rotation was ultimately disabled in MDEV-9422 (MariaDB 10.1.13) due to design issues. So, from MariaDB 10.1.13 onwards only one log encryption key should matter. recv_log_format_0_recover(): Add the parameter 'bool crypt'. Indicate when the log cannot be decrypted for upgrade, instead of making a possibly false claim that the log requires crash recovery. init_crypt_key(): Remove extra space from a message.
MariaDB · Jun 4, 2018 · 5932a4e · 5932a4e
1 parent 40dc1a6
commit 5932a4e
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 8 deletions.
diff --git a/storage/innobase/log/log0crypt.cc b/storage/innobase/log/log0crypt.cc
@@ -1,7 +1,7 @@
 /*****************************************************************************
 
 Copyright (C) 2013, 2015, Google Inc. All Rights Reserved.
-Copyright (C) 2014, 2017, MariaDB Corporation. All Rights Reserved.
+Copyright (C) 2014, 2018, MariaDB Corporation.
 
 This program is free software; you can redistribute it and/or modify it under
 the terms of the GNU General Public License as published by the Free Software
@@ -159,7 +159,7 @@ static bool init_crypt_key(crypt_info_t* info, bool upgrade = false)
 			<< "Obtaining redo log encryption key version "
 			<< info->key_version << " failed (" << rc
 			<< "). Maybe the key or the required encryption "
-			<< " key management plugin was not found.";
+			"key management plugin was not found.";
 		return false;
 	}
 
@@ -279,7 +279,12 @@ log_crypt_101_read_block(byte* buf)
 		}
 	}
 
-	return false;
+	if (infos_used == 0) {
+		return false;
+	}
+	/* MariaDB Server 10.1 would use the first key if it fails to
+	find a key for the current checkpoint. */
+	info = infos;
 found:
 	byte dst[OS_FILE_LOG_BLOCK_SIZE];
 	uint dst_len;

diff --git a/storage/innobase/log/log0recv.cc b/storage/innobase/log/log0recv.cc
@@ -871,12 +871,11 @@ recv_find_max_checkpoint_0(log_group_t** max_group, ulint* max_field)
 
 /** Determine if a pre-MySQL 5.7.9/MariaDB 10.2.2 redo log is clean.
 @param[in]	lsn	checkpoint LSN
+@param[in]	crypt	whether the log might be encrypted
 @return error code
 @retval	DB_SUCCESS	if the redo log is clean
 @retval DB_ERROR	if the redo log is corrupted or dirty */
-static
-dberr_t
-recv_log_format_0_recover(lsn_t lsn)
+static dberr_t recv_log_format_0_recover(lsn_t lsn, bool crypt)
 {
 	log_mutex_enter();
 	log_group_t*	group = &log_sys->log;
@@ -911,7 +910,13 @@ recv_log_format_0_recover(lsn_t lsn)
 	}
 
 	if (log_block_get_data_len(buf)
-	    != (source_offset & (OS_FILE_LOG_BLOCK_SIZE - 1))) {
+	    == (source_offset & (OS_FILE_LOG_BLOCK_SIZE - 1))) {
+	} else if (crypt) {
+		ib::error() << "Cannot decrypt log for upgrading."
+			" The encrypted log was created before MariaDB 10.2.2"
+			    << NO_UPGRADE_RTFM_MSG;
+		return DB_ERROR;
+	} else {
 		ib::error() << NO_UPGRADE_RECOVERY_MSG
 			<< NO_UPGRADE_RTFM_MSG;
 		return(DB_ERROR);
@@ -3259,7 +3264,8 @@ recv_recovery_from_checkpoint_start(lsn_t flush_lsn)
 	switch (group->format) {
 	case 0:
 		log_mutex_exit();
-		return(recv_log_format_0_recover(checkpoint_lsn));
+		return recv_log_format_0_recover(checkpoint_lsn,
+						 buf[20 + 32 * 9] == 2);
 	default:
 		if (end_lsn == 0) {
 			break;