Fixing review comments

src/access/pg_tde_prune.c

@@ -1341,24 +1341,6 @@ pgtde_compactify_tuples(Relation rel, Buffer buffer, itemIdCompact itemidbase, i
 
 			itemidptr = &itemidbase[i];
 
-			if(copy_head < copy_tail)
-			{
-				// TODO: recheck this condition
-				// We leave the original loop as-is, and recrypt tuples one by one
-				// This is definitely not the fastest, but simple
-				BlockNumber bn = BufferGetBlockNumber(buffer);
-				unsigned long header_size = sizeof(HeapTupleHeaderData);
-				uint64 read_offset_in_page = copy_head;
-				uint64 write_offset_in_page = upper;
-				uint32 data_len = itemidptr->len - header_size;
-				char* read_from = (char*)(page) + copy_head + header_size;
-				char* write_to = (char*)(page) + copy_head + header_size;
-
-				PG_TDE_RE_ENCRYPT_TUPLE_DATA(bn, read_offset_in_page, read_from,
-											bn, write_offset_in_page, write_to,
-											data_len, keys);
-			}
-
 			lp = PageGetItemId(page, itemidptr->offsetindex + 1);
 
 			if (copy_head != itemidptr->itemoff + itemidptr->alignedlen && copy_head < copy_tail)
@@ -1383,25 +1365,6 @@ pgtde_compactify_tuples(Relation rel, Buffer buffer, itemIdCompact itemidbase, i
 			lp->lp_off = upper;
 		}
 
-		// TODO: it says remaining, but looks like it's only one?
-		// TODO: exact same block is duplicated twice
-			if(copy_head < copy_tail) { // TODO: recheck this condition
-				// We leave the original loop as-is, and recrypt tuples one by one
-				// This is definitely not the fastest, but simple
-				//
-				BlockNumber bn = BufferGetBlockNumber(buffer);
-				unsigned long header_size = sizeof(HeapTupleHeaderData);
-				uint64 read_offset_in_page = copy_head;
-				uint64 write_offset_in_page = upper;
-				uint32 data_len = itemidptr->len - header_size;
-				char* read_from = (char*)(page) + copy_head + header_size;
-				char* write_to = (char*)(page) + copy_head + header_size;
-
-				PG_TDE_RE_ENCRYPT_TUPLE_DATA(bn, read_offset_in_page, read_from,
-											bn, write_offset_in_page, write_to,
-											data_len, keys);
-			}
-
 		/* move the remaining tuples. */
 		memmove((char *) page + upper,
 				page + copy_head,
@@ -1482,21 +1445,6 @@ pgtde_compactify_tuples(Relation rel, Buffer buffer, itemIdCompact itemidbase, i
 			ItemId		lp;
 
 			itemidptr = &itemidbase[i];
-			if(copy_head < copy_tail) { // TODO: recheck this condition
-				// We leave the original loop as-is, and recrypt tuples one by one
-				// This is definitely not the fastest, but simple
-				BlockNumber bn = BufferGetBlockNumber(buffer);
-				unsigned long header_size = sizeof(HeapTupleHeaderData);
-				uint64 read_offset_in_page = copy_head;
-				uint64 write_offset_in_page = upper;
-				uint32 data_len = itemidptr->len - header_size;
-				char* read_from = scratchptr + copy_head + header_size;
-				char* write_to = scratchptr + copy_head + header_size;
-
-				PG_TDE_RE_ENCRYPT_TUPLE_DATA(bn, read_offset_in_page, read_from,
-											bn, write_offset_in_page, write_to,
-											data_len, keys);
-			}
 
 			lp = PageGetItemId(page, itemidptr->offsetindex + 1);
 
@@ -1523,22 +1471,6 @@ pgtde_compactify_tuples(Relation rel, Buffer buffer, itemIdCompact itemidbase, i
 			lp->lp_off = upper;
 		}
 
-		/* Recrypt the remaining chunk */
-		if(copy_head < copy_tail) { // TODO: recheck this condition
-			BlockNumber bn = BufferGetBlockNumber(buffer);
-			unsigned long header_size = sizeof(HeapTupleHeaderData);
-			uint64 read_offset_in_page = copy_head;
-			uint64 write_offset_in_page = upper;
-			uint32 data_len = itemidptr->len - header_size;
-			char* read_from = scratchptr + copy_head + header_size;
-			char* write_to = scratchptr + copy_head + header_size;
-
-			PG_TDE_RE_ENCRYPT_TUPLE_DATA(bn, read_offset_in_page, read_from,
-										bn, write_offset_in_page, write_to,
-										data_len, keys);
-
-		}
-
 		/* Copy the remaining chunk */
 		memcpy((char *) page + upper,
 			   scratchptr + copy_head,

src/access/pg_tdetoast.c

@@ -709,6 +709,8 @@ pg_tde_fetch_toast_slice(Relation toastrel, Oid valueid, int32 attrsize,
 	toastscan = systable_beginscan_ordered(toastrel, toastidxs[validIndex],
 										   &SnapshotToast, nscankeys, toastkey);
 
+	memcpy(iv_prefix, &valueid, sizeof(Oid));
+
 	/*
 	 * Read the chunks by index
 	 *
@@ -811,7 +813,6 @@ pg_tde_fetch_toast_slice(Relation toastrel, Oid valueid, int32 attrsize,
 		}
 		/* Decrypt the data chunk by chunk here */
 
-		memcpy(iv_prefix, &valueid, sizeof(Oid));
 		PG_TDE_DECRYPT_DATA(iv_prefix, (curchunk * TOAST_MAX_CHUNK_SIZE - sliceoffset) + encrypt_offset,
 					chunkdata + chcpystrt,
 					(chcpyend - chcpystrt) + 1,
@@ -847,7 +848,7 @@ pg_tde_toast_encrypt(Pointer dval, Oid valueid, RelKeysData *keys)
 	int32		data_size =0;
 	char*		data_p;
 	char*		encrypted_data;
-	char iv_prefix[16] = {0,};
+	char		iv_prefix[16] = {0,};
 
 	/*
 	 * Encryption specific data_p and data_size as we have to avoid

src/encryption/enc_tuple.c

@@ -102,15 +102,11 @@ void
 pg_tde_crypt_tuple(HeapTuple tuple, HeapTuple out_tuple, RelKeysData* keys, const char* context)
 {
 	char iv_prefix[16] = {0};
-    uint32 data_len = tuple->t_len - tuple->t_data->t_hoff;
-    char *tup_data = (char*)tuple->t_data + tuple->t_data->t_hoff;
-    char *out_data = (char*)out_tuple->t_data + out_tuple->t_data->t_hoff;
-	iv_prefix[0] = tuple->t_self.ip_blkid.bi_hi / 256;
-	iv_prefix[1] = tuple->t_self.ip_blkid.bi_hi % 256;
-	iv_prefix[2] = tuple->t_self.ip_blkid.bi_lo / 256;
-	iv_prefix[3] = tuple->t_self.ip_blkid.bi_lo % 256;
-	iv_prefix[4] = tuple->t_self.ip_posid / 256;
-	iv_prefix[5] = tuple->t_self.ip_posid % 256;
+	uint32 data_len = tuple->t_len - tuple->t_data->t_hoff;
+	char *tup_data = (char*)tuple->t_data + tuple->t_data->t_hoff;
+	char *out_data = (char*)out_tuple->t_data + out_tuple->t_data->t_hoff;
+
+	SetIvPrefix(&tuple->t_self, iv_prefix);
 
 #ifdef ENCRYPTION_DEBUG
     ereport(LOG,
@@ -126,6 +122,17 @@ pg_tde_crypt_tuple(HeapTuple tuple, HeapTuple out_tuple, RelKeysData* keys, cons
 // HELPER FUNCTIONS FOR ENCRYPTION
 // ================================================================
 
+static void
+SetIVPrefix(ItemPointerData* ip, char* iv_prefix)
+{
+	iv_prefix[0] = ip->ip_blkid.bi_hi / 256;
+	iv_prefix[1] = ip->ip_blkid.bi_hi % 256;
+	iv_prefix[2] = ip->ip_blkid.bi_lo / 256;
+	iv_prefix[3] = ip->ip_blkid.bi_lo % 256;
+	iv_prefix[4] = ip->ip_posid / 256;
+	iv_prefix[5] = ip->ip_posid % 256;
+}
+
 OffsetNumber
 PGTdePageAddItemExtended(RelFileLocator rel,
 					Oid oid,
@@ -143,18 +150,13 @@ PGTdePageAddItemExtended(RelFileLocator rel,
 	char* toAddr = ((char*)phdr) + phdr->pd_upper + header_size;
 	char* data = item + header_size;
 	uint32	data_len = size - header_size;
-	// ctid stored in item is incorrect (not set) at this point
+	/* ctid stored in item is incorrect (not set) at this point */
 	ItemPointerData ip;
 	RelKeysData *keys = GetRelationKeys(rel);
 
 	ItemPointerSet(&ip, bn, off); 
 
-	iv_prefix[0] = ip.ip_blkid.bi_hi / 256;
-	iv_prefix[1] = ip.ip_blkid.bi_hi % 256;
-	iv_prefix[2] = ip.ip_blkid.bi_lo / 256;
-	iv_prefix[3] = ip.ip_blkid.bi_lo % 256;
-	iv_prefix[4] = ip.ip_posid / 256;
-	iv_prefix[5] = ip.ip_posid % 256;
+	SetIvPrefix(&ip, iv_prefix);
 
 	PG_TDE_ENCRYPT_PAGE_ITEM(iv_prefix, 0, data, data_len, toAddr, keys);
 	return off;

src/include/encryption/enc_tuple.h

@@ -57,9 +57,4 @@ PGTdeExecStorePinnedBufferHeapTuple(Relation rel, HeapTuple tuple, TupleTableSlo
 		pg_tde_crypt(_iv_prefix, _iv_prefix_len, _data, _data_len, _out, _keys, "ENCRYPT-PAGE-ITEM"); \
 	} while(0)
 
-#define PG_TDE_RE_ENCRYPT_TUPLE_DATA(_read_bn, _read_offset_in_page, _read_data, \
-				_write_bn, _write_offset_in_page, _write_data, _data_len, _keys) \
-	do { \
-	} while(0)
-
 #endif /*ENC_TUPLE_H*/