Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Minimal working prototype for SMGR + Event trigger + keyring encryption #199

Merged
merged 1 commit into from
Jun 11, 2024
Merged

Minimal working prototype for SMGR + Event trigger + keyring encryption #199

merged 1 commit into from
Jun 11, 2024

Conversation

dutow
Copy link
Collaborator

@dutow dutow commented May 29, 2024

  • Introduces pg_tde2 access method
  • New access method uses the event trigger changes from Implement event triggers to identify index creation on encrypted tables. #196
  • Keys are now loaded from the keyring
  • This requires changes to the map file / master key infrastructure
  • This commit only modifies/fixes those as little as required for simplicity.
    More refactoring/changes coming in separate commits / PRs
  • Removes reliance from MyDatabaseId, as things now have to work with multiple databases in the checkpointer
  • Removes some error reports, where functions should work even without a configured keyring
  • Fixes some bugs in the map file functions
  • Map file functions now work with multiple databases in a single process, but this is a hackish solution, global state needs a proper refactoring
  • Contains anti-recursion hack in the new SMGR code, which is needed until we no longer store the metadata in the catalog

codeforall
codeforall reviewed Jun 3, 2024
View reviewed changes
src/access/pg_tde_tdemap.c Outdated
if (master_key == NULL)
{
ereport(ERROR,
(errmsg("failed to retrieve master key")));
(errmsg("1 - failed to retrieve master key")));
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe this 1 is left out as part of some debugging code?

codeforall
codeforall approved these changes Jun 3, 2024
View reviewed changes
Copy link
Collaborator

@codeforall codeforall left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are a few sinlge line comments that could be changed to C-style ones. Other than that all looks good.

@dutow dutow marked this pull request as ready for review June 11, 2024 18:32
@dutow
Minimal working prototype for SMGR + Event trigger + keyring encryption
1b49249 
* Introduces `pg_tde2` access method
* New access method uses the event trigger changes from Percona-Lab#196
* Keys are now loaded from the keyring
* This required changes to the map file / master key infrastructure
* This commit only modifies/fixes those as little as required for simplicity.
  More refactoring/changes coming in separate commits / PRs
* Removes reliance from MyDatabaseId, as things now have to work with multiple databases in the checkpointer
* Removes some error reports, where functions should work even without a configured keyring
* Fixes some bugs in the map file functions
* Map file functions now work with multiple databases in a single process, but this is a hackish solution, global state needs a proper refactoring
* Contains anti-recursion hack in the new SMGR code, which is needed until we store the metadata in the catalog
@dutow dutow merged commit 8935125 into Percona-Lab:smgr Jun 11, 2024
0 of 8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@codeforall codeforall codeforall approved these changes

@dAdAbird dAdAbird dAdAbird approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@dutow @codeforall @dAdAbird