release-22.1: storage: lock database before initializing encryption-at-rest #104141
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
22.1 backport of cockroachdb/pebble#2498.
Previously, it was possible to corrupt the encryption-at-rest state of a store by running commands that manipulate store state without first terminating the store's Cockroach process. Cockroach uses a file lock to provide mutual exclusion between processes. Previously, this file lock was acquired when the Pebble engine was opened. The engine is opened only after the encryption-at-rest environment has been initialized, including rotating the file registry. This corruption required replacing the entire corrupted store.
Fix an issue whereby encryption-at-rest disk state was not protectthe file lock that prevents
Fix #98294.
Release justification: Fixes node-local encryption-at-rest corruption issue.
Release note (bug fix): Fix bug whereby running a debug command that manipulates a store (eg,
debug compact
) without first terminating the node using the store could result in corruption of the node's store if encryption-at-rest was enabled.