forked from percona/percona-server
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
PS-3822: InnoDB system tablespace encryption
Encryption will be done using Master Key encryption. The decision to make system tablespace encrypted can be done only at bootstrap. A new variable “innodb_sys_tablespace_encrypt” will be introduced to encrypt system tablespace. Default is OFF. This variables has to be turned ON and passed as bootstrap parameter to encrypt system tablespace Variables introduced: innodb_sys_tablespace_encrypt innodb_parallel_dblwr_encrypt A new option innodb_parallel_dblwr_encrypt is introduced to encrypt parallel doublewrite file. Default is OFF and the option is dynamic. When turned on, the pages in parallel doublewrite buffer are encrypted using the respective tablespace key.
- Loading branch information
1 parent
28f3a6f
commit 78b6114
Showing
27 changed files
with
1,439 additions
and
90 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
# Requires three parameters | ||
# 1. IBD_FILE :- the file to corrupt a page in it | ||
# 2. INNODB_PAGE_SIZE :- page_size of IBD | ||
# 3. PAGE_NUM :- the page to corrupt | ||
# 4. ALL_ZEROES :- write the entire page as all-zeros (optional parameter) | ||
# (innodb doesn't treat all-zero as corrupted page) | ||
perl; | ||
use IO::Handle; | ||
my $file = $ENV{'IBD_FILE'} or die; | ||
my $page_size = $ENV{'INNODB_PAGE_SIZE'} or die; | ||
my $page_num = $ENV{'PAGE_NUM'} or die; | ||
my $all_zeroes = $ENV{'ALL_ZEROES'}; | ||
open(FILE, "+<", $file) or die; | ||
FILE->autoflush(1); | ||
binmode FILE; | ||
seek(FILE, $page_size * $page_num, SEEK_SET); | ||
if ($all_zeroes) { | ||
print FILE chr(0) x $page_size; | ||
} else { | ||
print FILE chr(0) x ($page_size/2); | ||
} | ||
close FILE; | ||
EOF |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
53 changes: 53 additions & 0 deletions
53
mysql-test/suite/innodb/r/percona_parallel_dblwr_encrypt.result
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
CREATE TABLE t1(a TEXT) ENCRYPTION='Y'; | ||
INSERT INTO t1 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t1 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t1 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t1 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t1 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t1 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
CREATE TABLE t2(a TEXT) ENCRYPTION='Y'; | ||
INSERT INTO t2 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t2 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t2 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t2 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t2 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t2 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
CREATE TABLE t3(a TEXT) ENCRYPTION='Y'; | ||
INSERT INTO t3 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t3 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t3 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t3 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t3 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t3 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
# Kill the server | ||
# Writes to Parallel dblwr are not encrypted, so it should be "Pattern found" | ||
Pattern found. | ||
# restart | ||
DROP TABLE t1, t2, t3; | ||
CREATE TABLE t1(a TEXT) ENCRYPTION='Y'; | ||
SET GLOBAL innodb_parallel_dblwr_encrypt=ON; | ||
INSERT INTO t1 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t1 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t1 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t1 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t1 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t1 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
CREATE TABLE t2(a TEXT) ENCRYPTION='Y'; | ||
INSERT INTO t2 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t2 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t2 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t2 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t2 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t2 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
CREATE TABLE t3(a TEXT) ENCRYPTION='Y'; | ||
INSERT INTO t3 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t3 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t3 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t3 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t3 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
INSERT INTO t3 (a) VALUES ('Abracadabra is of unknown origin, and its first occurrence is'); | ||
# Kill the server | ||
# Writes to Parallel dblwr are encrypted, so it should be "Pattern not found" | ||
Pattern not found. | ||
# restart | ||
DROP TABLE t1, t2, t3; |
Oops, something went wrong.