Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-8138

strange results from encrypt-and-grep test

        Details

          Description

          mysql-test/suite/innodb/t/encrypt-and-grep.test
          -- source include/have_innodb.inc
-- source include/have_example_key_management_plugin.inc

# embedded does not support restart
-- source include/not_embedded.inc

--let $MYSQLD_DATADIR=`select @@datadir`
--let ib1_IBD = $MYSQLD_DATADIR/ibdata1
--let t1_IBD = $MYSQLD_DATADIR/test/t1.ibd
--let t2_IBD = $MYSQLD_DATADIR/test/t2.ibd
--let t3_IBD = $MYSQLD_DATADIR/test/t3.ibd
--let SEARCH_RANGE = 10000000
--let SEARCH_PATTERN=foobar

SHOW VARIABLES LIKE 'innodb_encrypt%';

create table t1 (a varchar(255)) engine=innodb encrypted=yes;
create table t2 (a varchar(255)) engine=innodb;
create table t3 (a varchar(255)) engine=innodb encrypted=no;

insert t1 values (repeat('foobar', 42));
insert t2 values (repeat('foobar', 42));
insert t3 values (repeat('foobar', 42));

--echo # Wait max 10 min for key encryption threads to encrypt all space
--let $wait_timeout= 600
--let $wait_condition=SELECT COUNT(*) = 0 FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION = 0
--source include/wait_condition.inc

--echo # t1 yes on
-- let SEARCH_FILE=$t1_IBD
-- source include/search_pattern_in_file.inc
--echo # t2 ... on
-- let SEARCH_FILE=$t2_IBD
-- source include/search_pattern_in_file.inc
--echo # t3 no  on
-- let SEARCH_FILE=$t3_IBD
-- source include/search_pattern_in_file.inc
--echo # ibdata1
-- let SEARCH_FILE=$ib1_IBD
-- source include/search_pattern_in_file.inc

--echo # Now turn off encryption and wait for threads to decrypt everything
SET GLOBAL innodb_encrypt_tables = off;

--echo # Wait max 10 min for key encryption threads to decrypt all space
--let $wait_timeout= 600
--let $wait_condition=SELECT COUNT(*) = 1 FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION <> 0
--source include/wait_condition.inc

--echo # t1 yes off
-- let SEARCH_FILE=$t1_IBD
-- source include/search_pattern_in_file.inc
--echo # t2 ... off
-- let SEARCH_FILE=$t2_IBD
-- source include/search_pattern_in_file.inc
--echo # t3 no  off
-- let SEARCH_FILE=$t3_IBD
-- source include/search_pattern_in_file.inc
--echo # ibdata1
-- let SEARCH_FILE=$ib1_IBD
-- source include/search_pattern_in_file.inc

--echo # Turn on encryption
SET GLOBAL innodb_encrypt_tables = on;

--echo # Wait max 10 min for key encryption threads to encrypt all space
--let $wait_timeout= 600
--let $wait_condition=SELECT COUNT(*) = 0 FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION = 0
--source include/wait_condition.inc

--echo # t1 yes on
-- let SEARCH_FILE=$t1_IBD
-- source include/search_pattern_in_file.inc
--echo # t2 ... on
-- let SEARCH_FILE=$t2_IBD
-- source include/search_pattern_in_file.inc
--echo # t3 no  on
-- let SEARCH_FILE=$t3_IBD
-- source include/search_pattern_in_file.inc
--echo # ibdata1
-- let SEARCH_FILE=$ib1_IBD
-- source include/search_pattern_in_file.inc

drop table t1, t2, t3;

          Here my results:

          • encryption enabled, the pattern is not found in encrypted tables, it is found in the unencrypted table. It is either found or not (unreliably) in ibdata1 — bug?
          • encryption disabled, the pattern is found everywhere, even in the table with encrypted=ON. bug.
          • encryption enabled. the pattern is found in all tables — bug, not found in ibdata1.

            Gliffy Diagrams

              Attachments

                Activity

                Hide
                Permalink
                jplindst Jan Lindström added a comment -

                commit 20c23048c1d2f28942f2f99e4150a58b6545c0cd
                Author: Jan Lindström <jan.lindstrom@mariadb.com>
                Date: Sun May 17 14:14:16 2015 +0300

                MDEV-8164: Server crashes in pfs_mutex_enter_func after fil_crypt_is_closing or alike

                Analysis: Problem was that tablespaces not encrypted might not have
                crypt_data stored on disk.

                Fixed by always creating crypt_data to memory cache of the tablespace.

                MDEV-8138: strange results from encrypt-and-grep test

                Analysis: crypt_data->type is not updated correctly on memory
                cache. This caused problem with state tranfer on
                encrypted => unencrypted => encrypted.

                Fixed by updating memory cache of crypt_data->type correctly based on
                current srv_encrypt_tables value to either CRYPT_SCHEME_1 or
                CRYPT_SCHEME_UNENCRYPTED.

                Show
                jplindst Jan Lindström added a comment - commit 20c23048c1d2f28942f2f99e4150a58b6545c0cd Author: Jan Lindström <jan.lindstrom@mariadb.com> Date: Sun May 17 14:14:16 2015 +0300 MDEV-8164 : Server crashes in pfs_mutex_enter_func after fil_crypt_is_closing or alike Analysis: Problem was that tablespaces not encrypted might not have crypt_data stored on disk. Fixed by always creating crypt_data to memory cache of the tablespace. MDEV-8138 : strange results from encrypt-and-grep test Analysis: crypt_data->type is not updated correctly on memory cache. This caused problem with state tranfer on encrypted => unencrypted => encrypted. Fixed by updating memory cache of crypt_data->type correctly based on current srv_encrypt_tables value to either CRYPT_SCHEME_1 or CRYPT_SCHEME_UNENCRYPTED.

                  People

                  • Assignee:
                    jplindst Jan Lindström
                    Reporter:
                    serg Sergei Golubchik
                  • Votes:
                    0 Vote for this issue
                    Watchers:
                    2 Start watching this issue

                    Dates

                    • Created:
                      Updated:
                      Resolved: