mirror of
https://github.com/MariaDB/server.git
synced 2025-12-07 17:42:39 +03:00
ddf2fac733
compatibility problems Pages that are encrypted contain post encryption checksum on different location that normal checksum fields. Therefore, we should before decryption check this checksum to avoid unencrypting corrupted pages. After decryption we can use traditional checksum check to detect if page is corrupted or unencryption was done using incorrect key. Pages that are page compressed do not contain any checksum, here we need to fist unencrypt, decompress and finally use tradional checksum check to detect page corruption or that we used incorrect key in unencryption. buf0buf.cc: buf_page_is_corrupted() mofified so that compressed pages are skipped. buf0buf.h, buf_block_init(), buf_page_init_low(): removed unnecessary page_encrypted, page_compressed, stored_checksum, valculated_checksum fields from buf_page_t buf_page_get_gen(): use new buf_page_check_corrupt() function to detect corrupted pages. buf_page_check_corrupt(): If page was not yet decrypted check if post encryption checksum still matches. If page is not anymore encrypted, use buf_page_is_corrupted() traditional checksum method. If page is detected as corrupted and it is not encrypted we print corruption message to error log. If page is still encrypted or it was encrypted and now corrupted, we will print message that page is encrypted to error log. buf_page_io_complete(): use new buf_page_check_corrupt() function to detect corrupted pages. buf_page_decrypt_after_read(): Verify post encryption checksum before tring to decrypt. fil0crypt.cc: fil_encrypt_buf() verify post encryption checksum and ind fil_space_decrypt() return true if we really decrypted the page. fil_space_verify_crypt_checksum(): rewrite to use the method used when calculating post encryption checksum. We also check if post encryption checksum matches that traditional checksum check does not match. fil0fil.ic: Add missed page type encrypted and page compressed to fil_get_page_type_name() Note that this change does not yet fix innochecksum tool, that will be done in separate MDEV. Fix test failures caused by buf page corruption injection.
144 lines
11 KiB
Plaintext
144 lines
11 KiB
Plaintext
call mtr.add_suppression("Plugin 'file_key_management' init function returned error");
|
|
call mtr.add_suppression("InnoDB: Database page corruption on disk or a failed.*");
|
|
call mtr.add_suppression("Plugin 'file_key_management' registration.*failed");
|
|
call mtr.add_suppression("InnoDB: Block in space_id .* in file test/.* encrypted");
|
|
call mtr.add_suppression("InnoDB: However key management plugin or used key_version .* is not found or used encryption algorithm or method does not match.");
|
|
call mtr.add_suppression("InnoDB: Marking tablespace as missing. You may drop this table or install correct key management plugin and key file.");
|
|
call mtr.add_suppression(".*InnoDB: Cannot open table test/.* from the internal data dictionary of InnoDB though the .frm file for the table exists. See .* for how you can resolve the problem.");
|
|
call mtr.add_suppression("InnoDB: .ibd file is missing for table test/.*");
|
|
call mtr.add_suppression("mysqld: File .*");
|
|
call mtr.add_suppression("InnoDB: Tablespace id .* is encrypted but encryption service or used key_id .* is not available. Can't continue opening tablespace.");
|
|
|
|
# Start server with keys2.txt
|
|
SET GLOBAL innodb_file_format = `Barracuda`;
|
|
SET GLOBAL innodb_file_per_table = ON;
|
|
CREATE TABLE t1 (c VARCHAR(8)) ENGINE=InnoDB ENCRYPTED=YES ENCRYPTION_KEY_ID=2;
|
|
INSERT INTO t1 VALUES ('foobar');
|
|
ALTER TABLE t1 ADD COLUMN c2 INT;
|
|
INSERT INTO t1 VALUES ('foobar',2);
|
|
SELECT * FROM t1;
|
|
c c2
|
|
foobar NULL
|
|
foobar 2
|
|
TRUNCATE TABLE t1;
|
|
SELECT * FROM t1;
|
|
c c2
|
|
INSERT INTO t1 VALUES ('foobar',1);
|
|
INSERT INTO t1 VALUES ('foobar',2);
|
|
FLUSH TABLE WITH READ LOCK;
|
|
SELECT * FROM t1;
|
|
c c2
|
|
foobar 1
|
|
foobar 2
|
|
|
|
# Restart server with keysbad3.txt
|
|
SELECT * FROM t1;
|
|
ERROR HY000: Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
SHOW WARNINGS;
|
|
Level Code Message
|
|
Warning 192 Table test/t1 in tablespace is encrypted but encryption service or used key_id is not available. Can't continue reading table.
|
|
Warning 192 Table test/t1 is encrypted but encryption service or used key_id is not available. Can't continue reading table.
|
|
Error 1296 Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
DROP TABLE t1;
|
|
Warnings:
|
|
Warning 192 Table in tablespace encrypted.However key management plugin or used key_id 1 is not found or used encryption algorithm or method does not match. Can't continue opening the table.
|
|
Warning 192 Table in tablespace encrypted.However key management plugin or used key_id 1 is not found or used encryption algorithm or method does not match. Can't continue opening the table.
|
|
SHOW WARNINGS;
|
|
Level Code Message
|
|
Warning 192 Table in tablespace encrypted.However key management plugin or used key_id 1 is not found or used encryption algorithm or method does not match. Can't continue opening the table.
|
|
Warning 192 Table in tablespace encrypted.However key management plugin or used key_id 1 is not found or used encryption algorithm or method does not match. Can't continue opening the table.
|
|
# Start server with keys.txt
|
|
CREATE TABLE t2 (c VARCHAR(8), id int not null primary key, b int, key(b)) ENGINE=InnoDB ENCRYPTED=YES;
|
|
INSERT INTO t2 VALUES ('foobar',1,2);
|
|
|
|
# Restart server with keys2.txt
|
|
SELECT * FROM t2;
|
|
ERROR HY000: Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
SHOW WARNINGS;
|
|
Level Code Message
|
|
Warning 192 Table test/t2 in tablespace is encrypted but encryption service or used key_id is not available. Can't continue reading table.
|
|
Warning 192 Table test/t2 is encrypted but encryption service or used key_id is not available. Can't continue reading table.
|
|
Error 1296 Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
SELECT * FROM t2 where id = 1;
|
|
ERROR HY000: Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
SHOW WARNINGS;
|
|
Level Code Message
|
|
Warning 1812 Tablespace is missing for table 'test/t2'
|
|
Warning 192 Table test/t2 is encrypted but encryption service or used key_id is not available. Can't continue reading table.
|
|
Error 1296 Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
SELECT * FROM t2 where b = 1;
|
|
ERROR HY000: Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
SHOW WARNINGS;
|
|
Level Code Message
|
|
Warning 1812 Tablespace is missing for table 'test/t2'
|
|
Warning 192 Table test/t2 is encrypted but encryption service or used key_id is not available. Can't continue reading table.
|
|
Error 1296 Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
INSERT INTO t2 VALUES ('tmp',3,3);
|
|
ERROR HY000: Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
SHOW WARNINGS;
|
|
Level Code Message
|
|
Warning 1812 Tablespace is missing for table 'test/t2'
|
|
Warning 192 Table test/t2 is encrypted but encryption service or used key_id is not available. Can't continue reading table.
|
|
Error 1296 Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
DELETE FROM t2 where b = 3;
|
|
ERROR HY000: Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
SHOW WARNINGS;
|
|
Level Code Message
|
|
Warning 1812 Tablespace is missing for table 'test/t2'
|
|
Warning 192 Table test/t2 is encrypted but encryption service or used key_id is not available. Can't continue reading table.
|
|
Error 1296 Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
DELETE FROM t2 where id = 3;
|
|
ERROR HY000: Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
SHOW WARNINGS;
|
|
Level Code Message
|
|
Warning 1812 Tablespace is missing for table 'test/t2'
|
|
Warning 192 Table test/t2 is encrypted but encryption service or used key_id is not available. Can't continue reading table.
|
|
Error 1296 Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
UPDATE t2 set b = b +1;
|
|
ERROR HY000: Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
SHOW WARNINGS;
|
|
Level Code Message
|
|
Warning 1812 Tablespace is missing for table 'test/t2'
|
|
Warning 192 Table test/t2 is encrypted but encryption service or used key_id is not available. Can't continue reading table.
|
|
Error 1296 Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
OPTIMIZE TABLE t2;
|
|
Table Op Msg_type Msg_text
|
|
test.t2 optimize Warning Tablespace is missing for table 'test/t2'
|
|
test.t2 optimize Warning Table test/t2 is encrypted but encryption service or used key_id is not available. Can't continue reading table.
|
|
test.t2 optimize Error Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
test.t2 optimize error Corrupt
|
|
SHOW WARNINGS;
|
|
Level Code Message
|
|
ALTER TABLE t2 ADD COLUMN c INT;
|
|
ERROR HY000: Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
SHOW WARNINGS;
|
|
Level Code Message
|
|
Warning 1812 Tablespace is missing for table 'test/t2'
|
|
Warning 192 Table test/t2 is encrypted but encryption service or used key_id is not available. Can't continue reading table.
|
|
Error 1296 Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
ANALYZE TABLE t2;
|
|
Table Op Msg_type Msg_text
|
|
test.t2 analyze Warning Tablespace is missing for table 'test/t2'
|
|
test.t2 analyze Warning Table test/t2 is encrypted but encryption service or used key_id is not available. Can't continue reading table.
|
|
test.t2 analyze Error Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
test.t2 analyze error Corrupt
|
|
SHOW WARNINGS;
|
|
Level Code Message
|
|
TRUNCATE TABLE t2;
|
|
ERROR HY000: Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
SHOW WARNINGS;
|
|
Level Code Message
|
|
Warning 1812 Tablespace is missing for table 'test/t2'
|
|
Warning 192 Table test/t2 is encrypted but encryption service or used key_id is not available. Can't continue reading table.
|
|
Error 1296 Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
DROP TABLE t2;
|
|
ERROR HY000: Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
SHOW WARNINGS;
|
|
Level Code Message
|
|
Error 1296 Got error 192 'Table encrypted but decryption failed. This could be because correct encryption management plugin is not loaded, used encryption key is not available or encryption method does not match.' from InnoDB
|
|
|
|
# Restart server with keys.txt
|
|
DROP TABLE t2;
|
|
SHOW WARNINGS;
|
|
Level Code Message
|