• Thirunarayanan Balathandayuthapani's avatar
    MDEV-12026: Implement innodb_checksum_algorithm=full_crc32 · c0f47a4a
    Thirunarayanan Balathandayuthapani authored
    MariaDB data-at-rest encryption (innodb_encrypt_tables)
    had repurposed the same unused data field that was repurposed
    in MySQL 5.7 (and MariaDB 10.2) for the Split Sequence Number (SSN)
    field of SPATIAL INDEX. Because of this, MariaDB was unable to
    support encryption on SPATIAL INDEX pages.
    
    Furthermore, InnoDB page checksums skipped some bytes, and there
    are multiple variations and checksum algorithms. By default,
    InnoDB accepts all variations of all algorithms that ever existed.
    This unnecessarily weakens the page checksums.
    
    We hereby introduce two more innodb_checksum_algorithm variants
    (full_crc32, strict_full_crc32) that are special in a way:
    When either setting is active, newly created data files will
    carry a flag (fil_space_t::full_crc32()) that indicates that
    all pages of the file will use a full CRC-32C checksum over the
    entire page contents (excluding the bytes where the checksum
    is stored, at the very end of the page). Such files will always
    use that checksum, no matter what the parameter
    innodb_checksum_algorithm is assigned to.
    
    For old files, the old checksum algorithms will continue to be
    used. The value strict_full_crc32 will be equivalent to strict_crc32
    and the value full_crc32 will be equivalent to crc32.
    
    ROW_FORMAT=COMPRESSED tables will only use the old format.
    These tables do not support new features, such as larger
    innodb_page_size or instant ADD/DROP COLUMN. They may be
    deprecated in the future. We do not want an unnecessary
    file format change for them.
    
    The new full_crc32() format also cleans up the MariaDB tablespace
    flags. We will reserve flags to store the page_compressed
    compression algorithm, and to store the compressed payload length,
    so that checksum can be computed over the compressed (and
    possibly encrypted) stream and can be validated without
    decrypting or decompressing the page.
    
    In the full_crc32 format, there no longer are separate before-encryption
    and after-encryption checksums for pages. The single checksum is
    computed on the page contents that is written to the file.
    
    We do not make the new algorithm the default for two reasons.
    First, MariaDB 10.4.2 was a beta release, and the default values
    of parameters should not change after beta. Second, we did not
    yet implement the full_crc32 format for page_compressed pages.
    This will be fixed in MDEV-18644.
    
    This is joint work with Marko Mäkelä.
    c0f47a4a
fil0fil.ic 3.96 KB