1. 14 Mar, 2017 3 commits
    • Vladislav Vaintroub's avatar
      Fix AWS KMS plugin's compile error · 854359ff
      Vladislav Vaintroub authored
      Do not include base64.h, it was recently removed.
      854359ff
    • Jan Lindström's avatar
      MDEV-11738: Mariadb uses 100% of several of my 8 cpus doing nothing · 50eb40a2
      Jan Lindström authored
      MDEV-11581: Mariadb starts InnoDB encryption threads
      when key has not changed or data scrubbing turned off
      
      Background: Key rotation is based on background threads
      (innodb-encryption-threads) periodically going through
      all tablespaces on fil_system. For each tablespace
      current used key version is compared to max key age
      (innodb-encryption-rotate-key-age). This process
      naturally takes CPU. Similarly, in same time need for
      scrubbing is investigated. Currently, key rotation
      is fully supported on Amazon AWS key management plugin
      only but InnoDB does not have knowledge what key
      management plugin is used.
      
      This patch re-purposes innodb-encryption-rotate-key-age=0
      to disable key rotation and background data scrubbing.
      All new tables are added to special list for key rotation
      and key rotation is based on sending a event to
      background encryption threads instead of using periodic
      checking (i.e. timeout).
      
      fil0fil.cc: Added functions fil_space_acquire_low()
      to acquire a tablespace when it could be dropped concurrently.
      This function is used from fil_space_acquire() or
      fil_space_acquire_silent() that will not print
      any messages if we try to acquire space that does not exist.
      fil_space_release() to release a acquired tablespace.
      fil_space_next() to iterate tablespaces in fil_system
      using fil_space_acquire() and fil_space_release().
      Similarly, fil_space_keyrotation_next() to iterate new
      list fil_system->rotation_list where new tables.
      are added if key rotation is disabled.
      Removed unnecessary functions fil_get_first_space_safe()
      fil_get_next_space_safe()
      
      fil_node_open_file(): After page 0 is read read also
      crypt_info if it is not yet read.
      
      btr_scrub_lock_dict_func()
      buf_page_check_corrupt()
      buf_page_encrypt_before_write()
      buf_merge_or_delete_for_page()
      lock_print_info_all_transactions()
      row_fts_psort_info_init()
      row_truncate_table_for_mysql()
      row_drop_table_for_mysql()
          Use fil_space_acquire()/release() to access fil_space_t.
      
      buf_page_decrypt_after_read():
          Use fil_space_get_crypt_data() because at this point
          we might not yet have read page 0.
      
      fil0crypt.cc/fil0fil.h: Lot of changes. Pass fil_space_t* directly
      to functions needing it and store fil_space_t* to rotation state.
      Use fil_space_acquire()/release() when iterating tablespaces
      and removed unnecessary is_closing from fil_crypt_t. Use
      fil_space_t::is_stopping() to detect when access to
      tablespace should be stopped. Removed unnecessary
      fil_space_get_crypt_data().
      
      fil_space_create(): Inform key rotation that there could
      be something to do if key rotation is disabled and new
      table with encryption enabled is created.
      Remove unnecessary functions fil_get_first_space_safe()
      and fil_get_next_space_safe(). fil_space_acquire()
      and fil_space_release() are used instead. Moved
      fil_space_get_crypt_data() and fil_space_set_crypt_data()
      to fil0crypt.cc.
      
      fsp_header_init(): Acquire fil_space_t*, write crypt_data
      and release space.
      
      check_table_options()
      	Renamed FIL_SPACE_ENCRYPTION_* TO FIL_ENCRYPTION_*
      
      i_s.cc: Added ROTATING_OR_FLUSHING field to
      information_schema.innodb_tablespace_encryption
      to show current status of key rotation.
      50eb40a2
    • Daniel Bartholomew's avatar
      bump the VERSION · a2f34809
      Daniel Bartholomew authored
      a2f34809
  2. 13 Mar, 2017 2 commits
  3. 11 Mar, 2017 2 commits
  4. 10 Mar, 2017 30 commits
  5. 09 Mar, 2017 3 commits