MDEV-9948 Failing assertion: new_state->key_version !=...

MDEV-9948 Failing assertion: new_state->key_version != ENCRYPTION_KEY_VERSION_INVALID in fil0crypt.cc The test encryption.innodb-redo-nokeys did not actually test recovery without valid keys, because due to the setting innodb_encrypt_tables, InnoDB refused to start up at all, without even attempting any crash recovery. fil_ibd_load(): If the encryption key is not available, refuse to load the file.

MDEV-9948 Failing assertion: new_state->key_version !=...
MDEV-9948 Failing assertion: new_state->key_version != ENCRYPTION_KEY_VERSION_INVALID in fil0crypt.cc The test encryption.innodb-redo-nokeys did not actually test recovery without valid keys, because due to the setting innodb_encrypt_tables, InnoDB refused to start up at all, without even attempting any crash recovery. fil_ibd_load(): If the encryption key is not available, refuse to load the file.
a9adfc0f · Marko Mäkelä · 4abb023b · a9adfc0f · a9adfc0f · a9adfc0f
Commit a9adfc0f authored Apr 15, 2022 by Marko Mäkelä
4 changed files
--- a/mysql-test/suite/encryption/r/innodb-redo-nokeys.result
+++ b/mysql-test/suite/encryption/r/innodb-redo-nokeys.result
-call mtr.add_suppression("(mysqld|mariadbd).*: File .*");
+call mtr.add_suppression("mariadbd.*: File .*");
 call mtr.add_suppression("Plugin 'file_key_management' .*");
-call mtr.add_suppression("InnoDB: cannot enable encryption, encryption plugin is not available");
+call mtr.add_suppression("InnoDB: We do not continue the crash recovery");
+call mtr.add_suppression("InnoDB: Plugin initialization aborted");
 call mtr.add_suppression("Plugin 'InnoDB' init function returned error\\.");
 call mtr.add_suppression("Plugin 'InnoDB' registration as a STORAGE ENGINE failed.");
 call mtr.add_suppression("InnoDB: The page \\[page id: space=[0-9]+, page number=[0-9]+\\] in file '.*test.t[1-4]\\.ibd' cannot be decrypted\\.");
@@ -8,14 +9,15 @@ call mtr.add_suppression("failed to read or decrypt \\[page id: space=[1-9][0-9]
 # restart: --file-key-management-filename=MYSQL_TEST_DIR/std_data/keys2.txt
 SET GLOBAL innodb_file_per_table = ON;
 create table t1(a int not null primary key auto_increment, c char(200), b blob, index(b(10))) engine=innodb row_format=compressed encrypted=yes encryption_key_id=20;
-create table t2(a int not null primary key auto_increment, c char(200), b blob, index(b(10))) engine=innodb row_format=compressed;
+create table t2(a int not null primary key auto_increment, c char(200), b blob, index(b(10))) engine=innodb row_format=compressed encrypted=yes;
 create table t3(a int not null primary key auto_increment, c char(200), b blob, index(b(10))) engine=innodb encrypted=yes encryption_key_id=20;
-create table t4(a int not null primary key auto_increment, c char(200), b blob, index(b(10))) engine=innodb;
+create table t4(a int not null primary key auto_increment, c char(200), b blob, index(b(10))) engine=innodb encrypted=yes;
 begin;
 insert into t2 select * from t1;
 insert into t3 select * from t1;
 insert into t4 select * from t1;
 commit;
+CREATE TABLE t5 (a VARCHAR(8)) ENGINE=InnoDB ENCRYPTED=YES;
 SET GLOBAL innodb_flush_log_at_trx_commit=1;
 begin;
 update t1 set c = repeat('secret3', 20);
@@ -26,8 +28,13 @@ insert into t1 (c,b) values (repeat('secret5',20), repeat('secret6',6000));
 insert into t2 (c,b) values (repeat('secret7',20), repeat('secret8',6000));
 insert into t3 (c,b) values (repeat('secret9',20), repeat('secre10',6000));
 insert into t4 (c,b) values (repeat('secre11',20), repeat('secre12',6000));
+INSERT INTO t5 VALUES ('foo'),('bar');
 COMMIT;
 # Kill the server
+# restart: --file-key-management-filename=MYSQL_TEST_DIR/std_data/keys-not-found.txt
+SELECT * FROM INFORMATION_SCHEMA.ENGINES
+WHERE engine = 'innodb'
+AND support IN ('YES', 'DEFAULT', 'ENABLED');
+ENGINE	SUPPORT	COMMENT	TRANSACTIONS	XA	SAVEPOINTS
 # restart: --file-key-management-filename=MYSQL_TEST_DIR/std_data/keys2.txt
-# restart: --file-key-management-filename=MYSQL_TEST_DIR/std_data/keys2.txt
-drop table t1, t2,t3,t4;
+drop table t1,t2,t3,t4,t5;
--- a/mysql-test/suite/encryption/t/innodb-redo-nokeys.opt
+++ b/mysql-test/suite/encryption/t/innodb-redo-nokeys.opt
 --innodb-change-buffering=none
--innodb-encrypt-tables=on
 --innodb-default-encryption-key-id=20
--- a/mysql-test/suite/encryption/t/innodb-redo-nokeys.test
+++ b/mysql-test/suite/encryption/t/innodb-redo-nokeys.test
@@ -3,9 +3,10 @@
 # embedded does not support restart
 -- source include/not_embedded.inc

-call mtr.add_suppression("(mysqld|mariadbd).*: File .*");
+call mtr.add_suppression("mariadbd.*: File .*");
 call mtr.add_suppression("Plugin 'file_key_management' .*");
-call mtr.add_suppression("InnoDB: cannot enable encryption, encryption plugin is not available");
+call mtr.add_suppression("InnoDB: We do not continue the crash recovery");
+call mtr.add_suppression("InnoDB: Plugin initialization aborted");
 call mtr.add_suppression("Plugin 'InnoDB' init function returned error\\.");
 call mtr.add_suppression("Plugin 'InnoDB' registration as a STORAGE ENGINE failed.");
 call mtr.add_suppression("InnoDB: The page \\[page id: space=[0-9]+, page number=[0-9]+\\] in file '.*test.t[1-4]\\.ibd' cannot be decrypted\\.");
@@ -17,9 +18,9 @@ call mtr.add_suppression("failed to read or decrypt \\[page id: space=[1-9][0-9]
 SET GLOBAL innodb_file_per_table = ON;

 create table t1(a int not null primary key auto_increment, c char(200), b blob, index(b(10))) engine=innodb row_format=compressed encrypted=yes encryption_key_id=20;
-create table t2(a int not null primary key auto_increment, c char(200), b blob, index(b(10))) engine=innodb row_format=compressed;
+create table t2(a int not null primary key auto_increment, c char(200), b blob, index(b(10))) engine=innodb row_format=compressed encrypted=yes;
 create table t3(a int not null primary key auto_increment, c char(200), b blob, index(b(10))) engine=innodb encrypted=yes encryption_key_id=20;
-create table t4(a int not null primary key auto_increment, c char(200), b blob, index(b(10))) engine=innodb;
+create table t4(a int not null primary key auto_increment, c char(200), b blob, index(b(10))) engine=innodb encrypted=yes;

 begin;
 --disable_query_log
@@ -45,6 +46,7 @@ commit;
 # happens, InnoDB refuses to start as used
 # encryption key is not found.
 #
+CREATE TABLE t5 (a VARCHAR(8)) ENGINE=InnoDB ENCRYPTED=YES;
 SET GLOBAL innodb_flush_log_at_trx_commit=1;
 begin;
 update t1 set c = repeat('secret3', 20);
@@ -55,12 +57,19 @@ insert into t1 (c,b) values (repeat('secret5',20), repeat('secret6',6000));
 insert into t2 (c,b) values (repeat('secret7',20), repeat('secret8',6000));
 insert into t3 (c,b) values (repeat('secret9',20), repeat('secre10',6000));
 insert into t4 (c,b) values (repeat('secre11',20), repeat('secre12',6000));
+INSERT INTO t5 VALUES ('foo'),('bar');
 COMMIT;
-let $cleanup= drop table t1,t2,t3,t4;
+
+let $cleanup= drop table t1,t2,t3,t4,t5;
 --let CLEANUP_IF_CHECKPOINT= $cleanup;
 --source ../../suite/innodb/include/no_checkpoint_end.inc

+-- let $restart_parameters=--file-key-management-filename=$MYSQL_TEST_DIR/std_data/keys-not-found.txt
 -- source include/start_mysqld.inc
+SELECT * FROM INFORMATION_SCHEMA.ENGINES
+WHERE engine = 'innodb'
+AND support IN ('YES', 'DEFAULT', 'ENABLED');
+
 #
 # In above server does start but InnoDB refuses to start
 # thus we need to restart server with correct key file
@@ -68,4 +77,4 @@ let $cleanup= drop table t1,t2,t3,t4;
 -- let $restart_parameters=--file-key-management-filename=$MYSQL_TEST_DIR/std_data/keys2.txt
 -- source include/restart_mysqld.inc

-drop table t1, t2,t3,t4;
+drop table t1,t2,t3,t4,t5;
--- a/storage/innobase/fil/fil0fil.cc
+++ b/storage/innobase/fil/fil0fil.cc
@@ -3118,6 +3118,13 @@ fil_ibd_load(
 		? fil_space_read_crypt_data(fil_space_t::zip_size(flags),
 					    first_page)
 		: NULL;
+
+	if (crypt_data && !crypt_data->is_key_found()) {
+		crypt_data->~fil_space_crypt_t();
+		ut_free(crypt_data);
+		return FIL_LOAD_INVALID;
+	}
+
 	space = fil_space_t::create(
 		file.name(), space_id, flags, FIL_TYPE_TABLESPACE, crypt_data);