Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-18971

Add background encryption threads for Aria

Details

    Description

      Aria does not currently have background encryption threads like InnoDB does.

      https://mariadb.com/kb/en/library/innodb-background-encryption-threads/

      This means that if you change the value of aria_encrypt_tables, then you need to manually rebuild existing tables with a process like this:

      https://mariadb.com/kb/en/library/aria-enabling-encryption/#encrypting-existing-tables

      e.g.:

      1.) Enable Aria encryption:

      MariaDB [(none)]> SET GLOBAL aria_encrypt_tables=ON;
      		 
      Query OK, 0 rows affected (0.000 sec)

      2.) Rebuild the table that you want to ensure is encrypted:

      MariaDB [(none)]> ALTER TABLE mysql.global_priv ENGINE=Aria;
      		 
      Query OK, 7 rows affected (0.017 sec)
      		 
      Records: 7  Duplicates: 0  Warnings: 0

      3.) Confirm that the table is encrypted. See the following documentation section for that:

      https://mariadb.com/kb/en/library/aria-encryption-overview/#determining-whether-a-table-is-encrypted

      e.g.:

      $ sudo strings /var/lib/mysql/mysql/global_priv.MAD | grep "root"

      I suspect that a table would also have to be manually rebuilt after a key rotation.

      Attachments

        Issue Links

          blocks

          Task - A task that needs to be done. MDEV-20099 Implement key rotation for Aria

          • Major - Major loss of function.
          • Open
          relates to

          Task - A task that needs to be done. MDEV-8587 Aria log encryption

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Open

          Task - A task that needs to be done. MDEV-20099 Implement key rotation for Aria

          • Major - Major loss of function.
          • Open

          New Feature - A new feature of the product, which has yet to be developed. MDEV-17324 Make information_schema table that shows which Aria tables are encrypted

          • Major - Major loss of function.
          • Open

          New Feature - A new feature of the product, which has yet to be developed. MDEV-18049 Support ENCRYPTED and ENCRYPTION_KEY_ID table options for Aria

          • Major - Major loss of function.
          • Open

          Activity

            There are no comments yet on this issue.

            People

              Unassigned Unassigned
              GeoffMontee Geoff Montee (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.