| Bug #98428 | FTS AUX Tables are never encrypted | ||
|---|---|---|---|
| Submitted: | 29 Jan 2020 12:48 | Modified: | 30 Jan 2020 9:09 |
| Reporter: | Satya Bodapati (OCA) | Email Updates: | |
| Status: | Verified | Impact on me: | |
| Category: | MySQL Server: InnoDB storage engine | Severity: | S2 (Serious) |
| Version: | 5.7, 8.0, 5.7.29, 8.0.19 | OS: | Any |
| Assigned to: | CPU Architecture: | Any | |
| Tags: | encryption, fts, innodb | ||
[29 Jan 2020 12:54]
Satya Bodapati
added tags
[30 Jan 2020 9:09]
MySQL Verification Team
Hello Satya, Thank you for the report and feedback! regards, Umesh
[30 Jan 2020 9:22]
MySQL Verification Team
Test results - 8.0.19, 5.7.29
Attachment: 98428_5.7.29_8.0.19.results (application/octet-stream, text), 6.55 KiB.
Description: When a table has FTS index, the following IBDs are created: ls -1 FTS_0000000000000026_0000000000000033_INDEX_1.ibd FTS_0000000000000026_0000000000000033_INDEX_2.ibd FTS_0000000000000026_0000000000000033_INDEX_3.ibd FTS_0000000000000026_0000000000000033_INDEX_4.ibd FTS_0000000000000026_0000000000000033_INDEX_5.ibd FTS_0000000000000026_0000000000000033_INDEX_6.ibd FTS_0000000000000026_BEING_DELETED_CACHE.ibd FTS_0000000000000026_BEING_DELETED.ibd FTS_0000000000000026_CONFIG.ibd FTS_0000000000000026_DELETED_CACHE.ibd FTS_0000000000000026_DELETED.ibd t1.frm t1.ibd When you create encrypted table: CREATE TABLE t1 (a VARCHAR(200), b TEXT, FULLTEXT (a,b)) ENGINE = InnoDB CHARACTER SET utf8mb4 ENCRYPTION='Y'; Only t1.ibd is encrypted How to repeat: CREATE TABLE t1 (a VARCHAR(200), b TEXT, FULLTEXT (a,b)) ENGINE = InnoDB CHARACTER SET utf8mb4 ENCRYPTION='Y checks strings output on all IBD files. Suggested fix: /** Extract only the required flags from table->flags2 for FTS Aux tables. @param[in] flags2 Table flags2 @return extracted flags2 for FTS aux tables */ static inline uint32_t fts_get_table_flags2_for_aux_tables(uint32_t flags2) { /* Extract the file_per_table flag & temporary file flag from the main FTS table flags2 */ return ((flags2 & DICT_TF2_USE_FILE_PER_TABLE) | (flags2 & DICT_TF2_TEMPORARY) | DICT_TF2_AUX); } This should also handle ENCRYPTION flag.