diff --git a/Makefile.in b/Makefile.in index 8f530f2dc7f..7671467a504 100644 --- a/Makefile.in +++ b/Makefile.in @@ -40,6 +40,7 @@ src/keyring/keyring_curl.o \ src/keyring/keyring_file.o \ src/keyring/keyring_vault.o \ src/keyring/keyring_api.o \ +src/catalog/tde_global_catalog.o \ src/catalog/tde_keyring.o \ src/catalog/tde_master_key.o \ src/common/pg_tde_shmem.o \ diff --git a/meson.build b/meson.build index b9cb1e87184..01ba44b4fe5 100644 --- a/meson.build +++ b/meson.build @@ -40,6 +40,7 @@ pg_tde_sources = files( 'src/smgr/pg_tde_smgr.c', + 'src/catalog/tde_global_catalog.c', 'src/catalog/tde_keyring.c', 'src/catalog/tde_master_key.c', 'src/common/pg_tde_shmem.c', diff --git a/src/access/pg_tde_tdemap.c b/src/access/pg_tde_tdemap.c index 8c4e345f7b7..13ac03d7d50 100644 --- a/src/access/pg_tde_tdemap.c +++ b/src/access/pg_tde_tdemap.c @@ -292,14 +292,21 @@ tde_decrypt_rel_key(TDEMasterKey *master_key, RelKeyData *enc_rel_key_data, cons inline void pg_tde_set_db_file_paths(const RelFileLocator *rlocator, char *map_path, char *keydata_path) { + char *db_path; + + /* We use dbOid for the global space for key caches but for the backend + * it should be 0. + */ + if (rlocator->spcOid == GLOBALTABLESPACE_OID) + db_path = GetDatabasePath(0, rlocator->spcOid); + else + db_path = GetDatabasePath(rlocator->dbOid, rlocator->spcOid); + + if (map_path) - join_path_components(map_path, - GetDatabasePath(rlocator->dbOid, rlocator->spcOid), - PG_TDE_MAP_FILENAME); + join_path_components(map_path, db_path, PG_TDE_MAP_FILENAME); if (keydata_path) - join_path_components(keydata_path, - GetDatabasePath(rlocator->dbOid, rlocator->spcOid), - PG_TDE_KEYDATA_FILENAME); + join_path_components(keydata_path, db_path, PG_TDE_KEYDATA_FILENAME); } /* diff --git a/src/access/pg_tde_xlog.c b/src/access/pg_tde_xlog.c index bdbbb553c7f..c3c661b6be1 100644 --- a/src/access/pg_tde_xlog.c +++ b/src/access/pg_tde_xlog.c @@ -24,17 +24,14 @@ #include "access/pg_tde_tdemap.h" #include "access/pg_tde_xlog.h" -#include "catalog/tde_keyring.h" -#include "catalog/tde_master_key.h" +#include "catalog/tde_global_catalog.h" #include "encryption/enc_tde.h" static char *TDEXLogEncryptBuf = NULL; -bool EncryptXLog = false; /* GUC */ -static char *KRingProviderType = NULL; -static char *KRingProviderFilePath = NULL; +static bool EncryptXLog = false; static XLogPageHeaderData EncryptCurrentPageHrd; static XLogPageHeaderData DecryptCurrentPageHrd; @@ -52,15 +49,13 @@ typedef enum } GlobalCatalogKeyTypes; /* TODO: move TDEXLogEncryptBuf here*/ -typedef struct XLogEncryptionState +typedef struct EncryptionStateData { GenericKeyring *keyring; /* TODO: locking */ TDEMasterKey master_keys[TDE_GCAT_KEYS_COUNT]; -} XLogEncryptionState; - -static XLogEncryptionState *EncryptionState = NULL; +} EncryptionStateData; /* * TDE fork XLog @@ -153,52 +148,8 @@ pg_tde_rmgr_identify(uint8 info) * XLog Storage Manager */ -static GenericKeyring *xlog_keyring; - -static void -pg_tde_init_xlog_kring(void) -{ - EncryptionState->keyring->type = get_keyring_provider_from_typename(KRingProviderType); - switch (EncryptionState->keyring->type) - { - case FILE_KEY_PROVIDER: - FileKeyring *kring = (FileKeyring *) EncryptionState->keyring; - strncpy(kring->file_name, KRingProviderFilePath, sizeof(kring->file_name)); - break; - } -} - -static void -pg_tde_create_xlog_key(void) -{ - InternalKey int_key; - RelKeyData *rel_key_data; - RelKeyData *enc_rel_key_data; - RelFileLocator *rlocator = &GLOBAL_SPACE_RLOCATOR(XLOG_TDE_OID); - TDEMasterKey *master_key; - - master_key = set_master_key_with_keyring("xlog-master-key", xlog_keyring, - rlocator->dbOid, rlocator->spcOid, false); - - memset(&int_key, 0, sizeof(InternalKey)); - - if (!RAND_bytes(int_key.key, INTERNAL_KEY_LEN)) - { - ereport(FATAL, - (errcode(ERRCODE_INTERNAL_ERROR), - errmsg("could not generate internal key for \"WAL\": %s", - ERR_error_string(ERR_get_error(), NULL)))); - } - - rel_key_data = tde_create_rel_key(rlocator->relNumber, &int_key, &master_key->keyInfo); - enc_rel_key_data = tde_encrypt_rel_key(master_key, rel_key_data, rlocator); - - pg_tde_write_key_map_entry(rlocator, enc_rel_key_data, &master_key->keyInfo); - memcpy(EncryptionState->master_keys + TDE_GCAT_KEY_XLOG, master_key, sizeof(TDEMasterKey)); -} - void -xlogInitGUC(void) +XLogInitGUC(void) { DefineCustomBoolVariable("pg_tde.wal_encrypt", /* name */ "Enable/Disable encryption of WAL.", /* short_desc */ @@ -211,28 +162,6 @@ xlogInitGUC(void) NULL, /* assign_hook */ NULL /* show_hook */ ); - DefineCustomStringVariable("pg_tde.wal_keyring_type", - "Keyring type for XLog", - NULL, - &KRingProviderType, - NULL, - PGC_POSTMASTER, - 0, /* no flags required */ - NULL, - NULL, - NULL - ); - DefineCustomStringVariable("pg_tde.wal_keyring_file_path", - "Keyring file options for XLog", - NULL, - &KRingProviderFilePath, - NULL, - PGC_POSTMASTER, - 0, /* no flags required */ - NULL, - NULL, - NULL - ); } static int @@ -252,7 +181,7 @@ XLOGChooseNumBuffers(void) * Defines the size of the XLog encryption buffer */ Size -TDEXLogEncryptBuffSize() +TDEXLogEncryptBuffSize(void) { int xbuffers; @@ -260,17 +189,6 @@ TDEXLogEncryptBuffSize() return (Size) XLOG_BLCKSZ * xbuffers; } -Size -XLogEncStateSize() -{ - Size size; - - size = sizeof(XLogEncryptionState); - size = add_size(size, sizeof(KeyringProviders)); - - return MAXALIGN(size); -} - /* * Alloc memory for the encryption buffer. * @@ -285,7 +203,6 @@ void TDEXLogShmemInit(void) { bool foundBuf; - char *allocptr; if (EncryptXLog) { @@ -297,29 +214,14 @@ TDEXLogShmemInit(void) elog(DEBUG1, "pg_tde: initialized encryption buffer %lu bytes", XLOG_TDE_ENC_BUFF_ALIGNED_SIZE); } - - EncryptionState = (XLogEncryptionState *) - ShmemInitStruct("TDE XLog Encryption State", - XLogEncStateSize(), &foundBuf); - - allocptr = ((char *) EncryptionState) + MAXALIGN(sizeof(XLogEncryptionState)); - EncryptionState->keyring = allocptr; } void -TDEInitXLogSmgr(void) +TDEXLogSmgrInit(void) { SetXLogSmgr(&tde_xlog_smgr); - pg_tde_init_xlog_kring(); - pg_tde_create_xlog_key(); } -/* - * TODO: proper key management - * where to store refs to the master and internal keys? - */ -static InternalKey XLogInternalKey = {.key = {0xD,}}; - ssize_t pg_tde_xlog_seg_write(int fd, const void *buf, size_t count, off_t offset) { @@ -339,16 +241,11 @@ TDEXLogWriteEncryptedPages(int fd, const void *buf, size_t count, off_t offset) size_t data_size = 0; XLogPageHeader curr_page_hdr = &EncryptCurrentPageHrd; XLogPageHeader enc_buf_page; - // RelKeyData key = {.internal_key = XLogInternalKey}; - RelKeyData *key = NULL; + RelKeyData *key = GetGlCatInternalKey(XLOG_TDE_OID); off_t enc_off; size_t page_size = XLOG_BLCKSZ - offset % XLOG_BLCKSZ; uint32 iv_ctr = 0; - pg_tde_init_xlog_kring(); - key = GetInternalKey(GLOBAL_SPACE_RLOCATOR(XLOG_TDE_OID), xlog_keyring); - - #ifdef TDE_XLOG_DEBUG elog(DEBUG1, "write encrypted WAL, pages amount: %d, size: %lu offset: %ld", count / (Size) XLOG_BLCKSZ, count, offset); #endif @@ -431,8 +328,7 @@ pg_tde_xlog_seg_read(int fd, void *buf, size_t count, off_t offset) char iv_prefix[16] = {0,}; size_t data_size = 0; XLogPageHeader curr_page_hdr = &DecryptCurrentPageHrd; - // RelKeyData key = {.internal_key = XLogInternalKey}; - RelKeyData *key = NULL; + RelKeyData *key = GetGlCatInternalKey(XLOG_TDE_OID); size_t page_size = XLOG_BLCKSZ - offset % XLOG_BLCKSZ; off_t dec_off; uint32 iv_ctr = 0; @@ -441,17 +337,6 @@ pg_tde_xlog_seg_read(int fd, void *buf, size_t count, off_t offset) elog(DEBUG1, "read from a WAL segment, pages amount: %d, size: %lu offset: %ld", count / (Size) XLOG_BLCKSZ, count, offset); #endif - pg_tde_init_xlog_kring(); - { - char db_map_path[MAXPGPATH] = {0}; - - pg_tde_set_db_file_paths(&GLOBAL_SPACE_RLOCATOR(XLOG_TDE_OID), - db_map_path, NULL); - if (access(db_map_path, F_OK) == -1) - pg_tde_create_xlog_key(); - } - key = GetInternalKey(GLOBAL_SPACE_RLOCATOR(XLOG_TDE_OID), xlog_keyring); - readsz = pg_pread(fd, buf, count, offset); /* diff --git a/src/catalog/tde_global_catalog.c b/src/catalog/tde_global_catalog.c new file mode 100644 index 00000000000..a6c694181fc --- /dev/null +++ b/src/catalog/tde_global_catalog.c @@ -0,0 +1,225 @@ +/*------------------------------------------------------------------------- + * + * tde_global_catalog.c + * Global catalog key management + * + * + * IDENTIFICATION + * src/catalog/tde_global_catalog.c + * + *------------------------------------------------------------------------- + */ + +#include "postgres.h" + +#include "storage/shmem.h" +#include "utils/guc.h" + +#include "access/pg_tde_tdemap.h" +#include "catalog/tde_global_catalog.h" +#include "catalog/tde_keyring.h" +#include "catalog/tde_master_key.h" + +#include +#include +#include + +typedef enum +{ + TDE_GCAT_KEY_XLOG, + + /* must be last */ + TDE_GCAT_KEYS_COUNT +} GlobalCatalogKeyTypes; + +typedef struct EncryptionStateData +{ + GenericKeyring *keyring; + TDEMasterKey master_keys[TDE_GCAT_KEYS_COUNT]; +} EncryptionStateData; + +static EncryptionStateData *EncryptionState = NULL; + +/* GUC */ +static char *KRingProviderType = NULL; +static char *KRingProviderFilePath = NULL; + +static void init_gl_catalog_keys(void); +static void init_keyring(void); +static TDEMasterKey *create_master_key(const char *key_name, + GenericKeyring *keyring, Oid dbOid, Oid spcOid, + bool ensure_new_key); + +void +TDEGlCatInitGUC(void) +{ + DefineCustomStringVariable("pg_tde.global_keyring_type", + "Keyring type for global catalog", + NULL, + &KRingProviderType, + NULL, + PGC_POSTMASTER, + 0, /* no flags required */ + NULL, + NULL, + NULL + ); + DefineCustomStringVariable("pg_tde.global_keyring_file_path", + "Keyring file options for global catalog", + NULL, + &KRingProviderFilePath, + NULL, + PGC_POSTMASTER, + 0, /* no flags required */ + NULL, + NULL, + NULL + ); +} + + +Size +TDEGlCatEncStateSize(void) +{ + Size size; + + size = sizeof(EncryptionStateData); + size = add_size(size, sizeof(KeyringProviders)); + + return MAXALIGN(size); +} + +void +TDEGlCatShmemInit(void) +{ + bool foundBuf; + char *allocptr; + + EncryptionState = (EncryptionStateData *) + ShmemInitStruct("TDE XLog Encryption State", + TDEGlCatEncStateSize(), &foundBuf); + + allocptr = ((char *) EncryptionState) + MAXALIGN(sizeof(EncryptionStateData)); + EncryptionState->keyring = (GenericKeyring *) allocptr; + memset(EncryptionState->keyring, 0, sizeof(KeyringProviders)); + memset(EncryptionState->master_keys, 0, sizeof(TDEMasterKey) * TDE_GCAT_KEYS_COUNT); +} + +void +TDEGlCatKeyInit(void) +{ + char db_map_path[MAXPGPATH] = {0}; + + init_keyring(); + + pg_tde_set_db_file_paths(&GLOBAL_SPACE_RLOCATOR(XLOG_TDE_OID), + db_map_path, NULL); + if (access(db_map_path, F_OK) == -1) + { + init_gl_catalog_keys(); + } +} + +TDEMasterKey * +TDEGetGlCatKeyFromCache(void) +{ + TDEMasterKey *mkey; + + mkey = &EncryptionState->master_keys[TDE_GCAT_KEY_XLOG]; + if (mkey->keyLength == 0) + return NULL; + + return mkey; +} + +void +TDEPutGlCatKeyInCache(TDEMasterKey *mkey) +{ + memcpy(EncryptionState->master_keys + TDE_GCAT_KEY_XLOG, mkey, sizeof(TDEMasterKey)); +} + +RelKeyData * +GetGlCatInternalKey(Oid obj_id) +{ + return GetInternalKey(GLOBAL_SPACE_RLOCATOR(obj_id), EncryptionState->keyring); +} + +static void +init_keyring(void) +{ + EncryptionState->keyring->type = get_keyring_provider_from_typename(KRingProviderType); + switch (EncryptionState->keyring->type) + { + case FILE_KEY_PROVIDER: + FileKeyring *kring = (FileKeyring *) EncryptionState->keyring; + strncpy(kring->file_name, KRingProviderFilePath, sizeof(kring->file_name)); + break; + } +} + +/* + * Keys are created during the cluster start only, so no locks needed here. + */ +static void +init_gl_catalog_keys(void) +{ + InternalKey int_key; + RelKeyData *rel_key_data; + RelKeyData *enc_rel_key_data; + RelFileLocator *rlocator; + TDEMasterKey *mkey; + + mkey = create_master_key("global-catalog-master-key", + EncryptionState->keyring, + GLOBAL_DATA_TDE_OID, GLOBALTABLESPACE_OID, false); + + memset(&int_key, 0, sizeof(InternalKey)); + + /* Create and store an internal key for XLog */ + if (!RAND_bytes(int_key.key, INTERNAL_KEY_LEN)) + { + ereport(FATAL, + (errcode(ERRCODE_INTERNAL_ERROR), + errmsg("could not generate internal key for \"WAL\": %s", + ERR_error_string(ERR_get_error(), NULL)))); + } + + rlocator = &GLOBAL_SPACE_RLOCATOR(XLOG_TDE_OID); + rel_key_data = tde_create_rel_key(rlocator->relNumber, &int_key, &mkey->keyInfo); + enc_rel_key_data = tde_encrypt_rel_key(mkey, rel_key_data, rlocator); + pg_tde_write_key_map_entry(rlocator, enc_rel_key_data, &mkey->keyInfo); + + TDEPutGlCatKeyInCache(mkey); +} + +static TDEMasterKey * +create_master_key(const char *key_name, GenericKeyring *keyring, + Oid dbOid, Oid spcOid, bool ensure_new_key) +{ + TDEMasterKey *masterKey; + keyInfo *keyInfo = NULL; + + masterKey = palloc(sizeof(TDEMasterKey)); + masterKey->keyInfo.databaseId = dbOid; + masterKey->keyInfo.tablespaceId = spcOid; + masterKey->keyInfo.keyId.version = DEFAULT_MASTER_KEY_VERSION; + masterKey->keyInfo.keyringId = keyring->key_id; + strncpy(masterKey->keyInfo.keyId.name, key_name, TDE_KEY_NAME_LEN); + gettimeofday(&masterKey->keyInfo.creationTime, NULL); + + keyInfo = load_latest_versioned_key_name(&masterKey->keyInfo, keyring, ensure_new_key); + + if (keyInfo == NULL) + keyInfo = KeyringGenerateNewKeyAndStore(keyring, masterKey->keyInfo.keyId.versioned_name, INTERNAL_KEY_LEN, false); + + if (keyInfo == NULL) + { + ereport(ERROR, + (errmsg("failed to retrieve master key"))); + } + + masterKey->keyLength = keyInfo->data.len; + memcpy(masterKey->keyData, keyInfo->data.data, keyInfo->data.len); + + return masterKey; +} \ No newline at end of file diff --git a/src/catalog/tde_master_key.c b/src/catalog/tde_master_key.c index e1b5d913b20..2b97ee0500f 100644 --- a/src/catalog/tde_master_key.c +++ b/src/catalog/tde_master_key.c @@ -29,8 +29,7 @@ #include #include "access/pg_tde_tdemap.h" - -#define DEFAULT_MASTER_KEY_VERSION 1 +#include "catalog/tde_global_catalog.h" typedef struct TdeMasterKeySharedState { @@ -67,7 +66,6 @@ static Size required_shared_mem_size(void); static int required_locks_count(void); static void shared_memory_shutdown(int code, Datum arg); static void master_key_startup_cleanup(int tde_tbl_count, void *arg); -static keyInfo *load_latest_versioned_key_name(TDEMasterKeyInfo *mastere_key_info, GenericKeyring *keyring, bool ensure_new_key); static void clear_master_key_cache(Oid databaseId, Oid tablespaceId) ; static inline dshash_table *get_master_key_Hash(void); static TDEMasterKey *get_master_key_from_cache(Oid dbOid); @@ -250,7 +248,11 @@ GetMasterKey(Oid dbOid, Oid spcOid, GenericKeyring *keyring) LWLockAcquire(lock_files, LW_SHARED); LWLockAcquire(lock_cache, LW_EXCLUSIVE); - masterKey = get_master_key_from_cache(dbOid); + /* Global catalog has its own cache */ + if (spcOid == GLOBALTABLESPACE_OID) + masterKey = TDEGetGlCatKeyFromCache(); + else + masterKey = get_master_key_from_cache(dbOid); if (masterKey) { @@ -299,7 +301,10 @@ GetMasterKey(Oid dbOid, Oid spcOid, GenericKeyring *keyring) masterKey->keyLength = keyInfo->data.len; Assert(MyDatabaseId == masterKey->keyInfo.databaseId); - push_master_key_to_cache(masterKey); + if (spcOid == GLOBALTABLESPACE_OID) + TDEPutGlCatKeyInCache(masterKey); + else + push_master_key_to_cache(masterKey); /* Release the exclusive locks here */ LWLockRelease(lock_cache); @@ -376,10 +381,10 @@ set_master_key_with_keyring(const char *key_name, GenericKeyring *keyring, save_master_key_info(&masterKey->keyInfo); /* XLog the new key*/ - // XLogBeginInsert(); - // XLogRegisterData((char *) &masterKey->keyInfo, sizeof(TDEMasterKeyInfo)); - // XLogInsert(RM_TDERMGR_ID, XLOG_TDE_ADD_MASTER_KEY); - + XLogBeginInsert(); + XLogRegisterData((char *) &masterKey->keyInfo, sizeof(TDEMasterKeyInfo)); + XLogInsert(RM_TDERMGR_ID, XLOG_TDE_ADD_MASTER_KEY); + push_master_key_to_cache(masterKey); } @@ -481,7 +486,7 @@ xl_tde_perform_rotate_key(XLogMasterKeyRotate *xlrec) * If ensure_new_key is true, then we will keep on incrementing the version number * till we get a key name that is not present in the keyring */ -static keyInfo * +keyInfo * load_latest_versioned_key_name(TDEMasterKeyInfo *mastere_key_info, GenericKeyring *keyring, bool ensure_new_key) { KeyringReturnCodes kr_ret; diff --git a/src/include/access/pg_tde_tdemap.h b/src/include/access/pg_tde_tdemap.h index 4b72bf5efb1..471deb64194 100644 --- a/src/include/access/pg_tde_tdemap.h +++ b/src/include/access/pg_tde_tdemap.h @@ -15,16 +15,6 @@ #include "storage/fd.h" #include "storage/relfilelocator.h" -/* - * Neeed for glogbal data (WAL etc) keys identification in caches and storage. - * We take IDs the oid type operators, so there is no overlap with the "real" - * catalog object possible. - */ -#define GLOBAL_DATA_TDE_OID 607 /* Global objects fake "db" */ -#define XLOG_TDE_OID 608 - -#define GLOBAL_SPACE_RLOCATOR(_obj_oid) (RelFileLocator) {GLOBALTABLESPACE_OID, 0, _obj_oid} - typedef struct InternalKey { uint8 key[INTERNAL_KEY_LEN]; diff --git a/src/include/access/pg_tde_xlog.h b/src/include/access/pg_tde_xlog.h index c380b8b207f..740eda8de3d 100644 --- a/src/include/access/pg_tde_xlog.h +++ b/src/include/access/pg_tde_xlog.h @@ -37,15 +37,15 @@ static const RmgrData pg_tde_rmgr = { .rm_identify = pg_tde_rmgr_identify }; +<<<<<<< HEAD #ifdef PERCONA_FORK /* XLog encryption staff */ +======= +/* XLog encryption stuff */ +>>>>>>> e9805ad (Create and use global catalog key) -/* GUC */ -extern bool EncryptXLog; - -extern Size TDEXLogEncryptBuffSize(); -extern Size XLogEncStateSize(); +extern Size TDEXLogEncryptBuffSize(void); #define XLOG_TDE_ENC_BUFF_ALIGNED_SIZE add_size(TDEXLogEncryptBuffSize(), PG_IO_ALIGN_SIZE) @@ -59,9 +59,9 @@ static const XLogSmgr tde_xlog_smgr = { .seg_write = pg_tde_xlog_seg_write, }; -extern void TDEInitXLogSmgr(void); +extern void TDEXLogSmgrInit(void); -extern void xlogInitGUC(void); +extern void XLogInitGUC(void); #endif diff --git a/src/include/catalog/tde_global_catalog.h b/src/include/catalog/tde_global_catalog.h new file mode 100644 index 00000000000..1e32e40875a --- /dev/null +++ b/src/include/catalog/tde_global_catalog.h @@ -0,0 +1,37 @@ +/*------------------------------------------------------------------------- + * + * tde_global_catalog.h + * Global catalog key management + * + * src/include/catalog/tde_global_catalog.h + * + *------------------------------------------------------------------------- + */ + +#ifndef TDE_GLOBAL_CATALOG_H +#define TDE_GLOBAL_CATALOG_H + +#include "postgres.h" + +#include "catalog/tde_master_key.h" + +/* + * Needed for glogbal data (WAL etc) keys identification in caches and storage. + * We take IDs the oid type operators, so there is no overlap with the "real" + * catalog object possible. + */ +#define GLOBAL_DATA_TDE_OID 607 /* Global objects fake "db" */ +#define XLOG_TDE_OID 608 + +#define GLOBAL_SPACE_RLOCATOR(_obj_oid) (RelFileLocator) {GLOBALTABLESPACE_OID, 0, _obj_oid} + +extern void TDEGlCatInitGUC(void); +extern Size TDEGlCatEncStateSize(void); +extern void TDEGlCatShmemInit(void); +extern void TDEGlCatKeyInit(void); + +extern TDEMasterKey *TDEGetGlCatKeyFromCache(void); +extern void TDEPutGlCatKeyInCache(TDEMasterKey *mkey); +extern RelKeyData *GetGlCatInternalKey(Oid obj_id); + +#endif /*TDE_GLOBAL_CATALOG_H*/ diff --git a/src/include/catalog/tde_master_key.h b/src/include/catalog/tde_master_key.h index a6f82123ead..2f70c9c9b9f 100644 --- a/src/include/catalog/tde_master_key.h +++ b/src/include/catalog/tde_master_key.h @@ -17,6 +17,7 @@ #include "nodes/pg_list.h" #include "storage/lwlock.h" +#define DEFAULT_MASTER_KEY_VERSION 1 #define MASTER_KEY_NAME_LEN TDE_KEY_NAME_LEN #define MAX_MASTER_KEY_VERSION_NUM 100000 @@ -76,5 +77,8 @@ extern TDEMasterKey *set_master_key_with_keyring(const char *key_name, GenericKeyring *keyring, Oid dbOid, Oid spcOid, bool ensure_new_key); - +extern keyInfo *load_latest_versioned_key_name(TDEMasterKeyInfo *mastere_key_info, + GenericKeyring *keyring, + bool ensure_new_key); + #endif /*PG_TDE_MASTER_KEY_H*/ diff --git a/src/keyring/.keyring_api.c.swp b/src/keyring/.keyring_api.c.swp deleted file mode 100644 index e730fc72a57..00000000000 Binary files a/src/keyring/.keyring_api.c.swp and /dev/null differ diff --git a/src/pg_tde.c b/src/pg_tde.c index 563b60ac523..bac49ea6fcd 100644 --- a/src/pg_tde.c +++ b/src/pg_tde.c @@ -32,6 +32,7 @@ #include "utils/builtins.h" #include "pg_tde_defs.h" #include "smgr/pg_tde_smgr.h" +#include "catalog/tde_global_catalog.h" #define MAX_ON_INSTALLS 5 @@ -80,10 +81,12 @@ tde_shmem_startup(void) TdeShmemInit(); AesInit(); -#ifdef PERCONA_FORK + + TDEGlCatShmemInit(); + TDEGlCatKeyInit(); + TDEXLogShmemInit(); - TDEInitXLogSmgr(); -#endif + TDEXLogSmgrInit(); } void @@ -96,9 +99,8 @@ _PG_init(void) keyringRegisterVariables(); InitializeMasterKeyInfo(); -#ifdef PERCONA_FORK - xlogInitGUC(); -#endif + XLogInitGUC(); + TDEGlCatInitGUC(); prev_shmem_request_hook = shmem_request_hook; shmem_request_hook = tde_shmem_request;