WAL zero blocks should be encryption aware
Description
How to document
Add if there is documentation already available
How to test
Needs an investigation first
Needs more details about how to test
Affected areas
Activity
Show:
Details
Details
Assignee
Unassigned
UnassignedReporter
andrew.pogrebnoiLabels
Story Points
8
Components
Fix versions
Priority
CriticalSmart Checklist
Open Smart Checklist
Smart Checklist
Open Smart Checklist
Created 4 days ago
Updated 3 days ago
When backend creates a new WAL segment file it usually fills it with ‘\0'. Currently it bypasses the WAL encryption. It worked well when we kept “what to encrypt“ info in page headers. But now, with ranges, all these zero writes should go through the tde WAL writer so they would be encrypted if needed. But then whet to do if in the middle of the segment wal_enc was turned off and we have legit unencrypted data followed by encrypted zeros? So maybe leave zeros alone and make the reader aware of it (don’t touch zero pages even if there is an encryption key)?