MySQL 8.4.3
Source Code Documentation
mysql_server_keyring_lockable_imp.cc File Reference
#include <memory>
#include <sstream>
#include "my_dbug.h"
#include "mysql_server_keyring_lockable_imp.h"
#include <include/mysql/components/my_service.h>
#include <include/mysql/components/services/registry.h>
#include <include/mysqld_error.h>
#include <include/rwlock_scoped_lock.h>
#include <include/scope_guard.h>
#include <mysql/components/services/log_builtins.h>
#include "sql/mysqld.h"
#include "sql/set_var.h"
#include "sql/sql_component.h"
#include "sql/sql_plugin.h"

Classes

struct  keyring_lockable::my_h_keyring_reader_object_server
 Error messages. More...
 
struct  keyring_lockable::my_h_keyring_keys_metadata_iterator_server
 Wrapper over my_h_keyring_keys_metadata_iterator to associate RWlock. More...
 

Namespaces

namespace  keyring_lockable
 
namespace  keyring_lockable::keyring_common
 
namespace  keyring_lockable::keyring_common::service_definition
 

Typedefs

using keyring_aes_t = mysql_service_keyring_aes_t
 
using keyring_generator_t = mysql_service_keyring_generator_t
 
using keyring_keys_metadata_iterator_t = mysql_service_keyring_keys_metadata_iterator_t
 
using keyring_component_status_t = mysql_service_keyring_component_status_t
 
using keyring_component_metadata_query_t = mysql_service_keyring_component_metadata_query_t
 
using keyring_reader_with_status_t = mysql_service_keyring_reader_with_status_t
 
using keyring_load_t = mysql_service_keyring_load_t
 
using keyring_writer_t = mysql_service_keyring_writer_t
 

Enumerations

enum  lockable_service_enum {
  AES_ENCRYPTION = 0 , GENERATOR , KEYS_METADATA_ITERATOR , COMPONENT_STATUS ,
  COMPONENT_METADATA_QUERY , READER_WITH_STATUS , LOAD , WRITER
}
 

Functions

static bool keyring_lockable::keyring_common::service_definition::check_service (const void *service, enum lockable_service_enum name)
 Helper to check service validity. More...
 
void keyring_lockable_init ()
 Initialize lockable keyring component. More...
 
void keyring_lockable_deinit ()
 Deinitialize lockable keyring component. More...
 
void set_srv_keyring_implementation_as_default ()
 Set server's implementation of keyring as default. More...
 
void release_keyring_handles ()
 
bool keyring_status_no_error ()
 

Variables

const mysql_service_keyring_aes_tsrv_keyring_aes = nullptr
 Server handle for keyring AES encryption service. More...
 
const mysql_service_keyring_generator_tsrv_keyring_generator = nullptr
 Server handle for keyring generator service. More...
 
const mysql_service_keyring_keys_metadata_iterator_tsrv_keyring_keys_metadata_iterator = nullptr
 Server handle for keyring keys metadata service. More...
 
const mysql_service_keyring_component_status_tsrv_keyring_component_status = nullptr
 Server handle for keyring status service. More...
 
const mysql_service_keyring_component_metadata_query_tsrv_keyring_component_metadata_query = nullptr
 Server handle for keyring component metadata service. More...
 
const mysql_service_keyring_reader_with_status_tsrv_keyring_reader = nullptr
 Server handle for keyring reader service. More...
 
const mysql_service_keyring_load_tsrv_keyring_load = nullptr
 Server handle for keyring load service. More...
 
const mysql_service_keyring_writer_tsrv_keyring_writer = nullptr
 Server handle for keyring writer service. More...
 
static const char * lockable_service_names []
 
const mysql_service_keyring_aes_tkeyring_lockable::internal_keyring_aes = nullptr
 Server component internal handle for keyring AES encryption service. More...
 
const mysql_service_keyring_generator_tkeyring_lockable::internal_keyring_generator = nullptr
 Server component internal handle for keyring generator service. More...
 
const mysql_service_keyring_keys_metadata_iterator_tkeyring_lockable::internal_keyring_keys_metadata_iterator = nullptr
 Server component internal handle for keyring keys metadata service. More...
 
const mysql_service_keyring_component_status_tkeyring_lockable::internal_keyring_component_status
 Server component internal handle for keyring component status service. More...
 
const mysql_service_keyring_component_metadata_query_tkeyring_lockable::internal_keyring_component_metadata_query = nullptr
 Server component internal handle for keyring component metadata service. More...
 
const mysql_service_keyring_reader_with_status_tkeyring_lockable::internal_keyring_reader = nullptr
 Server component internal handle for keyring reader service. More...
 
const mysql_service_keyring_load_tkeyring_lockable::internal_keyring_load = nullptr
 Server component internal handle for keyring load service. More...
 
const mysql_service_keyring_writer_tkeyring_lockable::internal_keyring_writer = nullptr
 Server component internal handle for keyring writer service. More...
 
mysql_rwlock_t keyring_lockable::LOCK_keyring_component
 Access control for keyring. More...
 
static PSI_rwlock_key keyring_lockable::key_LOCK_keyring_component
 PSI key for. More...
 

Typedef Documentation

◆ keyring_aes_t

◆ keyring_component_metadata_query_t

◆ keyring_component_status_t

◆ keyring_generator_t

◆ keyring_keys_metadata_iterator_t

◆ keyring_load_t

◆ keyring_reader_with_status_t

◆ keyring_writer_t

Enumeration Type Documentation

◆ lockable_service_enum

Enumerator
AES_ENCRYPTION 
GENERATOR 
KEYS_METADATA_ITERATOR 
COMPONENT_STATUS 
COMPONENT_METADATA_QUERY 
READER_WITH_STATUS 
LOAD 
WRITER 

Function Documentation

◆ keyring_lockable_deinit()

void keyring_lockable_deinit ( )

Deinitialize lockable keyring component.

◆ keyring_lockable_init()

void keyring_lockable_init ( )

Initialize lockable keyring component.

◆ keyring_status_no_error()

bool keyring_status_no_error ( )

◆ release_keyring_handles()

void release_keyring_handles ( )

◆ set_srv_keyring_implementation_as_default()

void set_srv_keyring_implementation_as_default ( )

Set server's implementation of keyring as default.

server component provides implementation of all keyring related services to provide concurrency control.

In turn it uses either one of the following as actual implementation(in order of priority): A> A keyring component loaded through manifest file B> Proxy keyring component over keyring plugin

There are two places where this function is called.

Path 1

At the time of server startup, server_component's services are registered when minimal chassis is initialized. However, without actual keyring implementation, they are not really of any use.

After minimal chassis initialization, server read manifest file. If file is present and contains keyring component details, the component is loaded and services are registered.

At this point we have 2 implementations of each keyring services: One provided by server and another provided by keyring component.

One component is loaded set_srv_keyring_implementation_as_default() is called. At this stage function will:

  1. Set server's implementation of lockable keyring as default
  2. Acquire handles to all services provided by keyring component

After this point, keyring functionality can be used.

Path 2

If manifest file is not provided or does not contain details of keyring plugin, call to set_srv_keyring_implementation_as_default() will still be made and set server's implementation as default.

However, no internal handles are set. Thus, keyring functionality can not be used still.

Startup sequence will then process –early-plugin-load if provided.

Afterwards, daemon_proxy_keyring_implementation plugin is loaded which registers a subset of keyring component services. These services will use keyring plugin if installed.

At this point set_srv_keyring_implementation_as_default() is called once again. If internal handles were not set with the first call, they are set now and will use daemon_proxy_keyring_implementation.

This means, if keyring plugin is available (either through –early-plugin-load OR loaded later through INSTALL PLUGIN), it will be used.

Variable Documentation

◆ lockable_service_names

const char* lockable_service_names[]
static
Initial value:
= {
"keyring_aes",
"keyring_generator",
"keyring_keys_metadata_iterator",
"keyring_component_status",
"keyring_component_metadata_query",
"keyring_reader_with_status",
"keyring_load",
"keyring_writer"}

◆ srv_keyring_aes

const mysql_service_keyring_aes_t* srv_keyring_aes = nullptr

Server handle for keyring AES encryption service.

◆ srv_keyring_component_metadata_query

const mysql_service_keyring_component_metadata_query_t* srv_keyring_component_metadata_query = nullptr

Server handle for keyring component metadata service.

◆ srv_keyring_component_status

const mysql_service_keyring_component_status_t* srv_keyring_component_status = nullptr

Server handle for keyring status service.

◆ srv_keyring_generator

const mysql_service_keyring_generator_t* srv_keyring_generator = nullptr

Server handle for keyring generator service.

◆ srv_keyring_keys_metadata_iterator

const mysql_service_keyring_keys_metadata_iterator_t* srv_keyring_keys_metadata_iterator = nullptr

Server handle for keyring keys metadata service.

◆ srv_keyring_load

const mysql_service_keyring_load_t* srv_keyring_load = nullptr

Server handle for keyring load service.

◆ srv_keyring_reader

Server handle for keyring reader service.

◆ srv_keyring_writer

const mysql_service_keyring_writer_t* srv_keyring_writer = nullptr

Server handle for keyring writer service.