MDEV-17228 Encrypted temporary tables are not encrypted

- Introduce a new variable called innodb_encrypt_temporary_tables which is
a boolean variable. It decides whether to encrypt the temporary tablespace.
- Encrypts the temporary tablespace based on full checksum format.
- Introduced a new counter to track encrypted and decrypted temporary
tablespace pages.
- Warnings issued if temporary table creation has conflict value with
innodb_encrypt_temporary_tables
- Added a new test case which reads and writes the pages from/to temporary
tablespace.

6 files changed, 49 insertions, 0 deletions

diff --git a/mysql-test/suite/encryption/r/debug_key_management.result b/mysql-test/suite/encryption/r/debug_key_management.result
index 02e05b4d221..75e2629c1d6 100644
--- a/mysql-test/suite/encryption/r/debug_key_management.result
+++ b/mysql-test/suite/encryption/r/debug_key_management.result
@@ -3,6 +3,7 @@ show variables like 'innodb_encrypt%';
 Variable_name	Value
 innodb_encrypt_log	ON
 innodb_encrypt_tables	ON
+innodb_encrypt_temporary_tables	OFF
 innodb_encryption_rotate_key_age	2
 innodb_encryption_rotation_iops	100
 innodb_encryption_threads	4
diff --git a/mysql-test/suite/encryption/r/innodb_encrypt_log.result b/mysql-test/suite/encryption/r/innodb_encrypt_log.result
index 0663890c685..b999e8cb34a 100644
--- a/mysql-test/suite/encryption/r/innodb_encrypt_log.result
+++ b/mysql-test/suite/encryption/r/innodb_encrypt_log.result
@@ -22,6 +22,8 @@ key (col_int_key),
 key (col_char_key)
 ) ENGINE=InnoDB ENCRYPTED=YES ENCRYPTION_KEY_ID=1;
 CREATE TEMPORARY TABLE t LIKE t0;
+Warnings:
+Warning	1478	Ignoring encryption parameter during temporary table creation.
 INSERT INTO t VALUES
 (NULL,1,1,'private','secret'),(NULL,2,2,'sacred','success'),
 (NULL,3,3,'story','secure'),(NULL,4,4,'security','sacrament');
diff --git a/mysql-test/suite/encryption/r/innodb_encrypt_temporary_tables.result b/mysql-test/suite/encryption/r/innodb_encrypt_temporary_tables.result
new file mode 100644
index 00000000000..9a291ae1354
--- /dev/null
+++ b/mysql-test/suite/encryption/r/innodb_encrypt_temporary_tables.result
@@ -0,0 +1,19 @@
+SELECT variable_value into @old_encrypted FROM information_schema.global_status
+WHERE variable_name = 'innodb_encryption_n_temp_blocks_encrypted';
+SELECT variable_value into @old_decrypted FROM information_schema.global_status
+WHERE variable_name = 'innodb_encryption_n_temp_blocks_decrypted';
+CREATE TEMPORARY TABLE t1(f1 CHAR(200), f2 CHAR(200)) ENGINE=InnoDB;
+INSERT INTO t1 (f1,f2) SELECT '', '' FROM seq_1_to_8192;
+CREATE TEMPORARY TABLE t2(f1 CHAR(100), f2 CHAR(200), f3 CHAR(200))ENGINE=InnoDB;
+INSERT INTO t2 (f1,f2,f3) SELECT '', '', '' FROM seq_1_to_8192;
+SELECT COUNT(*) FROM t1;
+COUNT(*)
+8192
+SELECT variable_value > @old_encrypted FROM information_schema.global_status
+WHERE variable_name = 'innodb_encryption_n_temp_blocks_encrypted';
+variable_value > @old_encrypted
+1
+SELECT variable_value > @old_decrypted FROM information_schema.global_status
+WHERE variable_name = 'innodb_encryption_n_temp_blocks_decrypted';
+variable_value > @old_decrypted
+1
diff --git a/mysql-test/suite/encryption/r/innodb_encryption.result b/mysql-test/suite/encryption/r/innodb_encryption.result
index 7b7601a289c..75614c6b88c 100644
--- a/mysql-test/suite/encryption/r/innodb_encryption.result
+++ b/mysql-test/suite/encryption/r/innodb_encryption.result
@@ -3,6 +3,7 @@ SHOW VARIABLES LIKE 'innodb_encrypt%';
 Variable_name	Value
 innodb_encrypt_log	ON
 innodb_encrypt_tables	ON
+innodb_encrypt_temporary_tables	OFF
 innodb_encryption_rotate_key_age	15
 innodb_encryption_rotation_iops	100
 innodb_encryption_threads	4
@@ -57,6 +58,7 @@ SHOW VARIABLES LIKE 'innodb_encrypt%';
 Variable_name	Value
 innodb_encrypt_log	ON
 innodb_encrypt_tables	OFF
+innodb_encrypt_temporary_tables	OFF
 innodb_encryption_rotate_key_age	15
 innodb_encryption_rotation_iops	100
 innodb_encryption_threads	0
diff --git a/mysql-test/suite/encryption/t/innodb_encrypt_temporary_tables.opt b/mysql-test/suite/encryption/t/innodb_encrypt_temporary_tables.opt
new file mode 100644
index 00000000000..70797302d01
--- /dev/null
+++ b/mysql-test/suite/encryption/t/innodb_encrypt_temporary_tables.opt
@@ -0,0 +1,2 @@
+--innodb_buffer_pool_size=5M
+--innodb_encrypt_temporary_tables=1
diff --git a/mysql-test/suite/encryption/t/innodb_encrypt_temporary_tables.test b/mysql-test/suite/encryption/t/innodb_encrypt_temporary_tables.test
new file mode 100644
index 00000000000..6c16afa28f4
--- /dev/null
+++ b/mysql-test/suite/encryption/t/innodb_encrypt_temporary_tables.test
@@ -0,0 +1,23 @@
+--source include/have_sequence.inc
+--source include/have_innodb.inc
+--source include/have_file_key_management_plugin.inc
+
+SELECT variable_value into @old_encrypted FROM information_schema.global_status
+WHERE variable_name = 'innodb_encryption_n_temp_blocks_encrypted';
+
+SELECT variable_value into @old_decrypted FROM information_schema.global_status
+WHERE variable_name = 'innodb_encryption_n_temp_blocks_decrypted';
+
+CREATE TEMPORARY TABLE t1(f1 CHAR(200), f2 CHAR(200)) ENGINE=InnoDB;
+INSERT INTO t1 (f1,f2) SELECT '', '' FROM seq_1_to_8192;
+
+CREATE TEMPORARY TABLE t2(f1 CHAR(100), f2 CHAR(200), f3 CHAR(200))ENGINE=InnoDB;
+INSERT INTO t2 (f1,f2,f3) SELECT '', '', '' FROM seq_1_to_8192;
+
+SELECT COUNT(*) FROM t1;
+SELECT variable_value > @old_encrypted FROM information_schema.global_status
+WHERE variable_name = 'innodb_encryption_n_temp_blocks_encrypted';
+
+SELECT variable_value > @old_decrypted FROM information_schema.global_status
+WHERE variable_name = 'innodb_encryption_n_temp_blocks_decrypted';
+--source include/restart_mysqld.inc