MDEV-14398 When innodb_encryption_rotate_key_age=0 is set,

	server won't encrypt tablespaces

Introduced new columns for innodb_tablespaces_encryption table in
information_schema. The new columns are
i) SIZE	- If it is NULL then the tablespace is not yet loaded.
ii) IS_ENCRYPT - To indicate whether tablespace is encrypted or not.

- Added new test case to display the unloaded tablespace in information
schema tables.

7 files changed, 129 insertions, 15 deletions

diff --git a/mysql-test/suite/encryption/r/i_s_encrypt_deferred.result b/mysql-test/suite/encryption/r/i_s_encrypt_deferred.result
new file mode 100644
index 00000000000..575ed7be75e
--- /dev/null
+++ b/mysql-test/suite/encryption/r/i_s_encrypt_deferred.result
@@ -0,0 +1,28 @@
+CREATE TABLE t1 (f1 INT, f2 VARCHAR(256))engine=innodb;
+INSERT INTO t1 VALUES(1, "MariaDB"), (2, "Robot"), (3, "Science");
+INSERT INTO t1 SELECT * FROM t1;
+CREATE TABLE t2(f1 INT, f2 VARCHAR(256))engine=innodb;
+INSERT INTO t2 SELECT * FROM t1;
+# Restart the server with encryption and
+# innodb_encrypt_tables_deferred enabled.
+SELECT * FROM t2 LIMIT 1;
+f1	f2
+1	MariaDB
+# Display only unloaded tablespaces
+SELECT NAME, SIZE, IS_ENCRYPT FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION
+WHERE SIZE is NULL AND IS_ENCRYPT = 0;
+NAME	SIZE	IS_ENCRYPT
+test/t1	NULL	0
+# Restart the server with innodb_encrypt_tables disabled and
+# innodb_encrypt_tables_deferred enabled.
+SELECT * FROM t2 LIMIT 1;
+f1	f2
+1	MariaDB
+# Display only unencrypted tablespaces
+SELECT NAME FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION = 0 AND SIZE IS NOT NULL;
+NAME
+./ibdata1
+mysql/innodb_index_stats
+mysql/innodb_table_stats
+test/t2
+DROP TABLE t2, t1;
diff --git a/mysql-test/suite/encryption/t/i_s_encrypt_deferred.opt b/mysql-test/suite/encryption/t/i_s_encrypt_deferred.opt
new file mode 100644
index 00000000000..6303f756fa3
--- /dev/null
+++ b/mysql-test/suite/encryption/t/i_s_encrypt_deferred.opt
@@ -0,0 +1,5 @@
+--innodb-tablespaces-encryption
+--innodb_encryption_threads=1
+--innodb_encryption_rotate_key_age=100
+--innodb_buffer_pool_load_at_startup=0
+--innodb_encrypt_tables_deferred=1
diff --git a/mysql-test/suite/encryption/t/i_s_encrypt_deferred.test b/mysql-test/suite/encryption/t/i_s_encrypt_deferred.test
new file mode 100644
index 00000000000..867bd4a4316
--- /dev/null
+++ b/mysql-test/suite/encryption/t/i_s_encrypt_deferred.test
@@ -0,0 +1,38 @@
+-- source include/have_innodb.inc
+-- source include/not_embedded.inc
+-- source include/have_example_key_management_plugin.inc
+
+CREATE TABLE t1 (f1 INT, f2 VARCHAR(256))engine=innodb;
+INSERT INTO t1 VALUES(1, "MariaDB"), (2, "Robot"), (3, "Science");
+INSERT INTO t1 SELECT * FROM t1;
+
+CREATE TABLE t2(f1 INT, f2 VARCHAR(256))engine=innodb;
+INSERT INTO t2 SELECT * FROM t1;
+
+--echo # Restart the server with encryption and
+--echo # innodb_encrypt_tables_deferred enabled.
+
+let $restart_parameters= --innodb_encrypt_tables=ON;
+--source include/restart_mysqld.inc
+
+SELECT * FROM t2 LIMIT 1;
+
+--echo # Display only unloaded tablespaces
+SELECT NAME, SIZE, IS_ENCRYPT FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION
+WHERE SIZE is NULL AND IS_ENCRYPT = 0;
+
+--echo # Restart the server with innodb_encrypt_tables disabled and
+--echo # innodb_encrypt_tables_deferred enabled.
+
+let $restart_parameters= --innodb_encrypt_tables=OFF;
+--source include/restart_mysqld.inc
+
+SELECT * FROM t2 LIMIT 1;
+
+--echo # Display only unencrypted tablespaces
+SELECT NAME FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION = 0 AND SIZE IS NOT NULL;
+
+let $restart_parameters=;
+--source include/restart_mysqld.inc
+
+DROP TABLE t2, t1;
diff --git a/mysql-test/suite/innodb/r/innodb_skip_innodb_is_tables.result b/mysql-test/suite/innodb/r/innodb_skip_innodb_is_tables.result
index 0a1f0391250..0fe5bb6d5f6 100644
--- a/mysql-test/suite/innodb/r/innodb_skip_innodb_is_tables.result
+++ b/mysql-test/suite/innodb/r/innodb_skip_innodb_is_tables.result
@@ -377,7 +377,7 @@ space_id	page_id	start_lsn	end_lsn
 Warnings:
 Warning	1012	InnoDB: SELECTing from INFORMATION_SCHEMA.innodb_changed_pages but the InnoDB storage engine is not installed
 select * from information_schema.innodb_tablespaces_encryption;
-SPACE	NAME	ENCRYPTION_SCHEME	KEYSERVER_REQUESTS	MIN_KEY_VERSION	CURRENT_KEY_VERSION	KEY_ROTATION_PAGE_NUMBER	KEY_ROTATION_MAX_PAGE_NUMBER	CURRENT_KEY_ID	ROTATING_OR_FLUSHING
+SPACE	NAME	ENCRYPTION_SCHEME	KEYSERVER_REQUESTS	MIN_KEY_VERSION	CURRENT_KEY_VERSION	KEY_ROTATION_PAGE_NUMBER	KEY_ROTATION_MAX_PAGE_NUMBER	CURRENT_KEY_ID	ROTATING_OR_FLUSHING	SIZE	IS_ENCRYPT
 Warnings:
 Warning	1012	InnoDB: SELECTing from INFORMATION_SCHEMA.innodb_tablespaces_encryption but the InnoDB storage engine is not installed
 select * from information_schema.innodb_tablespaces_scrubbing;
diff --git a/storage/innobase/fil/fil0crypt.cc b/storage/innobase/fil/fil0crypt.cc
index 891592f4d9a..757c034d684 100644
--- a/storage/innobase/fil/fil0crypt.cc
+++ b/storage/innobase/fil/fil0crypt.cc
@@ -2473,10 +2473,9 @@ fil_space_crypt_get_status(
 
 	ut_ad(space->n_pending_ops > 0);
 	fil_crypt_read_crypt_data(const_cast<fil_space_t*>(space));
-	status->space = ULINT_UNDEFINED;
+	status->space = space->id;
 
 	if (fil_space_crypt_t* crypt_data = space->crypt_data) {
-		status->space = space->id;
 		mutex_enter(&crypt_data->mutex);
 		status->scheme = crypt_data->type;
 		status->keyserver_requests = crypt_data->keyserver_requests;
diff --git a/storage/innobase/handler/i_s.cc b/storage/innobase/handler/i_s.cc
index f3e217d77ef..911467981b4 100644
--- a/storage/innobase/handler/i_s.cc
+++ b/storage/innobase/handler/i_s.cc
@@ -8200,6 +8200,24 @@ static ST_FIELD_INFO	innodb_tablespaces_encryption_fields_info[] =
 	 STRUCT_FLD(old_name,		""),
 	 STRUCT_FLD(open_method,	SKIP_OPEN_TABLE)},
 
+#define TABLESPACES_ENCRYPTION_SIZE	10
+	{STRUCT_FLD(field_name,		"SIZE"),
+	 STRUCT_FLD(field_length,	MY_INT64_NUM_DECIMAL_DIGITS),
+	 STRUCT_FLD(field_type,		MYSQL_TYPE_LONGLONG),
+	 STRUCT_FLD(value,		0),
+	 STRUCT_FLD(field_flags,	MY_I_S_UNSIGNED | MY_I_S_MAYBE_NULL),
+	 STRUCT_FLD(old_name,		""),
+	 STRUCT_FLD(open_method,	SKIP_OPEN_TABLE)},
+
+#define TABLESPACES_ENCRYPTION_IS_ENCRYPT	11
+	{STRUCT_FLD(field_name,		"IS_ENCRYPT"),
+	 STRUCT_FLD(field_length,	1),
+	 STRUCT_FLD(field_type,		MYSQL_TYPE_LONG),
+	 STRUCT_FLD(value,		0),
+	 STRUCT_FLD(field_flags,	MY_I_S_UNSIGNED),
+	 STRUCT_FLD(old_name,		""),
+	 STRUCT_FLD(open_method,	SKIP_OPEN_TABLE)},
+
 	END_OF_ST_FIELD_INFO
 };
 
@@ -8224,14 +8242,16 @@ i_s_dict_fill_tablespaces_encryption(
 
 	fields = table_to_fill->field;
 
-	fil_space_crypt_get_status(space, &status);
+	if (space->size) {
+		fields[TABLESPACES_ENCRYPTION_SIZE]->set_notnull();
 
-	/* If tablespace id does not match, we did not find
-	encryption information for this tablespace. */
-	if (!space->crypt_data || space->id != status.space) {
-		goto skip;
+		OK(fields[TABLESPACES_ENCRYPTION_SIZE]->store(space->size));
+	} else {
+		fields[TABLESPACES_ENCRYPTION_SIZE]->set_null();
 	}
 
+	fil_space_crypt_get_status(space, &status);
+
 	OK(fields[TABLESPACES_ENCRYPTION_SPACE]->store(space->id));
 
 	OK(field_store_string(fields[TABLESPACES_ENCRYPTION_NAME],
@@ -8264,9 +8284,11 @@ i_s_dict_fill_tablespaces_encryption(
 			->set_null();
 	}
 
+	OK(fields[TABLESPACES_ENCRYPTION_IS_ENCRYPT]->store(
+			space->crypt_data ? 1: 0));
+
 	OK(schema_table_store_record(thd, table_to_fill));
 
-skip:
 	DBUG_RETURN(0);
 }
 /*******************************************************************//**
diff --git a/storage/xtradb/handler/i_s.cc b/storage/xtradb/handler/i_s.cc
index 527761b5603..86c9d5e7d49 100644
--- a/storage/xtradb/handler/i_s.cc
+++ b/storage/xtradb/handler/i_s.cc
@@ -8512,6 +8512,24 @@ static ST_FIELD_INFO	innodb_tablespaces_encryption_fields_info[] =
 	 STRUCT_FLD(old_name,		""),
 	 STRUCT_FLD(open_method,	SKIP_OPEN_TABLE)},
 
+#define TABLESPACES_ENCRYPTION_SIZE	10
+	{STRUCT_FLD(field_name,		"SIZE"),
+	 STRUCT_FLD(field_length,	MY_INT64_NUM_DECIMAL_DIGITS),
+	 STRUCT_FLD(field_type,		MYSQL_TYPE_LONGLONG),
+	 STRUCT_FLD(value,		0),
+	 STRUCT_FLD(field_flags,	MY_I_S_UNSIGNED | MY_I_S_MAYBE_NULL),
+	 STRUCT_FLD(old_name,		""),
+	 STRUCT_FLD(open_method,	SKIP_OPEN_TABLE)},
+
+#define TABLESPACES_ENCRYPTION_IS_ENCRYPT	11
+	{STRUCT_FLD(field_name,		"IS_ENCRYPT"),
+	 STRUCT_FLD(field_length,	1),
+	 STRUCT_FLD(field_type,		MYSQL_TYPE_LONG),
+	 STRUCT_FLD(value,		0),
+	 STRUCT_FLD(field_flags,	MY_I_S_UNSIGNED),
+	 STRUCT_FLD(old_name,		""),
+	 STRUCT_FLD(open_method,	SKIP_OPEN_TABLE)},
+
 	END_OF_ST_FIELD_INFO
 };
 
@@ -8536,14 +8554,16 @@ i_s_dict_fill_tablespaces_encryption(
 
 	fields = table_to_fill->field;
 
-	fil_space_crypt_get_status(space, &status);
+	if (space->size) {
+		fields[TABLESPACES_ENCRYPTION_SIZE]->set_notnull();
 
-	/* If tablespace id does not match, we did not find
-	encryption information for this tablespace. */
-	if (!space->crypt_data || space->id != status.space) {
-		goto skip;
+		OK(fields[TABLESPACES_ENCRYPTION_SIZE]->store(space->size));
+	} else {
+		fields[TABLESPACES_ENCRYPTION_SIZE]->set_null();
 	}
 
+	fil_space_crypt_get_status(space, &status);
+
 	OK(fields[TABLESPACES_ENCRYPTION_SPACE]->store(space->id));
 
 	OK(field_store_string(fields[TABLESPACES_ENCRYPTION_NAME],
@@ -8576,9 +8596,11 @@ i_s_dict_fill_tablespaces_encryption(
 			->set_null();
 	}
 
+	OK(fields[TABLESPACES_ENCRYPTION_IS_ENCRYPT]->store(
+			space->crypt_data ? 1: 0));
+
 	OK(schema_table_store_record(thd, table_to_fill));
 
-skip:
 	DBUG_RETURN(0);
 }
 /*******************************************************************//**