edgelesssys / edgelessdb

EdgelessDB is a MySQL-compatible database for confidential computing. It runs entirely inside a secure enclave and comes with advanced features for collaboration, recovery, and access control.
https://edgeless.systems/products/edgelessdb
GNU General Public License v2.0
170 stars 17 forks source link

InnoDB enablement for EdgelessDB #125

Closed igorkonopko closed 2 years ago

igorkonopko commented 2 years ago

This PR adds the possibility to use InnoDB storage engine together with EdgelessDB. The most important changes are: -building and linking of necessary libraries within CMakeFiles -providing ability to configure NumTCS as a parameter to cmake, since InnoDB typically requires more threads than default 64 -necessary changes to Go runtime environment such as mounting directory for InnoDB files (edb-data) and providing the minimal number of MariaDB configuration parameters required to use InnoDB -changes to syscall hook/handler which implements additional file operations required in order to persistently store .mad/.mai files which are necessary for running InnoDB.

It also builds the file key management, which can be used to encrypt InnoDB files on drive, but it does not configure the proper keys for encryption, so this part must be done manually.

Additionally this PR requires some changes within edgeless-mariadb submodule which were submitted as a separate PR for appropriate repository.

netlify[bot] commented 2 years ago

Deploy Preview for edgelessdb-docs canceled.

Name Link
Latest commit 1d15d6c4982c801ac3b6be879dd90992217368fe
Latest deploy log https://app.netlify.com/sites/edgelessdb-docs/deploys/636d06967ce5550008a18ab6
CLAassistant commented 2 years ago

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

thomasten commented 2 years ago

Thank you, Igor! I'll merge this into a dev branch until we find time to add the missing pieces and secure it appropriately.