ORC-991: Fix the bug of encrypted column read crash #905
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 2 commits
September 11, 2021 12:04
| @@ -279,12 +280,13 @@ private void buildEncodings(OrcProto.StripeFooter footer, | |||
| private long handleStream(long offset, | |||
| boolean[] columnInclude, | |||
| OrcProto.Stream stream, | |||
| StreamName.Area area, | |||
There was a problem hiding this comment.
Could you add area into the function description, too?
There was a problem hiding this comment.
Added in cb829a1. But the javadoc generation failed. It seems to be caused by network instability.
|
|
||
| import static org.junit.jupiter.api.Assertions.assertEquals; | ||
|
|
||
| public class TestEncryption { |
There was a problem hiding this comment.
Thank you for adding this.
|
@dongjoon-hyun Thanks for the review. I added an additional fix: Decimal64TreeWriter data stream are not bound to encryption |
dongjoon-hyun
approved these changes
Sep 12, 2021
There was a problem hiding this comment.
+1, LGTM. Thank you so much, @guiyanakuang .
Merged to main/1.7/1.6.
dongjoon-hyun
pushed a commit
that referenced
this pull request
Sep 12, 2021
### What changes were proposed in this pull request?
1. RowIndex is never marked as encrypted. The StreamName constructor adds encryption to make rowIndex encrypted when needed.
TreeWriterBase.java
```java
public void writeStripe(int requiredIndexEntries) throws IOException {
.....
- context.writeIndex(new StreamName(id, OrcProto.Stream.Kind.ROW_INDEX), rowIndex);
+ context.writeIndex(new StreamName(id, OrcProto.Stream.Kind.ROW_INDEX, encryption), rowIndex);
.....
}
```
2. findStreams in StripePlanner.java total offset order and write inconsistency.
finalizeStripe In PhysicalFsWriter.java
> 1. write the unencrypted index streams
> 2. write the encrypted index streams
> 3. write the unencrypted data streams
> 4. write the encrypted data streams
```java
@OverRide
public void finalizeStripe(OrcProto.StripeFooter.Builder footerBuilder,
OrcProto.StripeInformation.Builder dirEntry
) throws IOException {
.....
// write the unencrypted index streams
unencrypted.writeStreams(StreamName.Area.INDEX, rawWriter);
// write the encrypted index streams
for (VariantTracker variant: variants.values()) {
variant.writeStreams(StreamName.Area.INDEX, rawWriter);
}
// write the unencrypted data streams
unencrypted.writeStreams(StreamName.Area.DATA, rawWriter);
// write out the encrypted data streams
for (VariantTracker variant: variants.values()) {
variant.writeStreams(StreamName.Area.DATA, rawWriter);
}
.....
}
```
findStreams in StripePlanner.java
> 1. total offset the unencrypted index/data streams
> 2. total offset encrypted index/data streams
```java
private void findStreams(long streamStart,
OrcProto.StripeFooter footer,
boolean[] columnInclude) throws IOException {
long currentOffset = streamStart;
Arrays.fill(bloomFilterKinds, null);
for(OrcProto.Stream stream: footer.getStreamsList()) {
currentOffset += handleStream(currentOffset, columnInclude, stream, null);
}
// Add the encrypted streams that we are using
for(ReaderEncryptionVariant variant: encryption.getVariants()) {
int variantId = variant.getVariantId();
OrcProto.StripeEncryptionVariant stripeVariant =
footer.getEncryption(variantId);
for(OrcProto.Stream stream: stripeVariant.getStreamsList()) {
currentOffset += handleStream(currentOffset, columnInclude, stream, variant);
}
}
}
```
Causes misalignment of data reading.
This pr ensures that the read offset is consistent with the write.
3. Fix Decimal64TreeWriter stream not binding encryption.
### Why are the changes needed?
Fix the bug of encrypted column read crash.
### How was this patch tested?
Added unit test for reading encrypted columns.
(cherry picked from commit 792c3f8)
Signed-off-by: Dongjoon Hyun <[email protected]>
|
For branch-1.6, I changed the test suite into old JUnit style during backporting. |
dongjoon-hyun
pushed a commit
that referenced
this pull request
Sep 12, 2021
1. RowIndex is never marked as encrypted. The StreamName constructor adds encryption to make rowIndex encrypted when needed.
TreeWriterBase.java
```java
public void writeStripe(int requiredIndexEntries) throws IOException {
.....
- context.writeIndex(new StreamName(id, OrcProto.Stream.Kind.ROW_INDEX), rowIndex);
+ context.writeIndex(new StreamName(id, OrcProto.Stream.Kind.ROW_INDEX, encryption), rowIndex);
.....
}
```
2. findStreams in StripePlanner.java total offset order and write inconsistency.
finalizeStripe In PhysicalFsWriter.java
> 1. write the unencrypted index streams
> 2. write the encrypted index streams
> 3. write the unencrypted data streams
> 4. write the encrypted data streams
```java
@OverRide
public void finalizeStripe(OrcProto.StripeFooter.Builder footerBuilder,
OrcProto.StripeInformation.Builder dirEntry
) throws IOException {
.....
// write the unencrypted index streams
unencrypted.writeStreams(StreamName.Area.INDEX, rawWriter);
// write the encrypted index streams
for (VariantTracker variant: variants.values()) {
variant.writeStreams(StreamName.Area.INDEX, rawWriter);
}
// write the unencrypted data streams
unencrypted.writeStreams(StreamName.Area.DATA, rawWriter);
// write out the encrypted data streams
for (VariantTracker variant: variants.values()) {
variant.writeStreams(StreamName.Area.DATA, rawWriter);
}
.....
}
```
findStreams in StripePlanner.java
> 1. total offset the unencrypted index/data streams
> 2. total offset encrypted index/data streams
```java
private void findStreams(long streamStart,
OrcProto.StripeFooter footer,
boolean[] columnInclude) throws IOException {
long currentOffset = streamStart;
Arrays.fill(bloomFilterKinds, null);
for(OrcProto.Stream stream: footer.getStreamsList()) {
currentOffset += handleStream(currentOffset, columnInclude, stream, null);
}
// Add the encrypted streams that we are using
for(ReaderEncryptionVariant variant: encryption.getVariants()) {
int variantId = variant.getVariantId();
OrcProto.StripeEncryptionVariant stripeVariant =
footer.getEncryption(variantId);
for(OrcProto.Stream stream: stripeVariant.getStreamsList()) {
currentOffset += handleStream(currentOffset, columnInclude, stream, variant);
}
}
}
```
Causes misalignment of data reading.
This pr ensures that the read offset is consistent with the write.
3. Fix Decimal64TreeWriter stream not binding encryption.
Fix the bug of encrypted column read crash.
Added unit test for reading encrypted columns.
(cherry picked from commit 792c3f8)
Signed-off-by: Dongjoon Hyun <[email protected]>
(cherry picked from commit a3de6da)
Signed-off-by: Dongjoon Hyun <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What changes were proposed in this pull request?
TreeWriterBase.java
finalizeStripe In PhysicalFsWriter.java
findStreams in StripePlanner.java
Causes misalignment of data reading.
This pr ensures that the read offset is consistent with the write.
Why are the changes needed?
Fix the bug of encrypted column read crash.
How was this patch tested?
Added unit test for reading encrypted columns.