InnoDB Data Scrubbing
This feature allows for the secure deletion of data by overwriting deleted records in tablespaces and logs to prevent data recovery.
Most of the background and redo log scrubbing code has been removed in MariaDB 10.5.2. See MDEV-15528 and MDEV-21870.
Sometimes there is a requirement that when some data is deleted, it is really gone. This might be the case when one stores user's personal information or some other sensitive data. Normally though, when a row is deleted, the space is only marked as free on the page. It may eventually be overwritten, but there is no guarantee when that will happen. A copy of the deleted rows may also be present in the log files.
Support for InnoDB data scrubbing: Background threads periodically scan tablespaces and logs and remove all data that should be deleted. The number of background threads for tablespace scans is set by innodb-encryption-threads. Log scrubbing happens in a separate thread.
To configure scrubbing one can use the following variables:
Seconds
Check at this intervall if tablespaces needs scrubbing. Deprecated and ignored.
Boolean
Enable scrubbing of compressed data by background threads. Deprecated and ignored.
Seconds
Scrub spaces that were last scrubbed longer than this many seconds ago. Deprecated and ignored.
Boolean
Enable scrubbing of uncompressed data by background threads. Deprecated and ignored.
Redo log scrubbing did not fully work as intended, and was deprecated and ignored in MariaDB 10.5.2 (MDEV-21870). If old log contents should be kept secret, enabling innodb_encrypt_log or setting a smaller innodb_log_file_size could help.
The Information Schema INNODB_TABLESPACES_SCRUBBING table contains scrubbing information.
Thanks
Scrubbing was donated to the MariaDB project by Google.
This page is licensed: CC BY-SA / Gnu FDL
Last updated
Was this helpful?