summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2012-08-17 03:30:22 +0200
committerLennart Poettering <lennart@poettering.net>2012-08-17 03:30:22 +0200
commit6c7be122acd666d4e93541179d89747aa12efb67 (patch)
tree7c11b01dc0f418cafba78f6dd45376b703a6e083
parent356fe3e6c623c831050c835782aec9e50f6262ba (diff)
journal: after verification output validated time range
-rw-r--r--src/journal/journal-verify.c28
-rw-r--r--src/journal/journal-verify.h2
-rw-r--r--src/journal/journalctl.c13
-rw-r--r--src/journal/test-journal-verify.c12
4 files changed, 45 insertions, 10 deletions
diff --git a/src/journal/journal-verify.c b/src/journal/journal-verify.c
index 598fc9bead..f9a930e42e 100644
--- a/src/journal/journal-verify.c
+++ b/src/journal/journal-verify.c
@@ -36,8 +36,6 @@
/* FIXME:
*
* - write bit mucking test
- * - tag timestamps should be between entry timestamps
- * - output validated time ranges
* - evolve key even if nothing happened in regular intervals
*
* - Allow building without libgcrypt
@@ -652,7 +650,10 @@ static int journal_file_parse_verification_key(JournalFile *f, const char *key)
return 0;
}
-int journal_file_verify(JournalFile *f, const char *key) {
+int journal_file_verify(
+ JournalFile *f,
+ const char *key,
+ usec_t *first_validated, usec_t *last_validated, usec_t *last_contained) {
int r;
Object *o;
uint64_t p = 0, last_tag = 0, last_epoch = 0, last_tag_realtime = 0;
@@ -749,6 +750,12 @@ int journal_file_verify(JournalFile *f, const char *key) {
break;
case OBJECT_ENTRY:
+ if ((le32toh(f->header->compatible_flags) & HEADER_COMPATIBLE_SEALED) && n_tags <= 0) {
+ log_error("First entry before first tag at %llu", (unsigned long long) p);
+ r = -EBADMSG;
+ goto fail;
+ }
+
r = write_uint64(entry_fd, p);
if (r < 0)
goto fail;
@@ -854,7 +861,7 @@ int journal_file_verify(JournalFile *f, const char *key) {
break;
case OBJECT_TAG: {
- uint64_t q;
+ uint64_t q, rt;
if (!(le32toh(f->header->compatible_flags) & HEADER_COMPATIBLE_SEALED)) {
log_error("Tag object in file without sealing at %llu", (unsigned long long) p);
@@ -876,8 +883,8 @@ int journal_file_verify(JournalFile *f, const char *key) {
goto fail;
}
- last_tag_realtime = (o->tag.epoch + 1) * f->fss_interval_usec + f->fss_start_usec;
- if (entry_realtime_set && entry_realtime >= last_tag_realtime) {
+ rt = (o->tag.epoch + 1) * f->fss_interval_usec + f->fss_start_usec;
+ if (entry_realtime_set && entry_realtime >= rt) {
log_error("Tag/entry realtime timestamp out of synchronization at %llu", (unsigned long long) p);
r = -EBADMSG;
goto fail;
@@ -929,6 +936,8 @@ int journal_file_verify(JournalFile *f, const char *key) {
f->hmac_running = false;
last_tag = p + ALIGN64(le64toh(o->object.size));
+ last_tag_realtime = rt;
+
n_tags ++;
break;
}
@@ -1056,6 +1065,13 @@ int journal_file_verify(JournalFile *f, const char *key) {
close_nointr_nofail(entry_fd);
close_nointr_nofail(entry_array_fd);
+ if (first_validated)
+ *first_validated = le64toh(f->header->head_entry_realtime);
+ if (last_validated)
+ *last_validated = last_tag_realtime;
+ if (last_contained)
+ *last_contained = le64toh(f->header->tail_entry_realtime);
+
return 0;
fail:
diff --git a/src/journal/journal-verify.h b/src/journal/journal-verify.h
index 3ebdd5e7f2..e4449c6ad7 100644
--- a/src/journal/journal-verify.h
+++ b/src/journal/journal-verify.h
@@ -23,4 +23,4 @@
#include "journal-file.h"
-int journal_file_verify(JournalFile *f, const char *key);
+int journal_file_verify(JournalFile *f, const char *key, usec_t *first_validated, usec_t *last_validated, usec_t *last_contained);
diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
index 0df8ce57fd..5c21ab0adf 100644
--- a/src/journal/journalctl.c
+++ b/src/journal/journalctl.c
@@ -618,21 +618,30 @@ static int verify(sd_journal *j) {
HASHMAP_FOREACH(f, j->files, i) {
int k;
+ usec_t from, to, total;
#ifdef HAVE_GCRYPT
if (!arg_verify_key && journal_file_fss_enabled(f))
log_warning("Journal file %s has sealing enabled but verification key has not been passed using --verify-key=.", f->path);
#endif
- k = journal_file_verify(f, arg_verify_key);
+ k = journal_file_verify(f, arg_verify_key, &from, &to, &total);
if (k == -EINVAL) {
/* If the key was invalid give up right-away. */
return k;
} else if (k < 0) {
log_warning("FAIL: %s (%s)", f->path, strerror(-k));
r = k;
- } else
+ } else {
+ char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX], c[FORMAT_TIMESPAN_MAX];
log_info("PASS: %s", f->path);
+
+ if (journal_file_fss_enabled(f))
+ log_info("=> Validated from %s to %s, %s missing",
+ format_timestamp(a, sizeof(a), from),
+ format_timestamp(b, sizeof(b), to),
+ format_timespan(c, sizeof(c), total > to ? total - to : 0));
+ }
}
return r;
diff --git a/src/journal/test-journal-verify.c b/src/journal/test-journal-verify.c
index 9a99bcba4b..df0a5ddef9 100644
--- a/src/journal/test-journal-verify.c
+++ b/src/journal/test-journal-verify.c
@@ -36,6 +36,10 @@ int main(int argc, char *argv[]) {
unsigned n;
JournalFile *f;
const char *verification_key = argv[1];
+ usec_t from, to, total;
+ char a[FORMAT_TIMESTAMP_MAX];
+ char b[FORMAT_TIMESTAMP_MAX];
+ char c[FORMAT_TIMESPAN_MAX];
log_set_max_level(LOG_DEBUG);
@@ -71,7 +75,13 @@ int main(int argc, char *argv[]) {
journal_file_print_header(f);
- assert_se(journal_file_verify(f, verification_key) >= 0);
+ assert_se(journal_file_verify(f, verification_key, &from, &to, &total) >= 0);
+
+ log_info("=> Validated from %s to %s, %s missing",
+ format_timestamp(a, sizeof(a), from),
+ format_timestamp(b, sizeof(b), to),
+ format_timespan(c, sizeof(c), total > to ? total - to : 0));
+
journal_file_close(f);
log_info("Exiting...");