diff options
| -rw-r--r-- | src/journal/journal-file.c | 13 | ||||
| -rw-r--r-- | src/journal/journald-server.c | 12 | 
2 files changed, 23 insertions, 2 deletions
| diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c index e26c8223d8..49199b269f 100644 --- a/src/journal/journal-file.c +++ b/src/journal/journal-file.c @@ -568,8 +568,8 @@ static int journal_file_verify_header(JournalFile *f) {                  return -ENODATA;          if (f->writable) { -                uint8_t state;                  sd_id128_t machine_id; +                uint8_t state;                  int r;                  r = sd_id128_get_machine(&machine_id); @@ -590,6 +590,14 @@ static int journal_file_verify_header(JournalFile *f) {                          log_debug("Journal file %s has unknown state %i.", f->path, state);                          return -EBUSY;                  } + +                /* Don't permit appending to files from the future. Because otherwise the realtime timestamps wouldn't +                 * be strictly ordered in the entries in the file anymore, and we can't have that since it breaks +                 * bisection. */ +                if (le64toh(f->header->tail_entry_realtime) > now(CLOCK_REALTIME)) { +                        log_debug("Journal file %s is from the future, refusing to append new data to it that'd be older.", f->path); +                        return -ETXTBSY; +                }          }          f->compress_xz = JOURNAL_HEADER_COMPRESSED_XZ(f->header); @@ -3330,7 +3338,8 @@ int journal_file_open_reliably(                      -EBUSY,             /* unclean shutdown */                      -ESHUTDOWN,         /* already archived */                      -EIO,               /* IO error, including SIGBUS on mmap */ -                    -EIDRM              /* File has been deleted */)) +                    -EIDRM,             /* File has been deleted */ +                    -ETXTBSY))          /* File is from the future */                  return r;          if ((flags & O_ACCMODE) == O_RDONLY) diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c index 28aea35d18..3224bdbf5f 100644 --- a/src/journal/journald-server.c +++ b/src/journal/journald-server.c @@ -595,32 +595,44 @@ static void server_cache_hostname(Server *s) {  static bool shall_try_append_again(JournalFile *f, int r) {          switch(r) { +          case -E2BIG:           /* Hit configured limit          */          case -EFBIG:           /* Hit fs limit                  */          case -EDQUOT:          /* Quota limit hit               */          case -ENOSPC:          /* Disk full                     */                  log_debug("%s: Allocation limit reached, rotating.", f->path);                  return true; +          case -EIO:             /* I/O error of some kind (mmap) */                  log_warning("%s: IO error, rotating.", f->path);                  return true; +          case -EHOSTDOWN:       /* Other machine                 */                  log_info("%s: Journal file from other machine, rotating.", f->path);                  return true; +          case -EBUSY:           /* Unclean shutdown              */                  log_info("%s: Unclean shutdown, rotating.", f->path);                  return true; +          case -EPROTONOSUPPORT: /* Unsupported feature           */                  log_info("%s: Unsupported feature, rotating.", f->path);                  return true; +          case -EBADMSG:         /* Corrupted                     */          case -ENODATA:         /* Truncated                     */          case -ESHUTDOWN:       /* Already archived              */                  log_warning("%s: Journal file corrupted, rotating.", f->path);                  return true; +          case -EIDRM:           /* Journal file has been deleted */                  log_warning("%s: Journal file has been deleted, rotating.", f->path);                  return true; + +        case -ETXTBSY:         /* Journal file is from the future */ +                log_warning("%s: Journal file is from the future, rotateing.", f->path); +                return true; +          default:                  return false;          } | 
