diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/journal/journal-verify.c | 28 | ||||
-rw-r--r-- | src/journal/journal-verify.h | 2 | ||||
-rw-r--r-- | src/journal/journalctl.c | 13 | ||||
-rw-r--r-- | src/journal/test-journal-verify.c | 12 |
4 files changed, 45 insertions, 10 deletions
diff --git a/src/journal/journal-verify.c b/src/journal/journal-verify.c index 598fc9bead..f9a930e42e 100644 --- a/src/journal/journal-verify.c +++ b/src/journal/journal-verify.c @@ -36,8 +36,6 @@ /* FIXME: * * - write bit mucking test - * - tag timestamps should be between entry timestamps - * - output validated time ranges * - evolve key even if nothing happened in regular intervals * * - Allow building without libgcrypt @@ -652,7 +650,10 @@ static int journal_file_parse_verification_key(JournalFile *f, const char *key) return 0; } -int journal_file_verify(JournalFile *f, const char *key) { +int journal_file_verify( + JournalFile *f, + const char *key, + usec_t *first_validated, usec_t *last_validated, usec_t *last_contained) { int r; Object *o; uint64_t p = 0, last_tag = 0, last_epoch = 0, last_tag_realtime = 0; @@ -749,6 +750,12 @@ int journal_file_verify(JournalFile *f, const char *key) { break; case OBJECT_ENTRY: + if ((le32toh(f->header->compatible_flags) & HEADER_COMPATIBLE_SEALED) && n_tags <= 0) { + log_error("First entry before first tag at %llu", (unsigned long long) p); + r = -EBADMSG; + goto fail; + } + r = write_uint64(entry_fd, p); if (r < 0) goto fail; @@ -854,7 +861,7 @@ int journal_file_verify(JournalFile *f, const char *key) { break; case OBJECT_TAG: { - uint64_t q; + uint64_t q, rt; if (!(le32toh(f->header->compatible_flags) & HEADER_COMPATIBLE_SEALED)) { log_error("Tag object in file without sealing at %llu", (unsigned long long) p); @@ -876,8 +883,8 @@ int journal_file_verify(JournalFile *f, const char *key) { goto fail; } - last_tag_realtime = (o->tag.epoch + 1) * f->fss_interval_usec + f->fss_start_usec; - if (entry_realtime_set && entry_realtime >= last_tag_realtime) { + rt = (o->tag.epoch + 1) * f->fss_interval_usec + f->fss_start_usec; + if (entry_realtime_set && entry_realtime >= rt) { log_error("Tag/entry realtime timestamp out of synchronization at %llu", (unsigned long long) p); r = -EBADMSG; goto fail; @@ -929,6 +936,8 @@ int journal_file_verify(JournalFile *f, const char *key) { f->hmac_running = false; last_tag = p + ALIGN64(le64toh(o->object.size)); + last_tag_realtime = rt; + n_tags ++; break; } @@ -1056,6 +1065,13 @@ int journal_file_verify(JournalFile *f, const char *key) { close_nointr_nofail(entry_fd); close_nointr_nofail(entry_array_fd); + if (first_validated) + *first_validated = le64toh(f->header->head_entry_realtime); + if (last_validated) + *last_validated = last_tag_realtime; + if (last_contained) + *last_contained = le64toh(f->header->tail_entry_realtime); + return 0; fail: diff --git a/src/journal/journal-verify.h b/src/journal/journal-verify.h index 3ebdd5e7f2..e4449c6ad7 100644 --- a/src/journal/journal-verify.h +++ b/src/journal/journal-verify.h @@ -23,4 +23,4 @@ #include "journal-file.h" -int journal_file_verify(JournalFile *f, const char *key); +int journal_file_verify(JournalFile *f, const char *key, usec_t *first_validated, usec_t *last_validated, usec_t *last_contained); diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c index 0df8ce57fd..5c21ab0adf 100644 --- a/src/journal/journalctl.c +++ b/src/journal/journalctl.c @@ -618,21 +618,30 @@ static int verify(sd_journal *j) { HASHMAP_FOREACH(f, j->files, i) { int k; + usec_t from, to, total; #ifdef HAVE_GCRYPT if (!arg_verify_key && journal_file_fss_enabled(f)) log_warning("Journal file %s has sealing enabled but verification key has not been passed using --verify-key=.", f->path); #endif - k = journal_file_verify(f, arg_verify_key); + k = journal_file_verify(f, arg_verify_key, &from, &to, &total); if (k == -EINVAL) { /* If the key was invalid give up right-away. */ return k; } else if (k < 0) { log_warning("FAIL: %s (%s)", f->path, strerror(-k)); r = k; - } else + } else { + char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX], c[FORMAT_TIMESPAN_MAX]; log_info("PASS: %s", f->path); + + if (journal_file_fss_enabled(f)) + log_info("=> Validated from %s to %s, %s missing", + format_timestamp(a, sizeof(a), from), + format_timestamp(b, sizeof(b), to), + format_timespan(c, sizeof(c), total > to ? total - to : 0)); + } } return r; diff --git a/src/journal/test-journal-verify.c b/src/journal/test-journal-verify.c index 9a99bcba4b..df0a5ddef9 100644 --- a/src/journal/test-journal-verify.c +++ b/src/journal/test-journal-verify.c @@ -36,6 +36,10 @@ int main(int argc, char *argv[]) { unsigned n; JournalFile *f; const char *verification_key = argv[1]; + usec_t from, to, total; + char a[FORMAT_TIMESTAMP_MAX]; + char b[FORMAT_TIMESTAMP_MAX]; + char c[FORMAT_TIMESPAN_MAX]; log_set_max_level(LOG_DEBUG); @@ -71,7 +75,13 @@ int main(int argc, char *argv[]) { journal_file_print_header(f); - assert_se(journal_file_verify(f, verification_key) >= 0); + assert_se(journal_file_verify(f, verification_key, &from, &to, &total) >= 0); + + log_info("=> Validated from %s to %s, %s missing", + format_timestamp(a, sizeof(a), from), + format_timestamp(b, sizeof(b), to), + format_timespan(c, sizeof(c), total > to ? total - to : 0)); + journal_file_close(f); log_info("Exiting..."); |