]>
git.ipfire.org Git - thirdparty/systemd.git/blob - src/journal/test-journal-verify.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
7 #include "chattr-util.h"
10 #include "journal-file.h"
11 #include "journal-verify.h"
14 #include "terminal-util.h"
18 #define N_ENTRIES 6000
19 #define RANDOM_RANGE 77
21 static void bit_toggle(const char *fn
, uint64_t p
) {
26 fd
= open(fn
, O_RDWR
|O_CLOEXEC
);
29 r
= pread(fd
, &b
, 1, p
/8);
34 r
= pwrite(fd
, &b
, 1, p
/8);
40 static int raw_verify(const char *fn
, const char *verification_key
) {
44 r
= journal_file_open(-1, fn
, O_RDONLY
, 0666, true, (uint64_t) -1, !!verification_key
, NULL
, NULL
, NULL
, NULL
, &f
);
48 r
= journal_file_verify(f
, verification_key
, NULL
, NULL
, NULL
, false);
49 (void) journal_file_close(f
);
54 int main(int argc
, char *argv
[]) {
55 char t
[] = "/var/tmp/journal-XXXXXX";
58 const char *verification_key
= argv
[1];
59 usec_t from
= 0, to
= 0, total
= 0;
60 char a
[FORMAT_TIMESTAMP_MAX
];
61 char b
[FORMAT_TIMESTAMP_MAX
];
62 char c
[FORMAT_TIMESPAN_MAX
];
66 /* journal_file_open requires a valid machine id */
67 if (access("/etc/machine-id", F_OK
) != 0)
68 return log_tests_skipped("/etc/machine-id not found");
70 test_setup_logging(LOG_DEBUG
);
72 assert_se(mkdtemp(t
));
73 assert_se(chdir(t
) >= 0);
74 (void) chattr_path(t
, FS_NOCOW_FL
, FS_NOCOW_FL
, NULL
);
76 log_info("Generating...");
78 assert_se(journal_file_open(-1, "test.journal", O_RDWR
|O_CREAT
, 0666, true, (uint64_t) -1, !!verification_key
, NULL
, NULL
, NULL
, NULL
, &f
) == 0);
80 for (n
= 0; n
< N_ENTRIES
; n
++) {
82 struct dual_timestamp ts
;
85 dual_timestamp_get(&ts
);
87 assert_se(asprintf(&test
, "RANDOM=%lu", random() % RANDOM_RANGE
));
89 iovec
= IOVEC_MAKE_STRING(test
);
91 assert_se(journal_file_append_entry(f
, &ts
, NULL
, &iovec
, 1, NULL
, NULL
, NULL
) == 0);
96 (void) journal_file_close(f
);
98 log_info("Verifying...");
100 assert_se(journal_file_open(-1, "test.journal", O_RDONLY
, 0666, true, (uint64_t) -1, !!verification_key
, NULL
, NULL
, NULL
, NULL
, &f
) == 0);
101 /* journal_file_print_header(f); */
102 journal_file_dump(f
);
104 assert_se(journal_file_verify(f
, verification_key
, &from
, &to
, &total
, true) >= 0);
106 if (verification_key
&& JOURNAL_HEADER_SEALED(f
->header
))
107 log_info("=> Validated from %s to %s, %s missing",
108 format_timestamp(a
, sizeof(a
), from
),
109 format_timestamp(b
, sizeof(b
), to
),
110 format_timespan(c
, sizeof(c
), total
> to
? total
- to
: 0, 0));
112 (void) journal_file_close(f
);
114 if (verification_key
) {
115 log_info("Toggling bits...");
117 assert_se(stat("test.journal", &st
) >= 0);
119 for (p
= 38448*8+0; p
< ((uint64_t) st
.st_size
* 8); p
++) {
120 bit_toggle("test.journal", p
);
122 log_info("[ %"PRIu64
"+%"PRIu64
"]", p
/ 8, p
% 8);
124 if (raw_verify("test.journal", verification_key
) >= 0)
125 log_notice(ANSI_HIGHLIGHT_RED
">>>> %"PRIu64
" (bit %"PRIu64
") can be toggled without detection." ANSI_NORMAL
, p
/ 8, p
% 8);
127 bit_toggle("test.journal", p
);
131 log_info("Exiting...");
133 assert_se(rm_rf(t
, REMOVE_ROOT
|REMOVE_PHYSICAL
) >= 0);