]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/journal/test-journal-verify.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
pkgconfig: define variables relative to ${prefix}/${rootprefix}/${sysconfdir}
[thirdparty/systemd.git] / src / journal / test-journal-verify.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2
3 #include <fcntl.h>
4 #include <stdio.h>
5 #include <unistd.h>
6
7 #include "fd-util.h"
8 #include "journal-file.h"
9 #include "journal-verify.h"
10 #include "log.h"
11 #include "rm-rf.h"
12 #include "terminal-util.h"
13 #include "tests.h"
14 #include "util.h"
15
16 #define N_ENTRIES 6000
17 #define RANDOM_RANGE 77
18
19 static void bit_toggle(const char *fn, uint64_t p) {
20 uint8_t b;
21 ssize_t r;
22 int fd;
23
24 fd = open(fn, O_RDWR|O_CLOEXEC);
25 assert_se(fd >= 0);
26
27 r = pread(fd, &b, 1, p/8);
28 assert_se(r == 1);
29
30 b ^= 1 << (p % 8);
31
32 r = pwrite(fd, &b, 1, p/8);
33 assert_se(r == 1);
34
35 safe_close(fd);
36 }
37
38 static int raw_verify(const char *fn, const char *verification_key) {
39 JournalFile *f;
40 int r;
41
42 r = journal_file_open(-1, fn, O_RDONLY, 0666, true, (uint64_t) -1, !!verification_key, NULL, NULL, NULL, NULL, &f);
43 if (r < 0)
44 return r;
45
46 r = journal_file_verify(f, verification_key, NULL, NULL, NULL, false);
47 (void) journal_file_close(f);
48
49 return r;
50 }
51
52 int main(int argc, char *argv[]) {
53 char t[] = "/tmp/journal-XXXXXX";
54 unsigned n;
55 JournalFile *f;
56 const char *verification_key = argv[1];
57 usec_t from = 0, to = 0, total = 0;
58 char a[FORMAT_TIMESTAMP_MAX];
59 char b[FORMAT_TIMESTAMP_MAX];
60 char c[FORMAT_TIMESPAN_MAX];
61 struct stat st;
62 uint64_t p;
63
64 /* journal_file_open requires a valid machine id */
65 if (access("/etc/machine-id", F_OK) != 0)
66 return log_tests_skipped("/etc/machine-id not found");
67
68 test_setup_logging(LOG_DEBUG);
69
70 assert_se(mkdtemp(t));
71 assert_se(chdir(t) >= 0);
72
73 log_info("Generating...");
74
75 assert_se(journal_file_open(-1, "test.journal", O_RDWR|O_CREAT, 0666, true, (uint64_t) -1, !!verification_key, NULL, NULL, NULL, NULL, &f) == 0);
76
77 for (n = 0; n < N_ENTRIES; n++) {
78 struct iovec iovec;
79 struct dual_timestamp ts;
80 char *test;
81
82 dual_timestamp_get(&ts);
83
84 assert_se(asprintf(&test, "RANDOM=%lu", random() % RANDOM_RANGE));
85
86 iovec.iov_base = (void*) test;
87 iovec.iov_len = strlen(test);
88
89 assert_se(journal_file_append_entry(f, &ts, NULL, &iovec, 1, NULL, NULL, NULL) == 0);
90
91 free(test);
92 }
93
94 (void) journal_file_close(f);
95
96 log_info("Verifying...");
97
98 assert_se(journal_file_open(-1, "test.journal", O_RDONLY, 0666, true, (uint64_t) -1, !!verification_key, NULL, NULL, NULL, NULL, &f) == 0);
99 /* journal_file_print_header(f); */
100 journal_file_dump(f);
101
102 assert_se(journal_file_verify(f, verification_key, &from, &to, &total, true) >= 0);
103
104 if (verification_key && JOURNAL_HEADER_SEALED(f->header))
105 log_info("=> Validated from %s to %s, %s missing",
106 format_timestamp(a, sizeof(a), from),
107 format_timestamp(b, sizeof(b), to),
108 format_timespan(c, sizeof(c), total > to ? total - to : 0, 0));
109
110 (void) journal_file_close(f);
111
112 if (verification_key) {
113 log_info("Toggling bits...");
114
115 assert_se(stat("test.journal", &st) >= 0);
116
117 for (p = 38448*8+0; p < ((uint64_t) st.st_size * 8); p ++) {
118 bit_toggle("test.journal", p);
119
120 log_info("[ %"PRIu64"+%"PRIu64"]", p / 8, p % 8);
121
122 if (raw_verify("test.journal", verification_key) >= 0)
123 log_notice(ANSI_HIGHLIGHT_RED ">>>> %"PRIu64" (bit %"PRIu64") can be toggled without detection." ANSI_NORMAL, p / 8, p % 8);
124
125 bit_toggle("test.journal", p);
126 }
127 }
128
129 log_info("Exiting...");
130
131 assert_se(rm_rf(t, REMOVE_ROOT|REMOVE_PHYSICAL) >= 0);
132
133 return 0;
134 }
Unnamed repository; edit this file 'description' to name the repository.