journal-authenticate.c revision 671e021c92c835c6c701dc61463149d05b6f31af
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering This file is part of systemd.
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering Copyright 2012 Lennart Poettering
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering systemd is free software; you can redistribute it and/or modify it
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering under the terms of the GNU Lesser General Public License as published by
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering the Free Software Foundation; either version 2.1 of the License, or
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering (at your option) any later version.
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering systemd is distributed in the hope that it will be useful, but
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering WITHOUT ANY WARRANTY; without even the implied warranty of
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering Lesser General Public License for more details.
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering You should have received a copy of the GNU Lesser General Public License
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering along with systemd; If not, see <http://www.gnu.org/licenses/>.
07630cea1f3a845c09309f197ac7c4f11edd3b62Lennart Poetteringstatic uint64_t journal_file_tag_seqnum(JournalFile *f) {
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poetteringint journal_file_append_tag(JournalFile *f) {
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering r = journal_file_append_object(f, OBJECT_TAG, sizeof(struct TagObject), &o, &p);
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering o->tag.seqnum = htole64(journal_file_tag_seqnum(f));
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering o->tag.epoch = htole64(FSPRG_GetEpoch(f->fsprg_state));
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering log_debug("Writing tag %llu for epoch %llu\n",
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering (unsigned long long) le64toh(o->tag.seqnum),
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering (unsigned long long) FSPRG_GetEpoch(f->fsprg_state));
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering /* Add the tag object itself, so that we can protect its
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering * header. This will exclude the actual hash value in it */
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering r = journal_file_hmac_put_object(f, OBJECT_TAG, p);
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering /* Get the HMAC tag and store it in the object */
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering memcpy(o->tag.tag, gcry_md_read(f->hmac, 0), TAG_LENGTH);
1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poetteringint journal_file_hmac_start(JournalFile *f) {
1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering uint8_t key[256 / 8]; /* Let's pass 256 bit from FSPRG to HMAC */
1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering /* Prepare HMAC for next cycle */
1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering FSPRG_GetKey(f->fsprg_state, key, sizeof(key), 0);
1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering gcry_md_setkey(f->hmac, key, sizeof(key));
da927ba997d68401563b927f92e6e40e021a8e5cMichal Schmidtstatic int journal_file_get_epoch(JournalFile *f, uint64_t realtime, uint64_t *epoch) {
1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poetteringstatic int journal_file_fsprg_need_evolve(JournalFile *f, uint64_t realtime) {
af49ca27ffd790d78dbbb465b978266dfd5c93daLennart Poettering r = journal_file_get_epoch(f, realtime, &goal);
af49ca27ffd790d78dbbb465b978266dfd5c93daLennart Poetteringint journal_file_fsprg_evolve(JournalFile *f, uint64_t realtime) {
1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering r = journal_file_get_epoch(f, realtime, &goal);
ec2c5e4398f9d65e5dfe61530f2556224733d1e6Lennart Poettering log_debug("Evolving FSPRG key from epoch %llu to %llu.", (unsigned long long) epoch, (unsigned long long) goal);
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poetteringint journal_file_fsprg_seek(JournalFile *f, uint64_t goal) {
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering /* Cheaper... */
1ade96e980d3c0855a04140f4728b3ffd429bbeaLennart Poettering f->fsprg_state_size = FSPRG_stateinbytes(FSPRG_RECOMMENDED_SECPAR);
1ade96e980d3c0855a04140f4728b3ffd429bbeaLennart Poettering f->fsprg_state = malloc(f->fsprg_state_size);
5cb36f41f01cf4b1f4395abfffd1b33116591e58Lennart Poettering log_debug("Seeking FSPRG key to %llu.", (unsigned long long) goal);
6f4dedb250f2d607eceefaa491f338becbeee7c0Tom Gundersen msk = alloca(FSPRG_mskinbytes(FSPRG_RECOMMENDED_SECPAR));
0eac462399c8e87bcce252cf058eba9f2678f2bdLennart Poettering FSPRG_GenMK(msk, NULL, f->fsprg_seed, f->fsprg_seed_size, FSPRG_RECOMMENDED_SECPAR);
6f4dedb250f2d607eceefaa491f338becbeee7c0Tom Gundersen FSPRG_Seek(f->fsprg_state, goal, msk, f->fsprg_seed, f->fsprg_seed_size);
6f4dedb250f2d607eceefaa491f338becbeee7c0Tom Gundersenint journal_file_maybe_append_tag(JournalFile *f, uint64_t realtime) {
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering r = journal_file_fsprg_need_evolve(f, realtime);
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering r = journal_file_fsprg_evolve(f, realtime);
d6731e4c7964ee2860d4f5abdb0b52acd7a66960Tom Gundersenint journal_file_hmac_put_object(JournalFile *f, int type, uint64_t p) {
19b50b5ba7ee8c1bfb330377309e4bab7a7531d8Lennart Poettering r = journal_file_move_to_object(f, type, p, &o);
af49ca27ffd790d78dbbb465b978266dfd5c93daLennart Poettering gcry_md_write(f->hmac, o, offsetof(ObjectHeader, payload));
aaa297d4e5401fd4466632555432774863457f1dLennart Poettering /* All but hash and payload are mutable */
aaa297d4e5401fd4466632555432774863457f1dLennart Poettering gcry_md_write(f->hmac, &o->data.hash, sizeof(o->data.hash));
aaa297d4e5401fd4466632555432774863457f1dLennart Poettering gcry_md_write(f->hmac, o->data.payload, le64toh(o->object.size) - offsetof(DataObject, payload));
aaa297d4e5401fd4466632555432774863457f1dLennart Poettering gcry_md_write(f->hmac, &o->entry.seqnum, le64toh(o->object.size) - offsetof(EntryObject, seqnum));
aaa297d4e5401fd4466632555432774863457f1dLennart Poettering /* Nothing: everything is mutable */
aaa297d4e5401fd4466632555432774863457f1dLennart Poettering /* All but the tag itself */
aaa297d4e5401fd4466632555432774863457f1dLennart Poettering gcry_md_write(f->hmac, &o->tag.seqnum, sizeof(o->tag.seqnum));
aaa297d4e5401fd4466632555432774863457f1dLennart Poettering gcry_md_write(f->hmac, &o->tag.epoch, sizeof(o->tag.epoch));
2e1bab34bdb1a5e849060afa8361b865ce39f87fLennart Poetteringint journal_file_hmac_put_header(JournalFile *f) {
ad6c04756115809d615dede330213d73edf732a8Lennart Poettering /* All but state+reserved, boot_id, arena_size,
2e1bab34bdb1a5e849060afa8361b865ce39f87fLennart Poettering * tail_object_offset, n_objects, n_entries,
2e1bab34bdb1a5e849060afa8361b865ce39f87fLennart Poettering * tail_entry_seqnum, head_entry_seqnum, entry_array_offset,
ad6c04756115809d615dede330213d73edf732a8Lennart Poettering * head_entry_realtime, tail_entry_realtime,
ad6c04756115809d615dede330213d73edf732a8Lennart Poettering * tail_entry_monotonic, n_data, n_fields, n_tags,
ad6c04756115809d615dede330213d73edf732a8Lennart Poettering * n_entry_arrays. */
2e1bab34bdb1a5e849060afa8361b865ce39f87fLennart Poettering gcry_md_write(f->hmac, f->header->signature, offsetof(Header, state) - offsetof(Header, signature));
2e1bab34bdb1a5e849060afa8361b865ce39f87fLennart Poettering gcry_md_write(f->hmac, &f->header->file_id, offsetof(Header, boot_id) - offsetof(Header, file_id));
2e1bab34bdb1a5e849060afa8361b865ce39f87fLennart Poettering gcry_md_write(f->hmac, &f->header->seqnum_id, offsetof(Header, arena_size) - offsetof(Header, seqnum_id));
2e1bab34bdb1a5e849060afa8361b865ce39f87fLennart Poettering gcry_md_write(f->hmac, &f->header->data_hash_table_offset, offsetof(Header, tail_object_offset) - offsetof(Header, data_hash_table_offset));
2e1bab34bdb1a5e849060afa8361b865ce39f87fLennart Poetteringint journal_file_fss_load(JournalFile *f) {
8a516214c4412e8a40544bd725a6d499a30cbbbfLennart Poettering if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss",
8a516214c4412e8a40544bd725a6d499a30cbbbfLennart Poettering fd = open(p, O_RDWR|O_CLOEXEC|O_NOCTTY, 0600);
8a516214c4412e8a40544bd725a6d499a30cbbbfLennart Poettering if (st.st_size < (off_t) sizeof(FSSHeader)) {
8a516214c4412e8a40544bd725a6d499a30cbbbfLennart Poettering m = mmap(NULL, PAGE_ALIGN(sizeof(FSSHeader)), PROT_READ, MAP_SHARED, fd, 0);
8a516214c4412e8a40544bd725a6d499a30cbbbfLennart Poettering if (memcmp(m->signature, FSS_HEADER_SIGNATURE, 8) != 0) {
a51c10485af349eb15faa4d1a63b9818bcf3e589Lennart Poettering if (le64toh(m->header_size) < sizeof(FSSHeader)) {
1ade96e980d3c0855a04140f4728b3ffd429bbeaLennart Poettering if (le64toh(m->fsprg_state_size) != FSPRG_stateinbytes(le16toh(m->fsprg_secpar))) {
a51c10485af349eb15faa4d1a63b9818bcf3e589Lennart Poettering f->fss_file_size = le64toh(m->header_size) + le64toh(m->fsprg_state_size);
a51c10485af349eb15faa4d1a63b9818bcf3e589Lennart Poettering if ((uint64_t) st.st_size < f->fss_file_size) {
a51c10485af349eb15faa4d1a63b9818bcf3e589Lennart Poettering if (!sd_id128_equal(machine, m->machine_id)) {
a51c10485af349eb15faa4d1a63b9818bcf3e589Lennart Poettering f->fss_file = mmap(NULL, PAGE_ALIGN(f->fss_file_size), PROT_READ|PROT_WRITE, MAP_SHARED, fd, 0);
bda2c408f8a739c19161818bcc842107f60652a2Tom Gundersen f->fss_start_usec = le64toh(f->fss_file->start_usec);
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering f->fss_interval_usec = le64toh(f->fss_file->interval_usec);
a51c10485af349eb15faa4d1a63b9818bcf3e589Lennart Poettering f->fsprg_state = (uint8_t*) f->fss_file + le64toh(f->fss_file->header_size);
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering f->fsprg_state_size = le64toh(f->fss_file->fsprg_state_size);
125ae29d1bc3a6362c9bb1acddbe09fe1b274cfcLennart Poettering munmap(m, PAGE_ALIGN(sizeof(FSSHeader)));
ad6c04756115809d615dede330213d73edf732a8Lennart Poetteringstatic void initialize_libgcrypt(void) {
ad6c04756115809d615dede330213d73edf732a8Lennart Poettering const char *p;
8a516214c4412e8a40544bd725a6d499a30cbbbfLennart Poettering if (gcry_control(GCRYCTL_INITIALIZATION_FINISHED_P))
a51c10485af349eb15faa4d1a63b9818bcf3e589Lennart Poettering gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
ec2c5e4398f9d65e5dfe61530f2556224733d1e6Lennart Poetteringint journal_file_hmac_setup(JournalFile *f) {
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering e = gcry_md_open(&f->hmac, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC);
ec2c5e4398f9d65e5dfe61530f2556224733d1e6Lennart Poetteringint journal_file_append_first_tag(JournalFile *f) {
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering p = le64toh(f->header->field_hash_table_offset);
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering if (p < offsetof(Object, hash_table.items))
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering r = journal_file_hmac_put_object(f, OBJECT_FIELD_HASH_TABLE, p);
1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering p = le64toh(f->header->data_hash_table_offset);
1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering if (p < offsetof(Object, hash_table.items))
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering r = journal_file_hmac_put_object(f, OBJECT_DATA_HASH_TABLE, p);
0eac462399c8e87bcce252cf058eba9f2678f2bdLennart Poetteringint journal_file_parse_verification_key(JournalFile *f, const char *key) {
2c27fbca2d88214bd305272308a370a962818f1eLennart Poettering const char *k;
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering for (c = 0; c < seed_size; c++) {
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering while (*k == '-')
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering if (*k != '/') {
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering r = sscanf(k, "%llx-%llx", &start, &interval);
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poetteringbool journal_file_next_evolve_usec(JournalFile *f, usec_t *u) {
623a4c97b9175f95c4b1c6fc34e36c56f1e4ddbfLennart Poettering *u = (usec_t) (f->fss_start_usec + f->fss_interval_usec * epoch + f->fss_interval_usec);