journal-verify.c revision a8e5f51484ba832e299a38f2a54e455e445d2896
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering This file is part of systemd.
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering Copyright 2012 Lennart Poettering
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering systemd is free software; you can redistribute it and/or modify it
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering under the terms of the GNU Lesser General Public License as published by
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering the Free Software Foundation; either version 2.1 of the License, or
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering (at your option) any later version.
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering systemd is distributed in the hope that it will be useful, but
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering WITHOUT ANY WARRANTY; without even the implied warranty of
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering Lesser General Public License for more details.
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering You should have received a copy of the GNU Lesser General Public License
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering along with systemd; If not, see <http://www.gnu.org/licenses/>.
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering * - verify FSPRG
322345fdb9865ef2477fba8e4bdde0e1183ef505Lennart Poettering * - Allow building without libgcrypt
b93312f5960b276bae915906ccde36f545bae3e0Zbigniew Jędrzejewski-Szmek * - check with sparse
b93312f5960b276bae915906ccde36f545bae3e0Zbigniew Jędrzejewski-Szmek * - 64bit conversions
8730bccfc59fe507bd3e0a3abcf411b497ac4f0eLennart Poetteringstatic int journal_file_object_verify(JournalFile *f, Object *o) {
23502de3b0891455c8ce499a9eb61b69d060a829Daniel Mack /* This does various superficial tests about the length an
23502de3b0891455c8ce499a9eb61b69d060a829Daniel Mack * possible field values. It does not follow any references to
8730bccfc59fe507bd3e0a3abcf411b497ac4f0eLennart Poettering * other objects. */
8730bccfc59fe507bd3e0a3abcf411b497ac4f0eLennart Poettering if ((o->object.flags & OBJECT_COMPRESSED) &&
8730bccfc59fe507bd3e0a3abcf411b497ac4f0eLennart Poettering if (le64toh(o->data.entry_offset) <= 0 ||
8730bccfc59fe507bd3e0a3abcf411b497ac4f0eLennart Poettering if (le64toh(o->object.size) - offsetof(DataObject, payload) <= 0)
8730bccfc59fe507bd3e0a3abcf411b497ac4f0eLennart Poettering if (o->object.flags & OBJECT_COMPRESSED) {
8730bccfc59fe507bd3e0a3abcf411b497ac4f0eLennart Poettering le64toh(o->object.size) - offsetof(Object, data.payload),
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering h2 = hash64(o->data.payload, le64toh(o->object.size) - offsetof(Object, data.payload));
1b4f6e79ec51a57003896a0b605fba427b4a98d2Lennart Poettering if (le64toh(o->object.size) - offsetof(FieldObject, payload) <= 0)
1b4f6e79ec51a57003896a0b605fba427b4a98d2Lennart Poettering if ((le64toh(o->object.size) - offsetof(EntryObject, items)) % sizeof(EntryItem) != 0)
2001c80560e3dae69e14fd994d3978c187af48b8Lennart Poettering if ((le64toh(o->object.size) - offsetof(EntryObject, items)) / sizeof(EntryItem) <= 0)
a8812dd7f161a3e459c1730ac92ff2bbc9986ff1Lennart Poettering if ((le64toh(o->object.size) - offsetof(HashTableObject, items)) % sizeof(HashItem) != 0)
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering if ((le64toh(o->object.size) - offsetof(HashTableObject, items)) / sizeof(HashItem) <= 0)
9c92ce6d67f88beb31dd6555d12ae3f632218a39Lennart Poettering if ((le64toh(o->object.size) - offsetof(EntryArrayObject, items)) % sizeof(le64_t) != 0)
9c92ce6d67f88beb31dd6555d12ae3f632218a39Lennart Poettering if ((le64toh(o->object.size) - offsetof(EntryArrayObject, items)) / sizeof(le64_t) <= 0)
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering if (le64toh(o->object.size) != sizeof(TagObject))
c0eb11cfd016381fe02875a4ef29c1ade00c94e7Lennart Poetteringstatic void draw_progress(uint64_t p, usec_t *last_usec) {
74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering unsigned n, i, j, k;
7e8e0422aeb16f2a09a40546c61df753d10029b6Lennart Poettering if (x != 0 && x + 40 * USEC_PER_MSEC > z)
7e8e0422aeb16f2a09a40546c61df753d10029b6Lennart Poettering j = (n * (unsigned) p) / 65535ULL;
946c70944ebdf428ffeb9991a7449edbd4011461Zbigniew Jędrzejewski-Szmek fputs("\r\x1B[?25l" ANSI_HIGHLIGHT_GREEN_ON, stdout);
946c70944ebdf428ffeb9991a7449edbd4011461Zbigniew Jędrzejewski-Szmek for (i = 0; i < j; i++)
0dae31d468b1a0e22d98921f7b0dbd92fd217167Zbigniew Jędrzejewski-Szmek fputs(ANSI_HIGHLIGHT_OFF, stdout);
0dae31d468b1a0e22d98921f7b0dbd92fd217167Zbigniew Jędrzejewski-Szmek for (i = 0; i < k; i++)
0dae31d468b1a0e22d98921f7b0dbd92fd217167Zbigniew Jędrzejewski-Szmek printf(" %3lu%%", 100LU * (unsigned long) p / 65535LU);
abf126a355e2f2b62b6c51ab3bb37895d1e3eee7Tom Gundersenstatic void flush_progress(void) {
abf126a355e2f2b62b6c51ab3bb37895d1e3eee7Tom Gundersen unsigned n, i;
42cc2eebb01056beb7acd3ecfe8e533558237f84Lennart Poettering for (i = 0; i < n + 5; i++)
8db0d2f5c37e7e8f5bfce016cfdad7947a3ea939Zbigniew Jędrzejewski-Szmekstatic int write_uint64(int fd, uint64_t p) {
8db0d2f5c37e7e8f5bfce016cfdad7947a3ea939Zbigniew Jędrzejewski-Szmek if (k != sizeof(p))
151226ab4bf276d60d51864330a99f886b923697Zbigniew Jędrzejewski-Szmekstatic int contains_uint64(MMapCache *m, int fd, uint64_t n, uint64_t p) {
151226ab4bf276d60d51864330a99f886b923697Zbigniew Jędrzejewski-Szmek /* Bisection ... */
50f1e641a93cacfc693b0c3d300bee5df0c8c460Tom Gundersen a = 0; b = n;
9ead3519c54b6d1b79b35541873b5cf7c8b3a7d3Lennart Poettering while (a < b) {
50f1e641a93cacfc693b0c3d300bee5df0c8c460Tom Gundersen c = (a + b) / 2;
5d45a8808431987c370706d365fb0cc95cf03d52Tom Gundersen r = mmap_cache_get(m, fd, PROT_READ|PROT_WRITE, 0, c * sizeof(uint64_t), sizeof(uint64_t), (void **) &z);
faa133f3aa7a18f26563dc5d6b95898cb315c37aLennart Poettering if (!contains_uint64(f->mmap, entry_fd, n_entries, entry_p)) {
801ad6a6a9cd8fbd58b9f9c27f20dbb3c87d47ddLennart Poettering log_error("Data object references invalid entry at %llu", (unsigned long long) data_p);
322345fdb9865ef2477fba8e4bdde0e1183ef505Lennart Poettering r = journal_file_move_to_object(f, OBJECT_ENTRY, entry_p, &o);
faa133f3aa7a18f26563dc5d6b95898cb315c37aLennart Poettering for (i = 0; i < n; i++)
8bf52d3d17d364438191077d0750b8b80b5dc53aLennart Poettering if (le64toh(o->entry.items[i].object_offset) == data_p) {
2d4c5cbc0ed3ccb09dc086a040088b454c22c644Lennart Poettering log_error("Data object not referenced by linked entry at %llu", (unsigned long long) data_p);
a8812dd7f161a3e459c1730ac92ff2bbc9986ff1Lennart Poettering /* Check if this entry is also in main entry array. Since the
2001c80560e3dae69e14fd994d3978c187af48b8Lennart Poettering * main entry array has already been verified we can rely on
2001c80560e3dae69e14fd994d3978c187af48b8Lennart Poettering * its consistency.*/
2d4c5cbc0ed3ccb09dc086a040088b454c22c644Lennart Poettering a = le64toh(f->header->entry_array_offset);
8730bccfc59fe507bd3e0a3abcf411b497ac4f0eLennart Poettering while (i < n) {
8730bccfc59fe507bd3e0a3abcf411b497ac4f0eLennart Poettering r = journal_file_move_to_object(f, OBJECT_ENTRY_ARRAY, a, &o);
m = journal_file_entry_array_n_items(o);
static int verify_data(
JournalFile *f,
assert(f);
assert(o);
assert(n > 0);
return -EBADMSG;
return -EBADMSG;
return -EBADMSG;
m = journal_file_entry_array_n_items(o);
if (q <= last) {
return -EBADMSG;
last = q;
a = next;
static int verify_hash_table(
JournalFile *f,
uint64_t i, n;
assert(f);
Object *o;
return -EBADMSG;
return -EBADMSG;
return -EBADMSG;
last = p;
p = next;
return -EBADMSG;
uint64_t n, h, q;
assert(f);
h = hash % n;
Object *o;
static int verify_entry(
JournalFile *f,
uint64_t i, n;
assert(f);
assert(o);
n = journal_file_entry_n_items(o);
uint64_t q, h;
Object *u;
return -EBADMSG;
return -EBADMSG;
r = data_object_in_hash_table(f, h, q);
return -EBADMSG;
static int verify_entry_array(
JournalFile *f,
assert(f);
Object *o;
return -EBADMSG;
return -EBADMSG;
return -EBADMSG;
m = journal_file_entry_array_n_items(o);
uint64_t p;
if (p <= last) {
return -EBADMSG;
last = p;
return -EBADMSG;
a = next;
if (!seed)
return -ENOMEM;
for (c = 0; c < seed_size; c++) {
x = unhexchar(*k);
return -EINVAL;
y = unhexchar(*k);
return -EINVAL;
return -EINVAL;
return -EINVAL;
Object *o;
bool entry_seqnum_set = false, entry_monotonic_set = false, entry_realtime_set = false, found_main_entry_array = false;
uint64_t n_weird = 0, n_objects = 0, n_entries = 0, n_data = 0, n_fields = 0, n_data_hash_tables = 0, n_field_hash_tables = 0, n_entry_arrays = 0;
assert(f);
if (seed) {
if (data_fd < 0) {
r = -errno;
goto fail;
if (entry_fd < 0) {
r = -errno;
goto fail;
if (entry_array_fd < 0) {
r = -errno;
goto fail;
goto fail;
r = -EBADMSG;
goto fail;
n_objects ++;
r = journal_file_object_verify(f, o);
goto fail;
r = -EBADMSG;
goto fail;
case OBJECT_DATA:
goto fail;
n_data++;
case OBJECT_FIELD:
n_fields++;
case OBJECT_ENTRY:
goto fail;
if (!entry_seqnum_set &&
r = -EBADMSG;
goto fail;
if (entry_seqnum_set &&
r = -EBADMSG;
goto fail;
entry_seqnum_set = true;
if (entry_monotonic_set &&
r = -EBADMSG;
goto fail;
entry_monotonic_set = true;
if (!entry_realtime_set &&
r = -EBADMSG;
goto fail;
entry_realtime_set = true;
n_entries ++;
case OBJECT_DATA_HASH_TABLE:
r = -EBADMSG;
goto fail;
le64toh(f->header->data_hash_table_size) != le64toh(o->object.size) - offsetof(HashTableObject, items)) {
r = -EBADMSG;
goto fail;
case OBJECT_FIELD_HASH_TABLE:
r = -EBADMSG;
goto fail;
le64toh(f->header->field_hash_table_size) != le64toh(o->object.size) - offsetof(HashTableObject, items)) {
r = -EBADMSG;
goto fail;
case OBJECT_ENTRY_ARRAY:
goto fail;
if (found_main_entry_array) {
r = -EBADMSG;
goto fail;
found_main_entry_array = true;
case OBJECT_TAG:
r = -EBADMSG;
goto fail;
r = -EBADMSG;
goto fail;
n_tags ++;
n_weird ++;
r = -EBADMSG;
goto fail;
r = -EBADMSG;
goto fail;
r = -EBADMSG;
goto fail;
r = -EBADMSG;
goto fail;
r = -EBADMSG;
goto fail;
r = -EBADMSG;
goto fail;
r = -EBADMSG;
goto fail;
r = -EBADMSG;
goto fail;
if (!found_main_entry_array) {
r = -EBADMSG;
goto fail;
if (entry_seqnum_set &&
r = -EBADMSG;
goto fail;
if (entry_monotonic_set &&
r = -EBADMSG;
goto fail;
r = -EBADMSG;
goto fail;
r = verify_entry_array(f,
&last_usec);
goto fail;
r = verify_hash_table(f,
&last_usec);
goto fail;
fail:
f->path,
if (data_fd >= 0) {
if (entry_fd >= 0) {
if (entry_array_fd >= 0) {