1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2012 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
28 #include "journal-file.h"
29 #include "journal-verify.h"
30 #include "journal-authenticate.h"
32 #define N_ENTRIES 6000
33 #define RANDOM_RANGE 77
35 static void bit_toggle(const char *fn, uint64_t p) {
40 fd = open(fn, O_RDWR|O_CLOEXEC);
43 r = pread(fd, &b, 1, p/8);
48 r = pwrite(fd, &b, 1, p/8);
51 close_nointr_nofail(fd);
54 static int raw_verify(const char *fn, const char *verification_key) {
58 r = journal_file_open(fn, O_RDONLY, 0666, true, true, NULL, NULL, NULL, &f);
62 r = journal_file_verify(f, verification_key, NULL, NULL, NULL, false);
63 journal_file_close(f);
68 int main(int argc, char *argv[]) {
69 char t[] = "/tmp/journal-XXXXXX";
72 const char *verification_key = argv[1];
73 usec_t from = 0, to = 0, total = 0;
74 char a[FORMAT_TIMESTAMP_MAX];
75 char b[FORMAT_TIMESTAMP_MAX];
76 char c[FORMAT_TIMESPAN_MAX];
80 log_set_max_level(LOG_DEBUG);
82 assert_se(mkdtemp(t));
83 assert_se(chdir(t) >= 0);
85 log_info("Generating...");
87 assert_se(journal_file_open("test.journal", O_RDWR|O_CREAT, 0666, true, !!verification_key, NULL, NULL, NULL, &f) == 0);
89 for (n = 0; n < N_ENTRIES; n++) {
91 struct dual_timestamp ts;
94 dual_timestamp_get(&ts);
96 assert_se(asprintf(&test, "RANDOM=%lu", random() % RANDOM_RANGE));
98 iovec.iov_base = (void*) test;
99 iovec.iov_len = strlen(test);
101 assert_se(journal_file_append_entry(f, &ts, &iovec, 1, NULL, NULL, NULL) == 0);
106 journal_file_close(f);
108 log_info("Verifying...");
110 assert_se(journal_file_open("test.journal", O_RDONLY, 0666, true, true, NULL, NULL, NULL, &f) == 0);
111 /* journal_file_print_header(f); */
112 journal_file_dump(f);
114 assert_se(journal_file_verify(f, verification_key, &from, &to, &total, true) >= 0);
116 if (verification_key && journal_file_fss_enabled(f)) {
117 log_info("=> Validated from %s to %s, %s missing",
118 format_timestamp(a, sizeof(a), from),
119 format_timestamp(b, sizeof(b), to),
120 format_timespan(c, sizeof(c), total > to ? total - to : 0));
122 journal_file_close(f);
124 if (verification_key) {
125 log_info("Toggling bits...");
127 assert_se(stat("test.journal", &st) >= 0);
129 for (p = 38448*8+0; p < ((uint64_t) st.st_size * 8); p ++) {
130 bit_toggle("test.journal", p);
132 log_info("[ %llu+%llu]", (unsigned long long) p / 8, (unsigned long long) p % 8);
134 if (raw_verify("test.journal", verification_key) >= 0)
135 log_notice(ANSI_HIGHLIGHT_RED_ON ">>>> %llu (bit %llu) can be toggled without detection." ANSI_HIGHLIGHT_OFF, (unsigned long long) p / 8, (unsigned long long) p % 8);
137 bit_toggle("test.journal", p);
141 log_info("Exiting...");
143 assert_se(rm_rf_dangerous(t, false, true, false) >= 0);