mirror of
https://github.com/systemd/systemd-stable.git
synced 2025-01-26 10:03:40 +03:00
journal: verify hashes only during actual verification, not all the time
This commit is contained in:
Lennart Poettering
parent
0284adc6a6
commit
f59a5f6b87
@ -319,23 +319,6 @@ static int journal_file_move_to(JournalFile *f, int context, uint64_t offset, ui
|
||||
return mmap_cache_get(f->mmap, f->fd, f->prot, context, offset, size, ret);
|
||||
}
|
||||
|
||||
static bool verify_hash(Object *o) {
|
||||
uint64_t h1, h2;
|
||||
|
||||
assert(o);
|
||||
|
||||
if (o->object.type == OBJECT_DATA && !(o->object.flags & OBJECT_COMPRESSED)) {
|
||||
h1 = le64toh(o->data.hash);
|
||||
h2 = hash64(o->data.payload, le64toh(o->object.size) - offsetof(Object, data.payload));
|
||||
} else if (o->object.type == OBJECT_FIELD) {
|
||||
h1 = le64toh(o->field.hash);
|
||||
h2 = hash64(o->field.payload, le64toh(o->object.size) - offsetof(Object, field.payload));
|
||||
} else
|
||||
return true;
|
||||
|
||||
return h1 == h2;
|
||||
}
|
||||
|
||||
static uint64_t minimum_header_size(Object *o) {
|
||||
|
||||
static uint64_t table[] = {
|
||||
@ -394,9 +377,6 @@ int journal_file_move_to_object(JournalFile *f, int type, uint64_t offset, Objec
|
||||
o = (Object*) t;
|
||||
}
|
||||
|
||||
if (!verify_hash(o))
|
||||
return -EBADMSG;
|
||||
|
||||
*ret = o;
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -29,6 +29,16 @@
|
||||
#include "journal-file.h"
|
||||
#include "journal-authenticate.h"
|
||||
#include "journal-verify.h"
|
||||
#include "lookup3.h"
|
||||
|
||||
/* FIXME:
|
||||
*
|
||||
* - verify hashes of compressed objects
|
||||
* - follow all chains
|
||||
* - check for unreferenced objects
|
||||
* - verify FSPRG
|
||||
*
|
||||
* */
|
||||
|
||||
static int journal_file_object_verify(JournalFile *f, Object *o) {
|
||||
assert(f);
|
||||
@ -38,7 +48,12 @@ static int journal_file_object_verify(JournalFile *f, Object *o) {
|
||||
* possible field values. It does not follow any references to
|
||||
* other objects. */
|
||||
|
||||
if ((o->object.flags & OBJECT_COMPRESSED) &&
|
||||
o->object.type != OBJECT_DATA)
|
||||
return -EBADMSG;
|
||||
|
||||
switch (o->object.type) {
|
||||
|
||||
case OBJECT_DATA:
|
||||
if (le64toh(o->data.entry_offset) <= 0 ||
|
||||
le64toh(o->data.n_entries) <= 0)
|
||||
@ -46,6 +61,17 @@ static int journal_file_object_verify(JournalFile *f, Object *o) {
|
||||
|
||||
if (le64toh(o->object.size) - offsetof(DataObject, payload) <= 0)
|
||||
return -EBADMSG;
|
||||
|
||||
if (!(o->object.flags & OBJECT_COMPRESSED)) {
|
||||
uint64_t h1, h2;
|
||||
|
||||
h1 = le64toh(o->data.hash);
|
||||
h2 = hash64(o->data.payload, le64toh(o->object.size) - offsetof(Object, data.payload));
|
||||
|
||||
if (h1 != h2)
|
||||
return -EBADMSG;
|
||||
}
|
||||
|
||||
break;
|
||||
|
||||
case OBJECT_FIELD:
|
||||
@ -251,12 +277,6 @@ int journal_file_verify(JournalFile *f, const char *key) {
|
||||
goto fail;
|
||||
}
|
||||
|
||||
r = journal_file_hmac_put_object(f, -1, p);
|
||||
if (r < 0) {
|
||||
log_error("Failed to calculate HMAC at %llu", (unsigned long long) p);
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if (o->object.flags & OBJECT_COMPRESSED &&
|
||||
!(le32toh(f->header->incompatible_flags) & HEADER_INCOMPATIBLE_COMPRESSED)) {
|
||||
log_error("Compressed object without compression at %llu", (unsigned long long) p);
|
||||
@ -264,10 +284,9 @@ int journal_file_verify(JournalFile *f, const char *key) {
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if (o->object.flags & OBJECT_COMPRESSED &&
|
||||
o->object.type != OBJECT_DATA) {
|
||||
log_error("Compressed non-data object at %llu", (unsigned long long) p);
|
||||
r = -EBADMSG;
|
||||
r = journal_file_hmac_put_object(f, -1, p);
|
||||
if (r < 0) {
|
||||
log_error("Failed to calculate HMAC at %llu", (unsigned long long) p);
|
||||
goto fail;
|
||||
}
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user