diff options
| author | Felix Dörre <felix.doerre@kit.edu> | 2023-08-18 10:00:40 +0200 |
|---|---|---|
| committer | Yu Watanabe <watanabe.yu+github@gmail.com> | 2023-11-08 21:13:27 +0100 |
| commit | e375bc5fcc080815ce849261eb505d084c2fde3e (patch) | |
| tree | 064fd93acd69a22b5171ecb344b097b15f61f18a /src/shared/journal-file-util.c | |
| parent | Merge pull request #29942 from bluca/executor_no_utmp (diff) | |
| download | systemd-e375bc5fcc080815ce849261eb505d084c2fde3e.tar.xz systemd-e375bc5fcc080815ce849261eb505d084c2fde3e.zip | |
journalctl: verify sealed log epochs are continuous
Currently empty epochs are not sealed. This allows an attacker to truncate
a sealed log and continue it without any problems showing when verifying the
log.
This partially addresses CVE-2023-31438. One way to extend this change to
address CVE-2023-31438 completely, would be to verify that there is exactly
one seal per epoch (and not sealing when the epoch has not ended yet).
the change also adds a journal-file flag: HEADER_COMPATIBLE_SEALED_CONTINUOUS
this flag indicates that a journal file is sealed continuously and decides whether
any missing crypto epochs should trigger a warning or an error.
Diffstat (limited to 'src/shared/journal-file-util.c')
| -rw-r--r-- | src/shared/journal-file-util.c | 24 |
1 files changed, 14 insertions, 10 deletions
diff --git a/src/shared/journal-file-util.c b/src/shared/journal-file-util.c index 44bf292a69..e444a2bdd8 100644 --- a/src/shared/journal-file-util.c +++ b/src/shared/journal-file-util.c @@ -379,20 +379,23 @@ bool journal_file_is_offlining(JournalFile *f) { return true; } +void journal_file_write_final_tag(JournalFile *f) { + assert(f); +#if HAVE_GCRYPT + if (!JOURNAL_HEADER_SEALED(f->header) || !journal_file_writable(f)) + return; + + int r = journal_file_append_tag(f); + if (r < 0) + log_debug_errno(r, "Failed to append tag when closing journal: %m"); +#endif +} + JournalFile* journal_file_offline_close(JournalFile *f) { if (!f) return NULL; -#if HAVE_GCRYPT - /* Write the final tag */ - if (JOURNAL_HEADER_SEALED(f->header) && journal_file_writable(f)) { - int r; - - r = journal_file_append_tag(f); - if (r < 0) - log_error_errno(r, "Failed to append tag when closing journal: %m"); - } -#endif + journal_file_write_final_tag(f); if (sd_event_source_get_enabled(f->post_change_timer, NULL) > 0) journal_file_post_change(f); @@ -435,6 +438,7 @@ int journal_file_rotate( assert(f); assert(*f); + journal_file_write_final_tag(*f); r = journal_file_archive(*f, &path); if (r < 0) return r; |