picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
9071 commits 2 branches 0 tags 166 MiB
Commit graph

97 commits

Author SHA1 Message Date
Thomas Hindoe Paaboel Andersen c53158818d man: fix a bunch of typos in docs 
https://bugs.freedesktop.org/show_bug.cgi?id=54501
 2012-09-13 19:34:24 +02:00
Lennart Poettering b588975fb0 journal: never assert directly on data read from the journal 2012-09-13 17:10:46 +02:00
Lennart Poettering 5996c7c295 journald: don't reposition window if we don't have to 2012-09-13 17:06:04 +02:00
Lennart Poettering 49a32d43de journal: don't set seal flag if we don't have gcrypt built-in 2012-09-11 03:03:36 +02:00
Michael Olbrich 48b617399d journal: don't try to compress without XZ 
otherwise the header contains the HEADER_INCOMPATIBLE_COMPRESSED
flag even though the data is not compressed and reading the journal
fails.
 2012-09-11 03:01:14 +02:00
Lennart Poettering 7762e02b17 journald: detect invalid header pointers correctly 2012-09-10 11:58:00 +02:00
Lennart Poettering a1a03e3075 journal: add call to determine current journal file disk usage 2012-09-07 23:20:28 +02:00
Lennart Poettering 2b43f939a4 journald: avoid logging to kmsg in the normal paths 2012-09-06 00:32:51 -07:00
Lennart Poettering fcde238921 journal: be more careful when keeping around mmaps we still need 2012-08-21 15:39:34 +02:00
Lennart Poettering feb12d3ed2 journal: make libgcrypt dependency optional 2012-08-20 16:51:46 +02:00
Lennart Poettering 8088cbd3cf journal: use a macro to check for file header flags 2012-08-20 16:11:42 +02:00
Lennart Poettering f7fab8a5ae journal: fix tag ordering check 2012-08-20 15:59:33 +02:00
Lennart Poettering 84168d8068 mmap: resize arrays dynamically 2012-08-18 01:46:20 +02:00
Lennart Poettering fb9a24b6b1 journal: even more simple static object tests 2012-08-18 01:45:39 +02:00
Lennart Poettering c586dbf110 journal: fix verification without key 2012-08-18 00:38:57 +02:00
Lennart Poettering db11ac1ab5 journald: add additional simple static tests to verifier 2012-08-18 00:37:21 +02:00
Lennart Poettering a010801297 journal: be fine with opening rotated/corrupted journal files 2012-08-17 22:10:36 +02:00
Lennart Poettering 3223f44f23 journal: show new header fields in header dump 2012-08-17 02:29:20 +02:00
Lennart Poettering baed47c3c2 journal: rework terminology 
Let's clean up our terminology a bit. New terminology:

FSS = Forward Secure Sealing
FSPRG = Forward Secure Pseudo-Random Generator

FSS is the combination of FSPRG and a HMAC.

Sealing = process of adding authentication tags to the journal.
Verification = process of checking authentication tags to the journal.

Sealing Key = The key used for adding authentication tags to the journal.
Verification Key = The key used for checking authentication tags of the journal.
Key pair = The pair of Sealing Key and Verification Key

Internally, the Sealing Key is the combination of the FSPRG State plus
change interval/start time.

Internally, the Verification Key is the combination of the FSPRG Seed
plus change interval/start time.
 2012-08-17 00:45:18 +02:00
Lennart Poettering 14d10188de journal: add FSPRG journal authentication 2012-08-16 23:58:14 +02:00
Lennart Poettering b7c9ae91d1 journal: parse fsprg seed 2012-08-16 21:00:47 +02:00
Lennart Poettering 2dee23ebe0 journal: count number of entry arrays in header 2012-08-16 21:00:47 +02:00
Zbigniew Jędrzejewski-Szmek 2737027897 journal: rename 'mmap' to 'mmap_cache' to appease gcc 
warning: declaration of 'mmap' shadows a global declaration [-Wshadow]
 2012-08-16 19:44:51 +02:00
Lennart Poettering f59a5f6b87 journal: verify hashes only during actual verification, not all the time 2012-08-16 17:10:57 +02:00
Lennart Poettering 0284adc6a6 journal: split up journal-file.c 2012-08-16 17:10:57 +02:00
Lennart Poettering f65425cbc4 journal: add superficial structure verifier 2012-08-16 17:10:57 +02:00
Lennart Poettering beec008561 journal: implement basic journal file verification logic 2012-08-16 17:10:57 +02:00
Lennart Poettering 16e9f408fa journal: implement generic sharable mmap caching logic 
instead of having one simple per-file cache implement an more
comprehensive one that works for multiple files and can actually
maintain multiple maps per file and per object type.
 2012-08-16 17:10:56 +02:00
Lennart Poettering d98cc1f29f journal: include tag object header in hmac 2012-08-13 21:52:58 +02:00
Lennart Poettering b0af6f41ea journal: add all objects we add to HMAC 2012-08-13 20:57:38 +02:00
Lennart Poettering 7560fffcd2 journald: initial version of FSPRG hookup 
This adds forward-secure authentication of journal files. This patch
includes key generation as well as tagging of journal files,
Verification of journal files will be added in a later patch.
 2012-08-13 20:31:10 +02:00
Lennart Poettering 64825d3c58 fix a couple of issues found with llvm-analyze 2012-08-08 23:54:21 +02:00
Lennart Poettering a1a1898f71 journal: rotate busy files away when we try to write to them 2012-07-19 03:21:04 +02:00
Lennart Poettering 361f9cbc7e journal: when we suggest a rotation, explain why 2012-07-18 16:22:40 +02:00
Lennart Poettering dfabe643f3 journal: estimate data hash table size a bit larger by default 2012-07-18 16:22:25 +02:00
Lennart Poettering cd96b3b86a journal: actually set archived files to archived state 2012-07-17 00:59:03 +02:00
Lennart Poettering dc36ac6733 journalctl: decode more header files in --header 2012-07-17 00:59:03 +02:00
Lennart Poettering 4a92baf3fa journal: size journal data hash table based on maximum file size metrics 
The default of 2047 hash table entries turned out to result in way too
many collisions for bigger files, hence scale the hash table size by the
estimated maximum file size.
 2012-07-17 00:59:03 +02:00
Lennart Poettering 71fa6f006f journal: immediately rotate when the journal was previously not closed properly 2012-07-17 00:59:03 +02:00
Lennart Poettering dca6219e04 journal: automatically rotate journal files if the data hash table is full > 75% 
Previously, when the main data hash table grows too full the performance
simply started to decrease drastically. Instead, now simply rotate to a
new journal file as the hash table gets to full, so that we can start
with a new fresh empty hash table.
 2012-07-17 00:59:03 +02:00
Lennart Poettering 162566a4a1 journal: use tail/head timestamps from header for cutoff logic 
We have them, they are faster to use them, so use them...
 2012-07-16 19:28:05 +02:00
Lennart Poettering 74d29da524 journald: don't enforce monotonicity of realtime clocks when copying entries 
After all the point of the realtime clock (in contrast to the monotonic
clock) is that it does not have to be strictly monotonic, hence don't
enforce this when flushing the journal from /run to /var.
 2012-07-16 19:26:54 +02:00
Lennart Poettering cbdca8525b journal: beef up journal matches considerably 
we now can take multiple matches, and they will apply as AND if they
apply to different fields and OR if they apply to the same fields. Also,
terms of this kind can be combined with an overreaching OR.
 2012-07-13 00:32:32 +02:00
Lennart Poettering 91a31dde6e journal: fix seeking by realtime/seqnum 2012-07-13 00:32:32 +02:00
Lennart Poettering ecf68b1d38 journal: fix bad memory access 2012-07-13 00:32:32 +02:00
Lennart Poettering a536e2613f journal: fix bisection logic for first entry 2012-07-13 00:32:32 +02:00
Lennart Poettering 10b6f904cc journal: fix monotonic seeking 2012-06-17 00:03:13 +02:00
Lennart Poettering 089842938d journal: expose and make use of cutoff times of journal 
This helps explaining when the log output of "systemctl status" is
incomplete because the logs got rotated since the service was started.
 2012-06-17 00:03:12 +02:00
Lennart Poettering 8db4213e7b journal: correct list link up on hash collisions 2012-06-17 00:03:12 +02:00
Lennart Poettering 8144056fa6 journal: add basic object definition for signatures 2012-06-17 00:03:12 +02:00