Minor follow-up

- change ELF section name to ".clickhouse.hash" (lowercase seems
  standard)

- more expressive/concise integrity check messages at startup

CMakeLists.txt

@@ -245,10 +245,10 @@ endif ()
 # Only for official builds, because adding a section can be time consuming (rewrite of several GB).
 # And cross compiled binaries are not supported (since you cannot execute clickhouse hash-binary)
 if (CLICKHOUSE_OFFICIAL_BUILD AND (NOT CMAKE_TOOLCHAIN_FILE OR CMAKE_TOOLCHAIN_FILE MATCHES "linux/toolchain-x86_64.cmake$"))
-    message(STATUS "Official build: Will add a checksum hash to the clickhouse binary")
+    message(STATUS "Official build: A checksum hash will be added to the clickhouse executable")
     set (USE_BINARY_HASH 1 CACHE STRING "Calculate binary hash and store it in the separate section")
 else ()
-    message(STATUS "Not an official build: Will not add a checksum hash to the clickhouse binary")
+    message(STATUS "No official build: A checksum hash will not be added to the clickhouse executable")
 endif ()
 
 # Optionally split binaries and debug symbols.

programs/CMakeLists.txt

@@ -508,7 +508,7 @@ else ()
     endif()
 
     if (USE_BINARY_HASH)
-        add_custom_command(TARGET clickhouse POST_BUILD COMMAND ./clickhouse hash-binary > hash && ${OBJCOPY_PATH} --add-section .ClickHouse.hash=hash clickhouse COMMENT "Adding .ClickHouse.hash to clickhouse" VERBATIM)
+        add_custom_command(TARGET clickhouse POST_BUILD COMMAND ./clickhouse hash-binary > hash && ${OBJCOPY_PATH} --add-section .clickhouse.hash=hash clickhouse COMMENT "Adding section '.clickhouse.hash' to clickhouse binary" VERBATIM)
     endif()
 
     if (INSTALL_STRIPPED_BINARIES)

programs/main.cpp

@@ -82,7 +82,7 @@ int mainEntryClickHouseDisks(int argc, char ** argv);
 int mainEntryClickHouseHashBinary(int, char **)
 {
     /// Intentionally without newline. So you can run:
-    /// objcopy --add-section .ClickHouse.hash=<(./clickhouse hash-binary) clickhouse
+    /// objcopy --add-section .clickhouse.hash=<(./clickhouse hash-binary) clickhouse
     std::cout << getHashOfLoadedBinaryHex();
     return 0;
 }

programs/server/Server.cpp

@@ -748,12 +748,12 @@ int Server::main(const std::vector<std::string> & /*args*/)
 
         if (stored_binary_hash.empty())
         {
-            LOG_WARNING(log, "Calculated checksum of the binary: {}."
-                " There is no information about the reference checksum.", calculated_binary_hash);
+            LOG_WARNING(log, "Integrity check of the executable skipped because the reference checksum could not be read."
+                " (calculated checksum: {})", calculated_binary_hash);
         }
         else if (calculated_binary_hash == stored_binary_hash)
         {
-            LOG_INFO(log, "Calculated checksum of the binary: {}, integrity check passed.", calculated_binary_hash);
+            LOG_INFO(log, "Integrity check of the executable successfully passed (checksum: {})", calculated_binary_hash);
         }
         else
         {
@@ -769,14 +769,14 @@ int Server::main(const std::vector<std::string> & /*args*/)
             else
             {
                 throw Exception(ErrorCodes::CORRUPTED_DATA,
-                    "Calculated checksum of the ClickHouse binary ({0}) does not correspond"
-                    " to the reference checksum stored in the binary ({1})."
-                    " It may indicate one of the following:"
-                    " - the file {2} was changed just after startup;"
-                    " - the file {2} is damaged on disk due to faulty hardware;"
-                    " - the loaded executable is damaged in memory due to faulty hardware;"
+                    "Calculated checksum of the executable ({0}) does not correspond"
+                    " to the reference checksum stored in the executable ({1})."
+                    " This may indicate one of the following:"
+                    " - the executable {2} was changed just after startup;"
+                    " - the executable {2} was corrupted on disk due to faulty hardware;"
+                    " - the loaded executable was corrupted in memory due to faulty hardware;"
                     " - the file {2} was intentionally modified;"
-                    " - logical error in code."
+                    " - a logical error in the code."
                     , calculated_binary_hash, stored_binary_hash, executable_path);
             }
         }

src/Common/Elf.cpp

@@ -176,9 +176,9 @@ String Elf::getBuildID(const char * nhdr_pos, size_t size)
 #endif // OS_SUNOS
 
 
-String Elf::getBinaryHash() const
+String Elf::getStoredBinaryHash() const
 {
-    if (auto section = findSectionByName(".ClickHouse.hash"))
+    if (auto section = findSectionByName(".clickhouse.hash"))
         return {section->begin(), section->end()};
     else
         return {};

src/Common/Elf.h

@@ -61,7 +61,7 @@ public:
     static String getBuildID(const char * nhdr_pos, size_t size);
 
     /// Hash of the binary for integrity checks.
-    String getBinaryHash() const;
+    String getStoredBinaryHash() const;
 
 private:
     MMapReadBufferFromFile in;

src/Daemon/BaseDaemon.cpp

@@ -355,23 +355,23 @@ private:
         String calculated_binary_hash = getHashOfLoadedBinaryHex();
         if (daemon.stored_binary_hash.empty())
         {
-            LOG_FATAL(log, "Calculated checksum of the binary: {}."
-                " There is no information about the reference checksum.", calculated_binary_hash);
+            LOG_FATAL(log, "Integrity check of the executable skipped because the reference checksum could not be read."
+                " (calculated checksum: {})", calculated_binary_hash);
         }
         else if (calculated_binary_hash == daemon.stored_binary_hash)
         {
-            LOG_FATAL(log, "Checksum of the binary: {}, integrity check passed.", calculated_binary_hash);
+            LOG_FATAL(log, "Integrity check of the executable successfully passed (checksum: {})", calculated_binary_hash);
         }
         else
         {
-            LOG_FATAL(log, "Calculated checksum of the ClickHouse binary ({0}) does not correspond"
-                " to the reference checksum stored in the binary ({1})."
-                " It may indicate one of the following:"
-                " - the file was changed just after startup;"
-                " - the file is damaged on disk due to faulty hardware;"
-                " - the loaded executable is damaged in memory due to faulty hardware;"
+            LOG_FATAL(log, "Calculated checksum of the executable ({0}) does not correspond"
+                " to the reference checksum stored in the executable ({1})."
+                " This may indicate one of the following:"
+                " - the executable was changed just after startup;"
+                " - the executable was corrupted on disk due to faulty hardware;"
+                " - the loaded executable was corrupted in memory due to faulty hardware;"
                 " - the file was intentionally modified;"
-                " - logical error in code."
+                " - a logical error in the code."
                 , calculated_binary_hash, daemon.stored_binary_hash);
         }
 #endif
@@ -872,7 +872,7 @@ void BaseDaemon::initializeTerminationAndSignalProcessing()
     std::string executable_path = getExecutablePath();
 
     if (!executable_path.empty())
-        stored_binary_hash = DB::Elf(executable_path).getBinaryHash();
+        stored_binary_hash = DB::Elf(executable_path).getStoredBinaryHash();
 #endif
 }