journal-authenticate: merge several functions into journal_file_maybe_append_tag()

author Yu Watanabe <watanabe.yu+github@gmail.com>

Thu, 25 Jun 2026 16:08:10 +0000 (01:08 +0900)

committer Yu Watanabe <watanabe.yu+github@gmail.com>

Sat, 27 Jun 2026 14:54:46 +0000 (23:54 +0900)
author Yu Watanabe <watanabe.yu+github@gmail.com>
Thu, 25 Jun 2026 16:08:10 +0000 (01:08 +0900)
committer Yu Watanabe <watanabe.yu+github@gmail.com>
Sat, 27 Jun 2026 14:54:46 +0000 (23:54 +0900)
diff --git a/src/libsystemd/sd-journal/journal-authenticate.c b/src/libsystemd/sd-journal/journal-authenticate.c

index 02efc59be30dd52f2500285c73abe6a30b082422..0acfb3260e827eaab3bdc19fe20f7e9356ccb334 100644 (file)
--- a/src/libsystemd/sd-journal/journal-authenticate.c
+++ b/src/libsystemd/sd-journal/journal-authenticate.c
@@ -451,29 +451,7 @@ int journal_file_append_first_tag(JournalFile *f) {
          return 0;
  }
  
-static int journal_file_get_epoch(JournalFile *f, uint64_t realtime, uint64_t *epoch) {
-        uint64_t t;
-
-        assert(f);
-        assert(epoch);
-        assert(JOURNAL_HEADER_SEALED(f->header));
-
-        if (f->fss_start_usec == 0 || f->fss_interval_usec == 0)
-                return -EOPNOTSUPP;
-
-        if (realtime < f->fss_start_usec)
-                return -ESTALE;
-
-        t = realtime - f->fss_start_usec;
-        t = t / f->fss_interval_usec;
-
-        *epoch = t;
-
-        return 0;
-}
-
-static int journal_file_fsprg_need_evolve(JournalFile *f, uint64_t realtime) {
-        uint64_t goal, epoch;
+int journal_file_maybe_append_tag(JournalFile *f, uint64_t realtime) {
          int r;
  
          assert(f);
@@ -481,75 +459,25 @@ static int journal_file_fsprg_need_evolve(JournalFile *f, uint64_t realtime) {
          if (!JOURNAL_HEADER_SEALED(f->header))
                  return 0;
  
-        r = journal_file_get_epoch(f, realtime, &goal);
-        if (r < 0)
-                return r;
+        assert(f->fss_start_usec > 0);
+        assert(f->fss_interval_usec > 0);
  
-        epoch = FSPRG_GetEpoch(f->fsprg_state.iov_base);
-        if (epoch > goal)
-                return -ESTALE;
-
-        return epoch != goal;
-}
-
-int journal_file_fsprg_evolve(JournalFile *f, uint64_t realtime) {
-        uint64_t goal, epoch;
-        int r;
-
-        assert(f);
-
-        if (!JOURNAL_HEADER_SEALED(f->header))
-                return 0;
-
-        r = journal_file_get_epoch(f, realtime, &goal);
-        if (r < 0)
-                return r;
+        if (realtime <= 0)
+                realtime = now(CLOCK_REALTIME);
  
-        epoch = FSPRG_GetEpoch(f->fsprg_state.iov_base);
-        if (epoch < goal)
-                log_debug("Evolving FSPRG key from epoch %"PRIu64" to %"PRIu64".", epoch, goal);
+        uint64_t goal = usec_sub_unsigned(realtime, f->fss_start_usec) / f->fss_interval_usec;
  
          for (;;) {
-                if (epoch > goal)
-                        return -ESTALE;
-                if (epoch == goal)
+                uint64_t epoch = FSPRG_GetEpoch(f->fsprg_state.iov_base);
+                if (epoch >= goal)
                          return 0;
  
-                r = FSPRG_Evolve(f->fsprg_state.iov_base);
+                r = journal_file_append_tag(f);
                  if (r < 0)
                          return r;
  
-                epoch = FSPRG_GetEpoch(f->fsprg_state.iov_base);
-                if (epoch < goal) {
-                        r = journal_file_append_tag(f);
-                        if (r < 0)
-                                return r;
-                }
+                r = FSPRG_Evolve(f->fsprg_state.iov_base);
+                if (r < 0)
+                        return r;
          }
  }
-
-int journal_file_maybe_append_tag(JournalFile *f, uint64_t realtime) {
-        int r;
-
-        assert(f);
-
-        if (!JOURNAL_HEADER_SEALED(f->header))
-                return 0;
-
-        if (realtime <= 0)
-                realtime = now(CLOCK_REALTIME);
-
-        r = journal_file_fsprg_need_evolve(f, realtime);
-        if (r <= 0)
-                return 0;
-
-        r = journal_file_append_tag(f);
-        if (r < 0)
-                return r;
-
-        r = journal_file_fsprg_evolve(f, realtime);
-        if (r < 0)
-                return r;
-
-        return 0;
-}
diff --git a/src/libsystemd/sd-journal/journal-authenticate.h b/src/libsystemd/sd-journal/journal-authenticate.h

index 89897fc0a7a1241b5c173ead06ced382ab7a0b02..e18fe7faf9cc0b5fed01b6028a906f0d4e514ccf 100644 (file)
--- a/src/libsystemd/sd-journal/journal-authenticate.h
+++ b/src/libsystemd/sd-journal/journal-authenticate.h
@@ -16,7 +16,6 @@ int journal_file_hmac_put_object(JournalFile *f, ObjectType type, Object *o, uin
  int journal_file_fss_load(JournalFile *f);
  int journal_file_parse_verification_key(JournalFile *f, const char *key);
  
-int journal_file_fsprg_evolve(JournalFile *f, uint64_t realtime);
  int journal_file_fsprg_seek(JournalFile *f, uint64_t goal);
  
  bool journal_file_next_evolve_usec(JournalFile *f, usec_t *u);
author	Yu Watanabe <watanabe.yu+github@gmail.com>
	Thu, 25 Jun 2026 16:08:10 +0000 (01:08 +0900)
committer	Yu Watanabe <watanabe.yu+github@gmail.com>
	Sat, 27 Jun 2026 14:54:46 +0000 (23:54 +0900)
src/libsystemd/sd-journal/journal-authenticate.c		patch \| blob \| blame \| history
src/libsystemd/sd-journal/journal-authenticate.h		patch \| blob \| blame \| history