From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Thu, 25 Jun 2026 16:08:10 +0000 (+0900)
Subject: journal-authenticate: merge several functions into journal_file_maybe_append_tag()
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7061e6f3cbd9c96a0f7b837f9fa9744ac377eb7c;p=thirdparty%2Fsystemd.git

journal-authenticate: merge several functions into journal_file_maybe_append_tag()
---

diff --git a/src/libsystemd/sd-journal/journal-authenticate.c b/src/libsystemd/sd-journal/journal-authenticate.c
index 02efc59be30..0acfb3260e8 100644
--- a/src/libsystemd/sd-journal/journal-authenticate.c
+++ b/src/libsystemd/sd-journal/journal-authenticate.c
@@ -451,29 +451,7 @@ int journal_file_append_first_tag(JournalFile *f) {
         return 0;
 }
 
-static int journal_file_get_epoch(JournalFile *f, uint64_t realtime, uint64_t *epoch) {
-        uint64_t t;
-
-        assert(f);
-        assert(epoch);
-        assert(JOURNAL_HEADER_SEALED(f->header));
-
-        if (f->fss_start_usec == 0 || f->fss_interval_usec == 0)
-                return -EOPNOTSUPP;
-
-        if (realtime < f->fss_start_usec)
-                return -ESTALE;
-
-        t = realtime - f->fss_start_usec;
-        t = t / f->fss_interval_usec;
-
-        *epoch = t;
-
-        return 0;
-}
-
-static int journal_file_fsprg_need_evolve(JournalFile *f, uint64_t realtime) {
-        uint64_t goal, epoch;
+int journal_file_maybe_append_tag(JournalFile *f, uint64_t realtime) {
         int r;
 
         assert(f);
@@ -481,75 +459,25 @@ static int journal_file_fsprg_need_evolve(JournalFile *f, uint64_t realtime) {
         if (!JOURNAL_HEADER_SEALED(f->header))
                 return 0;
 
-        r = journal_file_get_epoch(f, realtime, &goal);
-        if (r < 0)
-                return r;
+        assert(f->fss_start_usec > 0);
+        assert(f->fss_interval_usec > 0);
 
-        epoch = FSPRG_GetEpoch(f->fsprg_state.iov_base);
-        if (epoch > goal)
-                return -ESTALE;
-
-        return epoch != goal;
-}
-
-int journal_file_fsprg_evolve(JournalFile *f, uint64_t realtime) {
-        uint64_t goal, epoch;
-        int r;
-
-        assert(f);
-
-        if (!JOURNAL_HEADER_SEALED(f->header))
-                return 0;
-
-        r = journal_file_get_epoch(f, realtime, &goal);
-        if (r < 0)
-                return r;
+        if (realtime <= 0)
+                realtime = now(CLOCK_REALTIME);
 
-        epoch = FSPRG_GetEpoch(f->fsprg_state.iov_base);
-        if (epoch < goal)
-                log_debug("Evolving FSPRG key from epoch %"PRIu64" to %"PRIu64".", epoch, goal);
+        uint64_t goal = usec_sub_unsigned(realtime, f->fss_start_usec) / f->fss_interval_usec;
 
         for (;;) {
-                if (epoch > goal)
-                        return -ESTALE;
-                if (epoch == goal)
+                uint64_t epoch = FSPRG_GetEpoch(f->fsprg_state.iov_base);
+                if (epoch >= goal)
                         return 0;
 
-                r = FSPRG_Evolve(f->fsprg_state.iov_base);
+                r = journal_file_append_tag(f);
                 if (r < 0)
                         return r;
 
-                epoch = FSPRG_GetEpoch(f->fsprg_state.iov_base);
-                if (epoch < goal) {
-                        r = journal_file_append_tag(f);
-                        if (r < 0)
-                                return r;
-                }
+                r = FSPRG_Evolve(f->fsprg_state.iov_base);
+                if (r < 0)
+                        return r;
         }
 }
-
-int journal_file_maybe_append_tag(JournalFile *f, uint64_t realtime) {
-        int r;
-
-        assert(f);
-
-        if (!JOURNAL_HEADER_SEALED(f->header))
-                return 0;
-
-        if (realtime <= 0)
-                realtime = now(CLOCK_REALTIME);
-
-        r = journal_file_fsprg_need_evolve(f, realtime);
-        if (r <= 0)
-                return 0;
-
-        r = journal_file_append_tag(f);
-        if (r < 0)
-                return r;
-
-        r = journal_file_fsprg_evolve(f, realtime);
-        if (r < 0)
-                return r;
-
-        return 0;
-}
diff --git a/src/libsystemd/sd-journal/journal-authenticate.h b/src/libsystemd/sd-journal/journal-authenticate.h
index 89897fc0a7a..e18fe7faf9c 100644
--- a/src/libsystemd/sd-journal/journal-authenticate.h
+++ b/src/libsystemd/sd-journal/journal-authenticate.h
@@ -16,7 +16,6 @@ int journal_file_hmac_put_object(JournalFile *f, ObjectType type, Object *o, uin
 int journal_file_fss_load(JournalFile *f);
 int journal_file_parse_verification_key(JournalFile *f, const char *key);
 
-int journal_file_fsprg_evolve(JournalFile *f, uint64_t realtime);
 int journal_file_fsprg_seek(JournalFile *f, uint64_t goal);
 
 bool journal_file_next_evolve_usec(JournalFile *f, usec_t *u);