journal: add FSPRG journal authentication

[elogind.git] / src / journal / journal-def.h

diff --git a/src/journal/journal-def.h b/src/journal/journal-def.h
index b30ae796836d6586222f4143d1d7660254ac0d9c..ab4988037cc5ad6cee0516a32809ba7fba9476ff 100644 (file)
--- a/src/journal/journal-def.h
+++ b/src/journal/journal-def.h
@@ -1,7 +1,6 @@
 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
 
-#ifndef foojournaldefhfoo
-#define foojournaldefhfoo
+#pragma once
 
 /***
   This file is part of systemd.
@@ -38,21 +37,23 @@ typedef struct FieldObject FieldObject;
 typedef struct EntryObject EntryObject;
 typedef struct HashTableObject HashTableObject;
 typedef struct EntryArrayObject EntryArrayObject;
-typedef struct SignatureObject SignatureObject;
+typedef struct TagObject TagObject;
 
 typedef struct EntryItem EntryItem;
 typedef struct HashItem HashItem;
 
+typedef struct FSPRGHeader FSPRGHeader;
+
 /* Object types */
 enum {
         OBJECT_UNUSED,
-        OBJECT_DATA,
+        OBJECT_DATA,               /* !!! */
         OBJECT_FIELD,
         OBJECT_ENTRY,
         OBJECT_DATA_HASH_TABLE,
         OBJECT_FIELD_HASH_TABLE,
-        OBJECT_ENTRY_ARRAY,
-        OBJECT_SIGNATURE,
+        OBJECT_ENTRY_ARRAY,        /* !!! */
+        OBJECT_TAG,
         _OBJECT_TYPE_MAX
 };
 
@@ -85,7 +86,6 @@ _packed_ struct FieldObject {
         le64_t hash;
         le64_t next_hash_offset;
         le64_t head_data_offset;
-        le64_t tail_data_offset;
         uint8_t payload[];
 };
 
@@ -120,12 +120,13 @@ _packed_ struct EntryArrayObject {
         le64_t items[];
 };
 
-#define SIGNATURE_LENGTH 160
+#define TAG_LENGTH (256/8)
 
-_packed_ struct SignatureObject {
+_packed_ struct TagObject {
         ObjectHeader object;
-        le64_t from;
-        uint8_t signature[SIGNATURE_LENGTH];
+        uint64_t seqnum;
+        uint64_t epoch;
+        uint8_t tag[TAG_LENGTH]; /* SHA-256 HMAC */
 };
 
 union Object {
@@ -135,7 +136,7 @@ union Object {
         EntryObject entry;
         HashTableObject hash_table;
         EntryArrayObject entry_array;
-        SignatureObject signature;
+        TagObject tag;
 };
 
 enum {
@@ -150,17 +151,19 @@ enum {
 };
 
 enum {
-        HEADER_COMPATIBLE_SIGNED = 1
+        HEADER_COMPATIBLE_AUTHENTICATED = 1
 };
 
+#define HEADER_SIGNATURE ((char[]) { 'L', 'P', 'K', 'S', 'H', 'H', 'R', 'H' })
+
 _packed_ struct Header {
         uint8_t signature[8]; /* "LPKSHHRH" */
-        uint32_t compatible_flags;
-        uint32_t incompatible_flags;
+        le32_t compatible_flags;
+        le32_t incompatible_flags;
         uint8_t state;
         uint8_t reserved[7];
         sd_id128_t file_id;
-        sd_id128_t machine_id; /* last writer */
+        sd_id128_t machine_id;
         sd_id128_t boot_id;    /* last writer */
         sd_id128_t seqnum_id;
         le64_t header_size;
@@ -172,12 +175,32 @@ _packed_ struct Header {
         le64_t tail_object_offset;
         le64_t n_objects;
         le64_t n_entries;
-        le64_t seqnum;
-        le64_t first_seqnum;
+        le64_t tail_entry_seqnum;
+        le64_t head_entry_seqnum;
         le64_t entry_array_offset;
         le64_t head_entry_realtime;
         le64_t tail_entry_realtime;
         le64_t tail_entry_monotonic;
+        /* Added in 187 */
+        le64_t n_data;
+        le64_t n_fields;
+        /* Added in 189 */
+        le64_t n_tags;
+        le64_t n_entry_arrays;
 };
 
-#endif
+#define FSPRG_HEADER_SIGNATURE ((char[]) { 'K', 'S', 'H', 'H', 'R', 'H', 'L', 'P' })
+
+_packed_ struct FSPRGHeader {
+        uint8_t signature[8]; /* "KSHHRHLP" */
+        le32_t compatible_flags;
+        le32_t incompatible_flags;
+        sd_id128_t machine_id;
+        sd_id128_t boot_id;    /* last writer */
+        le64_t header_size;
+        le64_t fsprg_start_usec;
+        le64_t fsprg_interval_usec;
+        le16_t secpar;
+        le16_t reserved[3];
+        le64_t state_size;
+};