]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/timesync/timesyncd.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Reject invalid quoted strings
[thirdparty/systemd.git] / src / timesync / timesyncd.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2014 Kay Sievers, Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <stdlib.h>
23 #include <errno.h>
24 #include <fcntl.h>
25 #include <unistd.h>
26 #include <string.h>
27 #include <time.h>
28 #include <math.h>
29 #include <arpa/inet.h>
30 #include <netinet/in.h>
31 #include <netinet/ip.h>
32 #include <sys/timerfd.h>
33 #include <sys/timex.h>
34 #include <sys/socket.h>
35 #include <resolv.h>
36 #include <sys/prctl.h>
37 #include <sys/types.h>
38 #include <grp.h>
39
40 #include "missing.h"
41 #include "util.h"
42 #include "sparse-endian.h"
43 #include "log.h"
44 #include "socket-util.h"
45 #include "list.h"
46 #include "ratelimit.h"
47 #include "strv.h"
48 #include "conf-parser.h"
49 #include "sd-event.h"
50 #include "sd-resolve.h"
51 #include "sd-daemon.h"
52 #include "sd-network.h"
53 #include "event-util.h"
54 #include "network-util.h"
55 #include "clock-util.h"
56 #include "capability.h"
57 #include "mkdir.h"
58 #include "timesyncd.h"
59
60 #define TIME_T_MAX (time_t)((1UL << ((sizeof(time_t) << 3) - 1)) - 1)
61
62 #ifndef ADJ_SETOFFSET
63 #define ADJ_SETOFFSET 0x0100 /* add 'time' to current time */
64 #endif
65
66 /* expected accuracy of time synchronization; used to adjust the poll interval */
67 #define NTP_ACCURACY_SEC 0.2
68
69 /*
70 * "A client MUST NOT under any conditions use a poll interval less
71 * than 15 seconds."
72 */
73 #define NTP_POLL_INTERVAL_MIN_SEC 32
74 #define NTP_POLL_INTERVAL_MAX_SEC 2048
75
76 /*
77 * Maximum delta in seconds which the system clock is gradually adjusted
78 * (slew) to approach the network time. Deltas larger that this are set by
79 * letting the system time jump. The kernel's limit for adjtime is 0.5s.
80 */
81 #define NTP_MAX_ADJUST 0.4
82
83 /* NTP protocol, packet header */
84 #define NTP_LEAP_PLUSSEC 1
85 #define NTP_LEAP_MINUSSEC 2
86 #define NTP_LEAP_NOTINSYNC 3
87 #define NTP_MODE_CLIENT 3
88 #define NTP_MODE_SERVER 4
89 #define NTP_FIELD_LEAP(f) (((f) >> 6) & 3)
90 #define NTP_FIELD_VERSION(f) (((f) >> 3) & 7)
91 #define NTP_FIELD_MODE(f) ((f) & 7)
92 #define NTP_FIELD(l, v, m) (((l) << 6) | ((v) << 3) | (m))
93
94 /*
95 * "NTP timestamps are represented as a 64-bit unsigned fixed-point number,
96 * in seconds relative to 0h on 1 January 1900."
97 */
98 #define OFFSET_1900_1970 2208988800UL
99
100 #define RETRY_USEC (30*USEC_PER_SEC)
101 #define RATELIMIT_INTERVAL_USEC (10*USEC_PER_SEC)
102 #define RATELIMIT_BURST 10
103
104 #define TIMEOUT_USEC (10*USEC_PER_SEC)
105
106 struct ntp_ts {
107 be32_t sec;
108 be32_t frac;
109 } _packed_;
110
111 struct ntp_ts_short {
112 be16_t sec;
113 be16_t frac;
114 } _packed_;
115
116 struct ntp_msg {
117 uint8_t field;
118 uint8_t stratum;
119 int8_t poll;
120 int8_t precision;
121 struct ntp_ts_short root_delay;
122 struct ntp_ts_short root_dispersion;
123 char refid[4];
124 struct ntp_ts reference_time;
125 struct ntp_ts origin_time;
126 struct ntp_ts recv_time;
127 struct ntp_ts trans_time;
128 } _packed_;
129
130 static void manager_free(Manager *m);
131 DEFINE_TRIVIAL_CLEANUP_FUNC(Manager*, manager_free);
132 #define _cleanup_manager_free_ _cleanup_(manager_freep)
133
134 static int manager_arm_timer(Manager *m, usec_t next);
135 static int manager_clock_watch_setup(Manager *m);
136 static int manager_connect(Manager *m);
137 static void manager_disconnect(Manager *m);
138
139 static double ntp_ts_to_d(const struct ntp_ts *ts) {
140 return be32toh(ts->sec) + ((double)be32toh(ts->frac) / UINT_MAX);
141 }
142
143 static double ts_to_d(const struct timespec *ts) {
144 return ts->tv_sec + (1.0e-9 * ts->tv_nsec);
145 }
146
147 static double tv_to_d(const struct timeval *tv) {
148 return tv->tv_sec + (1.0e-6 * tv->tv_usec);
149 }
150
151 static double square(double d) {
152 return d * d;
153 }
154
155 static int load_clock_timestamp(uid_t uid, gid_t gid) {
156 _cleanup_close_ int fd = -1;
157 usec_t min = TIME_EPOCH * USEC_PER_SEC;
158 usec_t ct;
159 int r;
160
161 /* Let's try to make sure that the clock is always
162 * monotonically increasing, by saving the clock whenever we
163 * have a new NTP time, or when we shut down, and restoring it
164 * when we start again. This is particularly helpful on
165 * systems lacking a battery backed RTC. We also will adjust
166 * the time to at least the build time of systemd. */
167
168 fd = open("/var/lib/systemd/clock", O_RDWR|O_CLOEXEC, 0644);
169 if (fd >= 0) {
170 struct stat st;
171 usec_t stamp;
172
173 /* check if the recorded time is later than the compiled-in one */
174 r = fstat(fd, &st);
175 if (r >= 0) {
176 stamp = timespec_load(&st.st_mtim);
177 if (stamp > min)
178 min = stamp;
179 }
180
181 /* Try to fix the access mode, so that we can still
182 touch the file after dropping priviliges */
183 fchmod(fd, 0644);
184 fchown(fd, uid, gid);
185
186 } else
187 /* create stamp file with the compiled-in date */
188 touch_file("/var/lib/systemd/clock", true, min, uid, gid, 0644);
189
190 ct = now(CLOCK_REALTIME);
191 if (ct < min) {
192 struct timespec ts;
193 char date[FORMAT_TIMESTAMP_MAX];
194
195 log_info("System clock time unset or jumped backwards, restoring from recorded timestamp: %s",
196 format_timestamp(date, sizeof(date), min));
197
198 if (clock_settime(CLOCK_REALTIME, timespec_store(&ts, min)) < 0)
199 log_error("Failed to restore system clock: %m");
200 }
201
202 return 0;
203 }
204
205 static int manager_timeout(sd_event_source *source, usec_t usec, void *userdata) {
206 _cleanup_free_ char *pretty = NULL;
207 Manager *m = userdata;
208
209 assert(m);
210 assert(m->current_server_name);
211 assert(m->current_server_address);
212
213 server_address_pretty(m->current_server_address, &pretty);
214 log_info("Timed out waiting for reply from %s (%s).", strna(pretty), m->current_server_name->string);
215
216 return manager_connect(m);
217 }
218
219 static int manager_send_request(Manager *m) {
220 _cleanup_free_ char *pretty = NULL;
221 struct ntp_msg ntpmsg = {
222 /*
223 * "The client initializes the NTP message header, sends the request
224 * to the server, and strips the time of day from the Transmit
225 * Timestamp field of the reply. For this purpose, all the NTP
226 * header fields are set to 0, except the Mode, VN, and optional
227 * Transmit Timestamp fields."
228 */
229 .field = NTP_FIELD(0, 4, NTP_MODE_CLIENT),
230 };
231 ssize_t len;
232 int r;
233
234 assert(m);
235 assert(m->current_server_name);
236 assert(m->current_server_address);
237
238 m->event_timeout = sd_event_source_unref(m->event_timeout);
239
240 /*
241 * Set transmit timestamp, remember it; the server will send that back
242 * as the origin timestamp and we have an indication that this is the
243 * matching answer to our request.
244 *
245 * The actual value does not matter, We do not care about the correct
246 * NTP UINT_MAX fraction; we just pass the plain nanosecond value.
247 */
248 assert_se(clock_gettime(CLOCK_MONOTONIC, &m->trans_time_mon) >= 0);
249 assert_se(clock_gettime(CLOCK_REALTIME, &m->trans_time) >= 0);
250 ntpmsg.trans_time.sec = htobe32(m->trans_time.tv_sec + OFFSET_1900_1970);
251 ntpmsg.trans_time.frac = htobe32(m->trans_time.tv_nsec);
252
253 server_address_pretty(m->current_server_address, &pretty);
254
255 len = sendto(m->server_socket, &ntpmsg, sizeof(ntpmsg), MSG_DONTWAIT, &m->current_server_address->sockaddr.sa, m->current_server_address->socklen);
256 if (len == sizeof(ntpmsg)) {
257 m->pending = true;
258 log_debug("Sent NTP request to %s (%s).", strna(pretty), m->current_server_name->string);
259 } else {
260 log_debug("Sending NTP request to %s (%s) failed: %m", strna(pretty), m->current_server_name->string);
261 return manager_connect(m);
262 }
263
264 /* re-arm timer with increasing timeout, in case the packets never arrive back */
265 if (m->retry_interval > 0) {
266 if (m->retry_interval < NTP_POLL_INTERVAL_MAX_SEC * USEC_PER_SEC)
267 m->retry_interval *= 2;
268 } else
269 m->retry_interval = NTP_POLL_INTERVAL_MIN_SEC * USEC_PER_SEC;
270
271 r = manager_arm_timer(m, m->retry_interval);
272 if (r < 0) {
273 log_error("Failed to rearm timer: %s", strerror(-r));
274 return r;
275 }
276
277 r = sd_event_add_time(
278 m->event,
279 &m->event_timeout,
280 CLOCK_MONOTONIC,
281 now(CLOCK_MONOTONIC) + TIMEOUT_USEC, 0,
282 manager_timeout, m);
283 if (r < 0) {
284 log_error("Failed to arm timeout timer: %s", strerror(-r));
285 return r;
286 }
287
288 return 0;
289 }
290
291 static int manager_timer(sd_event_source *source, usec_t usec, void *userdata) {
292 Manager *m = userdata;
293
294 assert(m);
295
296 return manager_send_request(m);
297 }
298
299 static int manager_arm_timer(Manager *m, usec_t next) {
300 int r;
301
302 assert(m);
303 assert(m->event_receive);
304
305 if (next == 0) {
306 m->event_timer = sd_event_source_unref(m->event_timer);
307 return 0;
308 }
309
310 if (m->event_timer) {
311 r = sd_event_source_set_time(m->event_timer, now(CLOCK_MONOTONIC) + next);
312 if (r < 0)
313 return r;
314
315 return sd_event_source_set_enabled(m->event_timer, SD_EVENT_ONESHOT);
316 }
317
318 return sd_event_add_time(
319 m->event,
320 &m->event_timer,
321 CLOCK_MONOTONIC,
322 now(CLOCK_MONOTONIC) + next, 0,
323 manager_timer, m);
324 }
325
326 static int manager_clock_watch(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
327 Manager *m = userdata;
328
329 assert(m);
330
331 /* rearm timer */
332 manager_clock_watch_setup(m);
333
334 /* skip our own jumps */
335 if (m->jumped) {
336 m->jumped = false;
337 return 0;
338 }
339
340 /* resync */
341 log_info("System time changed. Resyncing.");
342 m->poll_resync = true;
343 return manager_send_request(m);
344 }
345
346 /* wake up when the system time changes underneath us */
347 static int manager_clock_watch_setup(Manager *m) {
348
349 struct itimerspec its = {
350 .it_value.tv_sec = TIME_T_MAX
351 };
352
353 int r;
354
355 assert(m);
356
357 m->event_clock_watch = sd_event_source_unref(m->event_clock_watch);
358 safe_close(m->clock_watch_fd);
359
360 m->clock_watch_fd = timerfd_create(CLOCK_REALTIME, TFD_NONBLOCK|TFD_CLOEXEC);
361 if (m->clock_watch_fd < 0) {
362 log_error("Failed to create timerfd: %m");
363 return -errno;
364 }
365
366 if (timerfd_settime(m->clock_watch_fd, TFD_TIMER_ABSTIME|TFD_TIMER_CANCEL_ON_SET, &its, NULL) < 0) {
367 log_error("Failed to set up timerfd: %m");
368 return -errno;
369 }
370
371 r = sd_event_add_io(m->event, &m->event_clock_watch, m->clock_watch_fd, EPOLLIN, manager_clock_watch, m);
372 if (r < 0) {
373 log_error("Failed to create clock watch event source: %s", strerror(-r));
374 return r;
375 }
376
377 return 0;
378 }
379
380 static int manager_adjust_clock(Manager *m, double offset, int leap_sec) {
381 struct timex tmx = {};
382 int r;
383
384 assert(m);
385
386 /*
387 * For small deltas, tell the kernel to gradually adjust the system
388 * clock to the NTP time, larger deltas are just directly set.
389 */
390 if (fabs(offset) < NTP_MAX_ADJUST) {
391 tmx.modes = ADJ_STATUS | ADJ_NANO | ADJ_OFFSET | ADJ_TIMECONST | ADJ_MAXERROR | ADJ_ESTERROR;
392 tmx.status = STA_PLL;
393 tmx.offset = offset * NSEC_PER_SEC;
394 tmx.constant = log2i(m->poll_interval_usec / USEC_PER_SEC) - 4;
395 tmx.maxerror = 0;
396 tmx.esterror = 0;
397 log_debug(" adjust (slew): %+.3f sec\n", offset);
398 } else {
399 tmx.modes = ADJ_STATUS | ADJ_NANO | ADJ_SETOFFSET;
400
401 /* ADJ_NANO uses nanoseconds in the microseconds field */
402 tmx.time.tv_sec = (long)offset;
403 tmx.time.tv_usec = (offset - tmx.time.tv_sec) * NSEC_PER_SEC;
404
405 /* the kernel expects -0.3s as {-1, 7000.000.000} */
406 if (tmx.time.tv_usec < 0) {
407 tmx.time.tv_sec -= 1;
408 tmx.time.tv_usec += NSEC_PER_SEC;
409 }
410
411 m->jumped = true;
412 log_debug(" adjust (jump): %+.3f sec\n", offset);
413 }
414
415 /*
416 * An unset STA_UNSYNC will enable the kernel's 11-minute mode,
417 * which syncs the system time periodically to the RTC.
418 *
419 * In case the RTC runs in local time, never touch the RTC,
420 * we have no way to properly handle daylight saving changes and
421 * mobile devices moving between time zones.
422 */
423 if (m->rtc_local_time)
424 tmx.status |= STA_UNSYNC;
425
426 switch (leap_sec) {
427 case 1:
428 tmx.status |= STA_INS;
429 break;
430 case -1:
431 tmx.status |= STA_DEL;
432 break;
433 }
434
435 r = clock_adjtime(CLOCK_REALTIME, &tmx);
436 if (r < 0)
437 return r;
438
439 touch("/var/lib/systemd/clock");
440
441 m->drift_ppm = tmx.freq / 65536;
442
443 log_debug(" status : %04i %s\n"
444 " time now : %li.%03llu\n"
445 " constant : %li\n"
446 " offset : %+.3f sec\n"
447 " freq offset : %+li (%i ppm)\n",
448 tmx.status, tmx.status & STA_UNSYNC ? "unsync" : "sync",
449 tmx.time.tv_sec, (unsigned long long) (tmx.time.tv_usec / NSEC_PER_MSEC),
450 tmx.constant,
451 (double)tmx.offset / NSEC_PER_SEC,
452 tmx.freq, m->drift_ppm);
453
454 return 0;
455 }
456
457 static bool manager_sample_spike_detection(Manager *m, double offset, double delay) {
458 unsigned int i, idx_cur, idx_new, idx_min;
459 double jitter;
460 double j;
461
462 assert(m);
463
464 m->packet_count++;
465
466 /* ignore initial sample */
467 if (m->packet_count == 1)
468 return false;
469
470 /* store the current data in our samples array */
471 idx_cur = m->samples_idx;
472 idx_new = (idx_cur + 1) % ELEMENTSOF(m->samples);
473 m->samples_idx = idx_new;
474 m->samples[idx_new].offset = offset;
475 m->samples[idx_new].delay = delay;
476
477 /* calculate new jitter value from the RMS differences relative to the lowest delay sample */
478 jitter = m->samples_jitter;
479 for (idx_min = idx_cur, i = 0; i < ELEMENTSOF(m->samples); i++)
480 if (m->samples[i].delay > 0 && m->samples[i].delay < m->samples[idx_min].delay)
481 idx_min = i;
482
483 j = 0;
484 for (i = 0; i < ELEMENTSOF(m->samples); i++)
485 j += square(m->samples[i].offset - m->samples[idx_min].offset);
486 m->samples_jitter = sqrt(j / (ELEMENTSOF(m->samples) - 1));
487
488 /* ignore samples when resyncing */
489 if (m->poll_resync)
490 return false;
491
492 /* always accept offset if we are farther off than the round-trip delay */
493 if (fabs(offset) > delay)
494 return false;
495
496 /* we need a few samples before looking at them */
497 if (m->packet_count < 4)
498 return false;
499
500 /* do not accept anything worse than the maximum possible error of the best sample */
501 if (fabs(offset) > m->samples[idx_min].delay)
502 return true;
503
504 /* compare the difference between the current offset to the previous offset and jitter */
505 return fabs(offset - m->samples[idx_cur].offset) > 3 * jitter;
506 }
507
508 static void manager_adjust_poll(Manager *m, double offset, bool spike) {
509 assert(m);
510
511 if (m->poll_resync) {
512 m->poll_interval_usec = NTP_POLL_INTERVAL_MIN_SEC * USEC_PER_SEC;
513 m->poll_resync = false;
514 return;
515 }
516
517 /* set to minimal poll interval */
518 if (!spike && fabs(offset) > NTP_ACCURACY_SEC) {
519 m->poll_interval_usec = NTP_POLL_INTERVAL_MIN_SEC * USEC_PER_SEC;
520 return;
521 }
522
523 /* increase polling interval */
524 if (fabs(offset) < NTP_ACCURACY_SEC * 0.25) {
525 if (m->poll_interval_usec < NTP_POLL_INTERVAL_MAX_SEC * USEC_PER_SEC)
526 m->poll_interval_usec *= 2;
527 return;
528 }
529
530 /* decrease polling interval */
531 if (spike || fabs(offset) > NTP_ACCURACY_SEC * 0.75) {
532 if (m->poll_interval_usec > NTP_POLL_INTERVAL_MIN_SEC * USEC_PER_SEC)
533 m->poll_interval_usec /= 2;
534 return;
535 }
536 }
537
538 static bool sockaddr_equal(union sockaddr_union *a, union sockaddr_union *b) {
539 assert(a);
540 assert(b);
541
542 if (a->sa.sa_family != b->sa.sa_family)
543 return false;
544
545 if (a->sa.sa_family == AF_INET)
546 return a->in.sin_addr.s_addr == b->in.sin_addr.s_addr;
547
548 if (a->sa.sa_family == AF_INET6)
549 return memcmp(&a->in6.sin6_addr, &b->in6.sin6_addr, sizeof(a->in6.sin6_addr)) == 0;
550
551 return false;
552 }
553
554 static int manager_receive_response(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
555 Manager *m = userdata;
556 struct ntp_msg ntpmsg;
557
558 struct iovec iov = {
559 .iov_base = &ntpmsg,
560 .iov_len = sizeof(ntpmsg),
561 };
562 union {
563 struct cmsghdr cmsghdr;
564 uint8_t buf[CMSG_SPACE(sizeof(struct timeval))];
565 } control;
566 union sockaddr_union server_addr;
567 struct msghdr msghdr = {
568 .msg_iov = &iov,
569 .msg_iovlen = 1,
570 .msg_control = &control,
571 .msg_controllen = sizeof(control),
572 .msg_name = &server_addr,
573 .msg_namelen = sizeof(server_addr),
574 };
575 struct cmsghdr *cmsg;
576 struct timespec now_ts;
577 struct timeval *recv_time;
578 ssize_t len;
579 double origin, receive, trans, dest;
580 double delay, offset;
581 bool spike;
582 int leap_sec;
583 int r;
584
585 assert(source);
586 assert(m);
587
588 if (revents & (EPOLLHUP|EPOLLERR)) {
589 log_warning("Server connection returned error.");
590 return manager_connect(m);
591 }
592
593 len = recvmsg(fd, &msghdr, MSG_DONTWAIT);
594 if (len < 0) {
595 if (errno == EAGAIN)
596 return 0;
597
598 log_warning("Error receiving message. Disconnecting.");
599 return manager_connect(m);
600 }
601
602 if (iov.iov_len < sizeof(struct ntp_msg)) {
603 log_warning("Invalid response from server. Disconnecting.");
604 return manager_connect(m);
605 }
606
607 if (!m->current_server_name ||
608 !m->current_server_address ||
609 !sockaddr_equal(&server_addr, &m->current_server_address->sockaddr)) {
610 log_debug("Response from unknown server.");
611 return 0;
612 }
613
614 recv_time = NULL;
615 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
616 if (cmsg->cmsg_level != SOL_SOCKET)
617 continue;
618
619 switch (cmsg->cmsg_type) {
620 case SCM_TIMESTAMP:
621 recv_time = (struct timeval *) CMSG_DATA(cmsg);
622 break;
623 }
624 }
625 if (!recv_time) {
626 log_error("Invalid packet timestamp.");
627 return -EINVAL;
628 }
629
630 if (!m->pending) {
631 log_debug("Unexpected reply. Ignoring.");
632 return 0;
633 }
634
635 /* check our "time cookie" (we just stored nanoseconds in the fraction field) */
636 if (be32toh(ntpmsg.origin_time.sec) != m->trans_time.tv_sec + OFFSET_1900_1970 ||
637 be32toh(ntpmsg.origin_time.frac) != m->trans_time.tv_nsec) {
638 log_debug("Invalid reply; not our transmit time. Ignoring.");
639 return 0;
640 }
641
642 m->event_timeout = sd_event_source_unref(m->event_timeout);
643
644 if (be32toh(ntpmsg.recv_time.sec) < TIME_EPOCH + OFFSET_1900_1970 ||
645 be32toh(ntpmsg.trans_time.sec) < TIME_EPOCH + OFFSET_1900_1970) {
646 log_debug("Invalid reply, returned times before epoch. Ignoring.");
647 return manager_connect(m);
648 }
649
650 if (NTP_FIELD_LEAP(ntpmsg.field) == NTP_LEAP_NOTINSYNC) {
651 log_debug("Server is not synchronized. Disconnecting.");
652 return manager_connect(m);
653 }
654
655 if (!IN_SET(NTP_FIELD_VERSION(ntpmsg.field), 3, 4)) {
656 log_debug("Response NTPv%d. Disconnecting.", NTP_FIELD_VERSION(ntpmsg.field));
657 return manager_connect(m);
658 }
659
660 if (NTP_FIELD_MODE(ntpmsg.field) != NTP_MODE_SERVER) {
661 log_debug("Unsupported mode %d. Disconnecting.", NTP_FIELD_MODE(ntpmsg.field));
662 return manager_connect(m);
663 }
664
665 /* valid packet */
666 m->pending = false;
667 m->retry_interval = 0;
668
669 /* announce leap seconds */
670 if (NTP_FIELD_LEAP(ntpmsg.field) & NTP_LEAP_PLUSSEC)
671 leap_sec = 1;
672 else if (NTP_FIELD_LEAP(ntpmsg.field) & NTP_LEAP_MINUSSEC)
673 leap_sec = -1;
674 else
675 leap_sec = 0;
676
677 /*
678 * "Timestamp Name ID When Generated
679 * ------------------------------------------------------------
680 * Originate Timestamp T1 time request sent by client
681 * Receive Timestamp T2 time request received by server
682 * Transmit Timestamp T3 time reply sent by server
683 * Destination Timestamp T4 time reply received by client
684 *
685 * The round-trip delay, d, and system clock offset, t, are defined as:
686 * d = (T4 - T1) - (T3 - T2) t = ((T2 - T1) + (T3 - T4)) / 2"
687 */
688 assert_se(clock_gettime(CLOCK_MONOTONIC, &now_ts) >= 0);
689 origin = tv_to_d(recv_time) - (ts_to_d(&now_ts) - ts_to_d(&m->trans_time_mon)) + OFFSET_1900_1970;
690 receive = ntp_ts_to_d(&ntpmsg.recv_time);
691 trans = ntp_ts_to_d(&ntpmsg.trans_time);
692 dest = tv_to_d(recv_time) + OFFSET_1900_1970;
693
694 offset = ((receive - origin) + (trans - dest)) / 2;
695 delay = (dest - origin) - (trans - receive);
696
697 spike = manager_sample_spike_detection(m, offset, delay);
698
699 manager_adjust_poll(m, offset, spike);
700
701 log_debug("NTP response:\n"
702 " leap : %u\n"
703 " version : %u\n"
704 " mode : %u\n"
705 " stratum : %u\n"
706 " precision : %.6f sec (%d)\n"
707 " reference : %.4s\n"
708 " origin : %.3f\n"
709 " receive : %.3f\n"
710 " transmit : %.3f\n"
711 " dest : %.3f\n"
712 " offset : %+.3f sec\n"
713 " delay : %+.3f sec\n"
714 " packet count : %"PRIu64"\n"
715 " jitter : %.3f%s\n"
716 " poll interval: " USEC_FMT "\n",
717 NTP_FIELD_LEAP(ntpmsg.field),
718 NTP_FIELD_VERSION(ntpmsg.field),
719 NTP_FIELD_MODE(ntpmsg.field),
720 ntpmsg.stratum,
721 exp2(ntpmsg.precision), ntpmsg.precision,
722 ntpmsg.stratum == 1 ? ntpmsg.refid : "n/a",
723 origin - OFFSET_1900_1970,
724 receive - OFFSET_1900_1970,
725 trans - OFFSET_1900_1970,
726 dest - OFFSET_1900_1970,
727 offset, delay,
728 m->packet_count,
729 m->samples_jitter, spike ? " spike" : "",
730 m->poll_interval_usec / USEC_PER_SEC);
731
732 if (!spike) {
733 m->sync = true;
734 r = manager_adjust_clock(m, offset, leap_sec);
735 if (r < 0)
736 log_error("Failed to call clock_adjtime(): %m");
737 }
738
739 log_info("interval/delta/delay/jitter/drift " USEC_FMT "s/%+.3fs/%.3fs/%.3fs/%+ippm%s",
740 m->poll_interval_usec / USEC_PER_SEC, offset, delay, m->samples_jitter, m->drift_ppm,
741 spike ? " (ignored)" : "");
742
743 r = manager_arm_timer(m, m->poll_interval_usec);
744 if (r < 0) {
745 log_error("Failed to rearm timer: %s", strerror(-r));
746 return r;
747 }
748
749 return 0;
750 }
751
752 static int manager_listen_setup(Manager *m) {
753 union sockaddr_union addr = {};
754 static const int tos = IPTOS_LOWDELAY;
755 static const int on = 1;
756 int r;
757
758 assert(m);
759
760 assert(m->server_socket < 0);
761 assert(!m->event_receive);
762 assert(m->current_server_address);
763
764 addr.sa.sa_family = m->current_server_address->sockaddr.sa.sa_family;
765
766 m->server_socket = socket(addr.sa.sa_family, SOCK_DGRAM | SOCK_CLOEXEC, 0);
767 if (m->server_socket < 0)
768 return -errno;
769
770 r = bind(m->server_socket, &addr.sa, m->current_server_address->socklen);
771 if (r < 0)
772 return -errno;
773
774 r = setsockopt(m->server_socket, SOL_SOCKET, SO_TIMESTAMP, &on, sizeof(on));
775 if (r < 0)
776 return -errno;
777
778 setsockopt(m->server_socket, IPPROTO_IP, IP_TOS, &tos, sizeof(tos));
779
780 return sd_event_add_io(m->event, &m->event_receive, m->server_socket, EPOLLIN, manager_receive_response, m);
781 }
782
783 static int manager_begin(Manager *m) {
784 _cleanup_free_ char *pretty = NULL;
785 int r;
786
787 assert(m);
788 assert_return(m->current_server_name, -EHOSTUNREACH);
789 assert_return(m->current_server_address, -EHOSTUNREACH);
790
791 m->poll_interval_usec = NTP_POLL_INTERVAL_MIN_SEC * USEC_PER_SEC;
792
793 server_address_pretty(m->current_server_address, &pretty);
794 log_info("Using NTP server %s (%s).", strna(pretty), m->current_server_name->string);
795 sd_notifyf(false, "STATUS=Using Time Server %s (%s).", strna(pretty), m->current_server_name->string);
796
797 r = manager_listen_setup(m);
798 if (r < 0) {
799 log_warning("Failed to setup connection socket: %s", strerror(-r));
800 return r;
801 }
802
803 r = manager_clock_watch_setup(m);
804 if (r < 0)
805 return r;
806
807 return manager_send_request(m);
808 }
809
810 static void server_name_flush_addresses(ServerName *n) {
811 ServerAddress *a;
812
813 assert(n);
814
815 while ((a = n->addresses)) {
816 LIST_REMOVE(addresses, n->addresses, a);
817 free(a);
818 }
819 }
820
821 static void manager_flush_names(Manager *m) {
822 ServerName *n;
823
824 assert(m);
825
826 while ((n = m->servers)) {
827 LIST_REMOVE(names, m->servers, n);
828 free(n->string);
829 server_name_flush_addresses(n);
830 free(n);
831 }
832 }
833
834 static int manager_resolve_handler(sd_resolve_query *q, int ret, const struct addrinfo *ai, void *userdata) {
835 Manager *m = userdata;
836 ServerAddress *a, *last = NULL;
837
838 assert(q);
839 assert(m);
840 assert(m->current_server_name);
841
842 m->resolve_query = sd_resolve_query_unref(m->resolve_query);
843
844 if (ret != 0) {
845 log_debug("Failed to resolve %s: %s", m->current_server_name->string, gai_strerror(ret));
846
847 /* Try next host */
848 return manager_connect(m);
849 }
850
851 server_name_flush_addresses(m->current_server_name);
852
853 for (; ai; ai = ai->ai_next) {
854 _cleanup_free_ char *pretty = NULL;
855
856 assert(ai->ai_addr);
857 assert(ai->ai_addrlen >= offsetof(struct sockaddr, sa_data));
858 assert(ai->ai_addrlen <= sizeof(union sockaddr_union));
859
860 if (!IN_SET(ai->ai_addr->sa_family, AF_INET, AF_INET6)) {
861 log_warning("Unsuitable address protocol for %s", m->current_server_name->string);
862 continue;
863 }
864
865 a = new0(ServerAddress, 1);
866 if (!a)
867 return log_oom();
868
869 memcpy(&a->sockaddr, ai->ai_addr, ai->ai_addrlen);
870 a->socklen = ai->ai_addrlen;
871
872 LIST_INSERT_AFTER(addresses, m->current_server_name->addresses, last, a);
873 last = a;
874
875 sockaddr_pretty(&a->sockaddr.sa, a->socklen, true, &pretty);
876 log_debug("Resolved address %s for %s.", pretty, m->current_server_name->string);
877 }
878
879 if (!m->current_server_name->addresses) {
880 log_error("Failed to find suitable address for host %s.", m->current_server_name->string);
881
882 /* Try next host */
883 return manager_connect(m);
884 }
885
886 m->current_server_address = m->current_server_name->addresses;
887
888 return manager_begin(m);
889 }
890
891 static int manager_retry(sd_event_source *source, usec_t usec, void *userdata) {
892 Manager *m = userdata;
893
894 assert(m);
895
896 return manager_connect(m);
897 }
898
899 static int manager_connect(Manager *m) {
900
901 struct addrinfo hints = {
902 .ai_flags = AI_NUMERICSERV|AI_ADDRCONFIG,
903 .ai_socktype = SOCK_DGRAM,
904 };
905 int r;
906
907 assert(m);
908
909 manager_disconnect(m);
910
911 m->event_retry = sd_event_source_unref(m->event_retry);
912 if (!ratelimit_test(&m->ratelimit)) {
913 log_debug("Slowing down attempts to contact servers.");
914
915 r = sd_event_add_time(m->event, &m->event_retry, CLOCK_MONOTONIC, now(CLOCK_MONOTONIC) + RETRY_USEC, 0, manager_retry, m);
916 if (r < 0) {
917 log_error("Failed to create retry timer: %s", strerror(-r));
918 return r;
919 }
920
921 return 0;
922 }
923
924 /* If we already are operating on some address, switch to the
925 * next one. */
926 if (m->current_server_address && m->current_server_address->addresses_next)
927 m->current_server_address = m->current_server_address->addresses_next;
928 else {
929 /* Hmm, we are through all addresses, let's look for the next host instead */
930 m->current_server_address = NULL;
931
932 if (m->current_server_name && m->current_server_name->names_next)
933 m->current_server_name = m->current_server_name->names_next;
934 else {
935 if (!m->servers) {
936 m->current_server_name = NULL;
937 log_debug("No server found.");
938 return 0;
939 }
940
941 m->current_server_name = m->servers;
942 }
943
944 /* Tell the resolver to reread /etc/resolv.conf, in
945 * case it changed. */
946 res_init();
947
948 r = sd_resolve_getaddrinfo(m->resolve, &m->resolve_query, m->current_server_name->string, "123", &hints, manager_resolve_handler, m);
949 if (r < 0) {
950 log_error("Failed to create resolver: %s", strerror(-r));
951 return r;
952 }
953
954 return 1;
955 }
956
957 r = manager_begin(m);
958 if (r < 0)
959 return r;
960
961 return 1;
962 }
963
964 static int manager_add_server(Manager *m, const char *server) {
965 ServerName *n, *tail;
966
967 assert(m);
968 assert(server);
969
970 n = new0(ServerName, 1);
971 if (!n)
972 return -ENOMEM;
973
974 n->string = strdup(server);
975 if (!n->string) {
976 free(n);
977 return -ENOMEM;
978 }
979
980 LIST_FIND_TAIL(names, m->servers, tail);
981 LIST_INSERT_AFTER(names, m->servers, tail, n);
982
983 return 0;
984 }
985
986 static int manager_add_server_string(Manager *m, const char *string) {
987 const char *word, *state;
988 size_t l;
989 int r;
990
991 assert(m);
992 assert(string);
993
994 FOREACH_WORD_QUOTED(word, l, string, state) {
995 char t[l+1];
996
997 memcpy(t, word, l);
998 t[l] = 0;
999
1000 r = manager_add_server(m, t);
1001 if (r < 0)
1002 log_error("Failed to add server %s to configuration, ignoring: %s", t, strerror(-r));
1003 }
1004
1005 return 0;
1006 }
1007
1008 static void manager_disconnect(Manager *m) {
1009 assert(m);
1010
1011 m->resolve_query = sd_resolve_query_unref(m->resolve_query);
1012
1013 m->event_timer = sd_event_source_unref(m->event_timer);
1014
1015 m->event_receive = sd_event_source_unref(m->event_receive);
1016 m->server_socket = safe_close(m->server_socket);
1017
1018 m->event_clock_watch = sd_event_source_unref(m->event_clock_watch);
1019 m->clock_watch_fd = safe_close(m->clock_watch_fd);
1020
1021 m->event_timeout = sd_event_source_unref(m->event_timeout);
1022
1023 sd_notifyf(false, "STATUS=Idle.");
1024 }
1025
1026 static int manager_new(Manager **ret) {
1027 _cleanup_manager_free_ Manager *m = NULL;
1028 int r;
1029
1030 assert(ret);
1031
1032 m = new0(Manager, 1);
1033 if (!m)
1034 return -ENOMEM;
1035
1036 m->server_socket = m->clock_watch_fd = -1;
1037
1038 RATELIMIT_INIT(m->ratelimit, RATELIMIT_INTERVAL_USEC, RATELIMIT_BURST);
1039
1040 r = sd_event_default(&m->event);
1041 if (r < 0)
1042 return r;
1043
1044 sd_event_set_watchdog(m->event, true);
1045
1046 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
1047 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
1048
1049 r = sd_resolve_default(&m->resolve);
1050 if (r < 0)
1051 return r;
1052
1053 r = sd_resolve_attach_event(m->resolve, m->event, 0);
1054 if (r < 0)
1055 return r;
1056
1057 *ret = m;
1058 m = NULL;
1059
1060 return 0;
1061 }
1062
1063 static void manager_free(Manager *m) {
1064 if (!m)
1065 return;
1066
1067 manager_disconnect(m);
1068 manager_flush_names(m);
1069
1070 sd_event_source_unref(m->event_retry);
1071
1072 sd_event_source_unref(m->network_event_source);
1073 sd_network_monitor_unref(m->network_monitor);
1074
1075 sd_resolve_unref(m->resolve);
1076 sd_event_unref(m->event);
1077
1078 free(m);
1079 }
1080
1081 int config_parse_servers(
1082 const char *unit,
1083 const char *filename,
1084 unsigned line,
1085 const char *section,
1086 unsigned section_line,
1087 const char *lvalue,
1088 int ltype,
1089 const char *rvalue,
1090 void *data,
1091 void *userdata) {
1092
1093 Manager *m = userdata;
1094
1095 assert(filename);
1096 assert(lvalue);
1097 assert(rvalue);
1098
1099 manager_flush_names(m);
1100 manager_add_server_string(m, rvalue);
1101
1102 return 0;
1103 }
1104
1105 static int manager_parse_config_file(Manager *m) {
1106 return config_parse(NULL, "/etc/systemd/timesyncd.conf", NULL,
1107 "Time\0",
1108 config_item_perf_lookup, timesyncd_gperf_lookup,
1109 false, false, true, m);
1110 }
1111
1112 static bool network_is_online(void) {
1113 _cleanup_free_ char *state = NULL;
1114 int r;
1115
1116 r = sd_network_get_operational_state(&state);
1117 if (r >= 0 && STR_IN_SET(state, "routable", "degraded"))
1118 return true;
1119
1120 return false;
1121 }
1122
1123 static int manager_network_event_handler(sd_event_source *s, int fd, uint32_t revents,
1124 void *userdata) {
1125 Manager *m = userdata;
1126 bool connected, online;
1127 int r;
1128
1129 assert(m);
1130
1131 /* check if the machine is online */
1132 online = network_is_online();
1133
1134 /* check if the client is currently connected */
1135 connected = (m->server_socket != -1);
1136
1137 if (connected && !online) {
1138 log_info("No network connectivity, watching for changes.");
1139 manager_disconnect(m);
1140 } else if (!connected && online) {
1141 log_info("Network configuration changed, trying to establish connection.");
1142 if (m->current_server_address) {
1143 r = manager_begin(m);
1144 if (r < 0)
1145 return r;
1146 } else {
1147 r = manager_connect(m);
1148 if (r < 0)
1149 return r;
1150 }
1151 }
1152
1153 sd_network_monitor_flush(m->network_monitor);
1154
1155 return 0;
1156 }
1157
1158 static int manager_network_monitor_listen(Manager *m) {
1159 _cleanup_event_source_unref_ sd_event_source *event_source = NULL;
1160 _cleanup_network_monitor_unref_ sd_network_monitor *monitor = NULL;
1161 int r, fd, events;
1162
1163 r = sd_network_monitor_new(&monitor, NULL);
1164 if (r < 0)
1165 return r;
1166
1167 fd = sd_network_monitor_get_fd(monitor);
1168 if (fd < 0)
1169 return fd;
1170
1171 events = sd_network_monitor_get_events(monitor);
1172 if (events < 0)
1173 return events;
1174
1175 r = sd_event_add_io(m->event, &event_source, fd, events,
1176 &manager_network_event_handler, m);
1177 if (r < 0)
1178 return r;
1179
1180 m->network_monitor = monitor;
1181 m->network_event_source = event_source;
1182 monitor = NULL;
1183 event_source = NULL;
1184
1185 return 0;
1186 }
1187
1188 int main(int argc, char *argv[]) {
1189 const char *user = "systemd-timesync";
1190 _cleanup_manager_free_ Manager *m = NULL;
1191 uid_t uid;
1192 gid_t gid;
1193 int r;
1194
1195 if (argc > 1) {
1196 log_error("This program does not take arguments.");
1197 return EXIT_FAILURE;
1198 }
1199
1200 log_set_target(LOG_TARGET_AUTO);
1201 log_set_facility(LOG_CRON);
1202 log_parse_environment();
1203 log_open();
1204
1205 umask(0022);
1206
1207 r = get_user_creds(&user, &uid, &gid, NULL, NULL);
1208 if (r < 0) {
1209 log_error("Cannot resolve user name %s: %s", user, strerror(-r));
1210 return r;
1211 }
1212
1213 r = load_clock_timestamp(uid, gid);
1214 if (r < 0)
1215 goto out;
1216
1217 r = drop_privileges(uid, gid, (1ULL << CAP_SYS_TIME));
1218 if (r < 0)
1219 goto out;
1220
1221 assert_se(sigprocmask_many(SIG_BLOCK, SIGTERM, SIGINT, -1) == 0);
1222
1223 r = manager_new(&m);
1224 if (r < 0) {
1225 log_error("Failed to allocate manager: %s", strerror(-r));
1226 goto out;
1227 }
1228
1229 if (clock_is_localtime() > 0) {
1230 log_info("The system is configured to read the RTC time in the local time zone. "
1231 "This mode can not be fully supported. All system time to RTC updates are disabled.");
1232 m->rtc_local_time = true;
1233 }
1234
1235 manager_add_server_string(m, NTP_SERVERS);
1236 manager_parse_config_file(m);
1237
1238 r = manager_network_monitor_listen(m);
1239 if (r < 0) {
1240 log_error("Failed to listen to networkd events: %s", strerror(-r));
1241 goto out;
1242 }
1243
1244 log_debug("systemd-timesyncd running as pid %lu", (unsigned long) getpid());
1245 sd_notify(false, "READY=1");
1246
1247 if (network_is_online()) {
1248 r = manager_connect(m);
1249 if (r < 0)
1250 goto out;
1251 }
1252
1253 r = sd_event_loop(m->event);
1254 if (r < 0) {
1255 log_error("Failed to run event loop: %s", strerror(-r));
1256 goto out;
1257 }
1258
1259 sd_event_get_exit_code(m->event, &r);
1260
1261 /* if we got an authoritative time, store it in the file system */
1262 if (m->sync)
1263 touch("/var/lib/systemd/clock");
1264
1265 out:
1266 sd_notify(false, "STATUS=Shutting down...");
1267
1268 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
1269 }
Unnamed repository; edit this file 'description' to name the repository.