]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/timesync/timesyncd.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
timesyncd: split privilege dropping code out of timesyncd so that we can make use...
[thirdparty/systemd.git] / src / timesync / timesyncd.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2014 Kay Sievers, Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <stdlib.h>
23 #include <errno.h>
24 #include <fcntl.h>
25 #include <unistd.h>
26 #include <string.h>
27 #include <time.h>
28 #include <math.h>
29 #include <arpa/inet.h>
30 #include <netinet/in.h>
31 #include <netinet/ip.h>
32 #include <sys/timerfd.h>
33 #include <sys/timex.h>
34 #include <sys/socket.h>
35 #include <resolv.h>
36 #include <sys/prctl.h>
37 #include <sys/types.h>
38 #include <grp.h>
39
40 #include "missing.h"
41 #include "util.h"
42 #include "sparse-endian.h"
43 #include "log.h"
44 #include "socket-util.h"
45 #include "list.h"
46 #include "ratelimit.h"
47 #include "strv.h"
48 #include "conf-parser.h"
49 #include "sd-event.h"
50 #include "sd-resolve.h"
51 #include "sd-daemon.h"
52 #include "sd-network.h"
53 #include "event-util.h"
54 #include "network-util.h"
55 #include "clock-util.h"
56 #include "capability.h"
57 #include "mkdir.h"
58 #include "timesyncd.h"
59
60 #define TIME_T_MAX (time_t)((1UL << ((sizeof(time_t) << 3) - 1)) - 1)
61
62 #ifndef ADJ_SETOFFSET
63 #define ADJ_SETOFFSET 0x0100 /* add 'time' to current time */
64 #endif
65
66 /* expected accuracy of time synchronization; used to adjust the poll interval */
67 #define NTP_ACCURACY_SEC 0.2
68
69 /*
70 * "A client MUST NOT under any conditions use a poll interval less
71 * than 15 seconds."
72 */
73 #define NTP_POLL_INTERVAL_MIN_SEC 32
74 #define NTP_POLL_INTERVAL_MAX_SEC 2048
75
76 /*
77 * Maximum delta in seconds which the system clock is gradually adjusted
78 * (slew) to approach the network time. Deltas larger that this are set by
79 * letting the system time jump. The kernel's limit for adjtime is 0.5s.
80 */
81 #define NTP_MAX_ADJUST 0.4
82
83 /* NTP protocol, packet header */
84 #define NTP_LEAP_PLUSSEC 1
85 #define NTP_LEAP_MINUSSEC 2
86 #define NTP_LEAP_NOTINSYNC 3
87 #define NTP_MODE_CLIENT 3
88 #define NTP_MODE_SERVER 4
89 #define NTP_FIELD_LEAP(f) (((f) >> 6) & 3)
90 #define NTP_FIELD_VERSION(f) (((f) >> 3) & 7)
91 #define NTP_FIELD_MODE(f) ((f) & 7)
92 #define NTP_FIELD(l, v, m) (((l) << 6) | ((v) << 3) | (m))
93
94 /*
95 * "NTP timestamps are represented as a 64-bit unsigned fixed-point number,
96 * in seconds relative to 0h on 1 January 1900."
97 */
98 #define OFFSET_1900_1970 2208988800UL
99
100 #define RETRY_USEC (30*USEC_PER_SEC)
101 #define RATELIMIT_INTERVAL_USEC (10*USEC_PER_SEC)
102 #define RATELIMIT_BURST 10
103
104 #define TIMEOUT_USEC (10*USEC_PER_SEC)
105
106 struct ntp_ts {
107 be32_t sec;
108 be32_t frac;
109 } _packed_;
110
111 struct ntp_ts_short {
112 be16_t sec;
113 be16_t frac;
114 } _packed_;
115
116 struct ntp_msg {
117 uint8_t field;
118 uint8_t stratum;
119 int8_t poll;
120 int8_t precision;
121 struct ntp_ts_short root_delay;
122 struct ntp_ts_short root_dispersion;
123 char refid[4];
124 struct ntp_ts reference_time;
125 struct ntp_ts origin_time;
126 struct ntp_ts recv_time;
127 struct ntp_ts trans_time;
128 } _packed_;
129
130 static void manager_free(Manager *m);
131 DEFINE_TRIVIAL_CLEANUP_FUNC(Manager*, manager_free);
132 #define _cleanup_manager_free_ _cleanup_(manager_freep)
133
134 static int manager_arm_timer(Manager *m, usec_t next);
135 static int manager_clock_watch_setup(Manager *m);
136 static int manager_connect(Manager *m);
137 static void manager_disconnect(Manager *m);
138
139 static double ntp_ts_to_d(const struct ntp_ts *ts) {
140 return be32toh(ts->sec) + ((double)be32toh(ts->frac) / UINT_MAX);
141 }
142
143 static double ts_to_d(const struct timespec *ts) {
144 return ts->tv_sec + (1.0e-9 * ts->tv_nsec);
145 }
146
147 static double tv_to_d(const struct timeval *tv) {
148 return tv->tv_sec + (1.0e-6 * tv->tv_usec);
149 }
150
151 static double square(double d) {
152 return d * d;
153 }
154
155 static int load_clock_timestamp(uid_t uid, gid_t gid) {
156 _cleanup_close_ int fd = -1;
157 usec_t min = TIME_EPOCH * USEC_PER_SEC;
158 usec_t ct;
159 int r;
160
161 /* Let's try to make sure that the clock is always
162 * monotonically increasing, by saving the clock whenever we
163 * have a new NTP time, or when we shut down, and restoring it
164 * when we start again. This is particularly helpful on
165 * systems lacking a battery backed RTC. We also will adjust
166 * the time to at least the build time of systemd. */
167
168 fd = open("/var/lib/systemd/clock", O_RDWR|O_CLOEXEC, 0644);
169 if (fd >= 0) {
170 struct stat st;
171 usec_t stamp;
172
173 /* check if the recorded time is later than the compiled-in one */
174 r = fstat(fd, &st);
175 if (r >= 0) {
176 stamp = timespec_load(&st.st_mtim);
177 if (stamp > min)
178 min = stamp;
179 }
180
181 /* Try to fix the access mode, so that we can still
182 touch the file after dropping priviliges */
183 fchmod(fd, 0644);
184 fchown(fd, uid, gid);
185
186 } else
187 /* create stamp file with the compiled-in date */
188 touch_file("/var/lib/systemd/clock", true, min, uid, gid, 0644);
189
190 ct = now(CLOCK_REALTIME);
191 if (ct < min) {
192 struct timespec ts;
193 char date[FORMAT_TIMESTAMP_MAX];
194
195 log_info("System clock time unset or jumped backwards, restoring from recorded timestamp: %s",
196 format_timestamp(date, sizeof(date), min));
197
198 if (clock_settime(CLOCK_REALTIME, timespec_store(&ts, min)) < 0)
199 log_error("Failed to restore system clock: %m");
200 }
201
202 return 0;
203 }
204
205 static int manager_timeout(sd_event_source *source, usec_t usec, void *userdata) {
206 _cleanup_free_ char *pretty = NULL;
207 Manager *m = userdata;
208
209 assert(m);
210 assert(m->current_server_name);
211 assert(m->current_server_address);
212
213 sockaddr_pretty(&m->current_server_address->sockaddr.sa, m->current_server_address->socklen, true, &pretty);
214 log_info("Timed out waiting for reply from %s (%s).", strna(pretty), m->current_server_name->string);
215
216 return manager_connect(m);
217 }
218
219 static int manager_send_request(Manager *m) {
220 _cleanup_free_ char *pretty = NULL;
221 struct ntp_msg ntpmsg = {
222 /*
223 * "The client initializes the NTP message header, sends the request
224 * to the server, and strips the time of day from the Transmit
225 * Timestamp field of the reply. For this purpose, all the NTP
226 * header fields are set to 0, except the Mode, VN, and optional
227 * Transmit Timestamp fields."
228 */
229 .field = NTP_FIELD(0, 4, NTP_MODE_CLIENT),
230 };
231 ssize_t len;
232 int r;
233
234 assert(m);
235 assert(m->current_server_name);
236 assert(m->current_server_address);
237
238 m->event_timeout = sd_event_source_unref(m->event_timeout);
239
240 /*
241 * Set transmit timestamp, remember it; the server will send that back
242 * as the origin timestamp and we have an indication that this is the
243 * matching answer to our request.
244 *
245 * The actual value does not matter, We do not care about the correct
246 * NTP UINT_MAX fraction; we just pass the plain nanosecond value.
247 */
248 assert_se(clock_gettime(CLOCK_MONOTONIC, &m->trans_time_mon) >= 0);
249 assert_se(clock_gettime(CLOCK_REALTIME, &m->trans_time) >= 0);
250 ntpmsg.trans_time.sec = htobe32(m->trans_time.tv_sec + OFFSET_1900_1970);
251 ntpmsg.trans_time.frac = htobe32(m->trans_time.tv_nsec);
252
253 sockaddr_pretty(&m->current_server_address->sockaddr.sa, m->current_server_address->socklen, true, &pretty);
254
255 len = sendto(m->server_socket, &ntpmsg, sizeof(ntpmsg), MSG_DONTWAIT, &m->current_server_address->sockaddr.sa, m->current_server_address->socklen);
256 if (len == sizeof(ntpmsg)) {
257 m->pending = true;
258 log_debug("Sent NTP request to %s (%s).", strna(pretty), m->current_server_name->string);
259 } else {
260 log_debug("Sending NTP request to %s (%s) failed: %m", strna(pretty), m->current_server_name->string);
261 return manager_connect(m);
262 }
263
264 /* re-arm timer with increasing timeout, in case the packets never arrive back */
265 if (m->retry_interval > 0) {
266 if (m->retry_interval < NTP_POLL_INTERVAL_MAX_SEC * USEC_PER_SEC)
267 m->retry_interval *= 2;
268 } else
269 m->retry_interval = NTP_POLL_INTERVAL_MIN_SEC * USEC_PER_SEC;
270
271 r = manager_arm_timer(m, m->retry_interval);
272 if (r < 0) {
273 log_error("Failed to rearm timer: %s", strerror(-r));
274 return r;
275 }
276
277 r = sd_event_add_time(
278 m->event,
279 &m->event_timeout,
280 CLOCK_MONOTONIC,
281 now(CLOCK_MONOTONIC) + TIMEOUT_USEC, 0,
282 manager_timeout, m);
283 if (r < 0) {
284 log_error("Failed to arm timeout timer: %s", strerror(-r));
285 return r;
286 }
287
288 return 0;
289 }
290
291 static int manager_timer(sd_event_source *source, usec_t usec, void *userdata) {
292 Manager *m = userdata;
293
294 assert(m);
295
296 return manager_send_request(m);
297 }
298
299 static int manager_arm_timer(Manager *m, usec_t next) {
300 int r;
301
302 assert(m);
303 assert(m->event_receive);
304
305 if (next == 0) {
306 m->event_timer = sd_event_source_unref(m->event_timer);
307 return 0;
308 }
309
310 if (m->event_timer) {
311 r = sd_event_source_set_time(m->event_timer, now(CLOCK_MONOTONIC) + next);
312 if (r < 0)
313 return r;
314
315 return sd_event_source_set_enabled(m->event_timer, SD_EVENT_ONESHOT);
316 }
317
318 return sd_event_add_time(
319 m->event,
320 &m->event_timer,
321 CLOCK_MONOTONIC,
322 now(CLOCK_MONOTONIC) + next, 0,
323 manager_timer, m);
324 }
325
326 static int manager_clock_watch(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
327 Manager *m = userdata;
328
329 assert(m);
330
331 /* rearm timer */
332 manager_clock_watch_setup(m);
333
334 /* skip our own jumps */
335 if (m->jumped) {
336 m->jumped = false;
337 return 0;
338 }
339
340 /* resync */
341 log_info("System time changed. Resyncing.");
342 m->poll_resync = true;
343 return manager_send_request(m);
344 }
345
346 /* wake up when the system time changes underneath us */
347 static int manager_clock_watch_setup(Manager *m) {
348
349 struct itimerspec its = {
350 .it_value.tv_sec = TIME_T_MAX
351 };
352
353 int r;
354
355 assert(m);
356
357 m->event_clock_watch = sd_event_source_unref(m->event_clock_watch);
358 safe_close(m->clock_watch_fd);
359
360 m->clock_watch_fd = timerfd_create(CLOCK_REALTIME, TFD_NONBLOCK|TFD_CLOEXEC);
361 if (m->clock_watch_fd < 0) {
362 log_error("Failed to create timerfd: %m");
363 return -errno;
364 }
365
366 if (timerfd_settime(m->clock_watch_fd, TFD_TIMER_ABSTIME|TFD_TIMER_CANCEL_ON_SET, &its, NULL) < 0) {
367 log_error("Failed to set up timerfd: %m");
368 return -errno;
369 }
370
371 r = sd_event_add_io(m->event, &m->event_clock_watch, m->clock_watch_fd, EPOLLIN, manager_clock_watch, m);
372 if (r < 0) {
373 log_error("Failed to create clock watch event source: %s", strerror(-r));
374 return r;
375 }
376
377 return 0;
378 }
379
380 static int manager_adjust_clock(Manager *m, double offset, int leap_sec) {
381 struct timex tmx = {};
382 int r;
383
384 assert(m);
385
386 /*
387 * For small deltas, tell the kernel to gradually adjust the system
388 * clock to the NTP time, larger deltas are just directly set.
389 *
390 * Clear STA_UNSYNC, it will enable the kernel's 11-minute mode, which
391 * syncs the system time periodically to the hardware clock.
392 */
393 if (fabs(offset) < NTP_MAX_ADJUST) {
394 tmx.modes = ADJ_STATUS | ADJ_NANO | ADJ_OFFSET | ADJ_TIMECONST | ADJ_MAXERROR | ADJ_ESTERROR;
395 tmx.status = STA_PLL;
396 tmx.offset = offset * NSEC_PER_SEC;
397 tmx.constant = log2i(m->poll_interval_usec / USEC_PER_SEC) - 4;
398 tmx.maxerror = 0;
399 tmx.esterror = 0;
400 log_debug(" adjust (slew): %+.3f sec\n", offset);
401 } else {
402 tmx.modes = ADJ_SETOFFSET | ADJ_NANO;
403
404 /* ADJ_NANO uses nanoseconds in the microseconds field */
405 tmx.time.tv_sec = (long)offset;
406 tmx.time.tv_usec = (offset - tmx.time.tv_sec) * NSEC_PER_SEC;
407
408 /* the kernel expects -0.3s as {-1, 7000.000.000} */
409 if (tmx.time.tv_usec < 0) {
410 tmx.time.tv_sec -= 1;
411 tmx.time.tv_usec += NSEC_PER_SEC;
412 }
413
414 m->jumped = true;
415 log_debug(" adjust (jump): %+.3f sec\n", offset);
416 }
417
418 switch (leap_sec) {
419 case 1:
420 tmx.status |= STA_INS;
421 break;
422 case -1:
423 tmx.status |= STA_DEL;
424 break;
425 }
426
427 r = clock_adjtime(CLOCK_REALTIME, &tmx);
428 if (r < 0)
429 return r;
430
431 touch("/var/lib/systemd/clock");
432
433 m->drift_ppm = tmx.freq / 65536;
434
435 log_debug(" status : %04i %s\n"
436 " time now : %li.%03llu\n"
437 " constant : %li\n"
438 " offset : %+.3f sec\n"
439 " freq offset : %+li (%i ppm)\n",
440 tmx.status, tmx.status & STA_UNSYNC ? "" : "sync",
441 tmx.time.tv_sec, (unsigned long long) (tmx.time.tv_usec / NSEC_PER_MSEC),
442 tmx.constant,
443 (double)tmx.offset / NSEC_PER_SEC,
444 tmx.freq, m->drift_ppm);
445
446 return 0;
447 }
448
449 static bool manager_sample_spike_detection(Manager *m, double offset, double delay) {
450 unsigned int i, idx_cur, idx_new, idx_min;
451 double jitter;
452 double j;
453
454 assert(m);
455
456 m->packet_count++;
457
458 /* ignore initial sample */
459 if (m->packet_count == 1)
460 return false;
461
462 /* store the current data in our samples array */
463 idx_cur = m->samples_idx;
464 idx_new = (idx_cur + 1) % ELEMENTSOF(m->samples);
465 m->samples_idx = idx_new;
466 m->samples[idx_new].offset = offset;
467 m->samples[idx_new].delay = delay;
468
469 /* calculate new jitter value from the RMS differences relative to the lowest delay sample */
470 jitter = m->samples_jitter;
471 for (idx_min = idx_cur, i = 0; i < ELEMENTSOF(m->samples); i++)
472 if (m->samples[i].delay > 0 && m->samples[i].delay < m->samples[idx_min].delay)
473 idx_min = i;
474
475 j = 0;
476 for (i = 0; i < ELEMENTSOF(m->samples); i++)
477 j += square(m->samples[i].offset - m->samples[idx_min].offset);
478 m->samples_jitter = sqrt(j / (ELEMENTSOF(m->samples) - 1));
479
480 /* ignore samples when resyncing */
481 if (m->poll_resync)
482 return false;
483
484 /* always accept offset if we are farther off than the round-trip delay */
485 if (fabs(offset) > delay)
486 return false;
487
488 /* we need a few samples before looking at them */
489 if (m->packet_count < 4)
490 return false;
491
492 /* do not accept anything worse than the maximum possible error of the best sample */
493 if (fabs(offset) > m->samples[idx_min].delay)
494 return true;
495
496 /* compare the difference between the current offset to the previous offset and jitter */
497 return fabs(offset - m->samples[idx_cur].offset) > 3 * jitter;
498 }
499
500 static void manager_adjust_poll(Manager *m, double offset, bool spike) {
501 assert(m);
502
503 if (m->poll_resync) {
504 m->poll_interval_usec = NTP_POLL_INTERVAL_MIN_SEC * USEC_PER_SEC;
505 m->poll_resync = false;
506 return;
507 }
508
509 /* set to minimal poll interval */
510 if (!spike && fabs(offset) > NTP_ACCURACY_SEC) {
511 m->poll_interval_usec = NTP_POLL_INTERVAL_MIN_SEC * USEC_PER_SEC;
512 return;
513 }
514
515 /* increase polling interval */
516 if (fabs(offset) < NTP_ACCURACY_SEC * 0.25) {
517 if (m->poll_interval_usec < NTP_POLL_INTERVAL_MAX_SEC * USEC_PER_SEC)
518 m->poll_interval_usec *= 2;
519 return;
520 }
521
522 /* decrease polling interval */
523 if (spike || fabs(offset) > NTP_ACCURACY_SEC * 0.75) {
524 if (m->poll_interval_usec > NTP_POLL_INTERVAL_MIN_SEC * USEC_PER_SEC)
525 m->poll_interval_usec /= 2;
526 return;
527 }
528 }
529
530 static bool sockaddr_equal(union sockaddr_union *a, union sockaddr_union *b) {
531 assert(a);
532 assert(b);
533
534 if (a->sa.sa_family != b->sa.sa_family)
535 return false;
536
537 if (a->sa.sa_family == AF_INET)
538 return a->in.sin_addr.s_addr == b->in.sin_addr.s_addr;
539
540 if (a->sa.sa_family == AF_INET6)
541 return memcmp(&a->in6.sin6_addr, &b->in6.sin6_addr, sizeof(a->in6.sin6_addr)) == 0;
542
543 return false;
544 }
545
546 static int manager_receive_response(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
547 Manager *m = userdata;
548 struct ntp_msg ntpmsg;
549
550 struct iovec iov = {
551 .iov_base = &ntpmsg,
552 .iov_len = sizeof(ntpmsg),
553 };
554 union {
555 struct cmsghdr cmsghdr;
556 uint8_t buf[CMSG_SPACE(sizeof(struct timeval))];
557 } control;
558 union sockaddr_union server_addr;
559 struct msghdr msghdr = {
560 .msg_iov = &iov,
561 .msg_iovlen = 1,
562 .msg_control = &control,
563 .msg_controllen = sizeof(control),
564 .msg_name = &server_addr,
565 .msg_namelen = sizeof(server_addr),
566 };
567 struct cmsghdr *cmsg;
568 struct timespec now_ts;
569 struct timeval *recv_time;
570 ssize_t len;
571 double origin, receive, trans, dest;
572 double delay, offset;
573 bool spike;
574 int leap_sec;
575 int r;
576
577 assert(source);
578 assert(m);
579
580 if (revents & (EPOLLHUP|EPOLLERR)) {
581 log_warning("Server connection returned error.");
582 return manager_connect(m);
583 }
584
585 len = recvmsg(fd, &msghdr, MSG_DONTWAIT);
586 if (len < 0) {
587 if (errno == EAGAIN)
588 return 0;
589
590 log_warning("Error receiving message. Disconnecting.");
591 return manager_connect(m);
592 }
593
594 if (iov.iov_len < sizeof(struct ntp_msg)) {
595 log_warning("Invalid response from server. Disconnecting.");
596 return manager_connect(m);
597 }
598
599 if (!m->current_server_name ||
600 !m->current_server_address ||
601 !sockaddr_equal(&server_addr, &m->current_server_address->sockaddr)) {
602 log_debug("Response from unknown server.");
603 return 0;
604 }
605
606 recv_time = NULL;
607 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
608 if (cmsg->cmsg_level != SOL_SOCKET)
609 continue;
610
611 switch (cmsg->cmsg_type) {
612 case SCM_TIMESTAMP:
613 recv_time = (struct timeval *) CMSG_DATA(cmsg);
614 break;
615 }
616 }
617 if (!recv_time) {
618 log_error("Invalid packet timestamp.");
619 return -EINVAL;
620 }
621
622 if (!m->pending) {
623 log_debug("Unexpected reply. Ignoring.");
624 return 0;
625 }
626
627 /* check our "time cookie" (we just stored nanoseconds in the fraction field) */
628 if (be32toh(ntpmsg.origin_time.sec) != m->trans_time.tv_sec + OFFSET_1900_1970 ||
629 be32toh(ntpmsg.origin_time.frac) != m->trans_time.tv_nsec) {
630 log_debug("Invalid reply; not our transmit time. Ignoring.");
631 return 0;
632 }
633
634 m->event_timeout = sd_event_source_unref(m->event_timeout);
635
636 if (be32toh(ntpmsg.recv_time.sec) < TIME_EPOCH + OFFSET_1900_1970 ||
637 be32toh(ntpmsg.trans_time.sec) < TIME_EPOCH + OFFSET_1900_1970) {
638 log_debug("Invalid reply, returned times before epoch. Ignoring.");
639 return manager_connect(m);
640 }
641
642 if (NTP_FIELD_LEAP(ntpmsg.field) == NTP_LEAP_NOTINSYNC) {
643 log_debug("Server is not synchronized. Disconnecting.");
644 return manager_connect(m);
645 }
646
647 if (!IN_SET(NTP_FIELD_VERSION(ntpmsg.field), 3, 4)) {
648 log_debug("Response NTPv%d. Disconnecting.", NTP_FIELD_VERSION(ntpmsg.field));
649 return manager_connect(m);
650 }
651
652 if (NTP_FIELD_MODE(ntpmsg.field) != NTP_MODE_SERVER) {
653 log_debug("Unsupported mode %d. Disconnecting.", NTP_FIELD_MODE(ntpmsg.field));
654 return manager_connect(m);
655 }
656
657 /* valid packet */
658 m->pending = false;
659 m->retry_interval = 0;
660
661 /* announce leap seconds */
662 if (NTP_FIELD_LEAP(ntpmsg.field) & NTP_LEAP_PLUSSEC)
663 leap_sec = 1;
664 else if (NTP_FIELD_LEAP(ntpmsg.field) & NTP_LEAP_MINUSSEC)
665 leap_sec = -1;
666 else
667 leap_sec = 0;
668
669 /*
670 * "Timestamp Name ID When Generated
671 * ------------------------------------------------------------
672 * Originate Timestamp T1 time request sent by client
673 * Receive Timestamp T2 time request received by server
674 * Transmit Timestamp T3 time reply sent by server
675 * Destination Timestamp T4 time reply received by client
676 *
677 * The round-trip delay, d, and system clock offset, t, are defined as:
678 * d = (T4 - T1) - (T3 - T2) t = ((T2 - T1) + (T3 - T4)) / 2"
679 */
680 assert_se(clock_gettime(CLOCK_MONOTONIC, &now_ts) >= 0);
681 origin = tv_to_d(recv_time) - (ts_to_d(&now_ts) - ts_to_d(&m->trans_time_mon)) + OFFSET_1900_1970;
682 receive = ntp_ts_to_d(&ntpmsg.recv_time);
683 trans = ntp_ts_to_d(&ntpmsg.trans_time);
684 dest = tv_to_d(recv_time) + OFFSET_1900_1970;
685
686 offset = ((receive - origin) + (trans - dest)) / 2;
687 delay = (dest - origin) - (trans - receive);
688
689 spike = manager_sample_spike_detection(m, offset, delay);
690
691 manager_adjust_poll(m, offset, spike);
692
693 log_debug("NTP response:\n"
694 " leap : %u\n"
695 " version : %u\n"
696 " mode : %u\n"
697 " stratum : %u\n"
698 " precision : %.6f sec (%d)\n"
699 " reference : %.4s\n"
700 " origin : %.3f\n"
701 " receive : %.3f\n"
702 " transmit : %.3f\n"
703 " dest : %.3f\n"
704 " offset : %+.3f sec\n"
705 " delay : %+.3f sec\n"
706 " packet count : %"PRIu64"\n"
707 " jitter : %.3f%s\n"
708 " poll interval: " USEC_FMT "\n",
709 NTP_FIELD_LEAP(ntpmsg.field),
710 NTP_FIELD_VERSION(ntpmsg.field),
711 NTP_FIELD_MODE(ntpmsg.field),
712 ntpmsg.stratum,
713 exp2(ntpmsg.precision), ntpmsg.precision,
714 ntpmsg.stratum == 1 ? ntpmsg.refid : "n/a",
715 origin - OFFSET_1900_1970,
716 receive - OFFSET_1900_1970,
717 trans - OFFSET_1900_1970,
718 dest - OFFSET_1900_1970,
719 offset, delay,
720 m->packet_count,
721 m->samples_jitter, spike ? " spike" : "",
722 m->poll_interval_usec / USEC_PER_SEC);
723
724 if (!spike) {
725 m->sync = true;
726 r = manager_adjust_clock(m, offset, leap_sec);
727 if (r < 0)
728 log_error("Failed to call clock_adjtime(): %m");
729 }
730
731 log_info("interval/delta/delay/jitter/drift " USEC_FMT "s/%+.3fs/%.3fs/%.3fs/%+ippm%s",
732 m->poll_interval_usec / USEC_PER_SEC, offset, delay, m->samples_jitter, m->drift_ppm,
733 spike ? " (ignored)" : "");
734
735 r = manager_arm_timer(m, m->poll_interval_usec);
736 if (r < 0) {
737 log_error("Failed to rearm timer: %s", strerror(-r));
738 return r;
739 }
740
741 return 0;
742 }
743
744 static int manager_listen_setup(Manager *m) {
745 union sockaddr_union addr = {};
746 static const int tos = IPTOS_LOWDELAY;
747 static const int on = 1;
748 int r;
749
750 assert(m);
751
752 assert(m->server_socket < 0);
753 assert(!m->event_receive);
754 assert(m->current_server_address);
755
756 addr.sa.sa_family = m->current_server_address->sockaddr.sa.sa_family;
757
758 m->server_socket = socket(addr.sa.sa_family, SOCK_DGRAM | SOCK_CLOEXEC, 0);
759 if (m->server_socket < 0)
760 return -errno;
761
762 r = bind(m->server_socket, &addr.sa, m->current_server_address->socklen);
763 if (r < 0)
764 return -errno;
765
766 r = setsockopt(m->server_socket, SOL_SOCKET, SO_TIMESTAMP, &on, sizeof(on));
767 if (r < 0)
768 return -errno;
769
770 setsockopt(m->server_socket, IPPROTO_IP, IP_TOS, &tos, sizeof(tos));
771
772 return sd_event_add_io(m->event, &m->event_receive, m->server_socket, EPOLLIN, manager_receive_response, m);
773 }
774
775 static int manager_begin(Manager *m) {
776 _cleanup_free_ char *pretty = NULL;
777 int r;
778
779 assert(m);
780 assert_return(m->current_server_name, -EHOSTUNREACH);
781 assert_return(m->current_server_address, -EHOSTUNREACH);
782
783 m->poll_interval_usec = NTP_POLL_INTERVAL_MIN_SEC * USEC_PER_SEC;
784
785 sockaddr_pretty(&m->current_server_address->sockaddr.sa, m->current_server_address->socklen, true, &pretty);
786 log_info("Using NTP server %s (%s).", strna(pretty), m->current_server_name->string);
787 sd_notifyf(false, "STATUS=Using Time Server %s (%s).", strna(pretty), m->current_server_name->string);
788
789 r = manager_listen_setup(m);
790 if (r < 0) {
791 log_warning("Failed to setup connection socket: %s", strerror(-r));
792 return r;
793 }
794
795 r = manager_clock_watch_setup(m);
796 if (r < 0)
797 return r;
798
799 return manager_send_request(m);
800 }
801
802 static void server_name_flush_addresses(ServerName *n) {
803 ServerAddress *a;
804
805 assert(n);
806
807 while ((a = n->addresses)) {
808 LIST_REMOVE(addresses, n->addresses, a);
809 free(a);
810 }
811 }
812
813 static void manager_flush_names(Manager *m) {
814 ServerName *n;
815
816 assert(m);
817
818 while ((n = m->servers)) {
819 LIST_REMOVE(names, m->servers, n);
820 free(n->string);
821 server_name_flush_addresses(n);
822 free(n);
823 }
824 }
825
826 static int manager_resolve_handler(sd_resolve_query *q, int ret, const struct addrinfo *ai, void *userdata) {
827 Manager *m = userdata;
828 ServerAddress *a, *last = NULL;
829
830 assert(q);
831 assert(m);
832 assert(m->current_server_name);
833
834 m->resolve_query = sd_resolve_query_unref(m->resolve_query);
835
836 if (ret != 0) {
837 log_debug("Failed to resolve %s: %s", m->current_server_name->string, gai_strerror(ret));
838
839 /* Try next host */
840 return manager_connect(m);
841 }
842
843 server_name_flush_addresses(m->current_server_name);
844
845 for (; ai; ai = ai->ai_next) {
846 _cleanup_free_ char *pretty = NULL;
847
848 assert(ai->ai_addr);
849 assert(ai->ai_addrlen >= offsetof(struct sockaddr, sa_data));
850 assert(ai->ai_addrlen <= sizeof(union sockaddr_union));
851
852 if (!IN_SET(ai->ai_addr->sa_family, AF_INET, AF_INET6)) {
853 log_warning("Unsuitable address protocol for %s", m->current_server_name->string);
854 continue;
855 }
856
857 a = new0(ServerAddress, 1);
858 if (!a)
859 return log_oom();
860
861 memcpy(&a->sockaddr, ai->ai_addr, ai->ai_addrlen);
862 a->socklen = ai->ai_addrlen;
863
864 LIST_INSERT_AFTER(addresses, m->current_server_name->addresses, last, a);
865 last = a;
866
867 sockaddr_pretty(&a->sockaddr.sa, a->socklen, true, &pretty);
868 log_debug("Resolved address %s for %s.", pretty, m->current_server_name->string);
869 }
870
871 if (!m->current_server_name->addresses) {
872 log_error("Failed to find suitable address for host %s.", m->current_server_name->string);
873
874 /* Try next host */
875 return manager_connect(m);
876 }
877
878 m->current_server_address = m->current_server_name->addresses;
879
880 return manager_begin(m);
881 }
882
883 static int manager_retry(sd_event_source *source, usec_t usec, void *userdata) {
884 Manager *m = userdata;
885
886 assert(m);
887
888 return manager_connect(m);
889 }
890
891 static int manager_connect(Manager *m) {
892
893 struct addrinfo hints = {
894 .ai_flags = AI_NUMERICSERV|AI_ADDRCONFIG,
895 .ai_socktype = SOCK_DGRAM,
896 };
897 int r;
898
899 assert(m);
900
901 manager_disconnect(m);
902
903 m->event_retry = sd_event_source_unref(m->event_retry);
904 if (!ratelimit_test(&m->ratelimit)) {
905 log_debug("Slowing down attempts to contact servers.");
906
907 r = sd_event_add_time(m->event, &m->event_retry, CLOCK_MONOTONIC, now(CLOCK_MONOTONIC) + RETRY_USEC, 0, manager_retry, m);
908 if (r < 0) {
909 log_error("Failed to create retry timer: %s", strerror(-r));
910 return r;
911 }
912
913 return 0;
914 }
915
916 /* If we already are operating on some address, switch to the
917 * next one. */
918 if (m->current_server_address && m->current_server_address->addresses_next)
919 m->current_server_address = m->current_server_address->addresses_next;
920 else {
921 /* Hmm, we are through all addresses, let's look for the next host instead */
922 m->current_server_address = NULL;
923
924 if (m->current_server_name && m->current_server_name->names_next)
925 m->current_server_name = m->current_server_name->names_next;
926 else {
927 if (!m->servers) {
928 m->current_server_name = NULL;
929 log_debug("No server found.");
930 return 0;
931 }
932
933 m->current_server_name = m->servers;
934 }
935
936 /* Tell the resolver to reread /etc/resolv.conf, in
937 * case it changed. */
938 res_init();
939
940 r = sd_resolve_getaddrinfo(m->resolve, &m->resolve_query, m->current_server_name->string, "123", &hints, manager_resolve_handler, m);
941 if (r < 0) {
942 log_error("Failed to create resolver: %s", strerror(-r));
943 return r;
944 }
945
946 return 1;
947 }
948
949 r = manager_begin(m);
950 if (r < 0)
951 return r;
952
953 return 1;
954 }
955
956 static int manager_add_server(Manager *m, const char *server) {
957 ServerName *n, *tail;
958
959 assert(m);
960 assert(server);
961
962 n = new0(ServerName, 1);
963 if (!n)
964 return -ENOMEM;
965
966 n->string = strdup(server);
967 if (!n->string) {
968 free(n);
969 return -ENOMEM;
970 }
971
972 LIST_FIND_TAIL(names, m->servers, tail);
973 LIST_INSERT_AFTER(names, m->servers, tail, n);
974
975 return 0;
976 }
977
978 static int manager_add_server_string(Manager *m, const char *string) {
979 char *w, *state;
980 size_t l;
981 int r;
982
983 assert(m);
984 assert(string);
985
986 FOREACH_WORD_QUOTED(w, l, string, state) {
987 char t[l+1];
988
989 memcpy(t, w, l);
990 t[l] = 0;
991
992 r = manager_add_server(m, t);
993 if (r < 0)
994 log_error("Failed to add server %s to configuration, ignoring: %s", t, strerror(-r));
995 }
996
997 return 0;
998 }
999
1000 static void manager_disconnect(Manager *m) {
1001 assert(m);
1002
1003 m->resolve_query = sd_resolve_query_unref(m->resolve_query);
1004
1005 m->event_timer = sd_event_source_unref(m->event_timer);
1006
1007 m->event_receive = sd_event_source_unref(m->event_receive);
1008 m->server_socket = safe_close(m->server_socket);
1009
1010 m->event_clock_watch = sd_event_source_unref(m->event_clock_watch);
1011 m->clock_watch_fd = safe_close(m->clock_watch_fd);
1012
1013 m->event_timeout = sd_event_source_unref(m->event_timeout);
1014
1015 sd_notifyf(false, "STATUS=Idle.");
1016 }
1017
1018 static int manager_new(Manager **ret) {
1019 _cleanup_manager_free_ Manager *m = NULL;
1020 int r;
1021
1022 m = new0(Manager, 1);
1023 if (!m)
1024 return -ENOMEM;
1025
1026 m->server_socket = m->clock_watch_fd = -1;
1027
1028 RATELIMIT_INIT(m->ratelimit, RATELIMIT_INTERVAL_USEC, RATELIMIT_BURST);
1029
1030 r = sd_event_default(&m->event);
1031 if (r < 0)
1032 return r;
1033
1034 sd_event_set_watchdog(m->event, true);
1035
1036 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
1037 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
1038
1039 r = sd_resolve_default(&m->resolve);
1040 if (r < 0)
1041 return r;
1042
1043 r = sd_resolve_attach_event(m->resolve, m->event, 0);
1044 if (r < 0)
1045 return r;
1046
1047 r = manager_clock_watch_setup(m);
1048 if (r < 0)
1049 return r;
1050
1051 *ret = m;
1052 m = NULL;
1053
1054 return 0;
1055 }
1056
1057 static void manager_free(Manager *m) {
1058 if (!m)
1059 return;
1060
1061 manager_disconnect(m);
1062 manager_flush_names(m);
1063
1064 sd_event_source_unref(m->event_retry);
1065
1066 sd_event_source_unref(m->network_event_source);
1067 sd_network_monitor_unref(m->network_monitor);
1068
1069 sd_resolve_unref(m->resolve);
1070 sd_event_unref(m->event);
1071
1072 free(m);
1073 }
1074
1075 int config_parse_servers(
1076 const char *unit,
1077 const char *filename,
1078 unsigned line,
1079 const char *section,
1080 unsigned section_line,
1081 const char *lvalue,
1082 int ltype,
1083 const char *rvalue,
1084 void *data,
1085 void *userdata) {
1086
1087 Manager *m = userdata;
1088
1089 assert(filename);
1090 assert(lvalue);
1091 assert(rvalue);
1092
1093 manager_flush_names(m);
1094 manager_add_server_string(m, rvalue);
1095
1096 return 0;
1097 }
1098
1099 static int manager_parse_config_file(Manager *m) {
1100 static const char fn[] = "/etc/systemd/timesyncd.conf";
1101 _cleanup_fclose_ FILE *f = NULL;
1102 int r;
1103
1104 assert(m);
1105
1106 f = fopen(fn, "re");
1107 if (!f) {
1108 if (errno == ENOENT)
1109 return 0;
1110
1111 log_warning("Failed to open configuration file %s: %m", fn);
1112 return -errno;
1113 }
1114
1115 r = config_parse(NULL, fn, f, "Time\0", config_item_perf_lookup,
1116 (void*) timesyncd_gperf_lookup, false, false, m);
1117 if (r < 0)
1118 log_warning("Failed to parse configuration file: %s", strerror(-r));
1119
1120 return r;
1121 }
1122
1123 static bool network_is_online(void) {
1124 _cleanup_free_ char *state = NULL;
1125 int r;
1126
1127 r = sd_network_get_operational_state(&state);
1128 if (r >= 0 && STR_IN_SET(state, "routable", "degraded"))
1129 return true;
1130
1131 return false;
1132 }
1133
1134 static int manager_network_event_handler(sd_event_source *s, int fd, uint32_t revents,
1135 void *userdata) {
1136 Manager *m = userdata;
1137 bool connected, online;
1138 int r;
1139
1140 assert(m);
1141
1142 /* check if the machine is online */
1143 online = network_is_online();
1144
1145 /* check if the client is currently connected */
1146 connected = (m->server_socket != -1);
1147
1148 if (connected && !online) {
1149 log_info("No network connectivity, watching for changes.");
1150 manager_disconnect(m);
1151 } else if (!connected && online) {
1152 log_info("Network configuration changed, trying to establish connection.");
1153 if (m->current_server_address) {
1154 r = manager_begin(m);
1155 if (r < 0)
1156 return r;
1157 } else {
1158 r = manager_connect(m);
1159 if (r < 0)
1160 return r;
1161 }
1162 }
1163
1164 sd_network_monitor_flush(m->network_monitor);
1165
1166 return 0;
1167 }
1168
1169 static int manager_network_monitor_listen(Manager *m) {
1170 _cleanup_event_source_unref_ sd_event_source *event_source = NULL;
1171 _cleanup_network_monitor_unref_ sd_network_monitor *monitor = NULL;
1172 int r, fd, events;
1173
1174 r = sd_network_monitor_new(NULL, &monitor);
1175 if (r < 0)
1176 return r;
1177
1178 fd = sd_network_monitor_get_fd(monitor);
1179 if (fd < 0)
1180 return fd;
1181
1182 events = sd_network_monitor_get_events(monitor);
1183 if (events < 0)
1184 return events;
1185
1186 r = sd_event_add_io(m->event, &event_source, fd, events,
1187 &manager_network_event_handler, m);
1188 if (r < 0)
1189 return r;
1190
1191 m->network_monitor = monitor;
1192 m->network_event_source = event_source;
1193 monitor = NULL;
1194 event_source = NULL;
1195
1196 return 0;
1197 }
1198
1199 int main(int argc, char *argv[]) {
1200 const char *user = "systemd-timesync";
1201 _cleanup_manager_free_ Manager *m = NULL;
1202 uid_t uid;
1203 gid_t gid;
1204 int r;
1205
1206 if (argc > 1) {
1207 log_error("This program does not take arguments.");
1208 return EXIT_FAILURE;
1209 }
1210
1211 log_set_target(LOG_TARGET_AUTO);
1212 log_set_facility(LOG_CRON);
1213 log_parse_environment();
1214 log_open();
1215
1216 umask(0022);
1217
1218 r = get_user_creds(&user, &uid, &gid, NULL, NULL);
1219 if (r < 0) {
1220 log_error("Cannot resolve user name %s: %s", user, strerror(-r));
1221 return r;
1222 }
1223
1224 r = load_clock_timestamp(uid, gid);
1225 if (r < 0)
1226 goto out;
1227
1228 r = drop_privileges(uid, gid, (1ULL << CAP_SYS_TIME));
1229 if (r < 0)
1230 goto out;
1231
1232 assert_se(sigprocmask_many(SIG_BLOCK, SIGTERM, SIGINT, -1) == 0);
1233
1234 r = manager_new(&m);
1235 if (r < 0) {
1236 log_error("Failed to allocate manager: %s", strerror(-r));
1237 goto out;
1238 }
1239
1240 manager_add_server_string(m, NTP_SERVERS);
1241 manager_parse_config_file(m);
1242
1243 r = manager_network_monitor_listen(m);
1244 if (r < 0) {
1245 log_error("Failed to listen to networkd events: %s", strerror(-r));
1246 goto out;
1247 }
1248
1249 log_debug("systemd-timesyncd running as pid %lu", (unsigned long) getpid());
1250 sd_notify(false, "READY=1");
1251
1252 if (network_is_online()) {
1253 r = manager_connect(m);
1254 if (r < 0)
1255 goto out;
1256 }
1257
1258 r = sd_event_loop(m->event);
1259 if (r < 0) {
1260 log_error("Failed to run event loop: %s", strerror(-r));
1261 goto out;
1262 }
1263
1264 sd_event_get_exit_code(m->event, &r);
1265
1266 /* if we got an authoritative time, store it in the file system */
1267 if (m->sync)
1268 touch("/var/lib/systemd/clock");
1269
1270 out:
1271 sd_notify(false, "STATUS=Shutting down...");
1272
1273 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
1274 }
Unnamed repository; edit this file 'description' to name the repository.