From 016dfd7256ac425d185c75328b0e6b8fcceee96d Mon Sep 17 00:00:00 2001 From: otto <> Date: Sun, 10 Nov 2019 07:32:58 +0000 Subject: [PATCH] - validate sensor values against constraints - do not restart settime timeout interval if something happens in the main event loop - apply a tight loop protection; it can be painfull on a single core machine since the process runs at maximum priority. Should only happen when a bug is introduced while developing, but prevents having to machine taken over by ntpd. --- src/usr.sbin/ntpd/ntp.c | 7 ++++--- src/usr.sbin/ntpd/ntpd.c | 12 ++++++++---- src/usr.sbin/ntpd/sensors.c | 15 ++++++++++++++- 3 files changed, 26 insertions(+), 8 deletions(-) diff --git a/src/usr.sbin/ntpd/ntp.c b/src/usr.sbin/ntpd/ntp.c index 81274988..d8bb26e9 100644 --- a/src/usr.sbin/ntpd/ntp.c +++ b/src/usr.sbin/ntpd/ntp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ntp.c,v 1.159 2019/07/16 14:15:40 otto Exp $ */ +/* $OpenBSD: ntp.c,v 1.160 2019/11/10 07:32:58 otto Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer @@ -298,7 +298,8 @@ ntp_main(struct ntpd_conf *nconf, struct passwd *pw, int argc, char **argv) } idx_clients = i; - if (!TAILQ_EMPTY(&conf->ntp_conf_sensors)) { + if (!TAILQ_EMPTY(&conf->ntp_conf_sensors) && + (constraint_cnt == 0 || conf->constraint_median != 0)) { if (last_sensor_scan == 0 || last_sensor_scan + SENSOR_SCAN_INTERVAL <= getmonotime()) { sensors_cnt = sensor_scan(); @@ -346,7 +347,7 @@ ntp_main(struct ntpd_conf *nconf, struct passwd *pw, int argc, char **argv) if (timeout < 0) timeout = 0; - if ((nfds = poll(pfd, i, timeout * 1000)) == -1) + if ((nfds = poll(pfd, i, timeout ? timeout * 1000 : 1)) == -1) if (errno != EINTR) { log_warn("poll error"); ntp_quit = 1; diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c index ef1b43e1..e3bd30ab 100644 --- a/src/usr.sbin/ntpd/ntpd.c +++ b/src/usr.sbin/ntpd/ntpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ntpd.c,v 1.124 2019/06/28 13:32:49 deraadt Exp $ */ +/* $OpenBSD: ntpd.c,v 1.125 2019/11/10 07:32:58 otto Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer @@ -138,6 +138,7 @@ main(int argc, char *argv[]) int argc0 = argc, logdest; char **argv0 = argv; char *pname = NULL; + time_t settime_deadline; if (strcmp(__progname, "ntpctl") == 0) { ctl_main(argc, argv); @@ -240,8 +241,10 @@ main(int argc, char *argv[]) if (!lconf.debug) if (daemon(1, 0)) fatal("daemon"); - } else - timeout = SETTIME_TIMEOUT * 1000; + } else { + settime_deadline = getmonotime(); + timeout = 100; + } if (socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, PF_UNSPEC, pipe_chld) == -1) @@ -314,7 +317,8 @@ main(int argc, char *argv[]) quit = 1; } - if (nfds == 0 && lconf.settime) { + if (nfds == 0 && lconf.settime && + getmonotime() > settime_deadline + SETTIME_TIMEOUT) { lconf.settime = 0; timeout = INFTIM; log_init(logdest, lconf.verbose, LOG_DAEMON); diff --git a/src/usr.sbin/ntpd/sensors.c b/src/usr.sbin/ntpd/sensors.c index 6d137932..4ca9a554 100644 --- a/src/usr.sbin/ntpd/sensors.c +++ b/src/usr.sbin/ntpd/sensors.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sensors.c,v 1.52 2016/09/03 11:52:06 reyk Exp $ */ +/* $OpenBSD: sensors.c,v 1.53 2019/11/10 07:32:58 otto Exp $ */ /* * Copyright (c) 2006 Henning Brauer @@ -165,6 +165,7 @@ sensor_query(struct ntp_sensor *s) { char dxname[MAXDEVNAMLEN]; struct sensor sensor; + double sens_time; if (conf->settime) s->next = getmonotime() + SENSOR_QUERY_INTERVAL_SETTIME; @@ -193,6 +194,18 @@ sensor_query(struct ntp_sensor *s) return; s->last = sensor.tv.tv_sec; + + if (!TAILQ_EMPTY(&conf->constraints)) { + if (conf->constraint_median == 0) { + return; + } + sens_time = gettime() + (sensor.value / -1e9) + + (s->correction / 1e6); + if (constraint_check(sens_time) != 0) { + log_info("sensor %s: constraint check failed", s->device); + return; + } + } /* * TD = device time * TS = system time