From 7339dd1ece24aa0e9b8d6dc455482f0b7dacccc8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
 <marmarek@invisiblethingslab.com>
Date: Tue, 30 Sep 2014 03:29:58 +0200
Subject: [PATCH] Introduce qubes.SetDateTime service for time synchronization

It would be called by qvm-sync-clock instead of 'date' directly. This
gives a lot of flexibility - VM can control whether it want to sync time
this way. For now slight corrections (+-2sec) are ignored to not cause
problems by frequent time changes. But it can be easily extended to
refuse time sync when some other mechanism is used.
---
 Makefile                    |  1 +
 qubes-rpc/qubes.SetDateTime | 11 +++++++++++
 rpm_spec/core-vm.spec       |  1 +
 3 files changed, 13 insertions(+)
 create mode 100644 qubes-rpc/qubes.SetDateTime

diff --git a/Makefile b/Makefile
index 928f83c..97d0ead 100644
--- a/Makefile
+++ b/Makefile
@@ -167,6 +167,7 @@ install-common:
 	install -m 0644 qubes-rpc/qubes.{Backup,Restore} $(DESTDIR)/etc/qubes-rpc
 	install -m 0644 qubes-rpc/qubes.Select{File,Directory} $(DESTDIR)/etc/qubes-rpc
 	install -m 0644 qubes-rpc/qubes.GetImageRGBA $(DESTDIR)/etc/qubes-rpc
+	install -m 0644 qubes-rpc/qubes.SetDateTime $(DESTDIR)/etc/qubes-rpc
 
 	install -d $(DESTDIR)/usr/share/file-manager/actions
 	install -m 0644 qubes-rpc/*-gnome.desktop $(DESTDIR)/usr/share/file-manager/actions
diff --git a/qubes-rpc/qubes.SetDateTime b/qubes-rpc/qubes.SetDateTime
new file mode 100644
index 0000000..6ecc9e6
--- /dev/null
+++ b/qubes-rpc/qubes.SetDateTime
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+# it is in format of `date -u -Iseconds`, example: 2014-09-29T22:59:21+0000
+# it comes from dom0, so is trusted
+read timestamp
+timediff=$(( `date -u +'+%Y%m%d%H%M%S'` - `date -u -d "$timestamp" +'+%Y%m%d%H%M%S'` ))
+if [ $timediff -le 2 -a $timediff -ge -2 ]; then
+    # don't bother
+    exit 0
+fi
+date -u -s "$timestamp"
diff --git a/rpm_spec/core-vm.spec b/rpm_spec/core-vm.spec
index 131eed0..0af2b77 100644
--- a/rpm_spec/core-vm.spec
+++ b/rpm_spec/core-vm.spec
@@ -320,6 +320,7 @@ rm -f %{name}-%{version}
 /etc/qubes-rpc/qubes.SelectFile
 /etc/qubes-rpc/qubes.SelectDirectory
 /etc/qubes-rpc/qubes.GetImageRGBA
+/etc/qubes-rpc/qubes.SetDateTime
 %config(noreplace) /etc/sudoers.d/qubes
 %config(noreplace) /etc/sysconfig/iptables
 %config(noreplace) /etc/sysconfig/ip6tables