ntpd broken on ARM

Eric S. Raymond esr at thyrsus.com
Sun Nov 27 17:20:54 UTC 2016

Hal Murray <hmurray at megapathdsl.net>:
> I spent a lot of time chasing what I thought was a missing syscall in the 
> seccomp list, but that was a wild goose chase.
> For me, it currently breaks even without seccomp.
> I'm running code that was built on the 24th.  That was probably shortly after 
> a git pull, so the change that broke things is probably recent.  Have we 
> changed anything in libntp or ntpd since then?  ???
> Hopefully, somebody will fix it before I wake up.  'nite.

Recent changes to libntp and ntpd, from git log:

commit 77c8a205820877caa901a08738c118fc5fa09d68
Author: Eric S. Raymond <esr at thyrsus.com>
Date:   Sun Nov 27 04:50:17 2016 -0500

    Pass baudrate into the refclock_open() function correctly.

commit 6d3838ec2555e0294d90f3a5ef4487f6d1b00138
Author: Eric S. Raymond <esr at thyrsus.com>
Date:   Sat Nov 26 00:29:50 2016 -0500

    Repair mrulist reporting.
    The ntp_monitor() call got pushed down a code path that packets (at least,
    packets from pool servers) don't normally take.  Result: mosdt traffic
    was not getting recorded, and ntpq -c mrulist returned spuriously empty
    Fix verified by actually seeing an mrulist cpme out afterwards.

commit 4911e2df0c54414a539685545780168757879434
Author: Daniel Fox Franke <dfoxfranke at gmail.com>
Date:   Wed Nov 23 16:23:55 2016 -0500

    Fix authentication
    This corrects two evil bugs, one of which was introduced during the
    protocol refactor.  That one would have been a vulnerability but
    fortunately 1. the other was masking it, and 2. this bug never made
    it in a release. Phew.
    First bug: missing exit after failed authentication, which would have
    allowed misauthenticated packets to be accepted. Yikes!
    Second bug: Even correctly authenticated packets were getting rejected
    by different security check. handle_procpkt() checks that there's a
    request in flight before it's willing to process any response. But due
    to a bug that predates the fork from NTP Classic, authenticated
    requests never got their outcount incremented.
    This is why we test things...

commit 1fb1136aa8964218719ed561bd608d418150c9a3
Author: Daniel Fox Franke <dfoxfranke at gmail.com>
Date:   Tue Nov 22 15:45:38 2016 -0500

    CVE-2016-7429: Avoid interface update on possibly-spoofed responses
    Adapted from the NTP Classic patch by Juergen Perlinger

commit bdbc4cb53696b27895730a5a61437256762761b6
Author: Daniel Fox Franke <dfoxfranke at gmail.com>
Date:   Mon Nov 21 21:42:30 2016 -0500

    CVE-2016-7434: Crash from malformed mrulist request
    Patch ported from NTP Classic and mainly due to Juergen Perlinger

		<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>

More information about the devel mailing list