Bug#1128527: marked as done (trixie-pu: package chrony/4.6.1-3+deb13u1)

Sat, 14 Mar 2026 05:01:53 -0700 

Your message dated Sat, 14 Mar 2026 11:48:35 +0000
with message-id <[email protected]>
and subject line Released with 13.4
has caused the Debian Bug report #1128527,
regarding trixie-pu: package chrony/4.6.1-3+deb13u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1128527: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128527
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: trixie
X-Debbugs-Cc: [email protected]
Control: affects -1 + src:chrony
User: [email protected]
Usertags: pu

Hi,

[ Reason ]
A security fix introduced in Linux 6.15¹, and backported to Linux stable
series down to version 5.10, prevents chronyd from starting if
it is set up to use a PHC refclock configured with the 'extpps' option.

[ Impact ]
chronyd would fail to start when configured as aforementioned on a system
featuring a kernel containing that security fix.

More precisely, chronyd would output: "Fatal error : Could not enable external 
PHC timestamping"

[ Tests ]
After some required adjustments to 'upstream-simulation-test-suite'
autopkgest, all the tests shipped by chrony pass.

The proposed fix has also been successfully tested by the person who reported
the bug. No regression has been observed.

[ Risks ]
As mentioned above, the proposed update is well tested so I would say
that the risk of regression should be quite low.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

[ Changes ]
- The refclock_phc_open-device-for-writing-with-extpps-option.patch file
  is a backport of upstream patch (already available in chrony 4.8) to
  open the PHC reference clock with the O_RDWR flag when enabling the
  extpps option as recently required by the kernel.

- The second change concerns the 'upstream-simulation-test-suite'
  autopkgtest that fails notably due to the patched open() call.

[ Other info ]
I will be filing an issue for bookworm to fix the same problem.

Cheers,
Vincent

¹ 
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=97529630d85f910f4e6dfc615f1d111ada9448e3

diff -Nru chrony-4.6.1/debian/changelog chrony-4.6.1/debian/changelog
--- chrony-4.6.1/debian/changelog       2025-06-03 17:16:37.000000000 +0200
+++ chrony-4.6.1/debian/changelog       2026-02-16 17:34:12.000000000 +0100
@@ -1,3 +1,14 @@
+chrony (4.6.1-3+deb13u1) trixie; urgency=medium
+
+  * debian/patches/:
+    - Add refclock_phc_open-device-for-writing-with-extpps-option.patch.
+    Thanks to Jan Lübbe for the report. (Closes: #1127659)
+
+  * debian/test/upstream-simulation-test-suite:
+    - Prevent simulation test failures.
+
+ -- Vincent Blut <[email protected]>  Mon, 16 Feb 2026 17:34:12 +0100
+
 chrony (4.6.1-3) unstable; urgency=medium
 
   * debian/patches/:
diff -Nru 
chrony-4.6.1/debian/patches/refclock_phc_open-device-for-writing-with-extpps-option.patch
 
chrony-4.6.1/debian/patches/refclock_phc_open-device-for-writing-with-extpps-option.patch
--- 
chrony-4.6.1/debian/patches/refclock_phc_open-device-for-writing-with-extpps-option.patch
   1970-01-01 01:00:00.000000000 +0100
+++ 
chrony-4.6.1/debian/patches/refclock_phc_open-device-for-writing-with-extpps-option.patch
   2026-02-16 17:34:12.000000000 +0100
@@ -0,0 +1,104 @@
+Description: Open PHC device for writing with extpps option
+ In version 6.15 the Linux kernel started checking write access on the
+ PHC file descriptor in the PTP_PIN_SETFUNC and PTP_EXTTS_REQUEST ioctls.
+ chronyd opened the PHC device as readonly, which caused the PHC refclock
+ driver configured with the extpps option to fail with the
+ "Could not enable external PHC timestamping" error message.
+
+ To ensure compatibility with new kernel versions, add flags to the
+ SYS_Linux_OpenPHC() function and open the device with the O_RDWR flag
+ when the extpps option is enabled.
+Origin: backport, 
https://gitlab.com/chrony/chrony/-/commit/f78e4681eff71d941fab3be5ee406d920a155a20
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127659
+Last-Update: 2026-02-12
+---
+Index: chrony/ntp_io_linux.c
+===================================================================
+--- chrony.orig/ntp_io_linux.c
++++ chrony/ntp_io_linux.c
+@@ -220,7 +220,7 @@ add_interface(CNF_HwTsInterface *conf_if
+ 
+   SCK_CloseSocket(sock_fd);
+ 
+-  phc_fd = SYS_Linux_OpenPHC(NULL, ts_info.phc_index);
++  phc_fd = SYS_Linux_OpenPHC(NULL, ts_info.phc_index, O_RDONLY);
+   if (phc_fd < 0)
+     return 0;
+ 
+Index: chrony/refclock_phc.c
+===================================================================
+--- chrony.orig/refclock_phc.c
++++ chrony/refclock_phc.c
+@@ -66,7 +66,7 @@ static int phc_initialise(RCL_Instance i
+ {
+   const char *options[] = {"nocrossts", "extpps", "pin", "channel", "clear", 
NULL};
+   struct phc_instance *phc;
+-  int phc_fd, rising_edge;
++  int rising_edge;
+   struct stat st;
+   char *path, *s;
+ 
+@@ -74,19 +74,20 @@ static int phc_initialise(RCL_Instance i
+ 
+   path = RCL_GetDriverParameter(instance);
+  
+-  phc_fd = SYS_Linux_OpenPHC(path, 0);
+-  if (phc_fd < 0)
+-    LOG_FATAL("Could not open PHC");
+-
+   phc = MallocNew(struct phc_instance);
+-  phc->fd = phc_fd;
+-  if (fstat(phc_fd, &st) < 0 || !S_ISCHR(st.st_mode))
+-    LOG_FATAL("Could not get PHC index");
+-  phc->dev_index = minor(st.st_rdev);
+   phc->mode = 0;
+   phc->nocrossts = RCL_GetDriverOption(instance, "nocrossts") ? 1 : 0;
+   phc->extpps = RCL_GetDriverOption(instance, "extpps") ? 1 : 0;
+   UTI_ZeroTimespec(&phc->last_extts);
++
++  phc->fd = SYS_Linux_OpenPHC(path, 0, phc->extpps ? O_RDWR : O_RDONLY);
++  if (phc->fd < 0)
++    LOG_FATAL("Could not open PHC");
++
++  if (fstat(phc->fd, &st) < 0 || !S_ISCHR(st.st_mode))
++    LOG_FATAL("Could not get PHC index");
++  phc->dev_index = minor(st.st_rdev);
++
+   phc->clock = HCL_CreateInstance(0, 16, 
UTI_Log2ToDouble(RCL_GetDriverPoll(instance)),
+                                   RCL_GetPrecision(instance));
+ 
+Index: chrony/sys_linux.c
+===================================================================
+--- chrony.orig/sys_linux.c
++++ chrony/sys_linux.c
+@@ -903,7 +903,7 @@ get_precise_phc_readings(int phc_fd, int
+ /* ================================================== */
+ 
+ int
+-SYS_Linux_OpenPHC(const char *path, int phc_index)
++SYS_Linux_OpenPHC(const char *path, int phc_index, int flags)
+ {
+   struct ptp_clock_caps caps;
+   char phc_path[64];
+@@ -915,7 +915,7 @@ SYS_Linux_OpenPHC(const char *path, int
+     path = phc_path;
+   }
+ 
+-  phc_fd = open(path, O_RDONLY);
++  phc_fd = open(path, flags);
+   if (phc_fd < 0) {
+     LOG(LOGS_ERR, "Could not open %s : %s", path, strerror(errno));
+     return -1;
+Index: chrony/sys_linux.h
+===================================================================
+--- chrony.orig/sys_linux.h
++++ chrony/sys_linux.h
+@@ -39,7 +39,7 @@ extern void SYS_Linux_EnableSystemCallFi
+ 
+ extern int SYS_Linux_CheckKernelVersion(int req_major, int req_minor);
+ 
+-extern int SYS_Linux_OpenPHC(const char *path, int phc_index);
++extern int SYS_Linux_OpenPHC(const char *path, int phc_index, int flags);
+ 
+ extern int SYS_Linux_GetPHCReadings(int fd, int nocrossts, int *reading_mode, 
int max_readings,
+                                     struct timespec tss[][3]);
diff -Nru chrony-4.6.1/debian/patches/series chrony-4.6.1/debian/patches/series
--- chrony-4.6.1/debian/patches/series  2025-06-03 17:16:37.000000000 +0200
+++ chrony-4.6.1/debian/patches/series  2026-02-16 17:34:12.000000000 +0100
@@ -1,3 +1,4 @@
+refclock_phc_open-device-for-writing-with-extpps-option.patch
 conf:_fix_sourcedir_reloading_to_not_multiply_sources.patch
 debianize-chronyd-restricted-unit-file.patch
 nm-dispatcher-dhcp_Move-server_dir-to-run.patch
diff -Nru chrony-4.6.1/debian/tests/upstream-simulation-test-suite 
chrony-4.6.1/debian/tests/upstream-simulation-test-suite
--- chrony-4.6.1/debian/tests/upstream-simulation-test-suite    2025-06-03 
17:16:37.000000000 +0200
+++ chrony-4.6.1/debian/tests/upstream-simulation-test-suite    2026-02-16 
17:34:12.000000000 +0100
@@ -27,6 +27,24 @@
     tar -xvzf "$CLKNETSIM_PATH"/"$clknetsim_archive" \
         -C "$CLKNETSIM_PATH" --strip-components=1 2>&1 || exit 77
 
+    # Prevent simulation test failures introduced by
+    # refclock_phc_open-device-for-writing-with-extpps-option.patch
+    sed -i '
+        1498i\
+    int __open_2(const char *pathname, int oflag) {\
+            return open(pathname, oflag);\
+    }\
+    \
+    int __open64_2(const char *pathname, int oflag) {\
+            return open(pathname, oflag);\
+    }\
+
+        1538i\
+    ssize_t __read_chk(int fd, void *buf, size_t count, size_t buflen) {\
+            return read(fd, buf, count);\
+    }\
+    ' "$CLKNETSIM_PATH/client.c"
+
     if [ ! -x "$CLKNETSIM_PATH/clknetsim" ] && [ ! -e 
"$CLKNETSIM_PATH/clknetsim.so" ]; then
         case "$DEB_BUILD_ARCH" in
             armel|armhf)

Attachment: signature.asc
Description: PGP signature


--- End Message ---
--- Begin Message --- 
Package: release.debian.org
Version: 13.4

This update has been released as part of Debian 13.4.

--- End Message ---

Reply via email to