2135684 – Threat model finding: shared memory race conditions / other-end-verifications.

Bug 2135684 - Threat model finding: shared memory race conditions / other-end-verifications.

Summary: Threat model finding: shared memory race conditions / other-end-verifications.

Keywords:
Status:	ASSIGNED
Alias:	None
Product:	Red Hat Enterprise Linux 9
Classification:	Red Hat
Component:	chrony
Sub Component:
Version:	9.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	Miroslav Lichvar
QA Contact:	rhel-cs-infra-services-qe
Docs Contact:
URL:
Whiteboard:
Depends On:	2231078
Blocks:
TreeView+	depends on / blocked

Reported:	2022-10-18 07:58 UTC by Wade Mealing
Modified:	2023-08-15 07:12 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type:	Bug
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	RHELPLAN-136822	0	None	None	None	2022-10-18 08:33:13 UTC

Comment 1 Miroslav Lichvar 2022-12-01 16:04:04 UTC

We need to deprecate the SHM protocol in favor of the SOCK protocol using Unix domain sockets or possibly something else.

The two most important time sources using SHM are gpsd and phc2sys from linuxptp. gpsd in the latest code now fully supports SOCK as a replacement for SHM. A patch adding SOCK was submitted for linuxptp, but was not accepted yet.

Comment 2 Miroslav Lichvar 2023-01-12 15:35:48 UTC

gpsd-3.25 was released, which has full support for chrony SOCK.

The chrony man page and FAQ in the upstream repository was modified to deprecate SHM in favor of SOCK.

Comment 3 Miroslav Lichvar 2023-08-10 13:41:42 UTC

This will be addressed by rebase to chrony-4.4 (bug #2231078).

Note You need to log in before you can comment on or make changes to this bug.