I reviewed linuxptp 4.2-1ubuntu1 as checked into oracular. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
linuxptp is an implementation of the Precision Time Protocol as per IEEE
1588. It uses hardware and software timestamping of ethernet frames or
UDP frames to synchronise the system clock across different machines on
a local LAN.
- CVE History
- 2 historical CVEs
- CVE-2021-3570
- CVE-2021-3571
- both found by a researcher at Red Hat and promptly fixed in both the
master and various historical stable branches.
- One very recent CVE-2024-42861 which is actively disputed by upstream as
not a real vulnerability
- Build-Depends
- Nothing interesting (only debhelper-compat and dh-exec)
- One pre/post inst/rm scripts added automatically by dh_installsystemd for the
timemaster.service unit - see below
- No init scripts
- 3 systemd units
- ptp4l@.service
- the main service - runs /usr/sbin/ptp4l -f /etc/linuxptp/ptp4l.conf -i %I
for each network interface
- phc2sys@.service
- Depends on ptp4l services and runs /usr/sbin/phc2sys -w -s %I for each
instance
- timemaster.service
- A single instance service that runs /usr/sbin/timemaster -f
/etc/linuxptp/timemaster.conf to synchronise the system clock to the configured
sources
- No dbus services
- No setuid binaries
- binaries in PATH
-rwxr-xr-x root/root 14720 2024-07-30 17:45 ./usr/sbin/hwstamp_ctl
-rwxr-xr-x root/root 84064 2024-07-30 17:45 ./usr/sbin/nsm
-rwxr-xr-x root/root 92000 2024-07-30 17:45 ./usr/sbin/phc2sys
-rwxr-xr-x root/root 31192 2024-07-30 17:45 ./usr/sbin/phc_ctl
-rwxr-xr-x root/root 96944 2024-07-30 17:45 ./usr/sbin/pmc
-rwxr-xr-x root/root 186528 2024-07-30 17:45 ./usr/sbin/ptp4l
-rwxr-xr-x root/root 43400 2024-07-30 17:45 ./usr/sbin/timemaster
-rwxr-xr-x root/root 96096 2024-07-30 17:45 ./usr/sbin/ts2phc
-rwxr-xr-x root/root 59200 2024-07-30 17:45 ./usr/sbin/tz2alt
- No sudo fragments
- No polkit files
- No udev rules
- unit tests / autopkgtests
- No unit tests run during build
- autopkgtest runs the in-built testsuite using clknetsim from
https://github.com/mlichvar/clknetsim by downloading and compiling this from
source
- currently passing and able to be reproduced locally so should be
sufficient for testing in the future
- No cron jobs
- Build logs
- No significant build warnings etc
- Processes spawned
- timemaster spawns chrony / ntpd / etc as configured in /etc/timemaster.conf
using execvp() / posix_spawnp()
- Memory management
- lots of dynamic memory allocation but uses own xmalloc()/xcalloc() routines
which exit on failure, appears to be quite careful in checking sizes of memory
when copying etc
- File IO
- Parses root-owned configuration files quite carefully using own hand-rolled
parsing code
- Logging
- Debug logging appears quite careful to not introduce format string attacks
etc
- Environment variable usage
- Doesn't read any environment variables, but sets "TZ" env var as UTC to
ensure consistent timestamps
- Use of privileged functions
- Uses ioctl() against the various network sockets to enable hardware
timestamping etc, as well as against the PTP device files to set required
parameters etc
- No use of cryptography / random number sources etc
- No use of temp files
- Use of networking
- Lots of socket handling unsurprisingly - looks quite careful to validate
data on receive
- No use of WebKit
- No use of PolicyKit
- No significant cppcheck results
- Lots of false-positives due to the use of LIST_FOREACH() and TAILQ() etc
macros which confuse cppcheck
- No significant Coverity results
- A few false-positives and overly eager warnings but nothing of note
- No significant shellcheck results
- No significant bandit results
- No significant govulncheck results (unsurprisingly)
- No significant Semgrep results
In general linuxptp appears to be written quite defensively and
carefully, and is a healthy and active upstream who respond in a timely
fashion to any perceived security issues. Ideally AppArmor profiles
would be provided to sandbox the main services but this is not a blocker
to being promoted to main from the security team's point of view.
Security team ACK for promoting linuxptp to main.
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3570
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3571
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-42861
** Changed in: linuxptp (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2071717
Title:
[MIR] linuxptp
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linuxptp/+bug/2071717/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
