coreos-platform-chrony-config: use ptp_kvm when available on QEMU

KVM supports a `ptp_kvm` kernel module which allows the guest to query
the host clock for synchronization purposes.

Configure chrony to make use of it if it's available.

Don't disable the default pool; it'll be used by chrony to determine
whether the host clock is accurate or a falseticker.

Don't disable `PEERNTP` as we do on other platforms since we
historically haven't done so on QEMU and it's possible users have been
using their own DHCP servers (e.g. dnsmasq) to feed NTP configuration.

Closes: coreos/fedora-coreos-tracker#1433

Co-authored-by: Jonathan Lebon <jonathan@jlebon.com>

overlay.d/20platform-chrony/usr/lib/systemd/system/coreos-platform-chrony-config.service

@@ -4,6 +4,7 @@ ConditionKernelCommandLine=|ignition.platform.id=azurestack
 ConditionKernelCommandLine=|ignition.platform.id=azure
 ConditionKernelCommandLine=|ignition.platform.id=aws
 ConditionKernelCommandLine=|ignition.platform.id=gcp
+ConditionKernelCommandLine=|ignition.platform.id=qemu
 Before=NetworkManager.service
 Before=chronyd.service
 

overlay.d/20platform-chrony/usr/libexec/coreos-platform-chrony-config

@@ -19,9 +19,6 @@ if ! cmp {/usr,}/etc/chrony.conf >/dev/null; then
  exit 0
 fi
 
-mkdir -p /run/coreos
-confpath=/run/coreos/platform-chrony.conf
-altenvfilepath=/run/coreos/sysconfig-chrony
 cmdline=( $(</proc/cmdline) )
 cmdline_arg() {
  local name="$1" value
@@ -34,19 +31,33 @@ cmdline_arg() {
 }
 platform=$(cmdline_arg ignition.platform.id)
 
+# Exit early if the ptp_kvm module can't be loaded for the qemu platform
+if [[ ${platform} == "qemu" ]]; then
+ modprobe -q ptp_kvm || exit 0
+fi
+
+mkdir -p /run/coreos
+confpath=/run/coreos/platform-chrony.conf
+altenvfilepath=/run/coreos/sysconfig-chrony
+
 # If not set already (by host customization or this script), set
 # PEERNTP=no so that DHCP-provided NTP servers are not added to chrony.
 # By doing this we assume the better NTP server choice is the
 # platform-provided link-local NTP server rather than others from DHCP.
 # TODO: once https://bugzilla.redhat.com/show_bug.cgi?id=1828434 is
 # resolved, this won't be required.
 if [ ! -e /etc/sysconfig/network ] || ! grep -q "PEERNTP" /etc/sysconfig/network; then
- cat <<EOF >> /etc/sysconfig/network
+ # Historically on QEMU, we haven't been disabling PEERNTP. Let's keep doing
+ # that even if we have ptp_kvm. chrony will just use the NTP servers as
+ # additional sources.
+ if [[ ${platform} != "qemu" ]]; then
+ cat <<EOF >> /etc/sysconfig/network
 # PEERNTP=no is automatically added by default when a platform-provided time
 # source is available, but this behavior may be overridden through an Ignition
 # config specifying PEERNTP=yes. See https://github.com/coreos/fedora-coreos-config/pull/412.
 PEERNTP=no
 EOF
+ fi
 fi
 
 (echo "# Generated by $self - do not edit directly"
@@ -77,6 +88,11 @@ case "${platform}" in
  echo '# and https://cloud.google.com/compute/docs/images/configuring-imported-images'
  echo 'server metadata.google.internal prefer iburst'
  ) >> "${confpath}" ;;
+ qemu)
+ sed -i s,'^#pool,pool,' "${confpath}"
+ (echo '# KVM virtual PHC'
+ echo 'refclock PHC /dev/ptp0 poll 2'
+ ) >> "${confpath}" ;;
  *) echo "should not be reached" 1>&2; exit 1 ;;
 esac
 # Policy doesn't allow chronyd to read run_t

tests/kola/ntp/chrony/coreos-platform-chrony-generator

@@ -1,7 +1,7 @@
 #!/bin/bash
 ## kola:
 ## exclusive: false
-## platforms: "aws azure gce"
+## platforms: "aws azure gce qemu"
 #
 # Test the coreos-platform-chrony generator.
 
@@ -14,5 +14,9 @@ case "${platform}" in
  aws) chronyc sources |grep '169.254.169.123'; echo "ok chrony aws" ;;
  azure) chronyc sources |grep 'PHC'; echo "ok chrony azure" ;;
  gcp) chronyc sources | grep '169.254.169.254'; echo "ok chrony gcp" ;;
+ qemu)
+ if [[ -f /run/coreos/sysconfig-chrony ]]; then
+ chronyc sources | grep 'PHC0'; echo "ok chrony qemu"
+ fi ;;
  *) echo "unhandled platform ${platform} ?"; exit 1 ;;
 esac