Facts:
*qemu-guest-agent achieves successful clock syncing of a guest upon host system resume and does not attempt to constantly adjust the clock.
*kvmclock can only sync time during guest startup not during its lifetime:
https://serverfault.com/a/334734
*kvmclock used to sync time after suspend but no longer applies (this
explains my experiences before):
http://thread.gmane.org/gmane.comp.emulators.libvirt/92431
*qemu-guest agent is a solution but unsafe if used in untrusted guests, but is ok for Whonix-Gateway because its trusted:
https://serverfault.com/a/635273
http://wiki.qemu.org/Features/QAPI/GuestAgent
*Its not safe because it relies on Javascript code parser thats still not
hardened enough to run in hostile guest environments. It has to be enabled on the host by
adding a qemu-guest agent channel for it to work - without this it has
no effect and no security implications.
*using qemu-guest-agent is currently stalled because of permissions problems on Jessie. Apparmor workarounds not recommended, could be harmful to security:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1393842
*To have the same functionality for VirtualBox the resume hooks in Guest Additions will be used.
There is a Debian package:
https://packages.debian.org/jessie/qemu-guest-agent
We could add it as a weak dependency, below here:
https://github.com/Whonix/Whonix/blob/979c4393bd5e2d6ae20c690e39bb377d6244809e/build-steps.d/1700_install-packages#L405
Similar to this commit:
https://github.com/Whonix/Whonix/commit/979c4393bd5e2d6ae20c690e39bb377d6244809e
Rejected Solution:
Using Tordate as a coarse clock setting mechanism for Whonix-Gateway for Tor to connect.
It's fingerprintable. (All info/link/quotes on that wiki page.)
(Could be tied directly to Tails or Whonix. Unrelated from local clock leaks.)