A potential solution should be a part of sdwdate (or a separate component if you think it has multiple use cases).
ntpd does clock jump detection:
Problems we need to workaround so it becomes possible:
* On KVM Whonix at least, the hardware timer information is not updated in WS because kvm-clock and others are disabled.
* Use of a guest agent to pass that kind of information from the host is not an option because its unsafe.
* Fetching and comparing remote data with the perceived time in the WS poses scalability, performance and bootstrapping problems if the guest time is way off.
* The information about the current time is available to code in the GW where kvm-clock is available (via hwclock).
* Create a systemd service that runs constantly and queries the hwclock on GW.
* The logged information should be coarsened enough to prevent revealing exact host time.
* This information is queried by the sdwdate process on the WS at regular intervals thru a safe mechanism like CPFP on the GW.
* sdwdate triggers a sync request if the drift exceeds a certain threshold