1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Kernel internal timers
4 *
5 * Copyright (C) 1991, 1992 Linus Torvalds
6 *
7 * 1997-01-28 Modified by Finn Arne Gangstad to make timers scale better.
8 *
9 * 1997-09-10 Updated NTP code according to technical memorandum Jan '96
10 * "A Kernel Model for Precision Timekeeping" by Dave Mills
11 * 1998-12-24 Fixed a xtime SMP race (we need the xtime_lock rw spinlock to
12 * serialize accesses to xtime/lost_ticks).
13 * Copyright (C) 1998 Andrea Arcangeli
14 * 1999-03-10 Improved NTP compatibility by Ulrich Windl
15 * 2002-05-31 Move sys_sysinfo here and make its locking sane, Robert Love
16 * 2000-10-05 Implemented scalable SMP per-CPU timer handling.
17 * Copyright (C) 2000, 2001, 2002 Ingo Molnar
18 * Designed by David S. Miller, Alexey Kuznetsov and Ingo Molnar
19 */
20
21 #include <linux/kernel_stat.h>
22 #include <linux/export.h>
23 #include <linux/interrupt.h>
24 #include <linux/percpu.h>
25 #include <linux/init.h>
26 #include <linux/mm.h>
27 #include <linux/swap.h>
28 #include <linux/pid_namespace.h>
29 #include <linux/notifier.h>
30 #include <linux/thread_info.h>
31 #include <linux/time.h>
32 #include <linux/jiffies.h>
33 #include <linux/posix-timers.h>
34 #include <linux/cpu.h>
35 #include <linux/syscalls.h>
36 #include <linux/delay.h>
37 #include <linux/tick.h>
38 #include <linux/kallsyms.h>
39 #include <linux/irq_work.h>
40 #include <linux/sched/sysctl.h>
41 #include <linux/sched/nohz.h>
42 #include <linux/sched/debug.h>
43 #include <linux/slab.h>
44 #include <linux/compat.h>
45 #include <linux/random.h>
46 #include <linux/sysctl.h>
47
48 #include <linux/uaccess.h>
49 #include <asm/unistd.h>
50 #include <asm/div64.h>
51 #include <asm/timex.h>
52 #include <asm/io.h>
53
54 #include "tick-internal.h"
55 #include "timer_migration.h"
56
57 #define CREATE_TRACE_POINTS
58 #include <trace/events/timer.h>
59
60 __visible u64 jiffies_64 __cacheline_aligned_in_smp = INITIAL_JIFFIES;
61
62 EXPORT_SYMBOL(jiffies_64);
63
64 /*
65 * The timer wheel has LVL_DEPTH array levels. Each level provides an array of
66 * LVL_SIZE buckets. Each level is driven by its own clock and therefore each
67 * level has a different granularity.
68 *
69 * The level granularity is: LVL_CLK_DIV ^ level
70 * The level clock frequency is: HZ / (LVL_CLK_DIV ^ level)
71 *
72 * The array level of a newly armed timer depends on the relative expiry
73 * time. The farther the expiry time is away the higher the array level and
74 * therefore the granularity becomes.
75 *
76 * Contrary to the original timer wheel implementation, which aims for 'exact'
77 * expiry of the timers, this implementation removes the need for recascading
78 * the timers into the lower array levels. The previous 'classic' timer wheel
79 * implementation of the kernel already violated the 'exact' expiry by adding
80 * slack to the expiry time to provide batched expiration. The granularity
81 * levels provide implicit batching.
82 *
83 * This is an optimization of the original timer wheel implementation for the
84 * majority of the timer wheel use cases: timeouts. The vast majority of
85 * timeout timers (networking, disk I/O ...) are canceled before expiry. If
86 * the timeout expires it indicates that normal operation is disturbed, so it
87 * does not matter much whether the timeout comes with a slight delay.
88 *
89 * The only exception to this are networking timers with a small expiry
90 * time. They rely on the granularity. Those fit into the first wheel level,
91 * which has HZ granularity.
92 *
93 * We don't have cascading anymore. timers with a expiry time above the
94 * capacity of the last wheel level are force expired at the maximum timeout
95 * value of the last wheel level. From data sampling we know that the maximum
96 * value observed is 5 days (network connection tracking), so this should not
97 * be an issue.
98 *
99 * The currently chosen array constants values are a good compromise between
100 * array size and granularity.
101 *
102 * This results in the following granularity and range levels:
103 *
104 * HZ 1000 steps
105 * Level Offset Granularity Range
106 * 0 0 1 ms 0 ms - 63 ms
107 * 1 64 8 ms 64 ms - 511 ms
108 * 2 128 64 ms 512 ms - 4095 ms (512ms - ~4s)
109 * 3 192 512 ms 4096 ms - 32767 ms (~4s - ~32s)
110 * 4 256 4096 ms (~4s) 32768 ms - 262143 ms (~32s - ~4m)
111 * 5 320 32768 ms (~32s) 262144 ms - 2097151 ms (~4m - ~34m)
112 * 6 384 262144 ms (~4m) 2097152 ms - 16777215 ms (~34m - ~4h)
113 * 7 448 2097152 ms (~34m) 16777216 ms - 134217727 ms (~4h - ~1d)
114 * 8 512 16777216 ms (~4h) 134217728 ms - 1073741822 ms (~1d - ~12d)
115 *
116 * HZ 300
117 * Level Offset Granularity Range
118 * 0 0 3 ms 0 ms - 210 ms
119 * 1 64 26 ms 213 ms - 1703 ms (213ms - ~1s)
120 * 2 128 213 ms 1706 ms - 13650 ms (~1s - ~13s)
121 * 3 192 1706 ms (~1s) 13653 ms - 109223 ms (~13s - ~1m)
122 * 4 256 13653 ms (~13s) 109226 ms - 873810 ms (~1m - ~14m)
123 * 5 320 109226 ms (~1m) 873813 ms - 6990503 ms (~14m - ~1h)
124 * 6 384 873813 ms (~14m) 6990506 ms - 55924050 ms (~1h - ~15h)
125 * 7 448 6990506 ms (~1h) 55924053 ms - 447392423 ms (~15h - ~5d)
126 * 8 512 55924053 ms (~15h) 447392426 ms - 3579139406 ms (~5d - ~41d)
127 *
128 * HZ 250
129 * Level Offset Granularity Range
130 * 0 0 4 ms 0 ms - 255 ms
131 * 1 64 32 ms 256 ms - 2047 ms (256ms - ~2s)
132 * 2 128 256 ms 2048 ms - 16383 ms (~2s - ~16s)
133 * 3 192 2048 ms (~2s) 16384 ms - 131071 ms (~16s - ~2m)
134 * 4 256 16384 ms (~16s) 131072 ms - 1048575 ms (~2m - ~17m)
135 * 5 320 131072 ms (~2m) 1048576 ms - 8388607 ms (~17m - ~2h)
136 * 6 384 1048576 ms (~17m) 8388608 ms - 67108863 ms (~2h - ~18h)
137 * 7 448 8388608 ms (~2h) 67108864 ms - 536870911 ms (~18h - ~6d)
138 * 8 512 67108864 ms (~18h) 536870912 ms - 4294967288 ms (~6d - ~49d)
139 *
140 * HZ 100
141 * Level Offset Granularity Range
142 * 0 0 10 ms 0 ms - 630 ms
143 * 1 64 80 ms 640 ms - 5110 ms (640ms - ~5s)
144 * 2 128 640 ms 5120 ms - 40950 ms (~5s - ~40s)
145 * 3 192 5120 ms (~5s) 40960 ms - 327670 ms (~40s - ~5m)
146 * 4 256 40960 ms (~40s) 327680 ms - 2621430 ms (~5m - ~43m)
147 * 5 320 327680 ms (~5m) 2621440 ms - 20971510 ms (~43m - ~5h)
148 * 6 384 2621440 ms (~43m) 20971520 ms - 167772150 ms (~5h - ~1d)
149 * 7 448 20971520 ms (~5h) 167772160 ms - 1342177270 ms (~1d - ~15d)
150 */
151
152 /* Clock divisor for the next level */
153 #define LVL_CLK_SHIFT 3
154 #define LVL_CLK_DIV (1UL << LVL_CLK_SHIFT)
155 #define LVL_CLK_MASK (LVL_CLK_DIV - 1)
156 #define LVL_SHIFT(n) ((n) * LVL_CLK_SHIFT)
157 #define LVL_GRAN(n) (1UL << LVL_SHIFT(n))
158
159 /*
160 * The time start value for each level to select the bucket at enqueue
161 * time. We start from the last possible delta of the previous level
162 * so that we can later add an extra LVL_GRAN(n) to n (see calc_index()).
163 */
164 #define LVL_START(n) ((LVL_SIZE - 1) << (((n) - 1) * LVL_CLK_SHIFT))
165
166 /* Size of each clock level */
167 #define LVL_BITS 6
168 #define LVL_SIZE (1UL << LVL_BITS)
169 #define LVL_MASK (LVL_SIZE - 1)
170 #define LVL_OFFS(n) ((n) * LVL_SIZE)
171
172 /* Level depth */
173 #if HZ > 100
174 # define LVL_DEPTH 9
175 # else
176 # define LVL_DEPTH 8
177 #endif
178
179 /* The cutoff (max. capacity of the wheel) */
180 #define WHEEL_TIMEOUT_CUTOFF (LVL_START(LVL_DEPTH))
181 #define WHEEL_TIMEOUT_MAX (WHEEL_TIMEOUT_CUTOFF - LVL_GRAN(LVL_DEPTH - 1))
182
183 /*
184 * The resulting wheel size. If NOHZ is configured we allocate two
185 * wheels so we have a separate storage for the deferrable timers.
186 */
187 #define WHEEL_SIZE (LVL_SIZE * LVL_DEPTH)
188
189 #ifdef CONFIG_NO_HZ_COMMON
190 /*
191 * If multiple bases need to be locked, use the base ordering for lock
192 * nesting, i.e. lowest number first.
193 */
194 # define NR_BASES 3
195 # define BASE_LOCAL 0
196 # define BASE_GLOBAL 1
197 # define BASE_DEF 2
198 #else
199 # define NR_BASES 1
200 # define BASE_LOCAL 0
201 # define BASE_GLOBAL 0
202 # define BASE_DEF 0
203 #endif
204
205 /**
206 * struct timer_base - Per CPU timer base (number of base depends on config)
207 * @lock: Lock protecting the timer_base
208 * @running_timer: When expiring timers, the lock is dropped. To make
209 * sure not to race against deleting/modifying a
210 * currently running timer, the pointer is set to the
211 * timer, which expires at the moment. If no timer is
212 * running, the pointer is NULL.
213 * @expiry_lock: PREEMPT_RT only: Lock is taken in softirq around
214 * timer expiry callback execution and when trying to
215 * delete a running timer and it wasn't successful in
216 * the first glance. It prevents priority inversion
217 * when callback was preempted on a remote CPU and a
218 * caller tries to delete the running timer. It also
219 * prevents a life lock, when the task which tries to
220 * delete a timer preempted the softirq thread which
221 * is running the timer callback function.
222 * @timer_waiters: PREEMPT_RT only: Tells, if there is a waiter
223 * waiting for the end of the timer callback function
224 * execution.
225 * @clk: clock of the timer base; is updated before enqueue
226 * of a timer; during expiry, it is 1 offset ahead of
227 * jiffies to avoid endless requeuing to current
228 * jiffies
229 * @next_expiry: expiry value of the first timer; it is updated when
230 * finding the next timer and during enqueue; the
231 * value is not valid, when next_expiry_recalc is set
232 * @cpu: Number of CPU the timer base belongs to
233 * @next_expiry_recalc: States, whether a recalculation of next_expiry is
234 * required. Value is set true, when a timer was
235 * deleted.
236 * @is_idle: Is set, when timer_base is idle. It is triggered by NOHZ
237 * code. This state is only used in standard
238 * base. Deferrable timers, which are enqueued remotely
239 * never wake up an idle CPU. So no matter of supporting it
240 * for this base.
241 * @timers_pending: Is set, when a timer is pending in the base. It is only
242 * reliable when next_expiry_recalc is not set.
243 * @pending_map: bitmap of the timer wheel; each bit reflects a
244 * bucket of the wheel. When a bit is set, at least a
245 * single timer is enqueued in the related bucket.
246 * @vectors: Array of lists; Each array member reflects a bucket
247 * of the timer wheel. The list contains all timers
248 * which are enqueued into a specific bucket.
249 */
250 struct timer_base {
251 raw_spinlock_t lock;
252 struct timer_list *running_timer;
253 #ifdef CONFIG_PREEMPT_RT
254 spinlock_t expiry_lock;
255 atomic_t timer_waiters;
256 #endif
257 unsigned long clk;
258 unsigned long next_expiry;
259 unsigned int cpu;
260 bool next_expiry_recalc;
261 bool is_idle;
262 bool timers_pending;
263 DECLARE_BITMAP(pending_map, WHEEL_SIZE);
264 struct hlist_head vectors[WHEEL_SIZE];
265 } ____cacheline_aligned;
266
267 static DEFINE_PER_CPU(struct timer_base, timer_bases[NR_BASES]);
268
269 #ifdef CONFIG_NO_HZ_COMMON
270
271 static DEFINE_STATIC_KEY_FALSE(timers_nohz_active);
272 static DEFINE_MUTEX(timer_keys_mutex);
273
274 static void timer_update_keys(struct work_struct *work);
275 static DECLARE_WORK(timer_update_work, timer_update_keys);
276
277 #ifdef CONFIG_SMP
278 static unsigned int sysctl_timer_migration = 1;
279
280 DEFINE_STATIC_KEY_FALSE(timers_migration_enabled);
281
timers_update_migration(void)282 static void timers_update_migration(void)
283 {
284 if (sysctl_timer_migration && tick_nohz_active)
285 static_branch_enable(&timers_migration_enabled);
286 else
287 static_branch_disable(&timers_migration_enabled);
288 }
289
290 #ifdef CONFIG_SYSCTL
timer_migration_handler(const struct ctl_table * table,int write,void * buffer,size_t * lenp,loff_t * ppos)291 static int timer_migration_handler(const struct ctl_table *table, int write,
292 void *buffer, size_t *lenp, loff_t *ppos)
293 {
294 int ret;
295
296 mutex_lock(&timer_keys_mutex);
297 ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
298 if (!ret && write)
299 timers_update_migration();
300 mutex_unlock(&timer_keys_mutex);
301 return ret;
302 }
303
304 static const struct ctl_table timer_sysctl[] = {
305 {
306 .procname = "timer_migration",
307 .data = &sysctl_timer_migration,
308 .maxlen = sizeof(unsigned int),
309 .mode = 0644,
310 .proc_handler = timer_migration_handler,
311 .extra1 = SYSCTL_ZERO,
312 .extra2 = SYSCTL_ONE,
313 },
314 };
315
timer_sysctl_init(void)316 static int __init timer_sysctl_init(void)
317 {
318 register_sysctl("kernel", timer_sysctl);
319 return 0;
320 }
321 device_initcall(timer_sysctl_init);
322 #endif /* CONFIG_SYSCTL */
323 #else /* CONFIG_SMP */
timers_update_migration(void)324 static inline void timers_update_migration(void) { }
325 #endif /* !CONFIG_SMP */
326
timer_update_keys(struct work_struct * work)327 static void timer_update_keys(struct work_struct *work)
328 {
329 mutex_lock(&timer_keys_mutex);
330 timers_update_migration();
331 static_branch_enable(&timers_nohz_active);
332 mutex_unlock(&timer_keys_mutex);
333 }
334
timers_update_nohz(void)335 void timers_update_nohz(void)
336 {
337 schedule_work(&timer_update_work);
338 }
339
is_timers_nohz_active(void)340 static inline bool is_timers_nohz_active(void)
341 {
342 return static_branch_unlikely(&timers_nohz_active);
343 }
344 #else
is_timers_nohz_active(void)345 static inline bool is_timers_nohz_active(void) { return false; }
346 #endif /* NO_HZ_COMMON */
347
round_jiffies_common(unsigned long j,int cpu,bool force_up)348 static unsigned long round_jiffies_common(unsigned long j, int cpu,
349 bool force_up)
350 {
351 int rem;
352 unsigned long original = j;
353
354 /*
355 * We don't want all cpus firing their timers at once hitting the
356 * same lock or cachelines, so we skew each extra cpu with an extra
357 * 3 jiffies. This 3 jiffies came originally from the mm/ code which
358 * already did this.
359 * The skew is done by adding 3*cpunr, then round, then subtract this
360 * extra offset again.
361 */
362 j += cpu * 3;
363
364 rem = j % HZ;
365
366 /*
367 * If the target jiffy is just after a whole second (which can happen
368 * due to delays of the timer irq, long irq off times etc etc) then
369 * we should round down to the whole second, not up. Use 1/4th second
370 * as cutoff for this rounding as an extreme upper bound for this.
371 * But never round down if @force_up is set.
372 */
373 if (rem < HZ/4 && !force_up) /* round down */
374 j = j - rem;
375 else /* round up */
376 j = j - rem + HZ;
377
378 /* now that we have rounded, subtract the extra skew again */
379 j -= cpu * 3;
380
381 /*
382 * Make sure j is still in the future. Otherwise return the
383 * unmodified value.
384 */
385 return time_is_after_jiffies(j) ? j : original;
386 }
387
388 /**
389 * __round_jiffies - function to round jiffies to a full second
390 * @j: the time in (absolute) jiffies that should be rounded
391 * @cpu: the processor number on which the timeout will happen
392 *
393 * __round_jiffies() rounds an absolute time in the future (in jiffies)
394 * up or down to (approximately) full seconds. This is useful for timers
395 * for which the exact time they fire does not matter too much, as long as
396 * they fire approximately every X seconds.
397 *
398 * By rounding these timers to whole seconds, all such timers will fire
399 * at the same time, rather than at various times spread out. The goal
400 * of this is to have the CPU wake up less, which saves power.
401 *
402 * The exact rounding is skewed for each processor to avoid all
403 * processors firing at the exact same time, which could lead
404 * to lock contention or spurious cache line bouncing.
405 *
406 * The return value is the rounded version of the @j parameter.
407 */
__round_jiffies(unsigned long j,int cpu)408 unsigned long __round_jiffies(unsigned long j, int cpu)
409 {
410 return round_jiffies_common(j, cpu, false);
411 }
412 EXPORT_SYMBOL_GPL(__round_jiffies);
413
414 /**
415 * __round_jiffies_relative - function to round jiffies to a full second
416 * @j: the time in (relative) jiffies that should be rounded
417 * @cpu: the processor number on which the timeout will happen
418 *
419 * __round_jiffies_relative() rounds a time delta in the future (in jiffies)
420 * up or down to (approximately) full seconds. This is useful for timers
421 * for which the exact time they fire does not matter too much, as long as
422 * they fire approximately every X seconds.
423 *
424 * By rounding these timers to whole seconds, all such timers will fire
425 * at the same time, rather than at various times spread out. The goal
426 * of this is to have the CPU wake up less, which saves power.
427 *
428 * The exact rounding is skewed for each processor to avoid all
429 * processors firing at the exact same time, which could lead
430 * to lock contention or spurious cache line bouncing.
431 *
432 * The return value is the rounded version of the @j parameter.
433 */
__round_jiffies_relative(unsigned long j,int cpu)434 unsigned long __round_jiffies_relative(unsigned long j, int cpu)
435 {
436 unsigned long j0 = jiffies;
437
438 /* Use j0 because jiffies might change while we run */
439 return round_jiffies_common(j + j0, cpu, false) - j0;
440 }
441 EXPORT_SYMBOL_GPL(__round_jiffies_relative);
442
443 /**
444 * round_jiffies - function to round jiffies to a full second
445 * @j: the time in (absolute) jiffies that should be rounded
446 *
447 * round_jiffies() rounds an absolute time in the future (in jiffies)
448 * up or down to (approximately) full seconds. This is useful for timers
449 * for which the exact time they fire does not matter too much, as long as
450 * they fire approximately every X seconds.
451 *
452 * By rounding these timers to whole seconds, all such timers will fire
453 * at the same time, rather than at various times spread out. The goal
454 * of this is to have the CPU wake up less, which saves power.
455 *
456 * The return value is the rounded version of the @j parameter.
457 */
round_jiffies(unsigned long j)458 unsigned long round_jiffies(unsigned long j)
459 {
460 return round_jiffies_common(j, raw_smp_processor_id(), false);
461 }
462 EXPORT_SYMBOL_GPL(round_jiffies);
463
464 /**
465 * round_jiffies_relative - function to round jiffies to a full second
466 * @j: the time in (relative) jiffies that should be rounded
467 *
468 * round_jiffies_relative() rounds a time delta in the future (in jiffies)
469 * up or down to (approximately) full seconds. This is useful for timers
470 * for which the exact time they fire does not matter too much, as long as
471 * they fire approximately every X seconds.
472 *
473 * By rounding these timers to whole seconds, all such timers will fire
474 * at the same time, rather than at various times spread out. The goal
475 * of this is to have the CPU wake up less, which saves power.
476 *
477 * The return value is the rounded version of the @j parameter.
478 */
round_jiffies_relative(unsigned long j)479 unsigned long round_jiffies_relative(unsigned long j)
480 {
481 return __round_jiffies_relative(j, raw_smp_processor_id());
482 }
483 EXPORT_SYMBOL_GPL(round_jiffies_relative);
484
485 /**
486 * __round_jiffies_up - function to round jiffies up to a full second
487 * @j: the time in (absolute) jiffies that should be rounded
488 * @cpu: the processor number on which the timeout will happen
489 *
490 * This is the same as __round_jiffies() except that it will never
491 * round down. This is useful for timeouts for which the exact time
492 * of firing does not matter too much, as long as they don't fire too
493 * early.
494 */
__round_jiffies_up(unsigned long j,int cpu)495 unsigned long __round_jiffies_up(unsigned long j, int cpu)
496 {
497 return round_jiffies_common(j, cpu, true);
498 }
499 EXPORT_SYMBOL_GPL(__round_jiffies_up);
500
501 /**
502 * __round_jiffies_up_relative - function to round jiffies up to a full second
503 * @j: the time in (relative) jiffies that should be rounded
504 * @cpu: the processor number on which the timeout will happen
505 *
506 * This is the same as __round_jiffies_relative() except that it will never
507 * round down. This is useful for timeouts for which the exact time
508 * of firing does not matter too much, as long as they don't fire too
509 * early.
510 */
__round_jiffies_up_relative(unsigned long j,int cpu)511 unsigned long __round_jiffies_up_relative(unsigned long j, int cpu)
512 {
513 unsigned long j0 = jiffies;
514
515 /* Use j0 because jiffies might change while we run */
516 return round_jiffies_common(j + j0, cpu, true) - j0;
517 }
518 EXPORT_SYMBOL_GPL(__round_jiffies_up_relative);
519
520 /**
521 * round_jiffies_up - function to round jiffies up to a full second
522 * @j: the time in (absolute) jiffies that should be rounded
523 *
524 * This is the same as round_jiffies() except that it will never
525 * round down. This is useful for timeouts for which the exact time
526 * of firing does not matter too much, as long as they don't fire too
527 * early.
528 */
round_jiffies_up(unsigned long j)529 unsigned long round_jiffies_up(unsigned long j)
530 {
531 return round_jiffies_common(j, raw_smp_processor_id(), true);
532 }
533 EXPORT_SYMBOL_GPL(round_jiffies_up);
534
535 /**
536 * round_jiffies_up_relative - function to round jiffies up to a full second
537 * @j: the time in (relative) jiffies that should be rounded
538 *
539 * This is the same as round_jiffies_relative() except that it will never
540 * round down. This is useful for timeouts for which the exact time
541 * of firing does not matter too much, as long as they don't fire too
542 * early.
543 */
round_jiffies_up_relative(unsigned long j)544 unsigned long round_jiffies_up_relative(unsigned long j)
545 {
546 return __round_jiffies_up_relative(j, raw_smp_processor_id());
547 }
548 EXPORT_SYMBOL_GPL(round_jiffies_up_relative);
549
550
timer_get_idx(struct timer_list * timer)551 static inline unsigned int timer_get_idx(struct timer_list *timer)
552 {
553 return (timer->flags & TIMER_ARRAYMASK) >> TIMER_ARRAYSHIFT;
554 }
555
timer_set_idx(struct timer_list * timer,unsigned int idx)556 static inline void timer_set_idx(struct timer_list *timer, unsigned int idx)
557 {
558 timer->flags = (timer->flags & ~TIMER_ARRAYMASK) |
559 idx << TIMER_ARRAYSHIFT;
560 }
561
562 /*
563 * Helper function to calculate the array index for a given expiry
564 * time.
565 */
calc_index(unsigned long expires,unsigned lvl,unsigned long * bucket_expiry)566 static inline unsigned calc_index(unsigned long expires, unsigned lvl,
567 unsigned long *bucket_expiry)
568 {
569
570 /*
571 * The timer wheel has to guarantee that a timer does not fire
572 * early. Early expiry can happen due to:
573 * - Timer is armed at the edge of a tick
574 * - Truncation of the expiry time in the outer wheel levels
575 *
576 * Round up with level granularity to prevent this.
577 */
578 expires = (expires >> LVL_SHIFT(lvl)) + 1;
579 *bucket_expiry = expires << LVL_SHIFT(lvl);
580 return LVL_OFFS(lvl) + (expires & LVL_MASK);
581 }
582
calc_wheel_index(unsigned long expires,unsigned long clk,unsigned long * bucket_expiry)583 static int calc_wheel_index(unsigned long expires, unsigned long clk,
584 unsigned long *bucket_expiry)
585 {
586 unsigned long delta = expires - clk;
587 unsigned int idx;
588
589 if (delta < LVL_START(1)) {
590 idx = calc_index(expires, 0, bucket_expiry);
591 } else if (delta < LVL_START(2)) {
592 idx = calc_index(expires, 1, bucket_expiry);
593 } else if (delta < LVL_START(3)) {
594 idx = calc_index(expires, 2, bucket_expiry);
595 } else if (delta < LVL_START(4)) {
596 idx = calc_index(expires, 3, bucket_expiry);
597 } else if (delta < LVL_START(5)) {
598 idx = calc_index(expires, 4, bucket_expiry);
599 } else if (delta < LVL_START(6)) {
600 idx = calc_index(expires, 5, bucket_expiry);
601 } else if (delta < LVL_START(7)) {
602 idx = calc_index(expires, 6, bucket_expiry);
603 } else if (LVL_DEPTH > 8 && delta < LVL_START(8)) {
604 idx = calc_index(expires, 7, bucket_expiry);
605 } else if ((long) delta < 0) {
606 idx = clk & LVL_MASK;
607 *bucket_expiry = clk;
608 } else {
609 /*
610 * Force expire obscene large timeouts to expire at the
611 * capacity limit of the wheel.
612 */
613 if (delta >= WHEEL_TIMEOUT_CUTOFF)
614 expires = clk + WHEEL_TIMEOUT_MAX;
615
616 idx = calc_index(expires, LVL_DEPTH - 1, bucket_expiry);
617 }
618 return idx;
619 }
620
621 static void
trigger_dyntick_cpu(struct timer_base * base,struct timer_list * timer)622 trigger_dyntick_cpu(struct timer_base *base, struct timer_list *timer)
623 {
624 /*
625 * Deferrable timers do not prevent the CPU from entering dynticks and
626 * are not taken into account on the idle/nohz_full path. An IPI when a
627 * new deferrable timer is enqueued will wake up the remote CPU but
628 * nothing will be done with the deferrable timer base. Therefore skip
629 * the remote IPI for deferrable timers completely.
630 */
631 if (!is_timers_nohz_active() || timer->flags & TIMER_DEFERRABLE)
632 return;
633
634 /*
635 * We might have to IPI the remote CPU if the base is idle and the
636 * timer is pinned. If it is a non pinned timer, it is only queued
637 * on the remote CPU, when timer was running during queueing. Then
638 * everything is handled by remote CPU anyway. If the other CPU is
639 * on the way to idle then it can't set base->is_idle as we hold
640 * the base lock:
641 */
642 if (base->is_idle) {
643 WARN_ON_ONCE(!(timer->flags & TIMER_PINNED ||
644 tick_nohz_full_cpu(base->cpu)));
645 wake_up_nohz_cpu(base->cpu);
646 }
647 }
648
649 /*
650 * Enqueue the timer into the hash bucket, mark it pending in
651 * the bitmap, store the index in the timer flags then wake up
652 * the target CPU if needed.
653 */
enqueue_timer(struct timer_base * base,struct timer_list * timer,unsigned int idx,unsigned long bucket_expiry)654 static void enqueue_timer(struct timer_base *base, struct timer_list *timer,
655 unsigned int idx, unsigned long bucket_expiry)
656 {
657
658 hlist_add_head(&timer->entry, base->vectors + idx);
659 __set_bit(idx, base->pending_map);
660 timer_set_idx(timer, idx);
661
662 trace_timer_start(timer, bucket_expiry);
663
664 /*
665 * Check whether this is the new first expiring timer. The
666 * effective expiry time of the timer is required here
667 * (bucket_expiry) instead of timer->expires.
668 */
669 if (time_before(bucket_expiry, base->next_expiry)) {
670 /*
671 * Set the next expiry time and kick the CPU so it
672 * can reevaluate the wheel:
673 */
674 WRITE_ONCE(base->next_expiry, bucket_expiry);
675 base->timers_pending = true;
676 base->next_expiry_recalc = false;
677 trigger_dyntick_cpu(base, timer);
678 }
679 }
680
internal_add_timer(struct timer_base * base,struct timer_list * timer)681 static void internal_add_timer(struct timer_base *base, struct timer_list *timer)
682 {
683 unsigned long bucket_expiry;
684 unsigned int idx;
685
686 idx = calc_wheel_index(timer->expires, base->clk, &bucket_expiry);
687 enqueue_timer(base, timer, idx, bucket_expiry);
688 }
689
690 #ifdef CONFIG_DEBUG_OBJECTS_TIMERS
691
692 static const struct debug_obj_descr timer_debug_descr;
693
694 struct timer_hint {
695 void (*function)(struct timer_list *t);
696 long offset;
697 };
698
699 #define TIMER_HINT(fn, container, timr, hintfn) \
700 { \
701 .function = fn, \
702 .offset = offsetof(container, hintfn) - \
703 offsetof(container, timr) \
704 }
705
706 static const struct timer_hint timer_hints[] = {
707 TIMER_HINT(delayed_work_timer_fn,
708 struct delayed_work, timer, work.func),
709 TIMER_HINT(kthread_delayed_work_timer_fn,
710 struct kthread_delayed_work, timer, work.func),
711 };
712
timer_debug_hint(void * addr)713 static void *timer_debug_hint(void *addr)
714 {
715 struct timer_list *timer = addr;
716 int i;
717
718 for (i = 0; i < ARRAY_SIZE(timer_hints); i++) {
719 if (timer_hints[i].function == timer->function) {
720 void (**fn)(void) = addr + timer_hints[i].offset;
721
722 return *fn;
723 }
724 }
725
726 return timer->function;
727 }
728
timer_is_static_object(void * addr)729 static bool timer_is_static_object(void *addr)
730 {
731 struct timer_list *timer = addr;
732
733 return (timer->entry.pprev == NULL &&
734 timer->entry.next == TIMER_ENTRY_STATIC);
735 }
736
737 /*
738 * timer_fixup_init is called when:
739 * - an active object is initialized
740 */
timer_fixup_init(void * addr,enum debug_obj_state state)741 static bool timer_fixup_init(void *addr, enum debug_obj_state state)
742 {
743 struct timer_list *timer = addr;
744
745 switch (state) {
746 case ODEBUG_STATE_ACTIVE:
747 del_timer_sync(timer);
748 debug_object_init(timer, &timer_debug_descr);
749 return true;
750 default:
751 return false;
752 }
753 }
754
755 /* Stub timer callback for improperly used timers. */
stub_timer(struct timer_list * unused)756 static void stub_timer(struct timer_list *unused)
757 {
758 WARN_ON(1);
759 }
760
761 /*
762 * timer_fixup_activate is called when:
763 * - an active object is activated
764 * - an unknown non-static object is activated
765 */
timer_fixup_activate(void * addr,enum debug_obj_state state)766 static bool timer_fixup_activate(void *addr, enum debug_obj_state state)
767 {
768 struct timer_list *timer = addr;
769
770 switch (state) {
771 case ODEBUG_STATE_NOTAVAILABLE:
772 timer_setup(timer, stub_timer, 0);
773 return true;
774
775 case ODEBUG_STATE_ACTIVE:
776 WARN_ON(1);
777 fallthrough;
778 default:
779 return false;
780 }
781 }
782
783 /*
784 * timer_fixup_free is called when:
785 * - an active object is freed
786 */
timer_fixup_free(void * addr,enum debug_obj_state state)787 static bool timer_fixup_free(void *addr, enum debug_obj_state state)
788 {
789 struct timer_list *timer = addr;
790
791 switch (state) {
792 case ODEBUG_STATE_ACTIVE:
793 del_timer_sync(timer);
794 debug_object_free(timer, &timer_debug_descr);
795 return true;
796 default:
797 return false;
798 }
799 }
800
801 /*
802 * timer_fixup_assert_init is called when:
803 * - an untracked/uninit-ed object is found
804 */
timer_fixup_assert_init(void * addr,enum debug_obj_state state)805 static bool timer_fixup_assert_init(void *addr, enum debug_obj_state state)
806 {
807 struct timer_list *timer = addr;
808
809 switch (state) {
810 case ODEBUG_STATE_NOTAVAILABLE:
811 timer_setup(timer, stub_timer, 0);
812 return true;
813 default:
814 return false;
815 }
816 }
817
818 static const struct debug_obj_descr timer_debug_descr = {
819 .name = "timer_list",
820 .debug_hint = timer_debug_hint,
821 .is_static_object = timer_is_static_object,
822 .fixup_init = timer_fixup_init,
823 .fixup_activate = timer_fixup_activate,
824 .fixup_free = timer_fixup_free,
825 .fixup_assert_init = timer_fixup_assert_init,
826 };
827
debug_timer_init(struct timer_list * timer)828 static inline void debug_timer_init(struct timer_list *timer)
829 {
830 debug_object_init(timer, &timer_debug_descr);
831 }
832
debug_timer_activate(struct timer_list * timer)833 static inline void debug_timer_activate(struct timer_list *timer)
834 {
835 debug_object_activate(timer, &timer_debug_descr);
836 }
837
debug_timer_deactivate(struct timer_list * timer)838 static inline void debug_timer_deactivate(struct timer_list *timer)
839 {
840 debug_object_deactivate(timer, &timer_debug_descr);
841 }
842
debug_timer_assert_init(struct timer_list * timer)843 static inline void debug_timer_assert_init(struct timer_list *timer)
844 {
845 debug_object_assert_init(timer, &timer_debug_descr);
846 }
847
848 static void do_init_timer(struct timer_list *timer,
849 void (*func)(struct timer_list *),
850 unsigned int flags,
851 const char *name, struct lock_class_key *key);
852
init_timer_on_stack_key(struct timer_list * timer,void (* func)(struct timer_list *),unsigned int flags,const char * name,struct lock_class_key * key)853 void init_timer_on_stack_key(struct timer_list *timer,
854 void (*func)(struct timer_list *),
855 unsigned int flags,
856 const char *name, struct lock_class_key *key)
857 {
858 debug_object_init_on_stack(timer, &timer_debug_descr);
859 do_init_timer(timer, func, flags, name, key);
860 }
861 EXPORT_SYMBOL_GPL(init_timer_on_stack_key);
862
destroy_timer_on_stack(struct timer_list * timer)863 void destroy_timer_on_stack(struct timer_list *timer)
864 {
865 debug_object_free(timer, &timer_debug_descr);
866 }
867 EXPORT_SYMBOL_GPL(destroy_timer_on_stack);
868
869 #else
debug_timer_init(struct timer_list * timer)870 static inline void debug_timer_init(struct timer_list *timer) { }
debug_timer_activate(struct timer_list * timer)871 static inline void debug_timer_activate(struct timer_list *timer) { }
debug_timer_deactivate(struct timer_list * timer)872 static inline void debug_timer_deactivate(struct timer_list *timer) { }
debug_timer_assert_init(struct timer_list * timer)873 static inline void debug_timer_assert_init(struct timer_list *timer) { }
874 #endif
875
debug_init(struct timer_list * timer)876 static inline void debug_init(struct timer_list *timer)
877 {
878 debug_timer_init(timer);
879 trace_timer_init(timer);
880 }
881
debug_deactivate(struct timer_list * timer)882 static inline void debug_deactivate(struct timer_list *timer)
883 {
884 debug_timer_deactivate(timer);
885 trace_timer_cancel(timer);
886 }
887
debug_assert_init(struct timer_list * timer)888 static inline void debug_assert_init(struct timer_list *timer)
889 {
890 debug_timer_assert_init(timer);
891 }
892
do_init_timer(struct timer_list * timer,void (* func)(struct timer_list *),unsigned int flags,const char * name,struct lock_class_key * key)893 static void do_init_timer(struct timer_list *timer,
894 void (*func)(struct timer_list *),
895 unsigned int flags,
896 const char *name, struct lock_class_key *key)
897 {
898 timer->entry.pprev = NULL;
899 timer->function = func;
900 if (WARN_ON_ONCE(flags & ~TIMER_INIT_FLAGS))
901 flags &= TIMER_INIT_FLAGS;
902 timer->flags = flags | raw_smp_processor_id();
903 lockdep_init_map(&timer->lockdep_map, name, key, 0);
904 }
905
906 /**
907 * init_timer_key - initialize a timer
908 * @timer: the timer to be initialized
909 * @func: timer callback function
910 * @flags: timer flags
911 * @name: name of the timer
912 * @key: lockdep class key of the fake lock used for tracking timer
913 * sync lock dependencies
914 *
915 * init_timer_key() must be done to a timer prior to calling *any* of the
916 * other timer functions.
917 */
init_timer_key(struct timer_list * timer,void (* func)(struct timer_list *),unsigned int flags,const char * name,struct lock_class_key * key)918 void init_timer_key(struct timer_list *timer,
919 void (*func)(struct timer_list *), unsigned int flags,
920 const char *name, struct lock_class_key *key)
921 {
922 debug_init(timer);
923 do_init_timer(timer, func, flags, name, key);
924 }
925 EXPORT_SYMBOL(init_timer_key);
926
detach_timer(struct timer_list * timer,bool clear_pending)927 static inline void detach_timer(struct timer_list *timer, bool clear_pending)
928 {
929 struct hlist_node *entry = &timer->entry;
930
931 debug_deactivate(timer);
932
933 __hlist_del(entry);
934 if (clear_pending)
935 entry->pprev = NULL;
936 entry->next = LIST_POISON2;
937 }
938
detach_if_pending(struct timer_list * timer,struct timer_base * base,bool clear_pending)939 static int detach_if_pending(struct timer_list *timer, struct timer_base *base,
940 bool clear_pending)
941 {
942 unsigned idx = timer_get_idx(timer);
943
944 if (!timer_pending(timer))
945 return 0;
946
947 if (hlist_is_singular_node(&timer->entry, base->vectors + idx)) {
948 __clear_bit(idx, base->pending_map);
949 base->next_expiry_recalc = true;
950 }
951
952 detach_timer(timer, clear_pending);
953 return 1;
954 }
955
get_timer_cpu_base(u32 tflags,u32 cpu)956 static inline struct timer_base *get_timer_cpu_base(u32 tflags, u32 cpu)
957 {
958 int index = tflags & TIMER_PINNED ? BASE_LOCAL : BASE_GLOBAL;
959
960 /*
961 * If the timer is deferrable and NO_HZ_COMMON is set then we need
962 * to use the deferrable base.
963 */
964 if (IS_ENABLED(CONFIG_NO_HZ_COMMON) && (tflags & TIMER_DEFERRABLE))
965 index = BASE_DEF;
966
967 return per_cpu_ptr(&timer_bases[index], cpu);
968 }
969
get_timer_this_cpu_base(u32 tflags)970 static inline struct timer_base *get_timer_this_cpu_base(u32 tflags)
971 {
972 int index = tflags & TIMER_PINNED ? BASE_LOCAL : BASE_GLOBAL;
973
974 /*
975 * If the timer is deferrable and NO_HZ_COMMON is set then we need
976 * to use the deferrable base.
977 */
978 if (IS_ENABLED(CONFIG_NO_HZ_COMMON) && (tflags & TIMER_DEFERRABLE))
979 index = BASE_DEF;
980
981 return this_cpu_ptr(&timer_bases[index]);
982 }
983
get_timer_base(u32 tflags)984 static inline struct timer_base *get_timer_base(u32 tflags)
985 {
986 return get_timer_cpu_base(tflags, tflags & TIMER_CPUMASK);
987 }
988
__forward_timer_base(struct timer_base * base,unsigned long basej)989 static inline void __forward_timer_base(struct timer_base *base,
990 unsigned long basej)
991 {
992 /*
993 * Check whether we can forward the base. We can only do that when
994 * @basej is past base->clk otherwise we might rewind base->clk.
995 */
996 if (time_before_eq(basej, base->clk))
997 return;
998
999 /*
1000 * If the next expiry value is > jiffies, then we fast forward to
1001 * jiffies otherwise we forward to the next expiry value.
1002 */
1003 if (time_after(base->next_expiry, basej)) {
1004 base->clk = basej;
1005 } else {
1006 if (WARN_ON_ONCE(time_before(base->next_expiry, base->clk)))
1007 return;
1008 base->clk = base->next_expiry;
1009 }
1010
1011 }
1012
forward_timer_base(struct timer_base * base)1013 static inline void forward_timer_base(struct timer_base *base)
1014 {
1015 __forward_timer_base(base, READ_ONCE(jiffies));
1016 }
1017
1018 /*
1019 * We are using hashed locking: Holding per_cpu(timer_bases[x]).lock means
1020 * that all timers which are tied to this base are locked, and the base itself
1021 * is locked too.
1022 *
1023 * So __run_timers/migrate_timers can safely modify all timers which could
1024 * be found in the base->vectors array.
1025 *
1026 * When a timer is migrating then the TIMER_MIGRATING flag is set and we need
1027 * to wait until the migration is done.
1028 */
lock_timer_base(struct timer_list * timer,unsigned long * flags)1029 static struct timer_base *lock_timer_base(struct timer_list *timer,
1030 unsigned long *flags)
1031 __acquires(timer->base->lock)
1032 {
1033 for (;;) {
1034 struct timer_base *base;
1035 u32 tf;
1036
1037 /*
1038 * We need to use READ_ONCE() here, otherwise the compiler
1039 * might re-read @tf between the check for TIMER_MIGRATING
1040 * and spin_lock().
1041 */
1042 tf = READ_ONCE(timer->flags);
1043
1044 if (!(tf & TIMER_MIGRATING)) {
1045 base = get_timer_base(tf);
1046 raw_spin_lock_irqsave(&base->lock, *flags);
1047 if (timer->flags == tf)
1048 return base;
1049 raw_spin_unlock_irqrestore(&base->lock, *flags);
1050 }
1051 cpu_relax();
1052 }
1053 }
1054
1055 #define MOD_TIMER_PENDING_ONLY 0x01
1056 #define MOD_TIMER_REDUCE 0x02
1057 #define MOD_TIMER_NOTPENDING 0x04
1058
1059 static inline int
__mod_timer(struct timer_list * timer,unsigned long expires,unsigned int options)1060 __mod_timer(struct timer_list *timer, unsigned long expires, unsigned int options)
1061 {
1062 unsigned long clk = 0, flags, bucket_expiry;
1063 struct timer_base *base, *new_base;
1064 unsigned int idx = UINT_MAX;
1065 int ret = 0;
1066
1067 debug_assert_init(timer);
1068
1069 /*
1070 * This is a common optimization triggered by the networking code - if
1071 * the timer is re-modified to have the same timeout or ends up in the
1072 * same array bucket then just return:
1073 */
1074 if (!(options & MOD_TIMER_NOTPENDING) && timer_pending(timer)) {
1075 /*
1076 * The downside of this optimization is that it can result in
1077 * larger granularity than you would get from adding a new
1078 * timer with this expiry.
1079 */
1080 long diff = timer->expires - expires;
1081
1082 if (!diff)
1083 return 1;
1084 if (options & MOD_TIMER_REDUCE && diff <= 0)
1085 return 1;
1086
1087 /*
1088 * We lock timer base and calculate the bucket index right
1089 * here. If the timer ends up in the same bucket, then we
1090 * just update the expiry time and avoid the whole
1091 * dequeue/enqueue dance.
1092 */
1093 base = lock_timer_base(timer, &flags);
1094 /*
1095 * Has @timer been shutdown? This needs to be evaluated
1096 * while holding base lock to prevent a race against the
1097 * shutdown code.
1098 */
1099 if (!timer->function)
1100 goto out_unlock;
1101
1102 forward_timer_base(base);
1103
1104 if (timer_pending(timer) && (options & MOD_TIMER_REDUCE) &&
1105 time_before_eq(timer->expires, expires)) {
1106 ret = 1;
1107 goto out_unlock;
1108 }
1109
1110 clk = base->clk;
1111 idx = calc_wheel_index(expires, clk, &bucket_expiry);
1112
1113 /*
1114 * Retrieve and compare the array index of the pending
1115 * timer. If it matches set the expiry to the new value so a
1116 * subsequent call will exit in the expires check above.
1117 */
1118 if (idx == timer_get_idx(timer)) {
1119 if (!(options & MOD_TIMER_REDUCE))
1120 timer->expires = expires;
1121 else if (time_after(timer->expires, expires))
1122 timer->expires = expires;
1123 ret = 1;
1124 goto out_unlock;
1125 }
1126 } else {
1127 base = lock_timer_base(timer, &flags);
1128 /*
1129 * Has @timer been shutdown? This needs to be evaluated
1130 * while holding base lock to prevent a race against the
1131 * shutdown code.
1132 */
1133 if (!timer->function)
1134 goto out_unlock;
1135
1136 forward_timer_base(base);
1137 }
1138
1139 ret = detach_if_pending(timer, base, false);
1140 if (!ret && (options & MOD_TIMER_PENDING_ONLY))
1141 goto out_unlock;
1142
1143 new_base = get_timer_this_cpu_base(timer->flags);
1144
1145 if (base != new_base) {
1146 /*
1147 * We are trying to schedule the timer on the new base.
1148 * However we can't change timer's base while it is running,
1149 * otherwise timer_delete_sync() can't detect that the timer's
1150 * handler yet has not finished. This also guarantees that the
1151 * timer is serialized wrt itself.
1152 */
1153 if (likely(base->running_timer != timer)) {
1154 /* See the comment in lock_timer_base() */
1155 timer->flags |= TIMER_MIGRATING;
1156
1157 raw_spin_unlock(&base->lock);
1158 base = new_base;
1159 raw_spin_lock(&base->lock);
1160 WRITE_ONCE(timer->flags,
1161 (timer->flags & ~TIMER_BASEMASK) | base->cpu);
1162 forward_timer_base(base);
1163 }
1164 }
1165
1166 debug_timer_activate(timer);
1167
1168 timer->expires = expires;
1169 /*
1170 * If 'idx' was calculated above and the base time did not advance
1171 * between calculating 'idx' and possibly switching the base, only
1172 * enqueue_timer() is required. Otherwise we need to (re)calculate
1173 * the wheel index via internal_add_timer().
1174 */
1175 if (idx != UINT_MAX && clk == base->clk)
1176 enqueue_timer(base, timer, idx, bucket_expiry);
1177 else
1178 internal_add_timer(base, timer);
1179
1180 out_unlock:
1181 raw_spin_unlock_irqrestore(&base->lock, flags);
1182
1183 return ret;
1184 }
1185
1186 /**
1187 * mod_timer_pending - Modify a pending timer's timeout
1188 * @timer: The pending timer to be modified
1189 * @expires: New absolute timeout in jiffies
1190 *
1191 * mod_timer_pending() is the same for pending timers as mod_timer(), but
1192 * will not activate inactive timers.
1193 *
1194 * If @timer->function == NULL then the start operation is silently
1195 * discarded.
1196 *
1197 * Return:
1198 * * %0 - The timer was inactive and not modified or was in
1199 * shutdown state and the operation was discarded
1200 * * %1 - The timer was active and requeued to expire at @expires
1201 */
mod_timer_pending(struct timer_list * timer,unsigned long expires)1202 int mod_timer_pending(struct timer_list *timer, unsigned long expires)
1203 {
1204 return __mod_timer(timer, expires, MOD_TIMER_PENDING_ONLY);
1205 }
1206 EXPORT_SYMBOL(mod_timer_pending);
1207
1208 /**
1209 * mod_timer - Modify a timer's timeout
1210 * @timer: The timer to be modified
1211 * @expires: New absolute timeout in jiffies
1212 *
1213 * mod_timer(timer, expires) is equivalent to:
1214 *
1215 * del_timer(timer); timer->expires = expires; add_timer(timer);
1216 *
1217 * mod_timer() is more efficient than the above open coded sequence. In
1218 * case that the timer is inactive, the del_timer() part is a NOP. The
1219 * timer is in any case activated with the new expiry time @expires.
1220 *
1221 * Note that if there are multiple unserialized concurrent users of the
1222 * same timer, then mod_timer() is the only safe way to modify the timeout,
1223 * since add_timer() cannot modify an already running timer.
1224 *
1225 * If @timer->function == NULL then the start operation is silently
1226 * discarded. In this case the return value is 0 and meaningless.
1227 *
1228 * Return:
1229 * * %0 - The timer was inactive and started or was in shutdown
1230 * state and the operation was discarded
1231 * * %1 - The timer was active and requeued to expire at @expires or
1232 * the timer was active and not modified because @expires did
1233 * not change the effective expiry time
1234 */
mod_timer(struct timer_list * timer,unsigned long expires)1235 int mod_timer(struct timer_list *timer, unsigned long expires)
1236 {
1237 return __mod_timer(timer, expires, 0);
1238 }
1239 EXPORT_SYMBOL(mod_timer);
1240
1241 /**
1242 * timer_reduce - Modify a timer's timeout if it would reduce the timeout
1243 * @timer: The timer to be modified
1244 * @expires: New absolute timeout in jiffies
1245 *
1246 * timer_reduce() is very similar to mod_timer(), except that it will only
1247 * modify an enqueued timer if that would reduce the expiration time. If
1248 * @timer is not enqueued it starts the timer.
1249 *
1250 * If @timer->function == NULL then the start operation is silently
1251 * discarded.
1252 *
1253 * Return:
1254 * * %0 - The timer was inactive and started or was in shutdown
1255 * state and the operation was discarded
1256 * * %1 - The timer was active and requeued to expire at @expires or
1257 * the timer was active and not modified because @expires
1258 * did not change the effective expiry time such that the
1259 * timer would expire earlier than already scheduled
1260 */
timer_reduce(struct timer_list * timer,unsigned long expires)1261 int timer_reduce(struct timer_list *timer, unsigned long expires)
1262 {
1263 return __mod_timer(timer, expires, MOD_TIMER_REDUCE);
1264 }
1265 EXPORT_SYMBOL(timer_reduce);
1266
1267 /**
1268 * add_timer - Start a timer
1269 * @timer: The timer to be started
1270 *
1271 * Start @timer to expire at @timer->expires in the future. @timer->expires
1272 * is the absolute expiry time measured in 'jiffies'. When the timer expires
1273 * timer->function(timer) will be invoked from soft interrupt context.
1274 *
1275 * The @timer->expires and @timer->function fields must be set prior
1276 * to calling this function.
1277 *
1278 * If @timer->function == NULL then the start operation is silently
1279 * discarded.
1280 *
1281 * If @timer->expires is already in the past @timer will be queued to
1282 * expire at the next timer tick.
1283 *
1284 * This can only operate on an inactive timer. Attempts to invoke this on
1285 * an active timer are rejected with a warning.
1286 */
add_timer(struct timer_list * timer)1287 void add_timer(struct timer_list *timer)
1288 {
1289 if (WARN_ON_ONCE(timer_pending(timer)))
1290 return;
1291 __mod_timer(timer, timer->expires, MOD_TIMER_NOTPENDING);
1292 }
1293 EXPORT_SYMBOL(add_timer);
1294
1295 /**
1296 * add_timer_local() - Start a timer on the local CPU
1297 * @timer: The timer to be started
1298 *
1299 * Same as add_timer() except that the timer flag TIMER_PINNED is set.
1300 *
1301 * See add_timer() for further details.
1302 */
add_timer_local(struct timer_list * timer)1303 void add_timer_local(struct timer_list *timer)
1304 {
1305 if (WARN_ON_ONCE(timer_pending(timer)))
1306 return;
1307 timer->flags |= TIMER_PINNED;
1308 __mod_timer(timer, timer->expires, MOD_TIMER_NOTPENDING);
1309 }
1310 EXPORT_SYMBOL(add_timer_local);
1311
1312 /**
1313 * add_timer_global() - Start a timer without TIMER_PINNED flag set
1314 * @timer: The timer to be started
1315 *
1316 * Same as add_timer() except that the timer flag TIMER_PINNED is unset.
1317 *
1318 * See add_timer() for further details.
1319 */
add_timer_global(struct timer_list * timer)1320 void add_timer_global(struct timer_list *timer)
1321 {
1322 if (WARN_ON_ONCE(timer_pending(timer)))
1323 return;
1324 timer->flags &= ~TIMER_PINNED;
1325 __mod_timer(timer, timer->expires, MOD_TIMER_NOTPENDING);
1326 }
1327 EXPORT_SYMBOL(add_timer_global);
1328
1329 /**
1330 * add_timer_on - Start a timer on a particular CPU
1331 * @timer: The timer to be started
1332 * @cpu: The CPU to start it on
1333 *
1334 * Same as add_timer() except that it starts the timer on the given CPU and
1335 * the TIMER_PINNED flag is set. When timer shouldn't be a pinned timer in
1336 * the next round, add_timer_global() should be used instead as it unsets
1337 * the TIMER_PINNED flag.
1338 *
1339 * See add_timer() for further details.
1340 */
add_timer_on(struct timer_list * timer,int cpu)1341 void add_timer_on(struct timer_list *timer, int cpu)
1342 {
1343 struct timer_base *new_base, *base;
1344 unsigned long flags;
1345
1346 debug_assert_init(timer);
1347
1348 if (WARN_ON_ONCE(timer_pending(timer)))
1349 return;
1350
1351 /* Make sure timer flags have TIMER_PINNED flag set */
1352 timer->flags |= TIMER_PINNED;
1353
1354 new_base = get_timer_cpu_base(timer->flags, cpu);
1355
1356 /*
1357 * If @timer was on a different CPU, it should be migrated with the
1358 * old base locked to prevent other operations proceeding with the
1359 * wrong base locked. See lock_timer_base().
1360 */
1361 base = lock_timer_base(timer, &flags);
1362 /*
1363 * Has @timer been shutdown? This needs to be evaluated while
1364 * holding base lock to prevent a race against the shutdown code.
1365 */
1366 if (!timer->function)
1367 goto out_unlock;
1368
1369 if (base != new_base) {
1370 timer->flags |= TIMER_MIGRATING;
1371
1372 raw_spin_unlock(&base->lock);
1373 base = new_base;
1374 raw_spin_lock(&base->lock);
1375 WRITE_ONCE(timer->flags,
1376 (timer->flags & ~TIMER_BASEMASK) | cpu);
1377 }
1378 forward_timer_base(base);
1379
1380 debug_timer_activate(timer);
1381 internal_add_timer(base, timer);
1382 out_unlock:
1383 raw_spin_unlock_irqrestore(&base->lock, flags);
1384 }
1385 EXPORT_SYMBOL_GPL(add_timer_on);
1386
1387 /**
1388 * __timer_delete - Internal function: Deactivate a timer
1389 * @timer: The timer to be deactivated
1390 * @shutdown: If true, this indicates that the timer is about to be
1391 * shutdown permanently.
1392 *
1393 * If @shutdown is true then @timer->function is set to NULL under the
1394 * timer base lock which prevents further rearming of the time. In that
1395 * case any attempt to rearm @timer after this function returns will be
1396 * silently ignored.
1397 *
1398 * Return:
1399 * * %0 - The timer was not pending
1400 * * %1 - The timer was pending and deactivated
1401 */
__timer_delete(struct timer_list * timer,bool shutdown)1402 static int __timer_delete(struct timer_list *timer, bool shutdown)
1403 {
1404 struct timer_base *base;
1405 unsigned long flags;
1406 int ret = 0;
1407
1408 debug_assert_init(timer);
1409
1410 /*
1411 * If @shutdown is set then the lock has to be taken whether the
1412 * timer is pending or not to protect against a concurrent rearm
1413 * which might hit between the lockless pending check and the lock
1414 * acquisition. By taking the lock it is ensured that such a newly
1415 * enqueued timer is dequeued and cannot end up with
1416 * timer->function == NULL in the expiry code.
1417 *
1418 * If timer->function is currently executed, then this makes sure
1419 * that the callback cannot requeue the timer.
1420 */
1421 if (timer_pending(timer) || shutdown) {
1422 base = lock_timer_base(timer, &flags);
1423 ret = detach_if_pending(timer, base, true);
1424 if (shutdown)
1425 timer->function = NULL;
1426 raw_spin_unlock_irqrestore(&base->lock, flags);
1427 }
1428
1429 return ret;
1430 }
1431
1432 /**
1433 * timer_delete - Deactivate a timer
1434 * @timer: The timer to be deactivated
1435 *
1436 * The function only deactivates a pending timer, but contrary to
1437 * timer_delete_sync() it does not take into account whether the timer's
1438 * callback function is concurrently executed on a different CPU or not.
1439 * It neither prevents rearming of the timer. If @timer can be rearmed
1440 * concurrently then the return value of this function is meaningless.
1441 *
1442 * Return:
1443 * * %0 - The timer was not pending
1444 * * %1 - The timer was pending and deactivated
1445 */
timer_delete(struct timer_list * timer)1446 int timer_delete(struct timer_list *timer)
1447 {
1448 return __timer_delete(timer, false);
1449 }
1450 EXPORT_SYMBOL(timer_delete);
1451
1452 /**
1453 * timer_shutdown - Deactivate a timer and prevent rearming
1454 * @timer: The timer to be deactivated
1455 *
1456 * The function does not wait for an eventually running timer callback on a
1457 * different CPU but it prevents rearming of the timer. Any attempt to arm
1458 * @timer after this function returns will be silently ignored.
1459 *
1460 * This function is useful for teardown code and should only be used when
1461 * timer_shutdown_sync() cannot be invoked due to locking or context constraints.
1462 *
1463 * Return:
1464 * * %0 - The timer was not pending
1465 * * %1 - The timer was pending
1466 */
timer_shutdown(struct timer_list * timer)1467 int timer_shutdown(struct timer_list *timer)
1468 {
1469 return __timer_delete(timer, true);
1470 }
1471 EXPORT_SYMBOL_GPL(timer_shutdown);
1472
1473 /**
1474 * __try_to_del_timer_sync - Internal function: Try to deactivate a timer
1475 * @timer: Timer to deactivate
1476 * @shutdown: If true, this indicates that the timer is about to be
1477 * shutdown permanently.
1478 *
1479 * If @shutdown is true then @timer->function is set to NULL under the
1480 * timer base lock which prevents further rearming of the timer. Any
1481 * attempt to rearm @timer after this function returns will be silently
1482 * ignored.
1483 *
1484 * This function cannot guarantee that the timer cannot be rearmed
1485 * right after dropping the base lock if @shutdown is false. That
1486 * needs to be prevented by the calling code if necessary.
1487 *
1488 * Return:
1489 * * %0 - The timer was not pending
1490 * * %1 - The timer was pending and deactivated
1491 * * %-1 - The timer callback function is running on a different CPU
1492 */
__try_to_del_timer_sync(struct timer_list * timer,bool shutdown)1493 static int __try_to_del_timer_sync(struct timer_list *timer, bool shutdown)
1494 {
1495 struct timer_base *base;
1496 unsigned long flags;
1497 int ret = -1;
1498
1499 debug_assert_init(timer);
1500
1501 base = lock_timer_base(timer, &flags);
1502
1503 if (base->running_timer != timer)
1504 ret = detach_if_pending(timer, base, true);
1505 if (shutdown)
1506 timer->function = NULL;
1507
1508 raw_spin_unlock_irqrestore(&base->lock, flags);
1509
1510 return ret;
1511 }
1512
1513 /**
1514 * try_to_del_timer_sync - Try to deactivate a timer
1515 * @timer: Timer to deactivate
1516 *
1517 * This function tries to deactivate a timer. On success the timer is not
1518 * queued and the timer callback function is not running on any CPU.
1519 *
1520 * This function does not guarantee that the timer cannot be rearmed right
1521 * after dropping the base lock. That needs to be prevented by the calling
1522 * code if necessary.
1523 *
1524 * Return:
1525 * * %0 - The timer was not pending
1526 * * %1 - The timer was pending and deactivated
1527 * * %-1 - The timer callback function is running on a different CPU
1528 */
try_to_del_timer_sync(struct timer_list * timer)1529 int try_to_del_timer_sync(struct timer_list *timer)
1530 {
1531 return __try_to_del_timer_sync(timer, false);
1532 }
1533 EXPORT_SYMBOL(try_to_del_timer_sync);
1534
1535 #ifdef CONFIG_PREEMPT_RT
timer_base_init_expiry_lock(struct timer_base * base)1536 static __init void timer_base_init_expiry_lock(struct timer_base *base)
1537 {
1538 spin_lock_init(&base->expiry_lock);
1539 }
1540
timer_base_lock_expiry(struct timer_base * base)1541 static inline void timer_base_lock_expiry(struct timer_base *base)
1542 {
1543 spin_lock(&base->expiry_lock);
1544 }
1545
timer_base_unlock_expiry(struct timer_base * base)1546 static inline void timer_base_unlock_expiry(struct timer_base *base)
1547 {
1548 spin_unlock(&base->expiry_lock);
1549 }
1550
1551 /*
1552 * The counterpart to del_timer_wait_running().
1553 *
1554 * If there is a waiter for base->expiry_lock, then it was waiting for the
1555 * timer callback to finish. Drop expiry_lock and reacquire it. That allows
1556 * the waiter to acquire the lock and make progress.
1557 */
timer_sync_wait_running(struct timer_base * base)1558 static void timer_sync_wait_running(struct timer_base *base)
1559 __releases(&base->lock) __releases(&base->expiry_lock)
1560 __acquires(&base->expiry_lock) __acquires(&base->lock)
1561 {
1562 if (atomic_read(&base->timer_waiters)) {
1563 raw_spin_unlock_irq(&base->lock);
1564 spin_unlock(&base->expiry_lock);
1565 spin_lock(&base->expiry_lock);
1566 raw_spin_lock_irq(&base->lock);
1567 }
1568 }
1569
1570 /*
1571 * This function is called on PREEMPT_RT kernels when the fast path
1572 * deletion of a timer failed because the timer callback function was
1573 * running.
1574 *
1575 * This prevents priority inversion, if the softirq thread on a remote CPU
1576 * got preempted, and it prevents a life lock when the task which tries to
1577 * delete a timer preempted the softirq thread running the timer callback
1578 * function.
1579 */
del_timer_wait_running(struct timer_list * timer)1580 static void del_timer_wait_running(struct timer_list *timer)
1581 {
1582 u32 tf;
1583
1584 tf = READ_ONCE(timer->flags);
1585 if (!(tf & (TIMER_MIGRATING | TIMER_IRQSAFE))) {
1586 struct timer_base *base = get_timer_base(tf);
1587
1588 /*
1589 * Mark the base as contended and grab the expiry lock,
1590 * which is held by the softirq across the timer
1591 * callback. Drop the lock immediately so the softirq can
1592 * expire the next timer. In theory the timer could already
1593 * be running again, but that's more than unlikely and just
1594 * causes another wait loop.
1595 */
1596 atomic_inc(&base->timer_waiters);
1597 spin_lock_bh(&base->expiry_lock);
1598 atomic_dec(&base->timer_waiters);
1599 spin_unlock_bh(&base->expiry_lock);
1600 }
1601 }
1602 #else
timer_base_init_expiry_lock(struct timer_base * base)1603 static inline void timer_base_init_expiry_lock(struct timer_base *base) { }
timer_base_lock_expiry(struct timer_base * base)1604 static inline void timer_base_lock_expiry(struct timer_base *base) { }
timer_base_unlock_expiry(struct timer_base * base)1605 static inline void timer_base_unlock_expiry(struct timer_base *base) { }
timer_sync_wait_running(struct timer_base * base)1606 static inline void timer_sync_wait_running(struct timer_base *base) { }
del_timer_wait_running(struct timer_list * timer)1607 static inline void del_timer_wait_running(struct timer_list *timer) { }
1608 #endif
1609
1610 /**
1611 * __timer_delete_sync - Internal function: Deactivate a timer and wait
1612 * for the handler to finish.
1613 * @timer: The timer to be deactivated
1614 * @shutdown: If true, @timer->function will be set to NULL under the
1615 * timer base lock which prevents rearming of @timer
1616 *
1617 * If @shutdown is not set the timer can be rearmed later. If the timer can
1618 * be rearmed concurrently, i.e. after dropping the base lock then the
1619 * return value is meaningless.
1620 *
1621 * If @shutdown is set then @timer->function is set to NULL under timer
1622 * base lock which prevents rearming of the timer. Any attempt to rearm
1623 * a shutdown timer is silently ignored.
1624 *
1625 * If the timer should be reused after shutdown it has to be initialized
1626 * again.
1627 *
1628 * Return:
1629 * * %0 - The timer was not pending
1630 * * %1 - The timer was pending and deactivated
1631 */
__timer_delete_sync(struct timer_list * timer,bool shutdown)1632 static int __timer_delete_sync(struct timer_list *timer, bool shutdown)
1633 {
1634 int ret;
1635
1636 #ifdef CONFIG_LOCKDEP
1637 unsigned long flags;
1638
1639 /*
1640 * If lockdep gives a backtrace here, please reference
1641 * the synchronization rules above.
1642 */
1643 local_irq_save(flags);
1644 lock_map_acquire(&timer->lockdep_map);
1645 lock_map_release(&timer->lockdep_map);
1646 local_irq_restore(flags);
1647 #endif
1648 /*
1649 * don't use it in hardirq context, because it
1650 * could lead to deadlock.
1651 */
1652 WARN_ON(in_hardirq() && !(timer->flags & TIMER_IRQSAFE));
1653
1654 /*
1655 * Must be able to sleep on PREEMPT_RT because of the slowpath in
1656 * del_timer_wait_running().
1657 */
1658 if (IS_ENABLED(CONFIG_PREEMPT_RT) && !(timer->flags & TIMER_IRQSAFE))
1659 lockdep_assert_preemption_enabled();
1660
1661 do {
1662 ret = __try_to_del_timer_sync(timer, shutdown);
1663
1664 if (unlikely(ret < 0)) {
1665 del_timer_wait_running(timer);
1666 cpu_relax();
1667 }
1668 } while (ret < 0);
1669
1670 return ret;
1671 }
1672
1673 /**
1674 * timer_delete_sync - Deactivate a timer and wait for the handler to finish.
1675 * @timer: The timer to be deactivated
1676 *
1677 * Synchronization rules: Callers must prevent restarting of the timer,
1678 * otherwise this function is meaningless. It must not be called from
1679 * interrupt contexts unless the timer is an irqsafe one. The caller must
1680 * not hold locks which would prevent completion of the timer's callback
1681 * function. The timer's handler must not call add_timer_on(). Upon exit
1682 * the timer is not queued and the handler is not running on any CPU.
1683 *
1684 * For !irqsafe timers, the caller must not hold locks that are held in
1685 * interrupt context. Even if the lock has nothing to do with the timer in
1686 * question. Here's why::
1687 *
1688 * CPU0 CPU1
1689 * ---- ----
1690 * <SOFTIRQ>
1691 * call_timer_fn();
1692 * base->running_timer = mytimer;
1693 * spin_lock_irq(somelock);
1694 * <IRQ>
1695 * spin_lock(somelock);
1696 * timer_delete_sync(mytimer);
1697 * while (base->running_timer == mytimer);
1698 *
1699 * Now timer_delete_sync() will never return and never release somelock.
1700 * The interrupt on the other CPU is waiting to grab somelock but it has
1701 * interrupted the softirq that CPU0 is waiting to finish.
1702 *
1703 * This function cannot guarantee that the timer is not rearmed again by
1704 * some concurrent or preempting code, right after it dropped the base
1705 * lock. If there is the possibility of a concurrent rearm then the return
1706 * value of the function is meaningless.
1707 *
1708 * If such a guarantee is needed, e.g. for teardown situations then use
1709 * timer_shutdown_sync() instead.
1710 *
1711 * Return:
1712 * * %0 - The timer was not pending
1713 * * %1 - The timer was pending and deactivated
1714 */
timer_delete_sync(struct timer_list * timer)1715 int timer_delete_sync(struct timer_list *timer)
1716 {
1717 return __timer_delete_sync(timer, false);
1718 }
1719 EXPORT_SYMBOL(timer_delete_sync);
1720
1721 /**
1722 * timer_shutdown_sync - Shutdown a timer and prevent rearming
1723 * @timer: The timer to be shutdown
1724 *
1725 * When the function returns it is guaranteed that:
1726 * - @timer is not queued
1727 * - The callback function of @timer is not running
1728 * - @timer cannot be enqueued again. Any attempt to rearm
1729 * @timer is silently ignored.
1730 *
1731 * See timer_delete_sync() for synchronization rules.
1732 *
1733 * This function is useful for final teardown of an infrastructure where
1734 * the timer is subject to a circular dependency problem.
1735 *
1736 * A common pattern for this is a timer and a workqueue where the timer can
1737 * schedule work and work can arm the timer. On shutdown the workqueue must
1738 * be destroyed and the timer must be prevented from rearming. Unless the
1739 * code has conditionals like 'if (mything->in_shutdown)' to prevent that
1740 * there is no way to get this correct with timer_delete_sync().
1741 *
1742 * timer_shutdown_sync() is solving the problem. The correct ordering of
1743 * calls in this case is:
1744 *
1745 * timer_shutdown_sync(&mything->timer);
1746 * workqueue_destroy(&mything->workqueue);
1747 *
1748 * After this 'mything' can be safely freed.
1749 *
1750 * This obviously implies that the timer is not required to be functional
1751 * for the rest of the shutdown operation.
1752 *
1753 * Return:
1754 * * %0 - The timer was not pending
1755 * * %1 - The timer was pending
1756 */
timer_shutdown_sync(struct timer_list * timer)1757 int timer_shutdown_sync(struct timer_list *timer)
1758 {
1759 return __timer_delete_sync(timer, true);
1760 }
1761 EXPORT_SYMBOL_GPL(timer_shutdown_sync);
1762
call_timer_fn(struct timer_list * timer,void (* fn)(struct timer_list *),unsigned long baseclk)1763 static void call_timer_fn(struct timer_list *timer,
1764 void (*fn)(struct timer_list *),
1765 unsigned long baseclk)
1766 {
1767 int count = preempt_count();
1768
1769 #ifdef CONFIG_LOCKDEP
1770 /*
1771 * It is permissible to free the timer from inside the
1772 * function that is called from it, this we need to take into
1773 * account for lockdep too. To avoid bogus "held lock freed"
1774 * warnings as well as problems when looking into
1775 * timer->lockdep_map, make a copy and use that here.
1776 */
1777 struct lockdep_map lockdep_map;
1778
1779 lockdep_copy_map(&lockdep_map, &timer->lockdep_map);
1780 #endif
1781 /*
1782 * Couple the lock chain with the lock chain at
1783 * timer_delete_sync() by acquiring the lock_map around the fn()
1784 * call here and in timer_delete_sync().
1785 */
1786 lock_map_acquire(&lockdep_map);
1787
1788 trace_timer_expire_entry(timer, baseclk);
1789 fn(timer);
1790 trace_timer_expire_exit(timer);
1791
1792 lock_map_release(&lockdep_map);
1793
1794 if (count != preempt_count()) {
1795 WARN_ONCE(1, "timer: %pS preempt leak: %08x -> %08x\n",
1796 fn, count, preempt_count());
1797 /*
1798 * Restore the preempt count. That gives us a decent
1799 * chance to survive and extract information. If the
1800 * callback kept a lock held, bad luck, but not worse
1801 * than the BUG() we had.
1802 */
1803 preempt_count_set(count);
1804 }
1805 }
1806
expire_timers(struct timer_base * base,struct hlist_head * head)1807 static void expire_timers(struct timer_base *base, struct hlist_head *head)
1808 {
1809 /*
1810 * This value is required only for tracing. base->clk was
1811 * incremented directly before expire_timers was called. But expiry
1812 * is related to the old base->clk value.
1813 */
1814 unsigned long baseclk = base->clk - 1;
1815
1816 while (!hlist_empty(head)) {
1817 struct timer_list *timer;
1818 void (*fn)(struct timer_list *);
1819
1820 timer = hlist_entry(head->first, struct timer_list, entry);
1821
1822 base->running_timer = timer;
1823 detach_timer(timer, true);
1824
1825 fn = timer->function;
1826
1827 if (WARN_ON_ONCE(!fn)) {
1828 /* Should never happen. Emphasis on should! */
1829 base->running_timer = NULL;
1830 continue;
1831 }
1832
1833 if (timer->flags & TIMER_IRQSAFE) {
1834 raw_spin_unlock(&base->lock);
1835 call_timer_fn(timer, fn, baseclk);
1836 raw_spin_lock(&base->lock);
1837 base->running_timer = NULL;
1838 } else {
1839 raw_spin_unlock_irq(&base->lock);
1840 call_timer_fn(timer, fn, baseclk);
1841 raw_spin_lock_irq(&base->lock);
1842 base->running_timer = NULL;
1843 timer_sync_wait_running(base);
1844 }
1845 }
1846 }
1847
collect_expired_timers(struct timer_base * base,struct hlist_head * heads)1848 static int collect_expired_timers(struct timer_base *base,
1849 struct hlist_head *heads)
1850 {
1851 unsigned long clk = base->clk = base->next_expiry;
1852 struct hlist_head *vec;
1853 int i, levels = 0;
1854 unsigned int idx;
1855
1856 for (i = 0; i < LVL_DEPTH; i++) {
1857 idx = (clk & LVL_MASK) + i * LVL_SIZE;
1858
1859 if (__test_and_clear_bit(idx, base->pending_map)) {
1860 vec = base->vectors + idx;
1861 hlist_move_list(vec, heads++);
1862 levels++;
1863 }
1864 /* Is it time to look at the next level? */
1865 if (clk & LVL_CLK_MASK)
1866 break;
1867 /* Shift clock for the next level granularity */
1868 clk >>= LVL_CLK_SHIFT;
1869 }
1870 return levels;
1871 }
1872
1873 /*
1874 * Find the next pending bucket of a level. Search from level start (@offset)
1875 * + @clk upwards and if nothing there, search from start of the level
1876 * (@offset) up to @offset + clk.
1877 */
next_pending_bucket(struct timer_base * base,unsigned offset,unsigned clk)1878 static int next_pending_bucket(struct timer_base *base, unsigned offset,
1879 unsigned clk)
1880 {
1881 unsigned pos, start = offset + clk;
1882 unsigned end = offset + LVL_SIZE;
1883
1884 pos = find_next_bit(base->pending_map, end, start);
1885 if (pos < end)
1886 return pos - start;
1887
1888 pos = find_next_bit(base->pending_map, start, offset);
1889 return pos < start ? pos + LVL_SIZE - start : -1;
1890 }
1891
1892 /*
1893 * Search the first expiring timer in the various clock levels. Caller must
1894 * hold base->lock.
1895 *
1896 * Store next expiry time in base->next_expiry.
1897 */
timer_recalc_next_expiry(struct timer_base * base)1898 static void timer_recalc_next_expiry(struct timer_base *base)
1899 {
1900 unsigned long clk, next, adj;
1901 unsigned lvl, offset = 0;
1902
1903 next = base->clk + NEXT_TIMER_MAX_DELTA;
1904 clk = base->clk;
1905 for (lvl = 0; lvl < LVL_DEPTH; lvl++, offset += LVL_SIZE) {
1906 int pos = next_pending_bucket(base, offset, clk & LVL_MASK);
1907 unsigned long lvl_clk = clk & LVL_CLK_MASK;
1908
1909 if (pos >= 0) {
1910 unsigned long tmp = clk + (unsigned long) pos;
1911
1912 tmp <<= LVL_SHIFT(lvl);
1913 if (time_before(tmp, next))
1914 next = tmp;
1915
1916 /*
1917 * If the next expiration happens before we reach
1918 * the next level, no need to check further.
1919 */
1920 if (pos <= ((LVL_CLK_DIV - lvl_clk) & LVL_CLK_MASK))
1921 break;
1922 }
1923 /*
1924 * Clock for the next level. If the current level clock lower
1925 * bits are zero, we look at the next level as is. If not we
1926 * need to advance it by one because that's going to be the
1927 * next expiring bucket in that level. base->clk is the next
1928 * expiring jiffy. So in case of:
1929 *
1930 * LVL5 LVL4 LVL3 LVL2 LVL1 LVL0
1931 * 0 0 0 0 0 0
1932 *
1933 * we have to look at all levels @index 0. With
1934 *
1935 * LVL5 LVL4 LVL3 LVL2 LVL1 LVL0
1936 * 0 0 0 0 0 2
1937 *
1938 * LVL0 has the next expiring bucket @index 2. The upper
1939 * levels have the next expiring bucket @index 1.
1940 *
1941 * In case that the propagation wraps the next level the same
1942 * rules apply:
1943 *
1944 * LVL5 LVL4 LVL3 LVL2 LVL1 LVL0
1945 * 0 0 0 0 F 2
1946 *
1947 * So after looking at LVL0 we get:
1948 *
1949 * LVL5 LVL4 LVL3 LVL2 LVL1
1950 * 0 0 0 1 0
1951 *
1952 * So no propagation from LVL1 to LVL2 because that happened
1953 * with the add already, but then we need to propagate further
1954 * from LVL2 to LVL3.
1955 *
1956 * So the simple check whether the lower bits of the current
1957 * level are 0 or not is sufficient for all cases.
1958 */
1959 adj = lvl_clk ? 1 : 0;
1960 clk >>= LVL_CLK_SHIFT;
1961 clk += adj;
1962 }
1963
1964 WRITE_ONCE(base->next_expiry, next);
1965 base->next_expiry_recalc = false;
1966 base->timers_pending = !(next == base->clk + NEXT_TIMER_MAX_DELTA);
1967 }
1968
1969 #ifdef CONFIG_NO_HZ_COMMON
1970 /*
1971 * Check, if the next hrtimer event is before the next timer wheel
1972 * event:
1973 */
cmp_next_hrtimer_event(u64 basem,u64 expires)1974 static u64 cmp_next_hrtimer_event(u64 basem, u64 expires)
1975 {
1976 u64 nextevt = hrtimer_get_next_event();
1977
1978 /*
1979 * If high resolution timers are enabled
1980 * hrtimer_get_next_event() returns KTIME_MAX.
1981 */
1982 if (expires <= nextevt)
1983 return expires;
1984
1985 /*
1986 * If the next timer is already expired, return the tick base
1987 * time so the tick is fired immediately.
1988 */
1989 if (nextevt <= basem)
1990 return basem;
1991
1992 /*
1993 * Round up to the next jiffy. High resolution timers are
1994 * off, so the hrtimers are expired in the tick and we need to
1995 * make sure that this tick really expires the timer to avoid
1996 * a ping pong of the nohz stop code.
1997 *
1998 * Use DIV_ROUND_UP_ULL to prevent gcc calling __divdi3
1999 */
2000 return DIV_ROUND_UP_ULL(nextevt, TICK_NSEC) * TICK_NSEC;
2001 }
2002
next_timer_interrupt(struct timer_base * base,unsigned long basej)2003 static unsigned long next_timer_interrupt(struct timer_base *base,
2004 unsigned long basej)
2005 {
2006 if (base->next_expiry_recalc)
2007 timer_recalc_next_expiry(base);
2008
2009 /*
2010 * Move next_expiry for the empty base into the future to prevent an
2011 * unnecessary raise of the timer softirq when the next_expiry value
2012 * will be reached even if there is no timer pending.
2013 *
2014 * This update is also required to make timer_base::next_expiry values
2015 * easy comparable to find out which base holds the first pending timer.
2016 */
2017 if (!base->timers_pending)
2018 WRITE_ONCE(base->next_expiry, basej + NEXT_TIMER_MAX_DELTA);
2019
2020 return base->next_expiry;
2021 }
2022
fetch_next_timer_interrupt(unsigned long basej,u64 basem,struct timer_base * base_local,struct timer_base * base_global,struct timer_events * tevt)2023 static unsigned long fetch_next_timer_interrupt(unsigned long basej, u64 basem,
2024 struct timer_base *base_local,
2025 struct timer_base *base_global,
2026 struct timer_events *tevt)
2027 {
2028 unsigned long nextevt, nextevt_local, nextevt_global;
2029 bool local_first;
2030
2031 nextevt_local = next_timer_interrupt(base_local, basej);
2032 nextevt_global = next_timer_interrupt(base_global, basej);
2033
2034 local_first = time_before_eq(nextevt_local, nextevt_global);
2035
2036 nextevt = local_first ? nextevt_local : nextevt_global;
2037
2038 /*
2039 * If the @nextevt is at max. one tick away, use @nextevt and store
2040 * it in the local expiry value. The next global event is irrelevant in
2041 * this case and can be left as KTIME_MAX.
2042 */
2043 if (time_before_eq(nextevt, basej + 1)) {
2044 /* If we missed a tick already, force 0 delta */
2045 if (time_before(nextevt, basej))
2046 nextevt = basej;
2047 tevt->local = basem + (u64)(nextevt - basej) * TICK_NSEC;
2048
2049 /*
2050 * This is required for the remote check only but it doesn't
2051 * hurt, when it is done for both call sites:
2052 *
2053 * * The remote callers will only take care of the global timers
2054 * as local timers will be handled by CPU itself. When not
2055 * updating tevt->global with the already missed first global
2056 * timer, it is possible that it will be missed completely.
2057 *
2058 * * The local callers will ignore the tevt->global anyway, when
2059 * nextevt is max. one tick away.
2060 */
2061 if (!local_first)
2062 tevt->global = tevt->local;
2063 return nextevt;
2064 }
2065
2066 /*
2067 * Update tevt.* values:
2068 *
2069 * If the local queue expires first, then the global event can be
2070 * ignored. If the global queue is empty, nothing to do either.
2071 */
2072 if (!local_first && base_global->timers_pending)
2073 tevt->global = basem + (u64)(nextevt_global - basej) * TICK_NSEC;
2074
2075 if (base_local->timers_pending)
2076 tevt->local = basem + (u64)(nextevt_local - basej) * TICK_NSEC;
2077
2078 return nextevt;
2079 }
2080
2081 # ifdef CONFIG_SMP
2082 /**
2083 * fetch_next_timer_interrupt_remote() - Store next timers into @tevt
2084 * @basej: base time jiffies
2085 * @basem: base time clock monotonic
2086 * @tevt: Pointer to the storage for the expiry values
2087 * @cpu: Remote CPU
2088 *
2089 * Stores the next pending local and global timer expiry values in the
2090 * struct pointed to by @tevt. If a queue is empty the corresponding
2091 * field is set to KTIME_MAX. If local event expires before global
2092 * event, global event is set to KTIME_MAX as well.
2093 *
2094 * Caller needs to make sure timer base locks are held (use
2095 * timer_lock_remote_bases() for this purpose).
2096 */
fetch_next_timer_interrupt_remote(unsigned long basej,u64 basem,struct timer_events * tevt,unsigned int cpu)2097 void fetch_next_timer_interrupt_remote(unsigned long basej, u64 basem,
2098 struct timer_events *tevt,
2099 unsigned int cpu)
2100 {
2101 struct timer_base *base_local, *base_global;
2102
2103 /* Preset local / global events */
2104 tevt->local = tevt->global = KTIME_MAX;
2105
2106 base_local = per_cpu_ptr(&timer_bases[BASE_LOCAL], cpu);
2107 base_global = per_cpu_ptr(&timer_bases[BASE_GLOBAL], cpu);
2108
2109 lockdep_assert_held(&base_local->lock);
2110 lockdep_assert_held(&base_global->lock);
2111
2112 fetch_next_timer_interrupt(basej, basem, base_local, base_global, tevt);
2113 }
2114
2115 /**
2116 * timer_unlock_remote_bases - unlock timer bases of cpu
2117 * @cpu: Remote CPU
2118 *
2119 * Unlocks the remote timer bases.
2120 */
timer_unlock_remote_bases(unsigned int cpu)2121 void timer_unlock_remote_bases(unsigned int cpu)
2122 __releases(timer_bases[BASE_LOCAL]->lock)
2123 __releases(timer_bases[BASE_GLOBAL]->lock)
2124 {
2125 struct timer_base *base_local, *base_global;
2126
2127 base_local = per_cpu_ptr(&timer_bases[BASE_LOCAL], cpu);
2128 base_global = per_cpu_ptr(&timer_bases[BASE_GLOBAL], cpu);
2129
2130 raw_spin_unlock(&base_global->lock);
2131 raw_spin_unlock(&base_local->lock);
2132 }
2133
2134 /**
2135 * timer_lock_remote_bases - lock timer bases of cpu
2136 * @cpu: Remote CPU
2137 *
2138 * Locks the remote timer bases.
2139 */
timer_lock_remote_bases(unsigned int cpu)2140 void timer_lock_remote_bases(unsigned int cpu)
2141 __acquires(timer_bases[BASE_LOCAL]->lock)
2142 __acquires(timer_bases[BASE_GLOBAL]->lock)
2143 {
2144 struct timer_base *base_local, *base_global;
2145
2146 base_local = per_cpu_ptr(&timer_bases[BASE_LOCAL], cpu);
2147 base_global = per_cpu_ptr(&timer_bases[BASE_GLOBAL], cpu);
2148
2149 lockdep_assert_irqs_disabled();
2150
2151 raw_spin_lock(&base_local->lock);
2152 raw_spin_lock_nested(&base_global->lock, SINGLE_DEPTH_NESTING);
2153 }
2154
2155 /**
2156 * timer_base_is_idle() - Return whether timer base is set idle
2157 *
2158 * Returns value of local timer base is_idle value.
2159 */
timer_base_is_idle(void)2160 bool timer_base_is_idle(void)
2161 {
2162 return __this_cpu_read(timer_bases[BASE_LOCAL].is_idle);
2163 }
2164
2165 static void __run_timer_base(struct timer_base *base);
2166
2167 /**
2168 * timer_expire_remote() - expire global timers of cpu
2169 * @cpu: Remote CPU
2170 *
2171 * Expire timers of global base of remote CPU.
2172 */
timer_expire_remote(unsigned int cpu)2173 void timer_expire_remote(unsigned int cpu)
2174 {
2175 struct timer_base *base = per_cpu_ptr(&timer_bases[BASE_GLOBAL], cpu);
2176
2177 __run_timer_base(base);
2178 }
2179
timer_use_tmigr(unsigned long basej,u64 basem,unsigned long * nextevt,bool * tick_stop_path,bool timer_base_idle,struct timer_events * tevt)2180 static void timer_use_tmigr(unsigned long basej, u64 basem,
2181 unsigned long *nextevt, bool *tick_stop_path,
2182 bool timer_base_idle, struct timer_events *tevt)
2183 {
2184 u64 next_tmigr;
2185
2186 if (timer_base_idle)
2187 next_tmigr = tmigr_cpu_new_timer(tevt->global);
2188 else if (tick_stop_path)
2189 next_tmigr = tmigr_cpu_deactivate(tevt->global);
2190 else
2191 next_tmigr = tmigr_quick_check(tevt->global);
2192
2193 /*
2194 * If the CPU is the last going idle in timer migration hierarchy, make
2195 * sure the CPU will wake up in time to handle remote timers.
2196 * next_tmigr == KTIME_MAX if other CPUs are still active.
2197 */
2198 if (next_tmigr < tevt->local) {
2199 u64 tmp;
2200
2201 /* If we missed a tick already, force 0 delta */
2202 if (next_tmigr < basem)
2203 next_tmigr = basem;
2204
2205 tmp = div_u64(next_tmigr - basem, TICK_NSEC);
2206
2207 *nextevt = basej + (unsigned long)tmp;
2208 tevt->local = next_tmigr;
2209 }
2210 }
2211 # else
timer_use_tmigr(unsigned long basej,u64 basem,unsigned long * nextevt,bool * tick_stop_path,bool timer_base_idle,struct timer_events * tevt)2212 static void timer_use_tmigr(unsigned long basej, u64 basem,
2213 unsigned long *nextevt, bool *tick_stop_path,
2214 bool timer_base_idle, struct timer_events *tevt)
2215 {
2216 /*
2217 * Make sure first event is written into tevt->local to not miss a
2218 * timer on !SMP systems.
2219 */
2220 tevt->local = min_t(u64, tevt->local, tevt->global);
2221 }
2222 # endif /* CONFIG_SMP */
2223
__get_next_timer_interrupt(unsigned long basej,u64 basem,bool * idle)2224 static inline u64 __get_next_timer_interrupt(unsigned long basej, u64 basem,
2225 bool *idle)
2226 {
2227 struct timer_events tevt = { .local = KTIME_MAX, .global = KTIME_MAX };
2228 struct timer_base *base_local, *base_global;
2229 unsigned long nextevt;
2230 bool idle_is_possible;
2231
2232 /*
2233 * When the CPU is offline, the tick is cancelled and nothing is supposed
2234 * to try to stop it.
2235 */
2236 if (WARN_ON_ONCE(cpu_is_offline(smp_processor_id()))) {
2237 if (idle)
2238 *idle = true;
2239 return tevt.local;
2240 }
2241
2242 base_local = this_cpu_ptr(&timer_bases[BASE_LOCAL]);
2243 base_global = this_cpu_ptr(&timer_bases[BASE_GLOBAL]);
2244
2245 raw_spin_lock(&base_local->lock);
2246 raw_spin_lock_nested(&base_global->lock, SINGLE_DEPTH_NESTING);
2247
2248 nextevt = fetch_next_timer_interrupt(basej, basem, base_local,
2249 base_global, &tevt);
2250
2251 /*
2252 * If the next event is only one jiffy ahead there is no need to call
2253 * timer migration hierarchy related functions. The value for the next
2254 * global timer in @tevt struct equals then KTIME_MAX. This is also
2255 * true, when the timer base is idle.
2256 *
2257 * The proper timer migration hierarchy function depends on the callsite
2258 * and whether timer base is idle or not. @nextevt will be updated when
2259 * this CPU needs to handle the first timer migration hierarchy
2260 * event. See timer_use_tmigr() for detailed information.
2261 */
2262 idle_is_possible = time_after(nextevt, basej + 1);
2263 if (idle_is_possible)
2264 timer_use_tmigr(basej, basem, &nextevt, idle,
2265 base_local->is_idle, &tevt);
2266
2267 /*
2268 * We have a fresh next event. Check whether we can forward the
2269 * base.
2270 */
2271 __forward_timer_base(base_local, basej);
2272 __forward_timer_base(base_global, basej);
2273
2274 /*
2275 * Set base->is_idle only when caller is timer_base_try_to_set_idle()
2276 */
2277 if (idle) {
2278 /*
2279 * Bases are idle if the next event is more than a tick
2280 * away. Caution: @nextevt could have changed by enqueueing a
2281 * global timer into timer migration hierarchy. Therefore a new
2282 * check is required here.
2283 *
2284 * If the base is marked idle then any timer add operation must
2285 * forward the base clk itself to keep granularity small. This
2286 * idle logic is only maintained for the BASE_LOCAL and
2287 * BASE_GLOBAL base, deferrable timers may still see large
2288 * granularity skew (by design).
2289 */
2290 if (!base_local->is_idle && time_after(nextevt, basej + 1)) {
2291 base_local->is_idle = true;
2292 /*
2293 * Global timers queued locally while running in a task
2294 * in nohz_full mode need a self-IPI to kick reprogramming
2295 * in IRQ tail.
2296 */
2297 if (tick_nohz_full_cpu(base_local->cpu))
2298 base_global->is_idle = true;
2299 trace_timer_base_idle(true, base_local->cpu);
2300 }
2301 *idle = base_local->is_idle;
2302
2303 /*
2304 * When timer base is not set idle, undo the effect of
2305 * tmigr_cpu_deactivate() to prevent inconsistent states - active
2306 * timer base but inactive timer migration hierarchy.
2307 *
2308 * When timer base was already marked idle, nothing will be
2309 * changed here.
2310 */
2311 if (!base_local->is_idle && idle_is_possible)
2312 tmigr_cpu_activate();
2313 }
2314
2315 raw_spin_unlock(&base_global->lock);
2316 raw_spin_unlock(&base_local->lock);
2317
2318 return cmp_next_hrtimer_event(basem, tevt.local);
2319 }
2320
2321 /**
2322 * get_next_timer_interrupt() - return the time (clock mono) of the next timer
2323 * @basej: base time jiffies
2324 * @basem: base time clock monotonic
2325 *
2326 * Returns the tick aligned clock monotonic time of the next pending timer or
2327 * KTIME_MAX if no timer is pending. If timer of global base was queued into
2328 * timer migration hierarchy, first global timer is not taken into account. If
2329 * it was the last CPU of timer migration hierarchy going idle, first global
2330 * event is taken into account.
2331 */
get_next_timer_interrupt(unsigned long basej,u64 basem)2332 u64 get_next_timer_interrupt(unsigned long basej, u64 basem)
2333 {
2334 return __get_next_timer_interrupt(basej, basem, NULL);
2335 }
2336
2337 /**
2338 * timer_base_try_to_set_idle() - Try to set the idle state of the timer bases
2339 * @basej: base time jiffies
2340 * @basem: base time clock monotonic
2341 * @idle: pointer to store the value of timer_base->is_idle on return;
2342 * *idle contains the information whether tick was already stopped
2343 *
2344 * Returns the tick aligned clock monotonic time of the next pending timer or
2345 * KTIME_MAX if no timer is pending. When tick was already stopped KTIME_MAX is
2346 * returned as well.
2347 */
timer_base_try_to_set_idle(unsigned long basej,u64 basem,bool * idle)2348 u64 timer_base_try_to_set_idle(unsigned long basej, u64 basem, bool *idle)
2349 {
2350 if (*idle)
2351 return KTIME_MAX;
2352
2353 return __get_next_timer_interrupt(basej, basem, idle);
2354 }
2355
2356 /**
2357 * timer_clear_idle - Clear the idle state of the timer base
2358 *
2359 * Called with interrupts disabled
2360 */
timer_clear_idle(void)2361 void timer_clear_idle(void)
2362 {
2363 /*
2364 * We do this unlocked. The worst outcome is a remote pinned timer
2365 * enqueue sending a pointless IPI, but taking the lock would just
2366 * make the window for sending the IPI a few instructions smaller
2367 * for the cost of taking the lock in the exit from idle
2368 * path. Required for BASE_LOCAL only.
2369 */
2370 __this_cpu_write(timer_bases[BASE_LOCAL].is_idle, false);
2371 if (tick_nohz_full_cpu(smp_processor_id()))
2372 __this_cpu_write(timer_bases[BASE_GLOBAL].is_idle, false);
2373 trace_timer_base_idle(false, smp_processor_id());
2374
2375 /* Activate without holding the timer_base->lock */
2376 tmigr_cpu_activate();
2377 }
2378 #endif
2379
2380 /**
2381 * __run_timers - run all expired timers (if any) on this CPU.
2382 * @base: the timer vector to be processed.
2383 */
__run_timers(struct timer_base * base)2384 static inline void __run_timers(struct timer_base *base)
2385 {
2386 struct hlist_head heads[LVL_DEPTH];
2387 int levels;
2388
2389 lockdep_assert_held(&base->lock);
2390
2391 if (base->running_timer)
2392 return;
2393
2394 while (time_after_eq(jiffies, base->clk) &&
2395 time_after_eq(jiffies, base->next_expiry)) {
2396 levels = collect_expired_timers(base, heads);
2397 /*
2398 * The two possible reasons for not finding any expired
2399 * timer at this clk are that all matching timers have been
2400 * dequeued or no timer has been queued since
2401 * base::next_expiry was set to base::clk +
2402 * NEXT_TIMER_MAX_DELTA.
2403 */
2404 WARN_ON_ONCE(!levels && !base->next_expiry_recalc
2405 && base->timers_pending);
2406 /*
2407 * While executing timers, base->clk is set 1 offset ahead of
2408 * jiffies to avoid endless requeuing to current jiffies.
2409 */
2410 base->clk++;
2411 timer_recalc_next_expiry(base);
2412
2413 while (levels--)
2414 expire_timers(base, heads + levels);
2415 }
2416 }
2417
__run_timer_base(struct timer_base * base)2418 static void __run_timer_base(struct timer_base *base)
2419 {
2420 /* Can race against a remote CPU updating next_expiry under the lock */
2421 if (time_before(jiffies, READ_ONCE(base->next_expiry)))
2422 return;
2423
2424 timer_base_lock_expiry(base);
2425 raw_spin_lock_irq(&base->lock);
2426 __run_timers(base);
2427 raw_spin_unlock_irq(&base->lock);
2428 timer_base_unlock_expiry(base);
2429 }
2430
run_timer_base(int index)2431 static void run_timer_base(int index)
2432 {
2433 struct timer_base *base = this_cpu_ptr(&timer_bases[index]);
2434
2435 __run_timer_base(base);
2436 }
2437
2438 /*
2439 * This function runs timers and the timer-tq in bottom half context.
2440 */
run_timer_softirq(void)2441 static __latent_entropy void run_timer_softirq(void)
2442 {
2443 run_timer_base(BASE_LOCAL);
2444 if (IS_ENABLED(CONFIG_NO_HZ_COMMON)) {
2445 run_timer_base(BASE_GLOBAL);
2446 run_timer_base(BASE_DEF);
2447
2448 if (is_timers_nohz_active())
2449 tmigr_handle_remote();
2450 }
2451 }
2452
2453 /*
2454 * Called by the local, per-CPU timer interrupt on SMP.
2455 */
run_local_timers(void)2456 static void run_local_timers(void)
2457 {
2458 struct timer_base *base = this_cpu_ptr(&timer_bases[BASE_LOCAL]);
2459
2460 hrtimer_run_queues();
2461
2462 for (int i = 0; i < NR_BASES; i++, base++) {
2463 /*
2464 * Raise the softirq only if required.
2465 *
2466 * timer_base::next_expiry can be written by a remote CPU while
2467 * holding the lock. If this write happens at the same time than
2468 * the lockless local read, sanity checker could complain about
2469 * data corruption.
2470 *
2471 * There are two possible situations where
2472 * timer_base::next_expiry is written by a remote CPU:
2473 *
2474 * 1. Remote CPU expires global timers of this CPU and updates
2475 * timer_base::next_expiry of BASE_GLOBAL afterwards in
2476 * next_timer_interrupt() or timer_recalc_next_expiry(). The
2477 * worst outcome is a superfluous raise of the timer softirq
2478 * when the not yet updated value is read.
2479 *
2480 * 2. A new first pinned timer is enqueued by a remote CPU
2481 * and therefore timer_base::next_expiry of BASE_LOCAL is
2482 * updated. When this update is missed, this isn't a
2483 * problem, as an IPI is executed nevertheless when the CPU
2484 * was idle before. When the CPU wasn't idle but the update
2485 * is missed, then the timer would expire one jiffy late -
2486 * bad luck.
2487 *
2488 * Those unlikely corner cases where the worst outcome is only a
2489 * one jiffy delay or a superfluous raise of the softirq are
2490 * not that expensive as doing the check always while holding
2491 * the lock.
2492 *
2493 * Possible remote writers are using WRITE_ONCE(). Local reader
2494 * uses therefore READ_ONCE().
2495 */
2496 if (time_after_eq(jiffies, READ_ONCE(base->next_expiry)) ||
2497 (i == BASE_DEF && tmigr_requires_handle_remote())) {
2498 raise_timer_softirq(TIMER_SOFTIRQ);
2499 return;
2500 }
2501 }
2502 }
2503
2504 /*
2505 * Called from the timer interrupt handler to charge one tick to the current
2506 * process. user_tick is 1 if the tick is user time, 0 for system.
2507 */
update_process_times(int user_tick)2508 void update_process_times(int user_tick)
2509 {
2510 struct task_struct *p = current;
2511
2512 /* Note: this timer irq context must be accounted for as well. */
2513 account_process_tick(p, user_tick);
2514 run_local_timers();
2515 rcu_sched_clock_irq(user_tick);
2516 #ifdef CONFIG_IRQ_WORK
2517 if (in_irq())
2518 irq_work_tick();
2519 #endif
2520 sched_tick();
2521 if (IS_ENABLED(CONFIG_POSIX_TIMERS))
2522 run_posix_cpu_timers();
2523 }
2524
2525 #ifdef CONFIG_HOTPLUG_CPU
migrate_timer_list(struct timer_base * new_base,struct hlist_head * head)2526 static void migrate_timer_list(struct timer_base *new_base, struct hlist_head *head)
2527 {
2528 struct timer_list *timer;
2529 int cpu = new_base->cpu;
2530
2531 while (!hlist_empty(head)) {
2532 timer = hlist_entry(head->first, struct timer_list, entry);
2533 detach_timer(timer, false);
2534 timer->flags = (timer->flags & ~TIMER_BASEMASK) | cpu;
2535 internal_add_timer(new_base, timer);
2536 }
2537 }
2538
timers_prepare_cpu(unsigned int cpu)2539 int timers_prepare_cpu(unsigned int cpu)
2540 {
2541 struct timer_base *base;
2542 int b;
2543
2544 for (b = 0; b < NR_BASES; b++) {
2545 base = per_cpu_ptr(&timer_bases[b], cpu);
2546 base->clk = jiffies;
2547 base->next_expiry = base->clk + NEXT_TIMER_MAX_DELTA;
2548 base->next_expiry_recalc = false;
2549 base->timers_pending = false;
2550 base->is_idle = false;
2551 }
2552 return 0;
2553 }
2554
timers_dead_cpu(unsigned int cpu)2555 int timers_dead_cpu(unsigned int cpu)
2556 {
2557 struct timer_base *old_base;
2558 struct timer_base *new_base;
2559 int b, i;
2560
2561 for (b = 0; b < NR_BASES; b++) {
2562 old_base = per_cpu_ptr(&timer_bases[b], cpu);
2563 new_base = get_cpu_ptr(&timer_bases[b]);
2564 /*
2565 * The caller is globally serialized and nobody else
2566 * takes two locks at once, deadlock is not possible.
2567 */
2568 raw_spin_lock_irq(&new_base->lock);
2569 raw_spin_lock_nested(&old_base->lock, SINGLE_DEPTH_NESTING);
2570
2571 /*
2572 * The current CPUs base clock might be stale. Update it
2573 * before moving the timers over.
2574 */
2575 forward_timer_base(new_base);
2576
2577 WARN_ON_ONCE(old_base->running_timer);
2578 old_base->running_timer = NULL;
2579
2580 for (i = 0; i < WHEEL_SIZE; i++)
2581 migrate_timer_list(new_base, old_base->vectors + i);
2582
2583 raw_spin_unlock(&old_base->lock);
2584 raw_spin_unlock_irq(&new_base->lock);
2585 put_cpu_ptr(&timer_bases);
2586 }
2587 return 0;
2588 }
2589
2590 #endif /* CONFIG_HOTPLUG_CPU */
2591
init_timer_cpu(int cpu)2592 static void __init init_timer_cpu(int cpu)
2593 {
2594 struct timer_base *base;
2595 int i;
2596
2597 for (i = 0; i < NR_BASES; i++) {
2598 base = per_cpu_ptr(&timer_bases[i], cpu);
2599 base->cpu = cpu;
2600 raw_spin_lock_init(&base->lock);
2601 base->clk = jiffies;
2602 base->next_expiry = base->clk + NEXT_TIMER_MAX_DELTA;
2603 timer_base_init_expiry_lock(base);
2604 }
2605 }
2606
init_timer_cpus(void)2607 static void __init init_timer_cpus(void)
2608 {
2609 int cpu;
2610
2611 for_each_possible_cpu(cpu)
2612 init_timer_cpu(cpu);
2613 }
2614
init_timers(void)2615 void __init init_timers(void)
2616 {
2617 init_timer_cpus();
2618 posix_cputimers_init_work();
2619 open_softirq(TIMER_SOFTIRQ, run_timer_softirq);
2620 }
2621