1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2007 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 */
26
27 /*
28 * Copyright (c) 2012, Joyent, Inc. All rights reserved.
29 */
30
31 #include <sys/timer.h>
32 #include <sys/systm.h>
33 #include <sys/param.h>
34 #include <sys/kmem.h>
35 #include <sys/debug.h>
36 #include <sys/policy.h>
37 #include <sys/port_impl.h>
38 #include <sys/port_kernel.h>
39 #include <sys/contract/process_impl.h>
40
41 static kmem_cache_t *clock_timer_cache;
42 static clock_backend_t *clock_backend[CLOCK_MAX];
43 static int timer_port_callback(void *, int *, pid_t, int, void *);
44 static void timer_close_port(void *, int, pid_t, int);
45
46 #define CLOCK_BACKEND(clk) \
47 ((clk) < CLOCK_MAX && (clk) >= 0 ? clock_backend[(clk)] : NULL)
48
49 /*
50 * Tunable to increase the maximum number of POSIX timers per-process. This
51 * may _only_ be tuned in /etc/system or by patching the kernel binary; it
52 * _cannot_ be tuned on a running system.
53 */
54 int timer_max = _TIMER_MAX;
55
56 /*
57 * timer_lock() locks the specified interval timer. It doesn't look at the
58 * ITLK_REMOVE bit; it's up to callers to look at this if they need to
59 * care. p_lock must be held on entry; it may be dropped and reaquired,
60 * but timer_lock() will always return with p_lock held.
61 *
62 * Note that timer_create() doesn't call timer_lock(); it creates timers
63 * with the ITLK_LOCKED bit explictly set.
64 */
65 static void
timer_lock(proc_t * p,itimer_t * it)66 timer_lock(proc_t *p, itimer_t *it)
67 {
68 ASSERT(MUTEX_HELD(&p->p_lock));
69
70 while (it->it_lock & ITLK_LOCKED) {
71 it->it_blockers++;
72 cv_wait(&it->it_cv, &p->p_lock);
73 it->it_blockers--;
74 }
75
76 it->it_lock |= ITLK_LOCKED;
77 }
78
79 /*
80 * timer_unlock() unlocks the specified interval timer, waking up any
81 * waiters. p_lock must be held on entry; it will not be dropped by
82 * timer_unlock().
83 */
84 static void
timer_unlock(proc_t * p,itimer_t * it)85 timer_unlock(proc_t *p, itimer_t *it)
86 {
87 ASSERT(MUTEX_HELD(&p->p_lock));
88 ASSERT(it->it_lock & ITLK_LOCKED);
89 it->it_lock &= ~ITLK_LOCKED;
90 cv_signal(&it->it_cv);
91 }
92
93 /*
94 * timer_delete_locked() takes a proc pointer, timer ID and locked interval
95 * timer, and deletes the specified timer. It must be called with p_lock
96 * held, and cannot be called on a timer which already has ITLK_REMOVE set;
97 * the caller must check this. timer_delete_locked() will set the ITLK_REMOVE
98 * bit and will iteratively unlock and lock the interval timer until all
99 * blockers have seen the ITLK_REMOVE and cleared out. It will then zero
100 * out the specified entry in the p_itimer array, and call into the clock
101 * backend to complete the deletion.
102 *
103 * This function will always return with p_lock held.
104 */
105 static void
timer_delete_locked(proc_t * p,timer_t tid,itimer_t * it)106 timer_delete_locked(proc_t *p, timer_t tid, itimer_t *it)
107 {
108 ASSERT(MUTEX_HELD(&p->p_lock));
109 ASSERT(!(it->it_lock & ITLK_REMOVE));
110 ASSERT(it->it_lock & ITLK_LOCKED);
111
112 it->it_lock |= ITLK_REMOVE;
113
114 /*
115 * If there are threads waiting to lock this timer, we'll unlock
116 * the timer, and block on the cv. Threads blocking our removal will
117 * have the opportunity to run; when they see the ITLK_REMOVE flag
118 * set, they will immediately unlock the timer.
119 */
120 while (it->it_blockers) {
121 timer_unlock(p, it);
122 cv_wait(&it->it_cv, &p->p_lock);
123 timer_lock(p, it);
124 }
125
126 ASSERT(p->p_itimer[tid] == it);
127 p->p_itimer[tid] = NULL;
128
129 /*
130 * No one is blocked on this timer, and no one will be (we've set
131 * p_itimer[tid] to be NULL; no one can find it). Now we call into
132 * the clock backend to delete the timer; it is up to the backend to
133 * guarantee that timer_fire() has completed (and will never again
134 * be called) for this timer.
135 */
136 mutex_exit(&p->p_lock);
137
138 it->it_backend->clk_timer_delete(it);
139
140 if (it->it_portev) {
141 mutex_enter(&it->it_mutex);
142 if (it->it_portev) {
143 port_kevent_t *pev;
144 /* dissociate timer from the event port */
145 (void) port_dissociate_ksource(it->it_portfd,
146 PORT_SOURCE_TIMER, (port_source_t *)it->it_portsrc);
147 pev = (port_kevent_t *)it->it_portev;
148 it->it_portev = NULL;
149 it->it_flags &= ~IT_PORT;
150 it->it_pending = 0;
151 mutex_exit(&it->it_mutex);
152 (void) port_remove_done_event(pev);
153 port_free_event(pev);
154 } else {
155 mutex_exit(&it->it_mutex);
156 }
157 }
158
159 mutex_enter(&p->p_lock);
160
161 /*
162 * We need to be careful freeing the sigqueue for this timer;
163 * if a signal is pending, the sigqueue needs to be freed
164 * synchronously in siginfofree(). The need to free the sigqueue
165 * in siginfofree() is indicated by setting sq_func to NULL.
166 */
167 if (it->it_pending > 0) {
168 it->it_sigq->sq_func = NULL;
169 } else {
170 kmem_free(it->it_sigq, sizeof (sigqueue_t));
171 }
172
173 ASSERT(it->it_blockers == 0);
174 kmem_cache_free(clock_timer_cache, it);
175 }
176
177 /*
178 * timer_grab() and its companion routine, timer_release(), are wrappers
179 * around timer_lock()/_unlock() which allow the timer_*(3R) routines to
180 * (a) share error handling code and (b) not grab p_lock themselves. Routines
181 * which are called with p_lock held (e.g. timer_lwpbind(), timer_lwpexit())
182 * must call timer_lock()/_unlock() explictly.
183 *
184 * timer_grab() takes a proc and a timer ID, and returns a pointer to a
185 * locked interval timer. p_lock must _not_ be held on entry; timer_grab()
186 * may acquire p_lock, but will always return with p_lock dropped.
187 *
188 * If timer_grab() fails, it will return NULL. timer_grab() will fail if
189 * one or more of the following is true:
190 *
191 * (a) The specified timer ID is out of range.
192 *
193 * (b) The specified timer ID does not correspond to a timer ID returned
194 * from timer_create(3R).
195 *
196 * (c) The specified timer ID is currently being removed.
197 *
198 */
199 static itimer_t *
timer_grab(proc_t * p,timer_t tid)200 timer_grab(proc_t *p, timer_t tid)
201 {
202 itimer_t **itp, *it;
203
204 if (tid >= timer_max || tid < 0)
205 return (NULL);
206
207 mutex_enter(&p->p_lock);
208
209 if ((itp = p->p_itimer) == NULL || (it = itp[tid]) == NULL) {
210 mutex_exit(&p->p_lock);
211 return (NULL);
212 }
213
214 timer_lock(p, it);
215
216 if (it->it_lock & ITLK_REMOVE) {
217 /*
218 * Someone is removing this timer; it will soon be invalid.
219 */
220 timer_unlock(p, it);
221 mutex_exit(&p->p_lock);
222 return (NULL);
223 }
224
225 mutex_exit(&p->p_lock);
226
227 return (it);
228 }
229
230 /*
231 * timer_release() releases a timer acquired with timer_grab(). p_lock
232 * should not be held on entry; timer_release() will acquire p_lock but
233 * will drop it before returning.
234 */
235 static void
timer_release(proc_t * p,itimer_t * it)236 timer_release(proc_t *p, itimer_t *it)
237 {
238 mutex_enter(&p->p_lock);
239 timer_unlock(p, it);
240 mutex_exit(&p->p_lock);
241 }
242
243 /*
244 * timer_delete_grabbed() deletes a timer acquired with timer_grab().
245 * p_lock should not be held on entry; timer_delete_grabbed() will acquire
246 * p_lock, but will drop it before returning.
247 */
248 static void
timer_delete_grabbed(proc_t * p,timer_t tid,itimer_t * it)249 timer_delete_grabbed(proc_t *p, timer_t tid, itimer_t *it)
250 {
251 mutex_enter(&p->p_lock);
252 timer_delete_locked(p, tid, it);
253 mutex_exit(&p->p_lock);
254 }
255
256 void
clock_timer_init()257 clock_timer_init()
258 {
259 clock_timer_cache = kmem_cache_create("timer_cache",
260 sizeof (itimer_t), 0, NULL, NULL, NULL, NULL, NULL, 0);
261 }
262
263 void
clock_add_backend(clockid_t clock,clock_backend_t * backend)264 clock_add_backend(clockid_t clock, clock_backend_t *backend)
265 {
266 ASSERT(clock >= 0 && clock < CLOCK_MAX);
267 ASSERT(clock_backend[clock] == NULL);
268
269 clock_backend[clock] = backend;
270 }
271
272 int
clock_settime(clockid_t clock,timespec_t * tp)273 clock_settime(clockid_t clock, timespec_t *tp)
274 {
275 timespec_t t;
276 clock_backend_t *backend;
277 int error;
278
279 if ((backend = CLOCK_BACKEND(clock)) == NULL)
280 return (set_errno(EINVAL));
281
282 if (secpolicy_settime(CRED()) != 0)
283 return (set_errno(EPERM));
284
285 if (get_udatamodel() == DATAMODEL_NATIVE) {
286 if (copyin(tp, &t, sizeof (timespec_t)) != 0)
287 return (set_errno(EFAULT));
288 } else {
289 timespec32_t t32;
290
291 if (copyin(tp, &t32, sizeof (timespec32_t)) != 0)
292 return (set_errno(EFAULT));
293
294 TIMESPEC32_TO_TIMESPEC(&t, &t32);
295 }
296
297 if (itimerspecfix(&t))
298 return (set_errno(EINVAL));
299
300 error = backend->clk_clock_settime(&t);
301
302 if (error)
303 return (set_errno(error));
304
305 return (0);
306 }
307
308 int
clock_gettime(clockid_t clock,timespec_t * tp)309 clock_gettime(clockid_t clock, timespec_t *tp)
310 {
311 timespec_t t;
312 clock_backend_t *backend;
313 int error;
314
315 if ((backend = CLOCK_BACKEND(clock)) == NULL)
316 return (set_errno(EINVAL));
317
318 error = backend->clk_clock_gettime(&t);
319
320 if (error)
321 return (set_errno(error));
322
323 if (get_udatamodel() == DATAMODEL_NATIVE) {
324 if (copyout(&t, tp, sizeof (timespec_t)) != 0)
325 return (set_errno(EFAULT));
326 } else {
327 timespec32_t t32;
328
329 if (TIMESPEC_OVERFLOW(&t))
330 return (set_errno(EOVERFLOW));
331 TIMESPEC_TO_TIMESPEC32(&t32, &t);
332
333 if (copyout(&t32, tp, sizeof (timespec32_t)) != 0)
334 return (set_errno(EFAULT));
335 }
336
337 return (0);
338 }
339
340 int
clock_getres(clockid_t clock,timespec_t * tp)341 clock_getres(clockid_t clock, timespec_t *tp)
342 {
343 timespec_t t;
344 clock_backend_t *backend;
345 int error;
346
347 /*
348 * Strangely, the standard defines clock_getres() with a NULL tp
349 * to do nothing (regardless of the validity of the specified
350 * clock_id). Go figure.
351 */
352 if (tp == NULL)
353 return (0);
354
355 if ((backend = CLOCK_BACKEND(clock)) == NULL)
356 return (set_errno(EINVAL));
357
358 error = backend->clk_clock_getres(&t);
359
360 if (error)
361 return (set_errno(error));
362
363 if (get_udatamodel() == DATAMODEL_NATIVE) {
364 if (copyout(&t, tp, sizeof (timespec_t)) != 0)
365 return (set_errno(EFAULT));
366 } else {
367 timespec32_t t32;
368
369 if (TIMESPEC_OVERFLOW(&t))
370 return (set_errno(EOVERFLOW));
371 TIMESPEC_TO_TIMESPEC32(&t32, &t);
372
373 if (copyout(&t32, tp, sizeof (timespec32_t)) != 0)
374 return (set_errno(EFAULT));
375 }
376
377 return (0);
378 }
379
380 void
timer_signal(sigqueue_t * sigq)381 timer_signal(sigqueue_t *sigq)
382 {
383 itimer_t *it = (itimer_t *)sigq->sq_backptr;
384
385 /*
386 * There are some conditions during a fork or an exit when we can
387 * call siginfofree() without p_lock held. To prevent a race
388 * between timer_signal() and timer_fire() with regard to it_pending,
389 * we therefore acquire it_mutex in both paths.
390 */
391 mutex_enter(&it->it_mutex);
392 ASSERT(it->it_pending > 0);
393 it->it_overrun = it->it_pending - 1;
394 it->it_pending = 0;
395 mutex_exit(&it->it_mutex);
396 }
397
398 /*
399 * This routine is called from the clock backend.
400 */
401 void
timer_fire(itimer_t * it)402 timer_fire(itimer_t *it)
403 {
404 proc_t *p;
405 int proc_lock_held;
406
407 if (it->it_flags & IT_SIGNAL) {
408 /*
409 * See the comment in timer_signal() for why it is not
410 * sufficient to only grab p_lock here. Because p_lock can be
411 * held on entry to timer_signal(), the lock ordering is
412 * necessarily p_lock before it_mutex.
413 */
414
415 p = it->it_proc;
416 proc_lock_held = 1;
417 mutex_enter(&p->p_lock);
418 } else {
419 /*
420 * IT_PORT:
421 * If a timer was ever programmed to send events to a port,
422 * the IT_PORT flag will remain set until:
423 * a) the timer is deleted (see timer_delete_locked()) or
424 * b) the port is being closed (see timer_close_port()).
425 * Both cases are synchronized with the it_mutex.
426 * We don't need to use the p_lock because it is only
427 * required in the IT_SIGNAL case.
428 * If IT_PORT was set and the port is being closed then
429 * the timer notification is set to NONE. In such a case
430 * the timer itself and the it_pending counter remain active
431 * until the application deletes the counter or the process
432 * exits.
433 */
434 proc_lock_held = 0;
435 }
436 mutex_enter(&it->it_mutex);
437
438 if (it->it_pending > 0) {
439 if (it->it_pending < INT_MAX)
440 it->it_pending++;
441 mutex_exit(&it->it_mutex);
442 } else {
443 if (it->it_flags & IT_PORT) {
444 it->it_pending = 1;
445 port_send_event((port_kevent_t *)it->it_portev);
446 mutex_exit(&it->it_mutex);
447 } else if (it->it_flags & IT_SIGNAL) {
448 it->it_pending = 1;
449 mutex_exit(&it->it_mutex);
450 sigaddqa(p, NULL, it->it_sigq);
451 } else {
452 mutex_exit(&it->it_mutex);
453 }
454 }
455
456 if (proc_lock_held)
457 mutex_exit(&p->p_lock);
458 }
459
460 int
timer_create(clockid_t clock,struct sigevent * evp,timer_t * tid)461 timer_create(clockid_t clock, struct sigevent *evp, timer_t *tid)
462 {
463 struct sigevent ev;
464 proc_t *p = curproc;
465 clock_backend_t *backend;
466 itimer_t *it, **itp;
467 sigqueue_t *sigq;
468 cred_t *cr = CRED();
469 int error = 0;
470 timer_t i;
471 port_notify_t tim_pnevp;
472 port_kevent_t *pkevp = NULL;
473
474 if ((backend = CLOCK_BACKEND(clock)) == NULL)
475 return (set_errno(EINVAL));
476
477 if (evp != NULL) {
478 /*
479 * short copyin() for binary compatibility
480 * fetch oldsigevent to determine how much to copy in.
481 */
482 if (get_udatamodel() == DATAMODEL_NATIVE) {
483 if (copyin(evp, &ev, sizeof (struct oldsigevent)))
484 return (set_errno(EFAULT));
485
486 if (ev.sigev_notify == SIGEV_PORT ||
487 ev.sigev_notify == SIGEV_THREAD) {
488 if (copyin(ev.sigev_value.sival_ptr, &tim_pnevp,
489 sizeof (port_notify_t)))
490 return (set_errno(EFAULT));
491 }
492 #ifdef _SYSCALL32_IMPL
493 } else {
494 struct sigevent32 ev32;
495 port_notify32_t tim_pnevp32;
496
497 if (copyin(evp, &ev32, sizeof (struct oldsigevent32)))
498 return (set_errno(EFAULT));
499 ev.sigev_notify = ev32.sigev_notify;
500 ev.sigev_signo = ev32.sigev_signo;
501 /*
502 * See comment in sigqueue32() on handling of 32-bit
503 * sigvals in a 64-bit kernel.
504 */
505 ev.sigev_value.sival_int = ev32.sigev_value.sival_int;
506 if (ev.sigev_notify == SIGEV_PORT ||
507 ev.sigev_notify == SIGEV_THREAD) {
508 if (copyin((void *)(uintptr_t)
509 ev32.sigev_value.sival_ptr,
510 (void *)&tim_pnevp32,
511 sizeof (port_notify32_t)))
512 return (set_errno(EFAULT));
513 tim_pnevp.portnfy_port =
514 tim_pnevp32.portnfy_port;
515 tim_pnevp.portnfy_user =
516 (void *)(uintptr_t)tim_pnevp32.portnfy_user;
517 }
518 #endif
519 }
520 switch (ev.sigev_notify) {
521 case SIGEV_NONE:
522 break;
523 case SIGEV_SIGNAL:
524 if (ev.sigev_signo < 1 || ev.sigev_signo >= NSIG)
525 return (set_errno(EINVAL));
526 break;
527 case SIGEV_THREAD:
528 case SIGEV_PORT:
529 break;
530 default:
531 return (set_errno(EINVAL));
532 }
533 } else {
534 /*
535 * Use the clock's default sigevent (this is a structure copy).
536 */
537 ev = backend->clk_default;
538 }
539
540 /*
541 * We'll allocate our timer and sigqueue now, before we grab p_lock.
542 * If we can't find an empty slot, we'll free them before returning.
543 */
544 it = kmem_cache_alloc(clock_timer_cache, KM_SLEEP);
545 bzero(it, sizeof (itimer_t));
546 mutex_init(&it->it_mutex, NULL, MUTEX_DEFAULT, NULL);
547 sigq = kmem_zalloc(sizeof (sigqueue_t), KM_SLEEP);
548
549 mutex_enter(&p->p_lock);
550
551 /*
552 * If this is this process' first timer, we need to attempt to allocate
553 * an array of timerstr_t pointers. We drop p_lock to perform the
554 * allocation; if we return to discover that p_itimer is non-NULL,
555 * we will free our allocation and drive on.
556 */
557 if ((itp = p->p_itimer) == NULL) {
558 mutex_exit(&p->p_lock);
559 itp = kmem_zalloc(timer_max * sizeof (itimer_t *), KM_SLEEP);
560 mutex_enter(&p->p_lock);
561
562 if (p->p_itimer == NULL)
563 p->p_itimer = itp;
564 else {
565 kmem_free(itp, timer_max * sizeof (itimer_t *));
566 itp = p->p_itimer;
567 }
568 }
569
570 for (i = 0; i < timer_max && itp[i] != NULL; i++)
571 continue;
572
573 if (i == timer_max) {
574 /*
575 * We couldn't find a slot. Drop p_lock, free the preallocated
576 * timer and sigqueue, and return an error.
577 */
578 mutex_exit(&p->p_lock);
579 kmem_cache_free(clock_timer_cache, it);
580 kmem_free(sigq, sizeof (sigqueue_t));
581
582 return (set_errno(EAGAIN));
583 }
584
585 ASSERT(i < timer_max && itp[i] == NULL);
586
587 /*
588 * If we develop other notification mechanisms, this will need
589 * to call into (yet another) backend.
590 */
591 sigq->sq_info.si_signo = ev.sigev_signo;
592 if (evp == NULL)
593 sigq->sq_info.si_value.sival_int = i;
594 else
595 sigq->sq_info.si_value = ev.sigev_value;
596 sigq->sq_info.si_code = SI_TIMER;
597 sigq->sq_info.si_pid = p->p_pid;
598 sigq->sq_info.si_ctid = PRCTID(p);
599 sigq->sq_info.si_zoneid = getzoneid();
600 sigq->sq_info.si_uid = crgetruid(cr);
601 sigq->sq_func = timer_signal;
602 sigq->sq_next = NULL;
603 sigq->sq_backptr = it;
604 it->it_sigq = sigq;
605 it->it_backend = backend;
606 it->it_lock = ITLK_LOCKED;
607 itp[i] = it;
608
609
610 if (ev.sigev_notify == SIGEV_THREAD ||
611 ev.sigev_notify == SIGEV_PORT) {
612 int port;
613
614 /*
615 * This timer is programmed to use event port notification when
616 * the timer fires:
617 * - allocate a port event structure and prepare it to be sent
618 * to the port as soon as the timer fires.
619 * - when the timer fires :
620 * - if event structure was already sent to the port then this
621 * is a timer fire overflow => increment overflow counter.
622 * - otherwise send pre-allocated event structure to the port.
623 * - the events field of the port_event_t structure counts the
624 * number of timer fired events.
625 * - The event structured is allocated using the
626 * PORT_ALLOC_CACHED flag.
627 * This flag indicates that the timer itself will manage and
628 * free the event structure when required.
629 */
630
631 it->it_flags |= IT_PORT;
632 port = tim_pnevp.portnfy_port;
633
634 /* associate timer as event source with the port */
635 error = port_associate_ksource(port, PORT_SOURCE_TIMER,
636 (port_source_t **)&it->it_portsrc, timer_close_port,
637 (void *)it, NULL);
638 if (error) {
639 itp[i] = NULL; /* clear slot */
640 mutex_exit(&p->p_lock);
641 kmem_cache_free(clock_timer_cache, it);
642 kmem_free(sigq, sizeof (sigqueue_t));
643 return (set_errno(error));
644 }
645
646 /* allocate an event structure/slot */
647 error = port_alloc_event(port, PORT_ALLOC_SCACHED,
648 PORT_SOURCE_TIMER, &pkevp);
649 if (error) {
650 (void) port_dissociate_ksource(port, PORT_SOURCE_TIMER,
651 (port_source_t *)it->it_portsrc);
652 itp[i] = NULL; /* clear slot */
653 mutex_exit(&p->p_lock);
654 kmem_cache_free(clock_timer_cache, it);
655 kmem_free(sigq, sizeof (sigqueue_t));
656 return (set_errno(error));
657 }
658
659 /* initialize event data */
660 port_init_event(pkevp, i, tim_pnevp.portnfy_user,
661 timer_port_callback, it);
662 it->it_portev = pkevp;
663 it->it_portfd = port;
664 } else {
665 if (ev.sigev_notify == SIGEV_SIGNAL)
666 it->it_flags |= IT_SIGNAL;
667 }
668
669 mutex_exit(&p->p_lock);
670
671 /*
672 * Call on the backend to verify the event argument (or return
673 * EINVAL if this clock type does not support timers).
674 */
675 if ((error = backend->clk_timer_create(it, &ev)) != 0)
676 goto err;
677
678 it->it_lwp = ttolwp(curthread);
679 it->it_proc = p;
680
681 if (copyout(&i, tid, sizeof (timer_t)) != 0) {
682 error = EFAULT;
683 goto err;
684 }
685
686 /*
687 * If we're here, then we have successfully created the timer; we
688 * just need to release the timer and return.
689 */
690 timer_release(p, it);
691
692 return (0);
693
694 err:
695 /*
696 * If we're here, an error has occurred late in the timer creation
697 * process. We need to regrab p_lock, and delete the incipient timer.
698 * Since we never unlocked the timer (it was born locked), it's
699 * impossible for a removal to be pending.
700 */
701 ASSERT(!(it->it_lock & ITLK_REMOVE));
702 timer_delete_grabbed(p, i, it);
703
704 return (set_errno(error));
705 }
706
707 int
timer_gettime(timer_t tid,itimerspec_t * val)708 timer_gettime(timer_t tid, itimerspec_t *val)
709 {
710 proc_t *p = curproc;
711 itimer_t *it;
712 itimerspec_t when;
713 int error;
714
715 if ((it = timer_grab(p, tid)) == NULL)
716 return (set_errno(EINVAL));
717
718 error = it->it_backend->clk_timer_gettime(it, &when);
719
720 timer_release(p, it);
721
722 if (error == 0) {
723 if (get_udatamodel() == DATAMODEL_NATIVE) {
724 if (copyout(&when, val, sizeof (itimerspec_t)))
725 error = EFAULT;
726 } else {
727 if (ITIMERSPEC_OVERFLOW(&when))
728 error = EOVERFLOW;
729 else {
730 itimerspec32_t w32;
731
732 ITIMERSPEC_TO_ITIMERSPEC32(&w32, &when)
733 if (copyout(&w32, val, sizeof (itimerspec32_t)))
734 error = EFAULT;
735 }
736 }
737 }
738
739 return (error ? set_errno(error) : 0);
740 }
741
742 int
timer_settime(timer_t tid,int flags,itimerspec_t * val,itimerspec_t * oval)743 timer_settime(timer_t tid, int flags, itimerspec_t *val, itimerspec_t *oval)
744 {
745 itimerspec_t when;
746 itimer_t *it;
747 proc_t *p = curproc;
748 int error;
749
750 if (oval != NULL) {
751 if ((error = timer_gettime(tid, oval)) != 0)
752 return (error);
753 }
754
755 if (get_udatamodel() == DATAMODEL_NATIVE) {
756 if (copyin(val, &when, sizeof (itimerspec_t)))
757 return (set_errno(EFAULT));
758 } else {
759 itimerspec32_t w32;
760
761 if (copyin(val, &w32, sizeof (itimerspec32_t)))
762 return (set_errno(EFAULT));
763
764 ITIMERSPEC32_TO_ITIMERSPEC(&when, &w32);
765 }
766
767 if (itimerspecfix(&when.it_value) ||
768 (itimerspecfix(&when.it_interval) &&
769 timerspecisset(&when.it_value))) {
770 return (set_errno(EINVAL));
771 }
772
773 if ((it = timer_grab(p, tid)) == NULL)
774 return (set_errno(EINVAL));
775
776 error = it->it_backend->clk_timer_settime(it, flags, &when);
777
778 timer_release(p, it);
779
780 return (error ? set_errno(error) : 0);
781 }
782
783 int
timer_delete(timer_t tid)784 timer_delete(timer_t tid)
785 {
786 proc_t *p = curproc;
787 itimer_t *it;
788
789 if ((it = timer_grab(p, tid)) == NULL)
790 return (set_errno(EINVAL));
791
792 timer_delete_grabbed(p, tid, it);
793
794 return (0);
795 }
796
797 int
timer_getoverrun(timer_t tid)798 timer_getoverrun(timer_t tid)
799 {
800 int overrun;
801 proc_t *p = curproc;
802 itimer_t *it;
803
804 if ((it = timer_grab(p, tid)) == NULL)
805 return (set_errno(EINVAL));
806
807 /*
808 * The it_overrun field is protected by p_lock; we need to acquire
809 * it before looking at the value.
810 */
811 mutex_enter(&p->p_lock);
812 overrun = it->it_overrun;
813 mutex_exit(&p->p_lock);
814
815 timer_release(p, it);
816
817 return (overrun);
818 }
819
820 /*
821 * Entered/exited with p_lock held, but will repeatedly drop and regrab p_lock.
822 */
823 void
timer_lwpexit(void)824 timer_lwpexit(void)
825 {
826 timer_t i;
827 proc_t *p = curproc;
828 klwp_t *lwp = ttolwp(curthread);
829 itimer_t *it, **itp;
830
831 ASSERT(MUTEX_HELD(&p->p_lock));
832
833 if ((itp = p->p_itimer) == NULL)
834 return;
835
836 for (i = 0; i < timer_max; i++) {
837 if ((it = itp[i]) == NULL)
838 continue;
839
840 timer_lock(p, it);
841
842 if ((it->it_lock & ITLK_REMOVE) || it->it_lwp != lwp) {
843 /*
844 * This timer is either being removed or it isn't
845 * associated with this lwp.
846 */
847 timer_unlock(p, it);
848 continue;
849 }
850
851 /*
852 * The LWP that created this timer is going away. To the user,
853 * our behavior here is explicitly undefined. We will simply
854 * null out the it_lwp field; if the LWP was bound to a CPU,
855 * the cyclic will stay bound to that CPU until the process
856 * exits.
857 */
858 it->it_lwp = NULL;
859 timer_unlock(p, it);
860 }
861 }
862
863 /*
864 * Called to notify of an LWP binding change. Entered/exited with p_lock
865 * held, but will repeatedly drop and regrab p_lock.
866 */
867 void
timer_lwpbind()868 timer_lwpbind()
869 {
870 timer_t i;
871 proc_t *p = curproc;
872 klwp_t *lwp = ttolwp(curthread);
873 itimer_t *it, **itp;
874
875 ASSERT(MUTEX_HELD(&p->p_lock));
876
877 if ((itp = p->p_itimer) == NULL)
878 return;
879
880 for (i = 0; i < timer_max; i++) {
881 if ((it = itp[i]) == NULL)
882 continue;
883
884 timer_lock(p, it);
885
886 if (!(it->it_lock & ITLK_REMOVE) && it->it_lwp == lwp) {
887 /*
888 * Drop p_lock and jump into the backend.
889 */
890 mutex_exit(&p->p_lock);
891 it->it_backend->clk_timer_lwpbind(it);
892 mutex_enter(&p->p_lock);
893 }
894
895 timer_unlock(p, it);
896 }
897 }
898
899 /*
900 * This function should only be called if p_itimer is non-NULL.
901 */
902 void
timer_exit(void)903 timer_exit(void)
904 {
905 timer_t i;
906 proc_t *p = curproc;
907
908 ASSERT(p->p_itimer != NULL);
909
910 for (i = 0; i < timer_max; i++)
911 (void) timer_delete(i);
912
913 kmem_free(p->p_itimer, timer_max * sizeof (itimer_t *));
914 p->p_itimer = NULL;
915 }
916
917 /*
918 * timer_port_callback() is a callback function which is associated with the
919 * timer event and is activated just before the event is delivered to the user.
920 * The timer uses this function to update/set the overflow counter and
921 * to reenable the use of the event structure.
922 */
923
924 /* ARGSUSED */
925 static int
timer_port_callback(void * arg,int * events,pid_t pid,int flag,void * evp)926 timer_port_callback(void *arg, int *events, pid_t pid, int flag, void *evp)
927 {
928 itimer_t *it = arg;
929
930 mutex_enter(&it->it_mutex);
931 if (curproc != it->it_proc) {
932 /* can not deliver timer events to another proc */
933 mutex_exit(&it->it_mutex);
934 return (EACCES);
935 }
936 *events = it->it_pending; /* 1 = 1 event, >1 # of overflows */
937 it->it_pending = 0; /* reinit overflow counter */
938 /*
939 * This function can also be activated when the port is being closed
940 * and a timer event is already submitted to the port.
941 * In such a case the event port framework will use the
942 * close-callback function to notify the events sources.
943 * The timer close-callback function is timer_close_port() which
944 * will free all allocated resources (including the allocated
945 * port event structure).
946 * For that reason we don't need to check the value of flag here.
947 */
948 mutex_exit(&it->it_mutex);
949 return (0);
950 }
951
952 /*
953 * port is being closed ... free all allocated port event structures
954 * The delivered arg currently correspond to the first timer associated with
955 * the port and it is not useable in this case.
956 * We have to scan the list of activated timers in the current proc and
957 * compare them with the delivered port id.
958 */
959
960 /* ARGSUSED */
961 static void
timer_close_port(void * arg,int port,pid_t pid,int lastclose)962 timer_close_port(void *arg, int port, pid_t pid, int lastclose)
963 {
964 proc_t *p = curproc;
965 timer_t tid;
966 itimer_t *it;
967
968 for (tid = 0; tid < timer_max; tid++) {
969 if ((it = timer_grab(p, tid)) == NULL)
970 continue;
971 if (it->it_portev) {
972 mutex_enter(&it->it_mutex);
973 if (it->it_portfd == port) {
974 port_kevent_t *pev;
975 pev = (port_kevent_t *)it->it_portev;
976 it->it_portev = NULL;
977 it->it_flags &= ~IT_PORT;
978 mutex_exit(&it->it_mutex);
979 (void) port_remove_done_event(pev);
980 port_free_event(pev);
981 } else {
982 mutex_exit(&it->it_mutex);
983 }
984 }
985 timer_release(p, it);
986 }
987 }
988