1 /* 2 * Copyright (c) 1982, 1986, 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)kern_time.c 8.1 (Berkeley) 6/10/93 34 * $FreeBSD$ 35 */ 36 37 #include <sys/param.h> 38 #include <sys/systm.h> 39 #include <sys/lock.h> 40 #include <sys/mutex.h> 41 #include <sys/sysproto.h> 42 #include <sys/resourcevar.h> 43 #include <sys/signalvar.h> 44 #include <sys/kernel.h> 45 #include <sys/systm.h> 46 #include <sys/sysent.h> 47 #include <sys/proc.h> 48 #include <sys/time.h> 49 #include <sys/timetc.h> 50 #include <sys/vnode.h> 51 52 #include <vm/vm.h> 53 #include <vm/vm_extern.h> 54 55 struct timezone tz; 56 57 /* 58 * Time of day and interval timer support. 59 * 60 * These routines provide the kernel entry points to get and set 61 * the time-of-day and per-process interval timers. Subroutines 62 * here provide support for adding and subtracting timeval structures 63 * and decrementing interval timers, optionally reloading the interval 64 * timers when they expire. 65 */ 66 67 static int nanosleep1(struct thread *td, struct timespec *rqt, 68 struct timespec *rmt); 69 static int settime(struct thread *, struct timeval *); 70 static void timevalfix(struct timeval *); 71 static void no_lease_updatetime(int); 72 73 static void 74 no_lease_updatetime(deltat) 75 int deltat; 76 { 77 } 78 79 void (*lease_updatetime)(int) = no_lease_updatetime; 80 81 static int 82 settime(struct thread *td, struct timeval *tv) 83 { 84 struct timeval delta, tv1, tv2; 85 static struct timeval maxtime, laststep; 86 struct timespec ts; 87 int s; 88 89 s = splclock(); 90 microtime(&tv1); 91 delta = *tv; 92 timevalsub(&delta, &tv1); 93 94 /* 95 * If the system is secure, we do not allow the time to be 96 * set to a value earlier than 1 second less than the highest 97 * time we have yet seen. The worst a miscreant can do in 98 * this circumstance is "freeze" time. He couldn't go 99 * back to the past. 100 * 101 * We similarly do not allow the clock to be stepped more 102 * than one second, nor more than once per second. This allows 103 * a miscreant to make the clock march double-time, but no worse. 104 */ 105 if (securelevel_gt(td->td_ucred, 1) != 0) { 106 if (delta.tv_sec < 0 || delta.tv_usec < 0) { 107 /* 108 * Update maxtime to latest time we've seen. 109 */ 110 if (tv1.tv_sec > maxtime.tv_sec) 111 maxtime = tv1; 112 tv2 = *tv; 113 timevalsub(&tv2, &maxtime); 114 if (tv2.tv_sec < -1) { 115 tv->tv_sec = maxtime.tv_sec - 1; 116 printf("Time adjustment clamped to -1 second\n"); 117 } 118 } else { 119 if (tv1.tv_sec == laststep.tv_sec) { 120 splx(s); 121 return (EPERM); 122 } 123 if (delta.tv_sec > 1) { 124 tv->tv_sec = tv1.tv_sec + 1; 125 printf("Time adjustment clamped to +1 second\n"); 126 } 127 laststep = *tv; 128 } 129 } 130 131 ts.tv_sec = tv->tv_sec; 132 ts.tv_nsec = tv->tv_usec * 1000; 133 mtx_lock(&Giant); 134 tc_setclock(&ts); 135 (void) splsoftclock(); 136 lease_updatetime(delta.tv_sec); 137 splx(s); 138 resettodr(); 139 mtx_unlock(&Giant); 140 return (0); 141 } 142 143 #ifndef _SYS_SYSPROTO_H_ 144 struct clock_gettime_args { 145 clockid_t clock_id; 146 struct timespec *tp; 147 }; 148 #endif 149 150 /* 151 * MPSAFE 152 */ 153 /* ARGSUSED */ 154 int 155 clock_gettime(struct thread *td, struct clock_gettime_args *uap) 156 { 157 struct timespec ats; 158 159 if (SCARG(uap, clock_id) != CLOCK_REALTIME) 160 return (EINVAL); 161 mtx_lock(&Giant); 162 nanotime(&ats); 163 mtx_unlock(&Giant); 164 return (copyout(&ats, SCARG(uap, tp), sizeof(ats))); 165 } 166 167 #ifndef _SYS_SYSPROTO_H_ 168 struct clock_settime_args { 169 clockid_t clock_id; 170 const struct timespec *tp; 171 }; 172 #endif 173 174 /* 175 * MPSAFE 176 */ 177 /* ARGSUSED */ 178 int 179 clock_settime(struct thread *td, struct clock_settime_args *uap) 180 { 181 struct timeval atv; 182 struct timespec ats; 183 int error; 184 185 if ((error = suser(td)) != 0) 186 return (error); 187 if (SCARG(uap, clock_id) != CLOCK_REALTIME) 188 return (EINVAL); 189 if ((error = copyin(SCARG(uap, tp), &ats, sizeof(ats))) != 0) 190 return (error); 191 if (ats.tv_nsec < 0 || ats.tv_nsec >= 1000000000) 192 return (EINVAL); 193 /* XXX Don't convert nsec->usec and back */ 194 TIMESPEC_TO_TIMEVAL(&atv, &ats); 195 error = settime(td, &atv); 196 return (error); 197 } 198 199 #ifndef _SYS_SYSPROTO_H_ 200 struct clock_getres_args { 201 clockid_t clock_id; 202 struct timespec *tp; 203 }; 204 #endif 205 206 int 207 clock_getres(struct thread *td, struct clock_getres_args *uap) 208 { 209 struct timespec ts; 210 int error; 211 212 if (SCARG(uap, clock_id) != CLOCK_REALTIME) 213 return (EINVAL); 214 error = 0; 215 if (SCARG(uap, tp)) { 216 ts.tv_sec = 0; 217 ts.tv_nsec = 1000000000 / tc_getfrequency(); 218 error = copyout(&ts, SCARG(uap, tp), sizeof(ts)); 219 } 220 return (error); 221 } 222 223 static int nanowait; 224 225 static int 226 nanosleep1(struct thread *td, struct timespec *rqt, struct timespec *rmt) 227 { 228 struct timespec ts, ts2, ts3; 229 struct timeval tv; 230 int error; 231 232 if (rqt->tv_nsec < 0 || rqt->tv_nsec >= 1000000000) 233 return (EINVAL); 234 if (rqt->tv_sec < 0 || (rqt->tv_sec == 0 && rqt->tv_nsec == 0)) 235 return (0); 236 getnanouptime(&ts); 237 timespecadd(&ts, rqt); 238 TIMESPEC_TO_TIMEVAL(&tv, rqt); 239 for (;;) { 240 error = tsleep(&nanowait, PWAIT | PCATCH, "nanslp", 241 tvtohz(&tv)); 242 getnanouptime(&ts2); 243 if (error != EWOULDBLOCK) { 244 if (error == ERESTART) 245 error = EINTR; 246 if (rmt != NULL) { 247 timespecsub(&ts, &ts2); 248 if (ts.tv_sec < 0) 249 timespecclear(&ts); 250 *rmt = ts; 251 } 252 return (error); 253 } 254 if (timespeccmp(&ts2, &ts, >=)) 255 return (0); 256 ts3 = ts; 257 timespecsub(&ts3, &ts2); 258 TIMESPEC_TO_TIMEVAL(&tv, &ts3); 259 } 260 } 261 262 #ifndef _SYS_SYSPROTO_H_ 263 struct nanosleep_args { 264 struct timespec *rqtp; 265 struct timespec *rmtp; 266 }; 267 #endif 268 269 /* 270 * MPSAFE 271 */ 272 /* ARGSUSED */ 273 int 274 nanosleep(struct thread *td, struct nanosleep_args *uap) 275 { 276 struct timespec rmt, rqt; 277 int error; 278 279 error = copyin(SCARG(uap, rqtp), &rqt, sizeof(rqt)); 280 if (error) 281 return (error); 282 283 mtx_lock(&Giant); 284 if (SCARG(uap, rmtp)) { 285 if (!useracc((caddr_t)SCARG(uap, rmtp), sizeof(rmt), 286 VM_PROT_WRITE)) { 287 error = EFAULT; 288 goto done2; 289 } 290 } 291 error = nanosleep1(td, &rqt, &rmt); 292 if (error && SCARG(uap, rmtp)) { 293 int error2; 294 295 error2 = copyout(&rmt, SCARG(uap, rmtp), sizeof(rmt)); 296 if (error2) /* XXX shouldn't happen, did useracc() above */ 297 error = error2; 298 } 299 done2: 300 mtx_unlock(&Giant); 301 return (error); 302 } 303 304 #ifndef _SYS_SYSPROTO_H_ 305 struct gettimeofday_args { 306 struct timeval *tp; 307 struct timezone *tzp; 308 }; 309 #endif 310 /* 311 * MPSAFE 312 */ 313 /* ARGSUSED */ 314 int 315 gettimeofday(struct thread *td, struct gettimeofday_args *uap) 316 { 317 struct timeval atv; 318 int error = 0; 319 320 if (uap->tp) { 321 microtime(&atv); 322 error = copyout(&atv, uap->tp, sizeof (atv)); 323 } 324 if (error == 0 && uap->tzp != NULL) { 325 mtx_lock(&Giant); 326 error = copyout(&tz, uap->tzp, sizeof (tz)); 327 mtx_unlock(&Giant); 328 } 329 return (error); 330 } 331 332 #ifndef _SYS_SYSPROTO_H_ 333 struct settimeofday_args { 334 struct timeval *tv; 335 struct timezone *tzp; 336 }; 337 #endif 338 /* 339 * MPSAFE 340 */ 341 /* ARGSUSED */ 342 int 343 settimeofday(struct thread *td, struct settimeofday_args *uap) 344 { 345 struct timeval atv; 346 struct timezone atz; 347 int error = 0; 348 349 if ((error = suser(td))) 350 return (error); 351 /* Verify all parameters before changing time. */ 352 if (uap->tv) { 353 if ((error = copyin(uap->tv, &atv, sizeof(atv)))) 354 return (error); 355 if (atv.tv_usec < 0 || atv.tv_usec >= 1000000) 356 return (EINVAL); 357 } 358 if (uap->tzp && 359 (error = copyin(uap->tzp, &atz, sizeof(atz)))) 360 return (error); 361 362 if (uap->tv && (error = settime(td, &atv))) 363 return (error); 364 if (uap->tzp) { 365 mtx_lock(&Giant); 366 tz = atz; 367 mtx_unlock(&Giant); 368 } 369 return (error); 370 } 371 /* 372 * Get value of an interval timer. The process virtual and 373 * profiling virtual time timers are kept in the p_stats area, since 374 * they can be swapped out. These are kept internally in the 375 * way they are specified externally: in time until they expire. 376 * 377 * The real time interval timer is kept in the process table slot 378 * for the process, and its value (it_value) is kept as an 379 * absolute time rather than as a delta, so that it is easy to keep 380 * periodic real-time signals from drifting. 381 * 382 * Virtual time timers are processed in the hardclock() routine of 383 * kern_clock.c. The real time timer is processed by a timeout 384 * routine, called from the softclock() routine. Since a callout 385 * may be delayed in real time due to interrupt processing in the system, 386 * it is possible for the real time timeout routine (realitexpire, given below), 387 * to be delayed in real time past when it is supposed to occur. It 388 * does not suffice, therefore, to reload the real timer .it_value from the 389 * real time timers .it_interval. Rather, we compute the next time in 390 * absolute time the timer should go off. 391 */ 392 #ifndef _SYS_SYSPROTO_H_ 393 struct getitimer_args { 394 u_int which; 395 struct itimerval *itv; 396 }; 397 #endif 398 /* 399 * MPSAFE 400 */ 401 /* ARGSUSED */ 402 int 403 getitimer(struct thread *td, struct getitimer_args *uap) 404 { 405 struct proc *p = td->td_proc; 406 struct timeval ctv; 407 struct itimerval aitv; 408 int s; 409 int error; 410 411 if (uap->which > ITIMER_PROF) 412 return (EINVAL); 413 414 mtx_lock(&Giant); 415 416 s = splclock(); /* XXX still needed ? */ 417 if (uap->which == ITIMER_REAL) { 418 /* 419 * Convert from absolute to relative time in .it_value 420 * part of real time timer. If time for real time timer 421 * has passed return 0, else return difference between 422 * current time and time for the timer to go off. 423 */ 424 aitv = p->p_realtimer; 425 if (timevalisset(&aitv.it_value)) { 426 getmicrouptime(&ctv); 427 if (timevalcmp(&aitv.it_value, &ctv, <)) 428 timevalclear(&aitv.it_value); 429 else 430 timevalsub(&aitv.it_value, &ctv); 431 } 432 } else { 433 aitv = p->p_stats->p_timer[uap->which]; 434 } 435 splx(s); 436 error = copyout(&aitv, uap->itv, sizeof (struct itimerval)); 437 mtx_unlock(&Giant); 438 return(error); 439 } 440 441 #ifndef _SYS_SYSPROTO_H_ 442 struct setitimer_args { 443 u_int which; 444 struct itimerval *itv, *oitv; 445 }; 446 #endif 447 /* 448 * MPSAFE 449 */ 450 /* ARGSUSED */ 451 int 452 setitimer(struct thread *td, struct setitimer_args *uap) 453 { 454 struct proc *p = td->td_proc; 455 struct itimerval aitv; 456 struct timeval ctv; 457 struct itimerval *itvp; 458 int s, error = 0; 459 460 if (uap->which > ITIMER_PROF) 461 return (EINVAL); 462 itvp = uap->itv; 463 if (itvp && (error = copyin(itvp, &aitv, sizeof(struct itimerval)))) 464 return (error); 465 466 mtx_lock(&Giant); 467 468 if ((uap->itv = uap->oitv) && 469 (error = getitimer(td, (struct getitimer_args *)uap))) { 470 goto done2; 471 } 472 if (itvp == 0) { 473 error = 0; 474 goto done2; 475 } 476 if (itimerfix(&aitv.it_value)) { 477 error = EINVAL; 478 goto done2; 479 } 480 if (!timevalisset(&aitv.it_value)) { 481 timevalclear(&aitv.it_interval); 482 } else if (itimerfix(&aitv.it_interval)) { 483 error = EINVAL; 484 goto done2; 485 } 486 s = splclock(); /* XXX: still needed ? */ 487 if (uap->which == ITIMER_REAL) { 488 if (timevalisset(&p->p_realtimer.it_value)) 489 callout_stop(&p->p_itcallout); 490 if (timevalisset(&aitv.it_value)) 491 callout_reset(&p->p_itcallout, tvtohz(&aitv.it_value), 492 realitexpire, p); 493 getmicrouptime(&ctv); 494 timevaladd(&aitv.it_value, &ctv); 495 p->p_realtimer = aitv; 496 } else { 497 p->p_stats->p_timer[uap->which] = aitv; 498 } 499 splx(s); 500 done2: 501 mtx_unlock(&Giant); 502 return (error); 503 } 504 505 /* 506 * Real interval timer expired: 507 * send process whose timer expired an alarm signal. 508 * If time is not set up to reload, then just return. 509 * Else compute next time timer should go off which is > current time. 510 * This is where delay in processing this timeout causes multiple 511 * SIGALRM calls to be compressed into one. 512 * tvtohz() always adds 1 to allow for the time until the next clock 513 * interrupt being strictly less than 1 clock tick, but we don't want 514 * that here since we want to appear to be in sync with the clock 515 * interrupt even when we're delayed. 516 */ 517 void 518 realitexpire(void *arg) 519 { 520 struct proc *p; 521 struct timeval ctv, ntv; 522 int s; 523 524 p = (struct proc *)arg; 525 PROC_LOCK(p); 526 psignal(p, SIGALRM); 527 if (!timevalisset(&p->p_realtimer.it_interval)) { 528 timevalclear(&p->p_realtimer.it_value); 529 PROC_UNLOCK(p); 530 return; 531 } 532 for (;;) { 533 s = splclock(); /* XXX: still neeeded ? */ 534 timevaladd(&p->p_realtimer.it_value, 535 &p->p_realtimer.it_interval); 536 getmicrouptime(&ctv); 537 if (timevalcmp(&p->p_realtimer.it_value, &ctv, >)) { 538 ntv = p->p_realtimer.it_value; 539 timevalsub(&ntv, &ctv); 540 callout_reset(&p->p_itcallout, tvtohz(&ntv) - 1, 541 realitexpire, p); 542 splx(s); 543 PROC_UNLOCK(p); 544 return; 545 } 546 splx(s); 547 } 548 /*NOTREACHED*/ 549 } 550 551 /* 552 * Check that a proposed value to load into the .it_value or 553 * .it_interval part of an interval timer is acceptable, and 554 * fix it to have at least minimal value (i.e. if it is less 555 * than the resolution of the clock, round it up.) 556 */ 557 int 558 itimerfix(struct timeval *tv) 559 { 560 561 if (tv->tv_sec < 0 || tv->tv_sec > 100000000 || 562 tv->tv_usec < 0 || tv->tv_usec >= 1000000) 563 return (EINVAL); 564 if (tv->tv_sec == 0 && tv->tv_usec != 0 && tv->tv_usec < tick) 565 tv->tv_usec = tick; 566 return (0); 567 } 568 569 /* 570 * Decrement an interval timer by a specified number 571 * of microseconds, which must be less than a second, 572 * i.e. < 1000000. If the timer expires, then reload 573 * it. In this case, carry over (usec - old value) to 574 * reduce the value reloaded into the timer so that 575 * the timer does not drift. This routine assumes 576 * that it is called in a context where the timers 577 * on which it is operating cannot change in value. 578 */ 579 int 580 itimerdecr(struct itimerval *itp, int usec) 581 { 582 583 if (itp->it_value.tv_usec < usec) { 584 if (itp->it_value.tv_sec == 0) { 585 /* expired, and already in next interval */ 586 usec -= itp->it_value.tv_usec; 587 goto expire; 588 } 589 itp->it_value.tv_usec += 1000000; 590 itp->it_value.tv_sec--; 591 } 592 itp->it_value.tv_usec -= usec; 593 usec = 0; 594 if (timevalisset(&itp->it_value)) 595 return (1); 596 /* expired, exactly at end of interval */ 597 expire: 598 if (timevalisset(&itp->it_interval)) { 599 itp->it_value = itp->it_interval; 600 itp->it_value.tv_usec -= usec; 601 if (itp->it_value.tv_usec < 0) { 602 itp->it_value.tv_usec += 1000000; 603 itp->it_value.tv_sec--; 604 } 605 } else 606 itp->it_value.tv_usec = 0; /* sec is already 0 */ 607 return (0); 608 } 609 610 /* 611 * Add and subtract routines for timevals. 612 * N.B.: subtract routine doesn't deal with 613 * results which are before the beginning, 614 * it just gets very confused in this case. 615 * Caveat emptor. 616 */ 617 void 618 timevaladd(struct timeval *t1, struct timeval *t2) 619 { 620 621 t1->tv_sec += t2->tv_sec; 622 t1->tv_usec += t2->tv_usec; 623 timevalfix(t1); 624 } 625 626 void 627 timevalsub(struct timeval *t1, struct timeval *t2) 628 { 629 630 t1->tv_sec -= t2->tv_sec; 631 t1->tv_usec -= t2->tv_usec; 632 timevalfix(t1); 633 } 634 635 static void 636 timevalfix(struct timeval *t1) 637 { 638 639 if (t1->tv_usec < 0) { 640 t1->tv_sec--; 641 t1->tv_usec += 1000000; 642 } 643 if (t1->tv_usec >= 1000000) { 644 t1->tv_sec++; 645 t1->tv_usec -= 1000000; 646 } 647 } 648