kern_time.c revision 82746 
1/*
2 * Copyright (c) 1982, 1986, 1989, 1993
3 *	The Regents of the University of California.  All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 *    notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 *    notice, this list of conditions and the following disclaimer in the
12 *    documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 *    must display the following acknowledgement:
15 *	This product includes software developed by the University of
16 *	California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 *    may be used to endorse or promote products derived from this software
19 *    without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 *
33 *	@(#)kern_time.c	8.1 (Berkeley) 6/10/93
34 * $FreeBSD: head/sys/kern/kern_time.c 82746 2001-09-01 18:19:21Z dillon $
35 */
36
37#include <sys/param.h>
38#include <sys/systm.h>
39#include <sys/lock.h>
40#include <sys/mutex.h>
41#include <sys/sysproto.h>
42#include <sys/resourcevar.h>
43#include <sys/signalvar.h>
44#include <sys/kernel.h>
45#include <sys/systm.h>
46#include <sys/sysent.h>
47#include <sys/proc.h>
48#include <sys/time.h>
49#include <sys/timetc.h>
50#include <sys/vnode.h>
51
52#include <vm/vm.h>
53#include <vm/vm_extern.h>
54
55struct timezone tz;
56
57/*
58 * Time of day and interval timer support.
59 *
60 * These routines provide the kernel entry points to get and set
61 * the time-of-day and per-process interval timers.  Subroutines
62 * here provide support for adding and subtracting timeval structures
63 * and decrementing interval timers, optionally reloading the interval
64 * timers when they expire.
65 */
66
67static int	nanosleep1 __P((struct proc *p, struct timespec *rqt,
68		    struct timespec *rmt));
69static int	settime __P((struct timeval *));
70static void	timevalfix __P((struct timeval *));
71static void	no_lease_updatetime __P((int));
72
73static void
74no_lease_updatetime(deltat)
75	int deltat;
76{
77}
78
79void (*lease_updatetime) __P((int))  = no_lease_updatetime;
80
81static int
82settime(tv)
83	struct timeval *tv;
84{
85	struct timeval delta, tv1, tv2;
86	static struct timeval maxtime, laststep;
87	struct timespec ts;
88	int s;
89
90	s = splclock();
91	microtime(&tv1);
92	delta = *tv;
93	timevalsub(&delta, &tv1);
94
95	/*
96	 * If the system is secure, we do not allow the time to be
97	 * set to a value earlier than 1 second less than the highest
98	 * time we have yet seen. The worst a miscreant can do in
99	 * this circumstance is "freeze" time. He couldn't go
100	 * back to the past.
101	 *
102	 * We similarly do not allow the clock to be stepped more
103	 * than one second, nor more than once per second. This allows
104	 * a miscreant to make the clock march double-time, but no worse.
105	 */
106	if (securelevel > 1) {
107		if (delta.tv_sec < 0 || delta.tv_usec < 0) {
108			/*
109			 * Update maxtime to latest time we've seen.
110			 */
111			if (tv1.tv_sec > maxtime.tv_sec)
112				maxtime = tv1;
113			tv2 = *tv;
114			timevalsub(&tv2, &maxtime);
115			if (tv2.tv_sec < -1) {
116				tv->tv_sec = maxtime.tv_sec - 1;
117				printf("Time adjustment clamped to -1 second\n");
118			}
119		} else {
120			if (tv1.tv_sec == laststep.tv_sec) {
121				splx(s);
122				return (EPERM);
123			}
124			if (delta.tv_sec > 1) {
125				tv->tv_sec = tv1.tv_sec + 1;
126				printf("Time adjustment clamped to +1 second\n");
127			}
128			laststep = *tv;
129		}
130	}
131
132	ts.tv_sec = tv->tv_sec;
133	ts.tv_nsec = tv->tv_usec * 1000;
134	tc_setclock(&ts);
135	(void) splsoftclock();
136	lease_updatetime(delta.tv_sec);
137	splx(s);
138	resettodr();
139	return (0);
140}
141
142#ifndef _SYS_SYSPROTO_H_
143struct clock_gettime_args {
144	clockid_t clock_id;
145	struct	timespec *tp;
146};
147#endif
148
149/*
150 * MPSAFE
151 */
152/* ARGSUSED */
153int
154clock_gettime(p, uap)
155	struct proc *p;
156	struct clock_gettime_args *uap;
157{
158	struct timespec ats;
159
160	if (SCARG(uap, clock_id) != CLOCK_REALTIME)
161		return (EINVAL);
162	mtx_lock(&Giant);
163	nanotime(&ats);
164	mtx_unlock(&Giant);
165	return (copyout(&ats, SCARG(uap, tp), sizeof(ats)));
166}
167
168#ifndef _SYS_SYSPROTO_H_
169struct clock_settime_args {
170	clockid_t clock_id;
171	const struct	timespec *tp;
172};
173#endif
174
175/*
176 * MPSAFE
177 */
178/* ARGSUSED */
179int
180clock_settime(p, uap)
181	struct proc *p;
182	struct clock_settime_args *uap;
183{
184	struct timeval atv;
185	struct timespec ats;
186	int error;
187
188	mtx_lock(&Giant);
189	if ((error = suser(p)) != 0)
190		goto done2;
191	if (SCARG(uap, clock_id) != CLOCK_REALTIME) {
192		error = EINVAL;
193		goto done2;
194	}
195	if ((error = copyin(SCARG(uap, tp), &ats, sizeof(ats))) != 0)
196		goto done2;
197	if (ats.tv_nsec < 0 || ats.tv_nsec >= 1000000000) {
198		error = EINVAL;
199		goto done2;
200	}
201	/* XXX Don't convert nsec->usec and back */
202	TIMESPEC_TO_TIMEVAL(&atv, &ats);
203	error = settime(&atv);
204done2:
205	mtx_unlock(&Giant);
206	return (error);
207}
208
209#ifndef _SYS_SYSPROTO_H_
210struct clock_getres_args {
211	clockid_t clock_id;
212	struct	timespec *tp;
213};
214#endif
215
216int
217clock_getres(p, uap)
218	struct proc *p;
219	struct clock_getres_args *uap;
220{
221	struct timespec ts;
222	int error;
223
224	if (SCARG(uap, clock_id) != CLOCK_REALTIME)
225		return (EINVAL);
226	error = 0;
227	if (SCARG(uap, tp)) {
228		ts.tv_sec = 0;
229		ts.tv_nsec = 1000000000 / timecounter->tc_frequency;
230		error = copyout(&ts, SCARG(uap, tp), sizeof(ts));
231	}
232	return (error);
233}
234
235static int nanowait;
236
237static int
238nanosleep1(p, rqt, rmt)
239	struct proc *p;
240	struct timespec *rqt, *rmt;
241{
242	struct timespec ts, ts2, ts3;
243	struct timeval tv;
244	int error;
245
246	if (rqt->tv_nsec < 0 || rqt->tv_nsec >= 1000000000)
247		return (EINVAL);
248	if (rqt->tv_sec < 0 || (rqt->tv_sec == 0 && rqt->tv_nsec == 0))
249		return (0);
250	getnanouptime(&ts);
251	timespecadd(&ts, rqt);
252	TIMESPEC_TO_TIMEVAL(&tv, rqt);
253	for (;;) {
254		error = tsleep(&nanowait, PWAIT | PCATCH, "nanslp",
255		    tvtohz(&tv));
256		getnanouptime(&ts2);
257		if (error != EWOULDBLOCK) {
258			if (error == ERESTART)
259				error = EINTR;
260			if (rmt != NULL) {
261				timespecsub(&ts, &ts2);
262				if (ts.tv_sec < 0)
263					timespecclear(&ts);
264				*rmt = ts;
265			}
266			return (error);
267		}
268		if (timespeccmp(&ts2, &ts, >=))
269			return (0);
270		ts3 = ts;
271		timespecsub(&ts3, &ts2);
272		TIMESPEC_TO_TIMEVAL(&tv, &ts3);
273	}
274}
275
276#ifndef _SYS_SYSPROTO_H_
277struct nanosleep_args {
278	struct	timespec *rqtp;
279	struct	timespec *rmtp;
280};
281#endif
282
283/*
284 * MPSAFE
285 */
286/* ARGSUSED */
287int
288nanosleep(p, uap)
289	struct proc *p;
290	struct nanosleep_args *uap;
291{
292	struct timespec rmt, rqt;
293	int error;
294
295	error = copyin(SCARG(uap, rqtp), &rqt, sizeof(rqt));
296	if (error)
297		return (error);
298
299	mtx_lock(&Giant);
300	if (SCARG(uap, rmtp)) {
301		if (!useracc((caddr_t)SCARG(uap, rmtp), sizeof(rmt),
302		    VM_PROT_WRITE)) {
303			error = EFAULT;
304			goto done2;
305		}
306	}
307	error = nanosleep1(p, &rqt, &rmt);
308	if (error && SCARG(uap, rmtp)) {
309		int error2;
310
311		error2 = copyout(&rmt, SCARG(uap, rmtp), sizeof(rmt));
312		if (error2)	/* XXX shouldn't happen, did useracc() above */
313			error = error2;
314	}
315done2:
316	mtx_unlock(&Giant);
317	return (error);
318}
319
320#ifndef _SYS_SYSPROTO_H_
321struct gettimeofday_args {
322	struct	timeval *tp;
323	struct	timezone *tzp;
324};
325#endif
326/*
327 * MPSAFE
328 */
329/* ARGSUSED */
330int
331gettimeofday(p, uap)
332	struct proc *p;
333	register struct gettimeofday_args *uap;
334{
335	struct timeval atv;
336	int error = 0;
337
338	mtx_lock(&Giant);
339	if (uap->tp) {
340		microtime(&atv);
341		if ((error = copyout((caddr_t)&atv, (caddr_t)uap->tp,
342		    sizeof (atv)))) {
343			goto done2;
344		}
345	}
346	if (uap->tzp) {
347		error = copyout((caddr_t)&tz, (caddr_t)uap->tzp,
348		    sizeof (tz));
349	}
350done2:
351	mtx_unlock(&Giant);
352	return (error);
353}
354
355#ifndef _SYS_SYSPROTO_H_
356struct settimeofday_args {
357	struct	timeval *tv;
358	struct	timezone *tzp;
359};
360#endif
361/*
362 * MPSAFE
363 */
364/* ARGSUSED */
365int
366settimeofday(p, uap)
367	struct proc *p;
368	struct settimeofday_args *uap;
369{
370	struct timeval atv;
371	struct timezone atz;
372	int error = 0;
373
374	mtx_lock(&Giant);
375
376	if ((error = suser(p)))
377		goto done2;
378	/* Verify all parameters before changing time. */
379	if (uap->tv) {
380		if ((error = copyin((caddr_t)uap->tv, (caddr_t)&atv,
381		    sizeof(atv)))) {
382			goto done2;
383		}
384		if (atv.tv_usec < 0 || atv.tv_usec >= 1000000) {
385			error = EINVAL;
386			goto done2;
387		}
388	}
389	if (uap->tzp &&
390	    (error = copyin((caddr_t)uap->tzp, (caddr_t)&atz, sizeof(atz)))) {
391		goto done2;
392	}
393	if (uap->tv && (error = settime(&atv)))
394		goto done2;
395	if (uap->tzp)
396		tz = atz;
397done2:
398	mtx_unlock(&Giant);
399	return (error);
400}
401
402int	tickdelta;			/* current clock skew, us. per tick */
403long	timedelta;			/* unapplied time correction, us. */
404static long	bigadj = 1000000;	/* use 10x skew above bigadj us. */
405
406#ifndef _SYS_SYSPROTO_H_
407struct adjtime_args {
408	struct timeval *delta;
409	struct timeval *olddelta;
410};
411#endif
412/*
413 * MPSAFE
414 */
415/* ARGSUSED */
416int
417adjtime(p, uap)
418	struct proc *p;
419	register struct adjtime_args *uap;
420{
421	struct timeval atv;
422	register long ndelta, ntickdelta, odelta;
423	int s, error;
424
425	mtx_lock(&Giant);
426
427	if ((error = suser(p)))
428		goto done2;
429	error = copyin((caddr_t)uap->delta, (caddr_t)&atv,
430		    sizeof(struct timeval));
431	if (error)
432		goto done2;
433
434	/*
435	 * Compute the total correction and the rate at which to apply it.
436	 * Round the adjustment down to a whole multiple of the per-tick
437	 * delta, so that after some number of incremental changes in
438	 * hardclock(), tickdelta will become zero, lest the correction
439	 * overshoot and start taking us away from the desired final time.
440	 */
441	ndelta = atv.tv_sec * 1000000 + atv.tv_usec;
442	if (ndelta > bigadj || ndelta < -bigadj)
443		ntickdelta = 10 * tickadj;
444	else
445		ntickdelta = tickadj;
446	if (ndelta % ntickdelta)
447		ndelta = ndelta / ntickdelta * ntickdelta;
448
449	/*
450	 * To make hardclock()'s job easier, make the per-tick delta negative
451	 * if we want time to run slower; then hardclock can simply compute
452	 * tick + tickdelta, and subtract tickdelta from timedelta.
453	 */
454	if (ndelta < 0)
455		ntickdelta = -ntickdelta;
456	s = splclock();
457	odelta = timedelta;
458	timedelta = ndelta;
459	tickdelta = ntickdelta;
460	splx(s);
461
462	if (uap->olddelta) {
463		atv.tv_sec = odelta / 1000000;
464		atv.tv_usec = odelta % 1000000;
465		(void) copyout((caddr_t)&atv, (caddr_t)uap->olddelta,
466		    sizeof(struct timeval));
467	}
468done2:
469	mtx_unlock(&Giant);
470	return (error);
471}
472
473/*
474 * Get value of an interval timer.  The process virtual and
475 * profiling virtual time timers are kept in the p_stats area, since
476 * they can be swapped out.  These are kept internally in the
477 * way they are specified externally: in time until they expire.
478 *
479 * The real time interval timer is kept in the process table slot
480 * for the process, and its value (it_value) is kept as an
481 * absolute time rather than as a delta, so that it is easy to keep
482 * periodic real-time signals from drifting.
483 *
484 * Virtual time timers are processed in the hardclock() routine of
485 * kern_clock.c.  The real time timer is processed by a timeout
486 * routine, called from the softclock() routine.  Since a callout
487 * may be delayed in real time due to interrupt processing in the system,
488 * it is possible for the real time timeout routine (realitexpire, given below),
489 * to be delayed in real time past when it is supposed to occur.  It
490 * does not suffice, therefore, to reload the real timer .it_value from the
491 * real time timers .it_interval.  Rather, we compute the next time in
492 * absolute time the timer should go off.
493 */
494#ifndef _SYS_SYSPROTO_H_
495struct getitimer_args {
496	u_int	which;
497	struct	itimerval *itv;
498};
499#endif
500/*
501 * MPSAFE
502 */
503/* ARGSUSED */
504int
505getitimer(p, uap)
506	struct proc *p;
507	register struct getitimer_args *uap;
508{
509	struct timeval ctv;
510	struct itimerval aitv;
511	int s;
512	int error;
513
514	if (uap->which > ITIMER_PROF)
515		return (EINVAL);
516
517	mtx_lock(&Giant);
518
519	s = splclock(); /* XXX still needed ? */
520	if (uap->which == ITIMER_REAL) {
521		/*
522		 * Convert from absolute to relative time in .it_value
523		 * part of real time timer.  If time for real time timer
524		 * has passed return 0, else return difference between
525		 * current time and time for the timer to go off.
526		 */
527		aitv = p->p_realtimer;
528		if (timevalisset(&aitv.it_value)) {
529			getmicrouptime(&ctv);
530			if (timevalcmp(&aitv.it_value, &ctv, <))
531				timevalclear(&aitv.it_value);
532			else
533				timevalsub(&aitv.it_value, &ctv);
534		}
535	} else {
536		aitv = p->p_stats->p_timer[uap->which];
537	}
538	splx(s);
539	error = copyout((caddr_t)&aitv, (caddr_t)uap->itv,
540	    sizeof (struct itimerval));
541	mtx_unlock(&Giant);
542	return(error);
543}
544
545#ifndef _SYS_SYSPROTO_H_
546struct setitimer_args {
547	u_int	which;
548	struct	itimerval *itv, *oitv;
549};
550#endif
551/*
552 * MPSAFE
553 */
554/* ARGSUSED */
555int
556setitimer(p, uap)
557	struct proc *p;
558	register struct setitimer_args *uap;
559{
560	struct itimerval aitv;
561	struct timeval ctv;
562	register struct itimerval *itvp;
563	int s, error = 0;
564
565	if (uap->which > ITIMER_PROF)
566		return (EINVAL);
567	itvp = uap->itv;
568	if (itvp && (error = copyin((caddr_t)itvp, (caddr_t)&aitv,
569	    sizeof(struct itimerval))))
570		return (error);
571
572	mtx_lock(&Giant);
573
574	if ((uap->itv = uap->oitv) &&
575	    (error = getitimer(p, (struct getitimer_args *)uap))) {
576		goto done2;
577	}
578	if (itvp == 0) {
579		error = 0;
580		goto done2;
581	}
582	if (itimerfix(&aitv.it_value)) {
583		error = EINVAL;
584		goto done2;
585	}
586	if (!timevalisset(&aitv.it_value)) {
587		timevalclear(&aitv.it_interval);
588	} else if (itimerfix(&aitv.it_interval)) {
589		error = EINVAL;
590		goto done2;
591	}
592	s = splclock(); /* XXX: still needed ? */
593	if (uap->which == ITIMER_REAL) {
594		if (timevalisset(&p->p_realtimer.it_value))
595			callout_stop(&p->p_itcallout);
596		if (timevalisset(&aitv.it_value))
597			callout_reset(&p->p_itcallout, tvtohz(&aitv.it_value),
598			    realitexpire, p);
599		getmicrouptime(&ctv);
600		timevaladd(&aitv.it_value, &ctv);
601		p->p_realtimer = aitv;
602	} else {
603		p->p_stats->p_timer[uap->which] = aitv;
604	}
605	splx(s);
606done2:
607	mtx_unlock(&Giant);
608	return (error);
609}
610
611/*
612 * Real interval timer expired:
613 * send process whose timer expired an alarm signal.
614 * If time is not set up to reload, then just return.
615 * Else compute next time timer should go off which is > current time.
616 * This is where delay in processing this timeout causes multiple
617 * SIGALRM calls to be compressed into one.
618 * tvtohz() always adds 1 to allow for the time until the next clock
619 * interrupt being strictly less than 1 clock tick, but we don't want
620 * that here since we want to appear to be in sync with the clock
621 * interrupt even when we're delayed.
622 */
623void
624realitexpire(arg)
625	void *arg;
626{
627	register struct proc *p;
628	struct timeval ctv, ntv;
629	int s;
630
631	p = (struct proc *)arg;
632	PROC_LOCK(p);
633	psignal(p, SIGALRM);
634	if (!timevalisset(&p->p_realtimer.it_interval)) {
635		timevalclear(&p->p_realtimer.it_value);
636		PROC_UNLOCK(p);
637		return;
638	}
639	for (;;) {
640		s = splclock(); /* XXX: still neeeded ? */
641		timevaladd(&p->p_realtimer.it_value,
642		    &p->p_realtimer.it_interval);
643		getmicrouptime(&ctv);
644		if (timevalcmp(&p->p_realtimer.it_value, &ctv, >)) {
645			ntv = p->p_realtimer.it_value;
646			timevalsub(&ntv, &ctv);
647			callout_reset(&p->p_itcallout, tvtohz(&ntv) - 1,
648			    realitexpire, p);
649			splx(s);
650			PROC_UNLOCK(p);
651			return;
652		}
653		splx(s);
654	}
655	/*NOTREACHED*/
656}
657
658/*
659 * Check that a proposed value to load into the .it_value or
660 * .it_interval part of an interval timer is acceptable, and
661 * fix it to have at least minimal value (i.e. if it is less
662 * than the resolution of the clock, round it up.)
663 */
664int
665itimerfix(tv)
666	struct timeval *tv;
667{
668
669	if (tv->tv_sec < 0 || tv->tv_sec > 100000000 ||
670	    tv->tv_usec < 0 || tv->tv_usec >= 1000000)
671		return (EINVAL);
672	if (tv->tv_sec == 0 && tv->tv_usec != 0 && tv->tv_usec < tick)
673		tv->tv_usec = tick;
674	return (0);
675}
676
677/*
678 * Decrement an interval timer by a specified number
679 * of microseconds, which must be less than a second,
680 * i.e. < 1000000.  If the timer expires, then reload
681 * it.  In this case, carry over (usec - old value) to
682 * reduce the value reloaded into the timer so that
683 * the timer does not drift.  This routine assumes
684 * that it is called in a context where the timers
685 * on which it is operating cannot change in value.
686 */
687int
688itimerdecr(itp, usec)
689	register struct itimerval *itp;
690	int usec;
691{
692
693	if (itp->it_value.tv_usec < usec) {
694		if (itp->it_value.tv_sec == 0) {
695			/* expired, and already in next interval */
696			usec -= itp->it_value.tv_usec;
697			goto expire;
698		}
699		itp->it_value.tv_usec += 1000000;
700		itp->it_value.tv_sec--;
701	}
702	itp->it_value.tv_usec -= usec;
703	usec = 0;
704	if (timevalisset(&itp->it_value))
705		return (1);
706	/* expired, exactly at end of interval */
707expire:
708	if (timevalisset(&itp->it_interval)) {
709		itp->it_value = itp->it_interval;
710		itp->it_value.tv_usec -= usec;
711		if (itp->it_value.tv_usec < 0) {
712			itp->it_value.tv_usec += 1000000;
713			itp->it_value.tv_sec--;
714		}
715	} else
716		itp->it_value.tv_usec = 0;		/* sec is already 0 */
717	return (0);
718}
719
720/*
721 * Add and subtract routines for timevals.
722 * N.B.: subtract routine doesn't deal with
723 * results which are before the beginning,
724 * it just gets very confused in this case.
725 * Caveat emptor.
726 */
727void
728timevaladd(t1, t2)
729	struct timeval *t1, *t2;
730{
731
732	t1->tv_sec += t2->tv_sec;
733	t1->tv_usec += t2->tv_usec;
734	timevalfix(t1);
735}
736
737void
738timevalsub(t1, t2)
739	struct timeval *t1, *t2;
740{
741
742	t1->tv_sec -= t2->tv_sec;
743	t1->tv_usec -= t2->tv_usec;
744	timevalfix(t1);
745}
746
747static void
748timevalfix(t1)
749	struct timeval *t1;
750{
751
752	if (t1->tv_usec < 0) {
753		t1->tv_sec--;
754		t1->tv_usec += 1000000;
755	}
756	if (t1->tv_usec >= 1000000) {
757		t1->tv_sec++;
758		t1->tv_usec -= 1000000;
759	}
760}
761