/*
- * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
+ * Copyright (c) 2000-2008 Apple Inc. All rights reserved.
*
- * @APPLE_LICENSE_HEADER_START@
- *
- * The contents of this file constitute Original Code as defined in and
- * are subject to the Apple Public Source License Version 1.1 (the
- * "License"). You may not use this file except in compliance with the
- * License. Please obtain a copy of the License at
- * http://www.apple.com/publicsource and read it before using this file.
- *
- * This Original Code and all software distributed under the License are
- * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. The rights granted to you under the License
+ * may not be used to create, or enable the creation or redistribution of,
+ * unlawful or unlicensed copies of an Apple operating system, or to
+ * circumvent, violate, or enable the circumvention or violation of, any
+ * terms of an Apple operating system software license agreement.
+ *
+ * Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
- * License for the specific language governing rights and limitations
- * under the License.
- *
- * @APPLE_LICENSE_HEADER_END@
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
*/
/* Copyright (c) 1995 NeXT Computer, Inc. All Rights Reserved */
/*
*
* @(#)kern_time.c 8.4 (Berkeley) 5/26/95
*/
+/*
+ * NOTICE: This file was modified by SPARTA, Inc. in 2005 to introduce
+ * support for mandatory and extensible security protections. This notice
+ * is included in support of clause 2.2 (b) of the Apple Public License,
+ * Version 2.0.
+ */
#include <sys/param.h>
#include <sys/resourcevar.h>
#include <sys/kernel.h>
#include <sys/systm.h>
-#include <sys/proc.h>
+#include <sys/proc_internal.h>
+#include <sys/kauth.h>
#include <sys/vnode.h>
+#include <sys/time.h>
+#include <sys/priv.h>
-#include <sys/mount.h>
-
-#include <kern/cpu_number.h>
+#include <sys/mount_internal.h>
+#include <sys/sysproto.h>
+#include <sys/signalvar.h>
+#include <sys/protosw.h> /* for net_uptime2timeval() */
#include <kern/clock.h>
+#include <kern/task.h>
+#include <kern/thread_call.h>
+#if CONFIG_MACF
+#include <security/mac_framework.h>
+#endif
+#include <IOKit/IOBSD.h>
+#include <sys/time.h>
+#include <kern/remote_time.h>
-#define HZ 100 /* XXX */
+#define HZ 100 /* XXX */
-struct timeval time;
+/* simple lock used to access timezone, tz structure */
+lck_spin_t * tz_slock;
+lck_grp_t * tz_slock_grp;
+lck_attr_t * tz_slock_attr;
+lck_grp_attr_t *tz_slock_grp_attr;
-/*
+static void setthetime(
+ struct timeval *tv);
+
+void time_zone_slock_init(void);
+static boolean_t timeval_fixusec(struct timeval *t1);
+
+/*
* Time of day and interval timer support.
*
* These routines provide the kernel entry points to get and set
* and decrementing interval timers, optionally reloading the interval
* timers when they expire.
*/
-struct gettimeofday_args{
- struct timeval *tp;
- struct timezone *tzp;
-};
/* ARGSUSED */
int
-gettimeofday(p, uap, retval)
- struct proc *p;
- register struct gettimeofday_args *uap;
- register_t *retval;
+gettimeofday(
+ struct proc *p,
+ struct gettimeofday_args *uap,
+ __unused int32_t *retval)
{
- struct timeval atv;
int error = 0;
+ struct timezone ltz; /* local copy */
+ clock_sec_t secs;
+ clock_usec_t usecs;
+ uint64_t mach_time;
+
+ if (uap->tp || uap->mach_absolute_time) {
+ clock_gettimeofday_and_absolute_time(&secs, &usecs, &mach_time);
+ }
if (uap->tp) {
- microtime(&atv);
- if (error = copyout((caddr_t)&atv, (caddr_t)uap->tp,
- sizeof (atv)))
- return(error);
+ /* Casting secs through a uint32_t to match arm64 commpage */
+ if (IS_64BIT_PROCESS(p)) {
+ struct user64_timeval user_atv = {};
+ user_atv.tv_sec = (uint32_t)secs;
+ user_atv.tv_usec = usecs;
+ error = copyout(&user_atv, uap->tp, sizeof(user_atv));
+ } else {
+ struct user32_timeval user_atv = {};
+ user_atv.tv_sec = (uint32_t)secs;
+ user_atv.tv_usec = usecs;
+ error = copyout(&user_atv, uap->tp, sizeof(user_atv));
+ }
+ if (error) {
+ return error;
+ }
+ }
+
+ if (uap->tzp) {
+ lck_spin_lock(tz_slock);
+ ltz = tz;
+ lck_spin_unlock(tz_slock);
+
+ error = copyout((caddr_t)<z, CAST_USER_ADDR_T(uap->tzp), sizeof(tz));
}
-
- if (uap->tzp)
- error = copyout((caddr_t)&tz, (caddr_t)uap->tzp,
- sizeof (tz));
- return(error);
+ if (error == 0 && uap->mach_absolute_time) {
+ error = copyout(&mach_time, uap->mach_absolute_time, sizeof(mach_time));
+ }
+
+ return error;
}
-struct settimeofday_args {
- struct timeval *tv;
- struct timezone *tzp;
-};
+/*
+ * XXX Y2038 bug because of setthetime() argument
+ */
/* ARGSUSED */
int
-settimeofday(p, uap, retval)
- struct proc *p;
- struct settimeofday_args *uap;
- register_t *retval;
+settimeofday(__unused struct proc *p, struct settimeofday_args *uap, __unused int32_t *retval)
{
struct timeval atv;
struct timezone atz;
- int error, s;
-
- if (error = suser(p->p_ucred, &p->p_acflag))
- return (error);
- /* Verify all parameters before changing time. */
- if (uap->tv && (error = copyin((caddr_t)uap->tv,
- (caddr_t)&atv, sizeof(atv))))
- return (error);
- if (uap->tzp && (error = copyin((caddr_t)uap->tzp,
- (caddr_t)&atz, sizeof(atz))))
- return (error);
- if (uap->tv)
- setthetime(&atv);
- if (uap->tzp)
- tz = atz;
- return (0);
-}
+ int error;
-setthetime(tv)
- struct timeval *tv;
-{
- mach_timespec_t now;
- long delta;
- int s;
-
- now.tv_sec = tv->tv_sec;
- now.tv_nsec = tv->tv_usec * NSEC_PER_USEC;
-
- clock_set_calendar_value(now);
- delta = tv->tv_sec - time.tv_sec;
- boottime.tv_sec += delta;
-#if NFSCLIENT || NFSSERVER
- lease_updatetime(delta);
+ bzero(&atv, sizeof(atv));
+
+ /* Check that this task is entitled to set the time or it is root */
+ if (!IOTaskHasEntitlement(current_task(), SETTIME_ENTITLEMENT)) {
+#if CONFIG_MACF
+ error = mac_system_check_settime(kauth_cred_get());
+ if (error) {
+ return error;
+ }
#endif
- s = splhigh();
- microtime(&time);
- splx(s);
-}
+#ifndef CONFIG_EMBEDDED
+ if ((error = suser(kauth_cred_get(), &p->p_acflag))) {
+ return error;
+ }
+#endif
+ }
-int tickadj = 240000 / (60 * HZ); /* "standard" clock skew, us./tick */
-int tickdelta; /* current clock skew, us. per tick */
-long timedelta; /* unapplied time correction, us. */
-long bigadj = 1000000; /* use 10x skew above bigadj us. */
+ /* Verify all parameters before changing time */
+ if (uap->tv) {
+ if (IS_64BIT_PROCESS(p)) {
+ struct user64_timeval user_atv;
+ error = copyin(uap->tv, &user_atv, sizeof(user_atv));
+ atv.tv_sec = user_atv.tv_sec;
+ atv.tv_usec = user_atv.tv_usec;
+ } else {
+ struct user32_timeval user_atv;
+ error = copyin(uap->tv, &user_atv, sizeof(user_atv));
+ atv.tv_sec = user_atv.tv_sec;
+ atv.tv_usec = user_atv.tv_usec;
+ }
+ if (error) {
+ return error;
+ }
+ }
+ if (uap->tzp && (error = copyin(uap->tzp, (caddr_t)&atz, sizeof(atz)))) {
+ return error;
+ }
+ if (uap->tv) {
+ /* only positive values of sec/usec are accepted */
+ if (atv.tv_sec < 0 || atv.tv_usec < 0) {
+ return EPERM;
+ }
+ if (!timeval_fixusec(&atv)) {
+ return EPERM;
+ }
+ setthetime(&atv);
+ }
+ if (uap->tzp) {
+ lck_spin_lock(tz_slock);
+ tz = atz;
+ lck_spin_unlock(tz_slock);
+ }
+ return 0;
+}
-struct adjtime_args {
- struct timeval *delta;
- struct timeval *olddelta;
-};
-/* ARGSUSED */
-int
-adjtime(p, uap, retval)
- struct proc *p;
- register struct adjtime_args *uap;
- register_t *retval;
+static void
+setthetime(
+ struct timeval *tv)
{
- struct timeval atv, oatv;
- register long ndelta;
- int s, error;
-
- if (error = suser(p->p_ucred, &p->p_acflag))
- return (error);
- if(error = copyin((caddr_t)uap->delta, (caddr_t)&atv,
- sizeof (struct timeval)))
- return(error);
-
- ndelta = atv.tv_sec * 1000000 + atv.tv_usec;
- if (timedelta == 0)
- if (ndelta > bigadj)
- tickdelta = 10 * tickadj;
- else
- tickdelta = tickadj;
- if (ndelta % tickdelta)
- ndelta = ndelta / tickdelta * tickdelta;
-
- s = splclock();
- if (uap->olddelta) {
- oatv.tv_sec = timedelta / 1000000;
- oatv.tv_usec = timedelta % 1000000;
- }
- timedelta = ndelta;
- splx(s);
-
- if (uap->olddelta)
- (void) copyout((caddr_t)&oatv, (caddr_t)uap->olddelta,
- sizeof (struct timeval));
- return(0);
+ clock_set_calendar_microtime(tv->tv_sec, tv->tv_usec);
}
-#define SECDAY ((unsigned)(24*60*60)) /* seconds per day */
-#define SECYR ((unsigned)(365*SECDAY)) /* per common year */
-#define YRREF 70 /* UNIX time referenced to 1970 */
-
/*
- * Initialze the time of day register.
- * Trust the RTC except for the case where it is set before
- * the UNIX epoch. In that case use the the UNIX epoch.
- * The argument passed in is ignored.
+ * Verify the calendar value. If negative,
+ * reset to zero (the epoch).
*/
void
-inittodr(base)
- time_t base;
+inittodr(
+ __unused time_t base)
{
+ struct timeval tv;
+
/*
* Assertion:
* The calendar has already been
- * set up from the battery clock.
+ * set up from the platform clock.
*
* The value returned by microtime()
* is gotten from the calendar.
*/
- microtime(&time);
-
- /*
- * This variable still exists to keep
- * 'w' happy. It should only be considered
- * an approximation.
- */
- boottime.tv_sec = time.tv_sec;
- boottime.tv_usec = 0;
+ microtime(&tv);
- /*
- * If the RTC does not have acceptable value, i.e. time before
- * the UNIX epoch, set it to the UNIX epoch
- */
- if (time.tv_sec < 0) {
- printf ("WARNING: preposterous time in Real Time Clock");
- time.tv_sec = 0; /* the UNIX epoch */
- time.tv_usec = 0;
- setthetime(&time);
- boottime = time;
+ if (tv.tv_sec < 0 || tv.tv_usec < 0) {
+ printf("WARNING: preposterous time in Real Time Clock");
+ tv.tv_sec = 0; /* the UNIX epoch */
+ tv.tv_usec = 0;
+ setthetime(&tv);
printf(" -- CHECK AND RESET THE DATE!\n");
}
+}
+
+time_t
+boottime_sec(void)
+{
+ clock_sec_t secs;
+ clock_nsec_t nanosecs;
+
+ clock_get_boottime_nanotime(&secs, &nanosecs);
+ return secs;
+}
+
+void
+boottime_timeval(struct timeval *tv)
+{
+ clock_sec_t secs;
+ clock_usec_t microsecs;
+
+ clock_get_boottime_microtime(&secs, µsecs);
- return;
+ tv->tv_sec = secs;
+ tv->tv_usec = microsecs;
}
/*
* Get value of an interval timer. The process virtual and
- * profiling virtual time timers are kept in the u. area, since
- * they can be swapped out. These are kept internally in the
+ * profiling virtual time timers are kept internally in the
* way they are specified externally: in time until they expire.
*
- * The real time interval timer is kept in the process table slot
- * for the process, and its value (it_value) is kept as an
- * absolute time rather than as a delta, so that it is easy to keep
- * periodic real-time signals from drifting.
+ * The real time interval timer expiration time (p_rtime)
+ * is kept as an absolute time rather than as a delta, so that
+ * it is easy to keep periodic real-time signals from drifting.
*
- * Virtual time timers are processed in the hardclock() routine of
- * kern_clock.c. The real time timer is processed by a timeout
- * routine, called from the softclock() routine. Since a callout
- * may be delayed in real time due to interrupt processing in the system,
- * it is possible for the real time timeout routine (realitexpire, given below),
- * to be delayed in real time past when it is supposed to occur. It
- * does not suffice, therefore, to reload the real timer .it_value from the
- * real time timers .it_interval. Rather, we compute the next time in
- * absolute time the timer should go off.
+ * The real time timer is processed by a callout routine.
+ * Since a callout may be delayed in real time due to
+ * other processing in the system, it is possible for the real
+ * time callout routine (realitexpire, given below), to be delayed
+ * in real time past when it is supposed to occur. It does not
+ * suffice, therefore, to reload the real time .it_value from the
+ * real time .it_interval. Rather, we compute the next time in
+ * absolute time when the timer should go off.
+ *
+ * Returns: 0 Success
+ * EINVAL Invalid argument
+ * copyout:EFAULT Bad address
*/
-
-struct getitimer_args {
- u_int which;
- struct itimerval *itv;
-};
/* ARGSUSED */
int
-getitimer(p, uap, retval)
- struct proc *p;
- register struct getitimer_args *uap;
- register_t *retval;
+getitimer(struct proc *p, struct getitimer_args *uap, __unused int32_t *retval)
{
struct itimerval aitv;
- int s;
- if (uap->which > ITIMER_PROF)
- return(EINVAL);
-
- s = splclock();
- if (uap->which == ITIMER_REAL) {
+ if (uap->which > ITIMER_PROF) {
+ return EINVAL;
+ }
+
+ bzero(&aitv, sizeof(aitv));
+
+ proc_spinlock(p);
+ switch (uap->which) {
+ case ITIMER_REAL:
/*
- * Convert from absoulte to relative time in .it_value
- * part of real time timer. If time for real time timer
- * has passed return 0, else return difference between
- * current time and time for the timer to go off.
+ * If time for real time timer has passed return 0,
+ * else return difference between current time and
+ * time for the timer to go off.
*/
aitv = p->p_realtimer;
- if (timerisset(&aitv.it_value))
- if (timercmp(&aitv.it_value, &time, <))
+ if (timerisset(&p->p_rtime)) {
+ struct timeval now;
+
+ microuptime(&now);
+ if (timercmp(&p->p_rtime, &now, <)) {
timerclear(&aitv.it_value);
- else
- timevalsub(&aitv.it_value, &time);
- } else
- aitv =p->p_stats->p_timer[uap->which];
- splx(s);
- return(copyout((caddr_t)&aitv, (caddr_t)uap->itv,
- sizeof (struct itimerval)));
+ } else {
+ aitv.it_value = p->p_rtime;
+ timevalsub(&aitv.it_value, &now);
+ }
+ } else {
+ timerclear(&aitv.it_value);
+ }
+ break;
+
+ case ITIMER_VIRTUAL:
+ aitv = p->p_vtimer_user;
+ break;
+
+ case ITIMER_PROF:
+ aitv = p->p_vtimer_prof;
+ break;
+ }
+
+ proc_spinunlock(p);
+
+ if (IS_64BIT_PROCESS(p)) {
+ struct user64_itimerval user_itv;
+ bzero(&user_itv, sizeof(user_itv));
+ user_itv.it_interval.tv_sec = aitv.it_interval.tv_sec;
+ user_itv.it_interval.tv_usec = aitv.it_interval.tv_usec;
+ user_itv.it_value.tv_sec = aitv.it_value.tv_sec;
+ user_itv.it_value.tv_usec = aitv.it_value.tv_usec;
+ return copyout((caddr_t)&user_itv, uap->itv, sizeof(user_itv));
+ } else {
+ struct user32_itimerval user_itv;
+ bzero(&user_itv, sizeof(user_itv));
+ user_itv.it_interval.tv_sec = aitv.it_interval.tv_sec;
+ user_itv.it_interval.tv_usec = aitv.it_interval.tv_usec;
+ user_itv.it_value.tv_sec = aitv.it_value.tv_sec;
+ user_itv.it_value.tv_usec = aitv.it_value.tv_usec;
+ return copyout((caddr_t)&user_itv, uap->itv, sizeof(user_itv));
+ }
}
-struct setitimer_args {
- u_int which;
- struct itimerval *itv;
- struct itimerval *oitv;
-};
+/*
+ * Returns: 0 Success
+ * EINVAL Invalid argument
+ * copyin:EFAULT Bad address
+ * getitimer:EINVAL Invalid argument
+ * getitimer:EFAULT Bad address
+ */
/* ARGSUSED */
int
-setitimer(p, uap, retval)
- struct proc *p;
- register struct setitimer_args *uap;
- register_t *retval;
+setitimer(struct proc *p, struct setitimer_args *uap, int32_t *retval)
{
struct itimerval aitv;
- register struct itimerval *itvp;
- int s, error;
-
- if (uap->which > ITIMER_PROF)
- return(EINVAL);
- itvp = uap->itv;
- if (itvp && (error = copyin((caddr_t)itvp, (caddr_t)&aitv,
- sizeof(struct itimerval))))
- return (error);
- if ((uap->itv = uap->oitv) &&
- (error = getitimer(p, uap, retval)))
- return (error);
- if (itvp == 0)
- return (0);
- if (itimerfix(&aitv.it_value) || itimerfix(&aitv.it_interval))
- return (EINVAL);
- s = splclock();
- if (uap->which == ITIMER_REAL) {
- untimeout(realitexpire, (caddr_t)p);
+ user_addr_t itvp;
+ int error;
+
+ bzero(&aitv, sizeof(aitv));
+
+ if (uap->which > ITIMER_PROF) {
+ return EINVAL;
+ }
+ if ((itvp = uap->itv)) {
+ if (IS_64BIT_PROCESS(p)) {
+ struct user64_itimerval user_itv;
+ if ((error = copyin(itvp, (caddr_t)&user_itv, sizeof(user_itv)))) {
+ return error;
+ }
+ aitv.it_interval.tv_sec = user_itv.it_interval.tv_sec;
+ aitv.it_interval.tv_usec = user_itv.it_interval.tv_usec;
+ aitv.it_value.tv_sec = user_itv.it_value.tv_sec;
+ aitv.it_value.tv_usec = user_itv.it_value.tv_usec;
+ } else {
+ struct user32_itimerval user_itv;
+ if ((error = copyin(itvp, (caddr_t)&user_itv, sizeof(user_itv)))) {
+ return error;
+ }
+ aitv.it_interval.tv_sec = user_itv.it_interval.tv_sec;
+ aitv.it_interval.tv_usec = user_itv.it_interval.tv_usec;
+ aitv.it_value.tv_sec = user_itv.it_value.tv_sec;
+ aitv.it_value.tv_usec = user_itv.it_value.tv_usec;
+ }
+ }
+ if ((uap->itv = uap->oitv) && (error = getitimer(p, (struct getitimer_args *)uap, retval))) {
+ return error;
+ }
+ if (itvp == 0) {
+ return 0;
+ }
+ if (itimerfix(&aitv.it_value) || itimerfix(&aitv.it_interval)) {
+ return EINVAL;
+ }
+
+ switch (uap->which) {
+ case ITIMER_REAL:
+ proc_spinlock(p);
+ if (timerisset(&aitv.it_value)) {
+ microuptime(&p->p_rtime);
+ timevaladd(&p->p_rtime, &aitv.it_value);
+ p->p_realtimer = aitv;
+ if (!thread_call_enter_delayed_with_leeway(p->p_rcall, NULL,
+ tvtoabstime(&p->p_rtime), 0, THREAD_CALL_DELAY_USER_NORMAL)) {
+ p->p_ractive++;
+ }
+ } else {
+ timerclear(&p->p_rtime);
+ p->p_realtimer = aitv;
+ if (thread_call_cancel(p->p_rcall)) {
+ p->p_ractive--;
+ }
+ }
+ proc_spinunlock(p);
+
+ break;
+
+
+ case ITIMER_VIRTUAL:
+ if (timerisset(&aitv.it_value)) {
+ task_vtimer_set(p->task, TASK_VTIMER_USER);
+ } else {
+ task_vtimer_clear(p->task, TASK_VTIMER_USER);
+ }
+
+ proc_spinlock(p);
+ p->p_vtimer_user = aitv;
+ proc_spinunlock(p);
+ break;
+
+ case ITIMER_PROF:
if (timerisset(&aitv.it_value)) {
- timevaladd(&aitv.it_value, &time);
- timeout(realitexpire, (caddr_t)p, hzto(&aitv.it_value));
+ task_vtimer_set(p->task, TASK_VTIMER_PROF);
+ } else {
+ task_vtimer_clear(p->task, TASK_VTIMER_PROF);
}
- p->p_realtimer = aitv;
- } else
- p->p_stats->p_timer[uap->which] = aitv;
- splx(s);
- return(0); /* To insure good return value on success */
+
+ proc_spinlock(p);
+ p->p_vtimer_prof = aitv;
+ proc_spinunlock(p);
+ break;
+ }
+
+ return 0;
}
/*
* SIGALRM calls to be compressed into one.
*/
void
-realitexpire(arg)
- void *arg;
+realitexpire(
+ struct proc *p)
{
- register struct proc *p;
- int s;
- boolean_t funnel_state;
+ struct proc *r;
+ struct timeval t;
- funnel_state = thread_funnel_set(kernel_flock,TRUE);
+ r = proc_find(p->p_pid);
+
+ proc_spinlock(p);
+
+ assert(p->p_ractive > 0);
+
+ if (--p->p_ractive > 0 || r != p) {
+ /*
+ * bail, because either proc is exiting
+ * or there's another active thread call
+ */
+ proc_spinunlock(p);
+
+ if (r != NULL) {
+ proc_rele(r);
+ }
+ return;
+ }
- p = (struct proc *)arg;
- psignal(p, SIGALRM);
if (!timerisset(&p->p_realtimer.it_interval)) {
- timerclear(&p->p_realtimer.it_value);
- (void) thread_funnel_set(kernel_flock, FALSE);
+ /*
+ * p_realtimer was cleared while this call was pending,
+ * send one last SIGALRM, but don't re-arm
+ */
+ timerclear(&p->p_rtime);
+ proc_spinunlock(p);
+
+ psignal(p, SIGALRM);
+ proc_rele(p);
return;
}
-
+
+ proc_spinunlock(p);
+
/*
- * If the time's way off, don't try to compensate by getting
- * there incrementally.
+ * Send the signal before re-arming the next thread call,
+ * so in case psignal blocks, we won't create yet another thread call.
*/
- s = splclock();
- if (p->p_realtimer.it_value.tv_sec < time.tv_sec - 10) {
- p->p_realtimer.it_value = time;
- timeout(realitexpire, (caddr_t)p,
- hzto(&p->p_realtimer.it_value));
- splx(s);
- (void) thread_funnel_set(kernel_flock, FALSE);
+
+ psignal(p, SIGALRM);
+
+ proc_spinlock(p);
+
+ /* Should we still re-arm the next thread call? */
+ if (!timerisset(&p->p_realtimer.it_interval)) {
+ timerclear(&p->p_rtime);
+ proc_spinunlock(p);
+
+ proc_rele(p);
return;
-
- }
- splx(s);
-
- for (;;) {
- s = splclock();
- timevaladd(&p->p_realtimer.it_value,
- &p->p_realtimer.it_interval);
- if (timercmp(&p->p_realtimer.it_value, &time, >)) {
- timeout(realitexpire, (caddr_t)p,
- hzto(&p->p_realtimer.it_value));
- splx(s);
- (void) thread_funnel_set(kernel_flock, FALSE);
- return;
+ }
+
+ microuptime(&t);
+ timevaladd(&p->p_rtime, &p->p_realtimer.it_interval);
+
+ if (timercmp(&p->p_rtime, &t, <=)) {
+ if ((p->p_rtime.tv_sec + 2) >= t.tv_sec) {
+ for (;;) {
+ timevaladd(&p->p_rtime, &p->p_realtimer.it_interval);
+ if (timercmp(&p->p_rtime, &t, >)) {
+ break;
+ }
+ }
+ } else {
+ p->p_rtime = p->p_realtimer.it_interval;
+ timevaladd(&p->p_rtime, &t);
}
- splx(s);
}
-
- (void) thread_funnel_set(kernel_flock, FALSE);
+
+ assert(p->p_rcall != NULL);
+
+ if (!thread_call_enter_delayed_with_leeway(p->p_rcall, NULL, tvtoabstime(&p->p_rtime), 0,
+ THREAD_CALL_DELAY_USER_NORMAL)) {
+ p->p_ractive++;
+ }
+
+ proc_spinunlock(p);
+
+ proc_rele(p);
+}
+
+/*
+ * Called once in proc_exit to clean up after an armed or pending realitexpire
+ *
+ * This will only be called after the proc refcount is drained,
+ * so realitexpire cannot be currently holding a proc ref.
+ * i.e. it will/has gotten PROC_NULL from proc_find.
+ */
+void
+proc_free_realitimer(proc_t p)
+{
+ proc_spinlock(p);
+
+ assert(p->p_rcall != NULL);
+ assert(p->p_refcount == 0);
+
+ timerclear(&p->p_realtimer.it_interval);
+
+ if (thread_call_cancel(p->p_rcall)) {
+ assert(p->p_ractive > 0);
+ p->p_ractive--;
+ }
+
+ while (p->p_ractive > 0) {
+ proc_spinunlock(p);
+
+ delay(1);
+
+ proc_spinlock(p);
+ }
+
+ thread_call_t call = p->p_rcall;
+ p->p_rcall = NULL;
+
+ proc_spinunlock(p);
+
+ thread_call_free(call);
}
/*
* Check that a proposed value to load into the .it_value or
- * .it_interval part of an interval timer is acceptable, and
- * fix it to have at least minimal value (i.e. if it is less
- * than the resolution of the clock, round it up.)
+ * .it_interval part of an interval timer is acceptable.
*/
int
-itimerfix(tv)
- struct timeval *tv;
+itimerfix(
+ struct timeval *tv)
{
-
if (tv->tv_sec < 0 || tv->tv_sec > 100000000 ||
- tv->tv_usec < 0 || tv->tv_usec >= 1000000)
- return (EINVAL);
- if (tv->tv_sec == 0 && tv->tv_usec != 0 && tv->tv_usec < tick)
- tv->tv_usec = tick;
- return (0);
+ tv->tv_usec < 0 || tv->tv_usec >= 1000000) {
+ return EINVAL;
+ }
+ return 0;
+}
+
+int
+timespec_is_valid(const struct timespec *ts)
+{
+ /* The INT32_MAX limit ensures the timespec is safe for clock_*() functions
+ * which accept 32-bit ints. */
+ if (ts->tv_sec < 0 || ts->tv_sec > INT32_MAX ||
+ ts->tv_nsec < 0 || (unsigned long long)ts->tv_nsec > NSEC_PER_SEC) {
+ return 0;
+ }
+ return 1;
}
/*
* of microseconds, which must be less than a second,
* i.e. < 1000000. If the timer expires, then reload
* it. In this case, carry over (usec - old value) to
- * reducint the value reloaded into the timer so that
+ * reduce the value reloaded into the timer so that
* the timer does not drift. This routine assumes
* that it is called in a context where the timers
* on which it is operating cannot change in value.
*/
int
-itimerdecr(itp, usec)
- register struct itimerval *itp;
- int usec;
+itimerdecr(proc_t p,
+ struct itimerval *itp, int usec)
{
+ proc_spinlock(p);
if (itp->it_value.tv_usec < usec) {
if (itp->it_value.tv_sec == 0) {
}
itp->it_value.tv_usec -= usec;
usec = 0;
- if (timerisset(&itp->it_value))
- return (1);
+ if (timerisset(&itp->it_value)) {
+ proc_spinunlock(p);
+ return 1;
+ }
/* expired, exactly at end of interval */
expire:
if (timerisset(&itp->it_interval)) {
itp->it_value = itp->it_interval;
- itp->it_value.tv_usec -= usec;
- if (itp->it_value.tv_usec < 0) {
- itp->it_value.tv_usec += 1000000;
- itp->it_value.tv_sec--;
+ if (itp->it_value.tv_sec > 0) {
+ itp->it_value.tv_usec -= usec;
+ if (itp->it_value.tv_usec < 0) {
+ itp->it_value.tv_usec += 1000000;
+ itp->it_value.tv_sec--;
+ }
}
- } else
- itp->it_value.tv_usec = 0; /* sec is already 0 */
- return (0);
+ } else {
+ itp->it_value.tv_usec = 0; /* sec is already 0 */
+ }
+ proc_spinunlock(p);
+ return 0;
}
/*
* Caveat emptor.
*/
void
-timevaladd(t1, t2)
- struct timeval *t1, *t2;
+timevaladd(
+ struct timeval *t1,
+ struct timeval *t2)
{
-
t1->tv_sec += t2->tv_sec;
t1->tv_usec += t2->tv_usec;
timevalfix(t1);
}
void
-timevalsub(t1, t2)
- struct timeval *t1, *t2;
+timevalsub(
+ struct timeval *t1,
+ struct timeval *t2)
{
-
t1->tv_sec -= t2->tv_sec;
t1->tv_usec -= t2->tv_usec;
timevalfix(t1);
}
void
-timevalfix(t1)
- struct timeval *t1;
+timevalfix(
+ struct timeval *t1)
{
-
if (t1->tv_usec < 0) {
t1->tv_sec--;
t1->tv_usec += 1000000;
}
}
+static boolean_t
+timeval_fixusec(
+ struct timeval *t1)
+{
+ assert(t1->tv_usec >= 0);
+ assert(t1->tv_sec >= 0);
+
+ if (t1->tv_usec >= 1000000) {
+ if (os_add_overflow(t1->tv_sec, t1->tv_usec / 1000000, &t1->tv_sec)) {
+ return FALSE;
+ }
+ t1->tv_usec = t1->tv_usec % 1000000;
+ }
+
+ return TRUE;
+}
+
/*
* Return the best possible estimate of the time in the timeval
* to which tvp points.
*/
void
-microtime(struct timeval * tvp)
+microtime(
+ struct timeval *tvp)
+{
+ clock_sec_t tv_sec;
+ clock_usec_t tv_usec;
+
+ clock_get_calendar_microtime(&tv_sec, &tv_usec);
+
+ tvp->tv_sec = tv_sec;
+ tvp->tv_usec = tv_usec;
+}
+
+void
+microtime_with_abstime(
+ struct timeval *tvp, uint64_t *abstime)
{
- mach_timespec_t now = clock_get_calendar_value();
+ clock_sec_t tv_sec;
+ clock_usec_t tv_usec;
+
+ clock_get_calendar_absolute_and_microtime(&tv_sec, &tv_usec, abstime);
- tvp->tv_sec = now.tv_sec;
- tvp->tv_usec = now.tv_nsec / NSEC_PER_USEC;
+ tvp->tv_sec = tv_sec;
+ tvp->tv_usec = tv_usec;
+}
+
+void
+microuptime(
+ struct timeval *tvp)
+{
+ clock_sec_t tv_sec;
+ clock_usec_t tv_usec;
+
+ clock_get_system_microtime(&tv_sec, &tv_usec);
+
+ tvp->tv_sec = tv_sec;
+ tvp->tv_usec = tv_usec;
+}
+
+/*
+ * Ditto for timespec.
+ */
+void
+nanotime(
+ struct timespec *tsp)
+{
+ clock_sec_t tv_sec;
+ clock_nsec_t tv_nsec;
+
+ clock_get_calendar_nanotime(&tv_sec, &tv_nsec);
+
+ tsp->tv_sec = tv_sec;
+ tsp->tv_nsec = tv_nsec;
+}
+
+void
+nanouptime(
+ struct timespec *tsp)
+{
+ clock_sec_t tv_sec;
+ clock_nsec_t tv_nsec;
+
+ clock_get_system_nanotime(&tv_sec, &tv_nsec);
+
+ tsp->tv_sec = tv_sec;
+ tsp->tv_nsec = tv_nsec;
+}
+
+uint64_t
+tvtoabstime(
+ struct timeval *tvp)
+{
+ uint64_t result, usresult;
+
+ clock_interval_to_absolutetime_interval(
+ tvp->tv_sec, NSEC_PER_SEC, &result);
+ clock_interval_to_absolutetime_interval(
+ tvp->tv_usec, NSEC_PER_USEC, &usresult);
+
+ return result + usresult;
+}
+
+uint64_t
+tstoabstime(struct timespec *ts)
+{
+ uint64_t abstime_s, abstime_ns;
+ clock_interval_to_absolutetime_interval(ts->tv_sec, NSEC_PER_SEC, &abstime_s);
+ clock_interval_to_absolutetime_interval(ts->tv_nsec, 1, &abstime_ns);
+ return abstime_s + abstime_ns;
+}
+
+#if NETWORKING
+/*
+ * ratecheck(): simple time-based rate-limit checking.
+ */
+int
+ratecheck(struct timeval *lasttime, const struct timeval *mininterval)
+{
+ struct timeval tv, delta;
+ int rv = 0;
+
+ net_uptime2timeval(&tv);
+ delta = tv;
+ timevalsub(&delta, lasttime);
+
+ /*
+ * check for 0,0 is so that the message will be seen at least once,
+ * even if interval is huge.
+ */
+ if (timevalcmp(&delta, mininterval, >=) ||
+ (lasttime->tv_sec == 0 && lasttime->tv_usec == 0)) {
+ *lasttime = tv;
+ rv = 1;
+ }
+
+ return rv;
+}
+
+/*
+ * ppsratecheck(): packets (or events) per second limitation.
+ */
+int
+ppsratecheck(struct timeval *lasttime, int *curpps, int maxpps)
+{
+ struct timeval tv, delta;
+ int rv;
+
+ net_uptime2timeval(&tv);
+
+ timersub(&tv, lasttime, &delta);
+
+ /*
+ * Check for 0,0 so that the message will be seen at least once.
+ * If more than one second has passed since the last update of
+ * lasttime, reset the counter.
+ *
+ * we do increment *curpps even in *curpps < maxpps case, as some may
+ * try to use *curpps for stat purposes as well.
+ */
+ if ((lasttime->tv_sec == 0 && lasttime->tv_usec == 0) ||
+ delta.tv_sec >= 1) {
+ *lasttime = tv;
+ *curpps = 0;
+ rv = 1;
+ } else if (maxpps < 0) {
+ rv = 1;
+ } else if (*curpps < maxpps) {
+ rv = 1;
+ } else {
+ rv = 0;
+ }
+
+#if 1 /* DIAGNOSTIC? */
+ /* be careful about wrap-around */
+ if (*curpps + 1 > 0) {
+ *curpps = *curpps + 1;
+ }
+#else
+ /*
+ * assume that there's not too many calls to this function.
+ * not sure if the assumption holds, as it depends on *caller's*
+ * behavior, not the behavior of this function.
+ * IMHO it is wrong to make assumption on the caller's behavior,
+ * so the above #if is #if 1, not #ifdef DIAGNOSTIC.
+ */
+ *curpps = *curpps + 1;
+#endif
+
+ return rv;
+}
+#endif /* NETWORKING */
+
+void
+time_zone_slock_init(void)
+{
+ /* allocate lock group attribute and group */
+ tz_slock_grp_attr = lck_grp_attr_alloc_init();
+
+ tz_slock_grp = lck_grp_alloc_init("tzlock", tz_slock_grp_attr);
+
+ /* Allocate lock attribute */
+ tz_slock_attr = lck_attr_alloc_init();
+
+ /* Allocate the spin lock */
+ tz_slock = lck_spin_alloc_init(tz_slock_grp, tz_slock_attr);
+}
+
+int
+__mach_bridge_remote_time(__unused struct proc *p, struct __mach_bridge_remote_time_args *mbrt_args, uint64_t *retval)
+{
+ *retval = mach_bridge_remote_time(mbrt_args->local_timestamp);
+ return 0;
}