X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/39236c6e673c41db228275375ab7fdb0f837b292..d9a64523371fa019c4575bb400cbbc3a50ac9903:/bsd/kern/kern_time.c diff --git a/bsd/kern/kern_time.c b/bsd/kern/kern_time.c index cfbd3c99f..ba2e6c990 100644 --- a/bsd/kern/kern_time.c +++ b/bsd/kern/kern_time.c @@ -88,6 +88,8 @@ #if CONFIG_MACF #include #endif +#include +#include #define HZ 100 /* XXX */ @@ -101,8 +103,9 @@ static void setthetime( struct timeval *tv); void time_zone_slock_init(void); +static boolean_t timeval_fixusec(struct timeval *t1); -/* +/* * Time of day and interval timer support. * * These routines provide the kernel entry points to get and set @@ -114,31 +117,51 @@ void time_zone_slock_init(void); /* ARGSUSED */ int gettimeofday( -__unused struct proc *p, - struct gettimeofday_args *uap, - int32_t *retval) + struct proc *p, + struct gettimeofday_args *uap, + __unused int32_t *retval) { int error = 0; struct timezone ltz; /* local copy */ + clock_sec_t secs; + clock_usec_t usecs; + uint64_t mach_time; - if (uap->tp) { - clock_sec_t secs; - clock_usec_t usecs; + if (uap->tp || uap->mach_absolute_time) { + clock_gettimeofday_and_absolute_time(&secs, &usecs, &mach_time); + } - clock_gettimeofday(&secs, &usecs); - retval[0] = secs; - retval[1] = usecs; + if (uap->tp) { + /* Casting secs through a uint32_t to match arm64 commpage */ + if (IS_64BIT_PROCESS(p)) { + struct user64_timeval user_atv = {}; + user_atv.tv_sec = (uint32_t)secs; + user_atv.tv_usec = usecs; + error = copyout(&user_atv, uap->tp, sizeof(user_atv)); + } else { + struct user32_timeval user_atv = {}; + user_atv.tv_sec = (uint32_t)secs; + user_atv.tv_usec = usecs; + error = copyout(&user_atv, uap->tp, sizeof(user_atv)); + } + if (error) { + return error; + } } - + if (uap->tzp) { lck_spin_lock(tz_slock); ltz = tz; lck_spin_unlock(tz_slock); - error = copyout((caddr_t)<z, CAST_USER_ADDR_T(uap->tzp), sizeof (tz)); + error = copyout((caddr_t)<z, CAST_USER_ADDR_T(uap->tzp), sizeof(tz)); + } + + if (error == 0 && uap->mach_absolute_time) { + error = copyout(&mach_time, uap->mach_absolute_time, sizeof(mach_time)); } - return (error); + return error; } /* @@ -154,13 +177,20 @@ settimeofday(__unused struct proc *p, struct settimeofday_args *uap, __unused i bzero(&atv, sizeof(atv)); + /* Check that this task is entitled to set the time or it is root */ + if (!IOTaskHasEntitlement(current_task(), SETTIME_ENTITLEMENT)) { + #if CONFIG_MACF - error = mac_system_check_settime(kauth_cred_get()); - if (error) - return (error); + error = mac_system_check_settime(kauth_cred_get()); + if (error) + return (error); #endif - if ((error = suser(kauth_cred_get(), &p->p_acflag))) - return (error); +#ifndef CONFIG_EMBEDDED + if ((error = suser(kauth_cred_get(), &p->p_acflag))) + return (error); +#endif + } + /* Verify all parameters before changing time */ if (uap->tv) { if (IS_64BIT_PROCESS(p)) { @@ -180,8 +210,10 @@ settimeofday(__unused struct proc *p, struct settimeofday_args *uap, __unused i if (uap->tzp && (error = copyin(uap->tzp, (caddr_t)&atz, sizeof(atz)))) return (error); if (uap->tv) { - timevalfix(&atv); - if (atv.tv_sec < 0 || (atv.tv_sec == 0 && atv.tv_usec < 0)) + /* only positive values of sec/usec are accepted */ + if (atv.tv_sec < 0 || atv.tv_usec < 0) + return (EPERM); + if (!timeval_fixusec(&atv)) return (EPERM); setthetime(&atv); } @@ -200,59 +232,6 @@ setthetime( clock_set_calendar_microtime(tv->tv_sec, tv->tv_usec); } -/* - * XXX Y2038 bug because of clock_adjtime() first argument - */ -/* ARGSUSED */ -int -adjtime(struct proc *p, struct adjtime_args *uap, __unused int32_t *retval) -{ - struct timeval atv; - int error; - -#if CONFIG_MACF - error = mac_system_check_settime(kauth_cred_get()); - if (error) - return (error); -#endif - if ((error = priv_check_cred(kauth_cred_get(), PRIV_ADJTIME, 0))) - return (error); - if (IS_64BIT_PROCESS(p)) { - struct user64_timeval user_atv; - error = copyin(uap->delta, &user_atv, sizeof(user_atv)); - atv.tv_sec = user_atv.tv_sec; - atv.tv_usec = user_atv.tv_usec; - } else { - struct user32_timeval user_atv; - error = copyin(uap->delta, &user_atv, sizeof(user_atv)); - atv.tv_sec = user_atv.tv_sec; - atv.tv_usec = user_atv.tv_usec; - } - if (error) - return (error); - - /* - * Compute the total correction and the rate at which to apply it. - */ - clock_adjtime(&atv.tv_sec, &atv.tv_usec); - - if (uap->olddelta) { - if (IS_64BIT_PROCESS(p)) { - struct user64_timeval user_atv; - user_atv.tv_sec = atv.tv_sec; - user_atv.tv_usec = atv.tv_usec; - error = copyout(&user_atv, uap->olddelta, sizeof(user_atv)); - } else { - struct user32_timeval user_atv; - user_atv.tv_sec = atv.tv_sec; - user_atv.tv_usec = atv.tv_usec; - error = copyout(&user_atv, uap->olddelta, sizeof(user_atv)); - } - } - - return (0); -} - /* * Verify the calendar value. If negative, * reset to zero (the epoch). @@ -292,6 +271,18 @@ boottime_sec(void) return (secs); } +void +boottime_timeval(struct timeval *tv) +{ + clock_sec_t secs; + clock_usec_t microsecs; + + clock_get_boottime_microtime(&secs, µsecs); + + tv->tv_sec = secs; + tv->tv_usec = microsecs; +} + /* * Get value of an interval timer. The process virtual and * profiling virtual time timers are kept internally in the @@ -363,6 +354,7 @@ getitimer(struct proc *p, struct getitimer_args *uap, __unused int32_t *retval) if (IS_64BIT_PROCESS(p)) { struct user64_itimerval user_itv; + bzero(&user_itv, sizeof (user_itv)); user_itv.it_interval.tv_sec = aitv.it_interval.tv_sec; user_itv.it_interval.tv_usec = aitv.it_interval.tv_usec; user_itv.it_value.tv_sec = aitv.it_value.tv_sec; @@ -370,6 +362,7 @@ getitimer(struct proc *p, struct getitimer_args *uap, __unused int32_t *retval) return (copyout((caddr_t)&user_itv, uap->itv, sizeof (user_itv))); } else { struct user32_itimerval user_itv; + bzero(&user_itv, sizeof (user_itv)); user_itv.it_interval.tv_sec = aitv.it_interval.tv_sec; user_itv.it_interval.tv_usec = aitv.it_interval.tv_usec; user_itv.it_value.tv_sec = aitv.it_value.tv_sec; @@ -481,24 +474,34 @@ setitimer(struct proc *p, struct setitimer_args *uap, int32_t *retval) */ void realitexpire( - struct proc *p) + struct proc *p) { struct proc *r; - struct timeval t; + struct timeval t; r = proc_find(p->p_pid); proc_spinlock(p); + assert(p->p_ractive > 0); + if (--p->p_ractive > 0 || r != p) { + /* + * bail, because either proc is exiting + * or there's another active thread call + */ proc_spinunlock(p); if (r != NULL) proc_rele(r); return; } - + if (!timerisset(&p->p_realtimer.it_interval)) { + /* + * p_realtimer was cleared while this call was pending, + * send one last SIGALRM, but don't re-arm + */ timerclear(&p->p_rtime); proc_spinunlock(p); @@ -507,8 +510,29 @@ realitexpire( return; } + proc_spinunlock(p); + + /* + * Send the signal before re-arming the next thread call, + * so in case psignal blocks, we won't create yet another thread call. + */ + + psignal(p, SIGALRM); + + proc_spinlock(p); + + /* Should we still re-arm the next thread call? */ + if (!timerisset(&p->p_realtimer.it_interval)) { + timerclear(&p->p_rtime); + proc_spinunlock(p); + + proc_rele(p); + return; + } + microuptime(&t); timevaladd(&p->p_rtime, &p->p_realtimer.it_interval); + if (timercmp(&p->p_rtime, &t, <=)) { if ((p->p_rtime.tv_sec + 2) >= t.tv_sec) { for (;;) { @@ -516,21 +540,62 @@ realitexpire( if (timercmp(&p->p_rtime, &t, >)) break; } - } - else { + } else { p->p_rtime = p->p_realtimer.it_interval; timevaladd(&p->p_rtime, &t); } } - if (!thread_call_enter_delayed(p->p_rcall, tvtoabstime(&p->p_rtime))) + assert(p->p_rcall != NULL); + + if (!thread_call_enter_delayed_with_leeway(p->p_rcall, NULL, tvtoabstime(&p->p_rtime), 0, + THREAD_CALL_DELAY_USER_NORMAL)) { p->p_ractive++; + } + proc_spinunlock(p); - psignal(p, SIGALRM); proc_rele(p); } +/* + * Called once in proc_exit to clean up after an armed or pending realitexpire + * + * This will only be called after the proc refcount is drained, + * so realitexpire cannot be currently holding a proc ref. + * i.e. it will/has gotten PROC_NULL from proc_find. + */ +void +proc_free_realitimer(proc_t p) +{ + proc_spinlock(p); + + assert(p->p_rcall != NULL); + assert(p->p_refcount == 0); + + timerclear(&p->p_realtimer.it_interval); + + if (thread_call_cancel(p->p_rcall)) { + assert(p->p_ractive > 0); + p->p_ractive--; + } + + while (p->p_ractive > 0) { + proc_spinunlock(p); + + delay(1); + + proc_spinlock(p); + } + + thread_call_t call = p->p_rcall; + p->p_rcall = NULL; + + proc_spinunlock(p); + + thread_call_free(call); +} + /* * Check that a proposed value to load into the .it_value or * .it_interval part of an interval timer is acceptable. @@ -546,6 +611,18 @@ itimerfix( return (0); } +int +timespec_is_valid(const struct timespec *ts) +{ + /* The INT32_MAX limit ensures the timespec is safe for clock_*() functions + * which accept 32-bit ints. */ + if (ts->tv_sec < 0 || ts->tv_sec > INT32_MAX || + ts->tv_nsec < 0 || (unsigned long long)ts->tv_nsec > NSEC_PER_SEC) { + return 0; + } + return 1; +} + /* * Decrement an interval timer by a specified number * of microseconds, which must be less than a second, @@ -637,6 +714,22 @@ timevalfix( } } +static boolean_t +timeval_fixusec( + struct timeval *t1) +{ + assert(t1->tv_usec >= 0); + assert(t1->tv_sec >= 0); + + if (t1->tv_usec >= 1000000) { + if (os_add_overflow(t1->tv_sec, t1->tv_usec / 1000000, &t1->tv_sec)) + return FALSE; + t1->tv_usec = t1->tv_usec % 1000000; + } + + return TRUE; +} + /* * Return the best possible estimate of the time in the timeval * to which tvp points. @@ -723,6 +816,15 @@ tvtoabstime( return (result + usresult); } +uint64_t +tstoabstime(struct timespec *ts) +{ + uint64_t abstime_s, abstime_ns; + clock_interval_to_absolutetime_interval(ts->tv_sec, NSEC_PER_SEC, &abstime_s); + clock_interval_to_absolutetime_interval(ts->tv_nsec, 1, &abstime_ns); + return abstime_s + abstime_ns; +} + #if NETWORKING /* * ratecheck(): simple time-based rate-limit checking. @@ -816,3 +918,4 @@ time_zone_slock_init(void) /* Allocate the spin lock */ tz_slock = lck_spin_alloc_init(tz_slock_grp, tz_slock_attr); } +