2 * Copyright (c) 1982, 1986, 1989, 1993
3 * The Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the University of
16 * California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * @(#)kern_time.c 8.1 (Berkeley) 6/10/93
34 * $FreeBSD: src/sys/kern/kern_time.c,v 1.68.2.1 2002/10/01 08:00:41 bde Exp $
35 * $DragonFly: src/sys/kern/kern_time.c,v 1.23 2005/04/22 10:12:26 joerg Exp $
38 #include <sys/param.h>
39 #include <sys/systm.h>
41 #include <sys/sysproto.h>
42 #include <sys/resourcevar.h>
43 #include <sys/signalvar.h>
44 #include <sys/kernel.h>
45 #include <sys/systm.h>
46 #include <sys/sysent.h>
47 #include <sys/sysunion.h>
50 #include <sys/vnode.h>
51 #include <sys/sysctl.h>
53 #include <vm/vm_extern.h>
54 #include <sys/msgport2.h>
55 #include <sys/thread2.h>
60 * Time of day and interval timer support.
62 * These routines provide the kernel entry points to get and set
63 * the time-of-day and per-process interval timers. Subroutines
64 * here provide support for adding and subtracting timeval structures
65 * and decrementing interval timers, optionally reloading the interval
66 * timers when they expire.
69 static int nanosleep1 (struct timespec *rqt,
70 struct timespec *rmt);
71 static int settime (struct timeval *);
72 static void timevalfix (struct timeval *);
73 static void no_lease_updatetime (int);
75 static int sleep_hard_us = 100;
76 SYSCTL_INT(_kern, OID_AUTO, sleep_hard_us, CTLFLAG_RW, &sleep_hard_us, 0, "")
79 no_lease_updatetime(deltat)
84 void (*lease_updatetime) (int) = no_lease_updatetime;
90 struct timeval delta, tv1, tv2;
91 static struct timeval maxtime, laststep;
95 if ((origcpu = mycpu->gd_cpuid) != 0) {
96 lwkt_setcpu_self(globaldata_find(0));
103 timevalsub(&delta, &tv1);
106 * If the system is secure, we do not allow the time to be
107 * set to a value earlier than 1 second less than the highest
108 * time we have yet seen. The worst a miscreant can do in
109 * this circumstance is "freeze" time. He couldn't go
112 * We similarly do not allow the clock to be stepped more
113 * than one second, nor more than once per second. This allows
114 * a miscreant to make the clock march double-time, but no worse.
116 if (securelevel > 1) {
117 if (delta.tv_sec < 0 || delta.tv_usec < 0) {
119 * Update maxtime to latest time we've seen.
121 if (tv1.tv_sec > maxtime.tv_sec)
124 timevalsub(&tv2, &maxtime);
125 if (tv2.tv_sec < -1) {
126 tv->tv_sec = maxtime.tv_sec - 1;
127 printf("Time adjustment clamped to -1 second\n");
130 if (tv1.tv_sec == laststep.tv_sec) {
134 if (delta.tv_sec > 1) {
135 tv->tv_sec = tv1.tv_sec + 1;
136 printf("Time adjustment clamped to +1 second\n");
142 ts.tv_sec = tv->tv_sec;
143 ts.tv_nsec = tv->tv_usec * 1000;
145 lease_updatetime(delta.tv_sec);
149 lwkt_setcpu_self(globaldata_find(origcpu));
159 clock_gettime(struct clock_gettime_args *uap)
163 switch(uap->clock_id) {
166 return (copyout(&ats, uap->tp, sizeof(ats)));
167 case CLOCK_MONOTONIC:
169 return (copyout(&ats, uap->tp, sizeof(ats)));
177 clock_settime(struct clock_settime_args *uap)
179 struct thread *td = curthread;
184 if ((error = suser(td)) != 0)
186 switch(uap->clock_id) {
188 if ((error = copyin(uap->tp, &ats, sizeof(ats))) != 0)
190 if (ats.tv_nsec < 0 || ats.tv_nsec >= 1000000000)
192 /* XXX Don't convert nsec->usec and back */
193 TIMESPEC_TO_TIMEVAL(&atv, &ats);
194 error = settime(&atv);
202 clock_getres(struct clock_getres_args *uap)
206 switch(uap->clock_id) {
208 case CLOCK_MONOTONIC:
210 * Round up the result of the division cheaply
211 * by adding 1. Rounding up is especially important
212 * if rounding down would give 0. Perfect rounding
216 ts.tv_nsec = 1000000000 / cputimer_freq + 1;
217 return(copyout(&ts, uap->tp, sizeof(ts)));
226 * This is a general helper function for nanosleep() (aka sleep() aka
229 * If there is less then one tick's worth of time left and
230 * we haven't done a yield, or the remaining microseconds is
231 * ridiculously low, do a yield. This avoids having
232 * to deal with systimer overheads when the system is under
233 * heavy loads. If we have done a yield already then use
234 * a systimer and an uninterruptable thread wait.
236 * If there is more then a tick's worth of time left,
237 * calculate the baseline ticks and use an interruptable
238 * tsleep, then handle the fine-grained delay on the next
239 * loop. This usually results in two sleeps occuring, a long one
243 ns1_systimer(systimer_t info)
245 lwkt_schedule(info->data);
249 nanosleep1(struct timespec *rqt, struct timespec *rmt)
252 struct timespec ts, ts2, ts3;
257 if (rqt->tv_nsec < 0 || rqt->tv_nsec >= 1000000000)
259 if (rqt->tv_sec < 0 || (rqt->tv_sec == 0 && rqt->tv_nsec == 0))
262 timespecadd(&ts, rqt); /* ts = target timestamp compare */
263 TIMESPEC_TO_TIMEVAL(&tv, rqt); /* tv = sleep interval */
268 struct systimer info;
270 ticks = tv.tv_usec / tick; /* approximate */
272 if (tv.tv_sec == 0 && ticks == 0) {
273 thread_t td = curthread;
274 if (tried_yield || tv.tv_usec < sleep_hard_us) {
278 crit_enter_quick(td);
279 systimer_init_oneshot(&info, ns1_systimer,
281 lwkt_deschedule_self(td);
284 systimer_del(&info); /* make sure it's gone */
286 error = iscaught(td->td_proc);
287 } else if (tv.tv_sec == 0) {
288 error = tsleep(&nanowait, PCATCH, "nanslp", ticks);
290 ticks = tvtohz_low(&tv); /* also handles overflow */
291 error = tsleep(&nanowait, PCATCH, "nanslp", ticks);
294 if (error && error != EWOULDBLOCK) {
295 if (error == ERESTART)
298 timespecsub(&ts, &ts2);
305 if (timespeccmp(&ts2, &ts, >=))
308 timespecsub(&ts3, &ts2);
309 TIMESPEC_TO_TIMEVAL(&tv, &ts3);
313 static void nanosleep_done(void *arg);
314 static void nanosleep_copyout(union sysunion *sysun);
318 nanosleep(struct nanosleep_args *uap)
321 struct sysmsg_sleep *smsleep = &uap->sysmsg.sm.sleep;
323 error = copyin(uap->rqtp, &smsleep->rqt, sizeof(smsleep->rqt));
327 * YYY clean this up to always use the callout, note that an abort
328 * implementation should record the residual in the async case.
330 if (uap->sysmsg.lmsg.ms_flags & MSGF_ASYNC) {
333 ticks = (quad_t)smsleep->rqt.tv_nsec * hz / 1000000000LL;
334 if (smsleep->rqt.tv_sec)
335 ticks += (quad_t)smsleep->rqt.tv_sec * hz;
342 uap->sysmsg.copyout = nanosleep_copyout;
343 uap->sysmsg.lmsg.ms_flags &= ~MSGF_DONE;
344 callout_init(&smsleep->timer);
345 callout_reset(&smsleep->timer, ticks, nanosleep_done, uap);
350 * Old synchronous sleep code, copyout the residual if
351 * nanosleep was interrupted.
353 error = nanosleep1(&smsleep->rqt, &smsleep->rmt);
354 if (error && uap->rmtp)
355 error = copyout(&smsleep->rmt, uap->rmtp, sizeof(smsleep->rmt));
361 * Asynch completion for the nanosleep() syscall. This function may be
362 * called from any context and cannot legally access the originating
363 * thread, proc, or its user space.
365 * YYY change the callout interface API so we can simply assign the replymsg
366 * function to it directly.
369 nanosleep_done(void *arg)
371 struct nanosleep_args *uap = arg;
372 lwkt_msg_t msg = &uap->sysmsg.lmsg;
374 lwkt_replymsg(msg, 0);
378 * Asynch return for the nanosleep() syscall, called in the context of the
379 * originating thread when it pulls the message off the reply port. This
380 * function is responsible for any copyouts to userland. Kernel threads
381 * which do their own internal system calls will not usually call the return
385 nanosleep_copyout(union sysunion *sysun)
387 struct nanosleep_args *uap = &sysun->nanosleep;
388 struct sysmsg_sleep *smsleep = &uap->sysmsg.sm.sleep;
390 if (sysun->lmsg.ms_error && uap->rmtp) {
391 sysun->lmsg.ms_error =
392 copyout(&smsleep->rmt, uap->rmtp, sizeof(smsleep->rmt));
398 gettimeofday(struct gettimeofday_args *uap)
405 if ((error = copyout((caddr_t)&atv, (caddr_t)uap->tp,
410 error = copyout((caddr_t)&tz, (caddr_t)uap->tzp,
417 settimeofday(struct settimeofday_args *uap)
419 struct thread *td = curthread;
424 if ((error = suser(td)))
426 /* Verify all parameters before changing time. */
428 if ((error = copyin((caddr_t)uap->tv, (caddr_t)&atv,
431 if (atv.tv_usec < 0 || atv.tv_usec >= 1000000)
435 (error = copyin((caddr_t)uap->tzp, (caddr_t)&atz, sizeof(atz))))
437 if (uap->tv && (error = settime(&atv)))
445 kern_adjtime_common(void)
447 if ((ntp_delta >= 0 && ntp_delta < ntp_default_tick_delta) ||
448 (ntp_delta < 0 && ntp_delta > ntp_default_tick_delta))
449 ntp_tick_delta = ntp_delta;
450 else if (ntp_delta > ntp_big_delta)
451 ntp_tick_delta = 10 * ntp_default_tick_delta;
452 else if (ntp_delta < -ntp_big_delta)
453 ntp_tick_delta = -10 * ntp_default_tick_delta;
454 else if (ntp_delta > 0)
455 ntp_tick_delta = ntp_default_tick_delta;
457 ntp_tick_delta = -ntp_default_tick_delta;
461 kern_adjtime(int64_t delta, int64_t *odelta)
465 if ((origcpu = mycpu->gd_cpuid) != 0) {
466 lwkt_setcpu_self(globaldata_find(0));
473 kern_adjtime_common();
477 lwkt_setcpu_self(globaldata_find(origcpu));
483 kern_reladjtime(int64_t delta)
487 if ((origcpu = mycpu->gd_cpuid) != 0) {
488 lwkt_setcpu_self(globaldata_find(0));
494 kern_adjtime_common();
498 lwkt_setcpu_self(globaldata_find(origcpu));
504 kern_adjfreq(int64_t rate)
508 if ((origcpu = mycpu->gd_cpuid) != 0) {
509 lwkt_setcpu_self(globaldata_find(0));
514 ntp_tick_permanent = rate;
518 lwkt_setcpu_self(globaldata_find(origcpu));
525 adjtime(struct adjtime_args *uap)
527 struct thread *td = curthread;
529 int64_t ndelta, odelta;
532 if ((error = suser(td)))
535 copyin((caddr_t)uap->delta, (caddr_t)&atv, sizeof(struct timeval))))
539 * Compute the total correction and the rate at which to apply it.
540 * Round the adjustment down to a whole multiple of the per-tick
541 * delta, so that after some number of incremental changes in
542 * hardclock(), tickdelta will become zero, lest the correction
543 * overshoot and start taking us away from the desired final time.
545 ndelta = atv.tv_sec * 1000000000 + atv.tv_usec * 1000;
546 kern_adjtime(ndelta, &odelta);
549 atv.tv_sec = odelta / 1000000000;
550 atv.tv_usec = odelta % 1000000 / 1000;
551 (void) copyout((caddr_t)&atv, (caddr_t)uap->olddelta,
552 sizeof(struct timeval));
558 sysctl_adjtime(SYSCTL_HANDLER_ARGS)
563 if (req->oldptr != NULL) {
565 error = SYSCTL_OUT(req, &delta, sizeof(delta));
569 if (req->newptr != NULL) {
570 if (suser(curthread))
572 error = SYSCTL_IN(req, &delta, sizeof(delta));
575 kern_reladjtime(delta);
581 sysctl_adjfreq(SYSCTL_HANDLER_ARGS)
586 if (req->oldptr != NULL) {
587 freqdelta = ntp_tick_permanent * hz;
588 error = SYSCTL_OUT(req, &freqdelta, sizeof(freqdelta));
592 if (req->newptr != NULL) {
593 if (suser(curthread))
595 error = SYSCTL_IN(req, &freqdelta, sizeof(freqdelta));
600 kern_adjfreq(freqdelta);
605 SYSCTL_NODE(_kern, OID_AUTO, ntp, CTLFLAG_RW, 0, "NTP related controls");
606 SYSCTL_PROC(_kern_ntp, OID_AUTO, permanent,
607 CTLTYPE_OPAQUE|CTLFLAG_RW, 0, 0,
608 sysctl_adjfreq, "LU", "permanent correction per second");
609 SYSCTL_OPAQUE(_kern_ntp, OID_AUTO, delta, CTLFLAG_RD,
610 &ntp_delta, sizeof(ntp_delta), "LU",
612 SYSCTL_OPAQUE(_kern_ntp, OID_AUTO, big_delta, CTLFLAG_RD,
613 &ntp_big_delta, sizeof(ntp_big_delta), "LU",
614 "threshold for fast adjustment");
615 SYSCTL_OPAQUE(_kern_ntp, OID_AUTO, tick_delta, CTLFLAG_RD,
616 &ntp_tick_delta, sizeof(ntp_tick_delta), "LU",
617 "per-tick adjustment");
618 SYSCTL_OPAQUE(_kern_ntp, OID_AUTO, default_tick_delta, CTLFLAG_RD,
619 &ntp_default_tick_delta, sizeof(ntp_default_tick_delta), "LU",
620 "default per-tick adjustment");
621 SYSCTL_OPAQUE(_kern_ntp, OID_AUTO, next_leap_second, CTLFLAG_RW,
622 &ntp_leap_second, sizeof(ntp_leap_second), "LU",
624 SYSCTL_INT(_kern_ntp, OID_AUTO, insert_leap_second, CTLFLAG_RW,
625 &ntp_leap_insert, 0, "insert or remove leap second");
626 SYSCTL_PROC(_kern_ntp, OID_AUTO, adjust,
627 CTLTYPE_OPAQUE|CTLFLAG_RW, 0, 0,
628 sysctl_adjtime, "", "relative adjust for delta");
631 * Get value of an interval timer. The process virtual and
632 * profiling virtual time timers are kept in the p_stats area, since
633 * they can be swapped out. These are kept internally in the
634 * way they are specified externally: in time until they expire.
636 * The real time interval timer is kept in the process table slot
637 * for the process, and its value (it_value) is kept as an
638 * absolute time rather than as a delta, so that it is easy to keep
639 * periodic real-time signals from drifting.
641 * Virtual time timers are processed in the hardclock() routine of
642 * kern_clock.c. The real time timer is processed by a timeout
643 * routine, called from the softclock() routine. Since a callout
644 * may be delayed in real time due to interrupt processing in the system,
645 * it is possible for the real time timeout routine (realitexpire, given below),
646 * to be delayed in real time past when it is supposed to occur. It
647 * does not suffice, therefore, to reload the real timer .it_value from the
648 * real time timers .it_interval. Rather, we compute the next time in
649 * absolute time the timer should go off.
653 getitimer(struct getitimer_args *uap)
655 struct proc *p = curproc;
657 struct itimerval aitv;
659 if (uap->which > ITIMER_PROF)
662 if (uap->which == ITIMER_REAL) {
664 * Convert from absolute to relative time in .it_value
665 * part of real time timer. If time for real time timer
666 * has passed return 0, else return difference between
667 * current time and time for the timer to go off.
669 aitv = p->p_realtimer;
670 if (timevalisset(&aitv.it_value)) {
671 getmicrouptime(&ctv);
672 if (timevalcmp(&aitv.it_value, &ctv, <))
673 timevalclear(&aitv.it_value);
675 timevalsub(&aitv.it_value, &ctv);
678 aitv = p->p_stats->p_timer[uap->which];
681 return (copyout((caddr_t)&aitv, (caddr_t)uap->itv,
682 sizeof (struct itimerval)));
687 setitimer(struct setitimer_args *uap)
689 struct itimerval aitv;
691 struct itimerval *itvp;
692 struct proc *p = curproc;
695 if (uap->which > ITIMER_PROF)
698 if (itvp && (error = copyin((caddr_t)itvp, (caddr_t)&aitv,
699 sizeof(struct itimerval))))
701 if ((uap->itv = uap->oitv) &&
702 (error = getitimer((struct getitimer_args *)uap)))
706 if (itimerfix(&aitv.it_value))
708 if (!timevalisset(&aitv.it_value))
709 timevalclear(&aitv.it_interval);
710 else if (itimerfix(&aitv.it_interval))
713 if (uap->which == ITIMER_REAL) {
714 if (timevalisset(&p->p_realtimer.it_value))
715 callout_stop(&p->p_ithandle);
716 if (timevalisset(&aitv.it_value))
717 callout_reset(&p->p_ithandle,
718 tvtohz_high(&aitv.it_value), realitexpire, p);
719 getmicrouptime(&ctv);
720 timevaladd(&aitv.it_value, &ctv);
721 p->p_realtimer = aitv;
723 p->p_stats->p_timer[uap->which] = aitv;
730 * Real interval timer expired:
731 * send process whose timer expired an alarm signal.
732 * If time is not set up to reload, then just return.
733 * Else compute next time timer should go off which is > current time.
734 * This is where delay in processing this timeout causes multiple
735 * SIGALRM calls to be compressed into one.
736 * tvtohz_high() always adds 1 to allow for the time until the next clock
737 * interrupt being strictly less than 1 clock tick, but we don't want
738 * that here since we want to appear to be in sync with the clock
739 * interrupt even when we're delayed.
746 struct timeval ctv, ntv;
748 p = (struct proc *)arg;
750 if (!timevalisset(&p->p_realtimer.it_interval)) {
751 timevalclear(&p->p_realtimer.it_value);
756 timevaladd(&p->p_realtimer.it_value,
757 &p->p_realtimer.it_interval);
758 getmicrouptime(&ctv);
759 if (timevalcmp(&p->p_realtimer.it_value, &ctv, >)) {
760 ntv = p->p_realtimer.it_value;
761 timevalsub(&ntv, &ctv);
762 callout_reset(&p->p_ithandle, tvtohz_low(&ntv),
772 * Check that a proposed value to load into the .it_value or
773 * .it_interval part of an interval timer is acceptable, and
774 * fix it to have at least minimal value (i.e. if it is less
775 * than the resolution of the clock, round it up.)
782 if (tv->tv_sec < 0 || tv->tv_sec > 100000000 ||
783 tv->tv_usec < 0 || tv->tv_usec >= 1000000)
785 if (tv->tv_sec == 0 && tv->tv_usec != 0 && tv->tv_usec < tick)
791 * Decrement an interval timer by a specified number
792 * of microseconds, which must be less than a second,
793 * i.e. < 1000000. If the timer expires, then reload
794 * it. In this case, carry over (usec - old value) to
795 * reduce the value reloaded into the timer so that
796 * the timer does not drift. This routine assumes
797 * that it is called in a context where the timers
798 * on which it is operating cannot change in value.
801 itimerdecr(itp, usec)
802 struct itimerval *itp;
806 if (itp->it_value.tv_usec < usec) {
807 if (itp->it_value.tv_sec == 0) {
808 /* expired, and already in next interval */
809 usec -= itp->it_value.tv_usec;
812 itp->it_value.tv_usec += 1000000;
813 itp->it_value.tv_sec--;
815 itp->it_value.tv_usec -= usec;
817 if (timevalisset(&itp->it_value))
819 /* expired, exactly at end of interval */
821 if (timevalisset(&itp->it_interval)) {
822 itp->it_value = itp->it_interval;
823 itp->it_value.tv_usec -= usec;
824 if (itp->it_value.tv_usec < 0) {
825 itp->it_value.tv_usec += 1000000;
826 itp->it_value.tv_sec--;
829 itp->it_value.tv_usec = 0; /* sec is already 0 */
834 * Add and subtract routines for timevals.
835 * N.B.: subtract routine doesn't deal with
836 * results which are before the beginning,
837 * it just gets very confused in this case.
842 struct timeval *t1, *t2;
845 t1->tv_sec += t2->tv_sec;
846 t1->tv_usec += t2->tv_usec;
852 struct timeval *t1, *t2;
855 t1->tv_sec -= t2->tv_sec;
856 t1->tv_usec -= t2->tv_usec;
865 if (t1->tv_usec < 0) {
867 t1->tv_usec += 1000000;
869 if (t1->tv_usec >= 1000000) {
871 t1->tv_usec -= 1000000;
876 * ratecheck(): simple time-based rate-limit checking.
879 ratecheck(struct timeval *lasttime, const struct timeval *mininterval)
881 struct timeval tv, delta;
884 getmicrouptime(&tv); /* NB: 10ms precision */
886 timevalsub(&delta, lasttime);
889 * check for 0,0 is so that the message will be seen at least once,
890 * even if interval is huge.
892 if (timevalcmp(&delta, mininterval, >=) ||
893 (lasttime->tv_sec == 0 && lasttime->tv_usec == 0)) {
902 * ppsratecheck(): packets (or events) per second limitation.
904 * Return 0 if the limit is to be enforced (e.g. the caller
905 * should drop a packet because of the rate limitation).
907 * maxpps of 0 always causes zero to be returned. maxpps of -1
908 * always causes 1 to be returned; this effectively defeats rate
911 * Note that we maintain the struct timeval for compatibility
912 * with other bsd systems. We reuse the storage and just monitor
913 * clock ticks for minimal overhead.
916 ppsratecheck(struct timeval *lasttime, int *curpps, int maxpps)
921 * Reset the last time and counter if this is the first call
922 * or more than a second has passed since the last update of
926 if (lasttime->tv_sec == 0 || (u_int)(now - lasttime->tv_sec) >= hz) {
927 lasttime->tv_sec = now;
929 return (maxpps != 0);
931 (*curpps)++; /* NB: ignore potential overflow */
932 return (maxpps < 0 || *curpps < maxpps);