1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Implement CPU time clocks for the POSIX clock interface. 4 */ 5 6 #include <linux/sched/signal.h> 7 #include <linux/sched/cputime.h> 8 #include <linux/posix-timers.h> 9 #include <linux/errno.h> 10 #include <linux/math64.h> 11 #include <linux/uaccess.h> 12 #include <linux/kernel_stat.h> 13 #include <trace/events/timer.h> 14 #include <linux/tick.h> 15 #include <linux/workqueue.h> 16 #include <linux/compat.h> 17 #include <linux/sched/deadline.h> 18 19 #include "posix-timers.h" 20 21 static void posix_cpu_timer_rearm(struct k_itimer *timer); 22 23 void posix_cputimers_group_init(struct posix_cputimers *pct, u64 cpu_limit) 24 { 25 posix_cputimers_init(pct); 26 if (cpu_limit != RLIM_INFINITY) { 27 pct->bases[CPUCLOCK_PROF].nextevt = cpu_limit * NSEC_PER_SEC; 28 pct->timers_active = true; 29 } 30 } 31 32 /* 33 * Called after updating RLIMIT_CPU to run cpu timer and update 34 * tsk->signal->posix_cputimers.bases[clock].nextevt expiration cache if 35 * necessary. Needs siglock protection since other code may update the 36 * expiration cache as well. 37 */ 38 void update_rlimit_cpu(struct task_struct *task, unsigned long rlim_new) 39 { 40 u64 nsecs = rlim_new * NSEC_PER_SEC; 41 42 spin_lock_irq(&task->sighand->siglock); 43 set_process_cpu_timer(task, CPUCLOCK_PROF, &nsecs, NULL); 44 spin_unlock_irq(&task->sighand->siglock); 45 } 46 47 /* 48 * Functions for validating access to tasks. 49 */ 50 static struct pid *pid_for_clock(const clockid_t clock, bool gettime) 51 { 52 const bool thread = !!CPUCLOCK_PERTHREAD(clock); 53 const pid_t upid = CPUCLOCK_PID(clock); 54 struct pid *pid; 55 56 if (CPUCLOCK_WHICH(clock) >= CPUCLOCK_MAX) 57 return NULL; 58 59 /* 60 * If the encoded PID is 0, then the timer is targeted at current 61 * or the process to which current belongs. 62 */ 63 if (upid == 0) 64 return thread ? task_pid(current) : task_tgid(current); 65 66 pid = find_vpid(upid); 67 if (!pid) 68 return NULL; 69 70 if (thread) { 71 struct task_struct *tsk = pid_task(pid, PIDTYPE_PID); 72 return (tsk && same_thread_group(tsk, current)) ? pid : NULL; 73 } 74 75 /* 76 * For clock_gettime(PROCESS) allow finding the process by 77 * with the pid of the current task. The code needs the tgid 78 * of the process so that pid_task(pid, PIDTYPE_TGID) can be 79 * used to find the process. 80 */ 81 if (gettime && (pid == task_pid(current))) 82 return task_tgid(current); 83 84 /* 85 * For processes require that pid identifies a process. 86 */ 87 return pid_has_task(pid, PIDTYPE_TGID) ? pid : NULL; 88 } 89 90 static inline int validate_clock_permissions(const clockid_t clock) 91 { 92 int ret; 93 94 rcu_read_lock(); 95 ret = pid_for_clock(clock, false) ? 0 : -EINVAL; 96 rcu_read_unlock(); 97 98 return ret; 99 } 100 101 static inline enum pid_type clock_pid_type(const clockid_t clock) 102 { 103 return CPUCLOCK_PERTHREAD(clock) ? PIDTYPE_PID : PIDTYPE_TGID; 104 } 105 106 static inline struct task_struct *cpu_timer_task_rcu(struct k_itimer *timer) 107 { 108 return pid_task(timer->it.cpu.pid, clock_pid_type(timer->it_clock)); 109 } 110 111 /* 112 * Update expiry time from increment, and increase overrun count, 113 * given the current clock sample. 114 */ 115 static u64 bump_cpu_timer(struct k_itimer *timer, u64 now) 116 { 117 u64 delta, incr, expires = timer->it.cpu.node.expires; 118 int i; 119 120 if (!timer->it_interval) 121 return expires; 122 123 if (now < expires) 124 return expires; 125 126 incr = timer->it_interval; 127 delta = now + incr - expires; 128 129 /* Don't use (incr*2 < delta), incr*2 might overflow. */ 130 for (i = 0; incr < delta - incr; i++) 131 incr = incr << 1; 132 133 for (; i >= 0; incr >>= 1, i--) { 134 if (delta < incr) 135 continue; 136 137 timer->it.cpu.node.expires += incr; 138 timer->it_overrun += 1LL << i; 139 delta -= incr; 140 } 141 return timer->it.cpu.node.expires; 142 } 143 144 /* Check whether all cache entries contain U64_MAX, i.e. eternal expiry time */ 145 static inline bool expiry_cache_is_inactive(const struct posix_cputimers *pct) 146 { 147 return !(~pct->bases[CPUCLOCK_PROF].nextevt | 148 ~pct->bases[CPUCLOCK_VIRT].nextevt | 149 ~pct->bases[CPUCLOCK_SCHED].nextevt); 150 } 151 152 static int 153 posix_cpu_clock_getres(const clockid_t which_clock, struct timespec64 *tp) 154 { 155 int error = validate_clock_permissions(which_clock); 156 157 if (!error) { 158 tp->tv_sec = 0; 159 tp->tv_nsec = ((NSEC_PER_SEC + HZ - 1) / HZ); 160 if (CPUCLOCK_WHICH(which_clock) == CPUCLOCK_SCHED) { 161 /* 162 * If sched_clock is using a cycle counter, we 163 * don't have any idea of its true resolution 164 * exported, but it is much more than 1s/HZ. 165 */ 166 tp->tv_nsec = 1; 167 } 168 } 169 return error; 170 } 171 172 static int 173 posix_cpu_clock_set(const clockid_t clock, const struct timespec64 *tp) 174 { 175 int error = validate_clock_permissions(clock); 176 177 /* 178 * You can never reset a CPU clock, but we check for other errors 179 * in the call before failing with EPERM. 180 */ 181 return error ? : -EPERM; 182 } 183 184 /* 185 * Sample a per-thread clock for the given task. clkid is validated. 186 */ 187 static u64 cpu_clock_sample(const clockid_t clkid, struct task_struct *p) 188 { 189 u64 utime, stime; 190 191 if (clkid == CPUCLOCK_SCHED) 192 return task_sched_runtime(p); 193 194 task_cputime(p, &utime, &stime); 195 196 switch (clkid) { 197 case CPUCLOCK_PROF: 198 return utime + stime; 199 case CPUCLOCK_VIRT: 200 return utime; 201 default: 202 WARN_ON_ONCE(1); 203 } 204 return 0; 205 } 206 207 static inline void store_samples(u64 *samples, u64 stime, u64 utime, u64 rtime) 208 { 209 samples[CPUCLOCK_PROF] = stime + utime; 210 samples[CPUCLOCK_VIRT] = utime; 211 samples[CPUCLOCK_SCHED] = rtime; 212 } 213 214 static void task_sample_cputime(struct task_struct *p, u64 *samples) 215 { 216 u64 stime, utime; 217 218 task_cputime(p, &utime, &stime); 219 store_samples(samples, stime, utime, p->se.sum_exec_runtime); 220 } 221 222 static void proc_sample_cputime_atomic(struct task_cputime_atomic *at, 223 u64 *samples) 224 { 225 u64 stime, utime, rtime; 226 227 utime = atomic64_read(&at->utime); 228 stime = atomic64_read(&at->stime); 229 rtime = atomic64_read(&at->sum_exec_runtime); 230 store_samples(samples, stime, utime, rtime); 231 } 232 233 /* 234 * Set cputime to sum_cputime if sum_cputime > cputime. Use cmpxchg 235 * to avoid race conditions with concurrent updates to cputime. 236 */ 237 static inline void __update_gt_cputime(atomic64_t *cputime, u64 sum_cputime) 238 { 239 u64 curr_cputime; 240 retry: 241 curr_cputime = atomic64_read(cputime); 242 if (sum_cputime > curr_cputime) { 243 if (atomic64_cmpxchg(cputime, curr_cputime, sum_cputime) != curr_cputime) 244 goto retry; 245 } 246 } 247 248 static void update_gt_cputime(struct task_cputime_atomic *cputime_atomic, 249 struct task_cputime *sum) 250 { 251 __update_gt_cputime(&cputime_atomic->utime, sum->utime); 252 __update_gt_cputime(&cputime_atomic->stime, sum->stime); 253 __update_gt_cputime(&cputime_atomic->sum_exec_runtime, sum->sum_exec_runtime); 254 } 255 256 /** 257 * thread_group_sample_cputime - Sample cputime for a given task 258 * @tsk: Task for which cputime needs to be started 259 * @samples: Storage for time samples 260 * 261 * Called from sys_getitimer() to calculate the expiry time of an active 262 * timer. That means group cputime accounting is already active. Called 263 * with task sighand lock held. 264 * 265 * Updates @times with an uptodate sample of the thread group cputimes. 266 */ 267 void thread_group_sample_cputime(struct task_struct *tsk, u64 *samples) 268 { 269 struct thread_group_cputimer *cputimer = &tsk->signal->cputimer; 270 struct posix_cputimers *pct = &tsk->signal->posix_cputimers; 271 272 WARN_ON_ONCE(!pct->timers_active); 273 274 proc_sample_cputime_atomic(&cputimer->cputime_atomic, samples); 275 } 276 277 /** 278 * thread_group_start_cputime - Start cputime and return a sample 279 * @tsk: Task for which cputime needs to be started 280 * @samples: Storage for time samples 281 * 282 * The thread group cputime accouting is avoided when there are no posix 283 * CPU timers armed. Before starting a timer it's required to check whether 284 * the time accounting is active. If not, a full update of the atomic 285 * accounting store needs to be done and the accounting enabled. 286 * 287 * Updates @times with an uptodate sample of the thread group cputimes. 288 */ 289 static void thread_group_start_cputime(struct task_struct *tsk, u64 *samples) 290 { 291 struct thread_group_cputimer *cputimer = &tsk->signal->cputimer; 292 struct posix_cputimers *pct = &tsk->signal->posix_cputimers; 293 294 /* Check if cputimer isn't running. This is accessed without locking. */ 295 if (!READ_ONCE(pct->timers_active)) { 296 struct task_cputime sum; 297 298 /* 299 * The POSIX timer interface allows for absolute time expiry 300 * values through the TIMER_ABSTIME flag, therefore we have 301 * to synchronize the timer to the clock every time we start it. 302 */ 303 thread_group_cputime(tsk, &sum); 304 update_gt_cputime(&cputimer->cputime_atomic, &sum); 305 306 /* 307 * We're setting timers_active without a lock. Ensure this 308 * only gets written to in one operation. We set it after 309 * update_gt_cputime() as a small optimization, but 310 * barriers are not required because update_gt_cputime() 311 * can handle concurrent updates. 312 */ 313 WRITE_ONCE(pct->timers_active, true); 314 } 315 proc_sample_cputime_atomic(&cputimer->cputime_atomic, samples); 316 } 317 318 static void __thread_group_cputime(struct task_struct *tsk, u64 *samples) 319 { 320 struct task_cputime ct; 321 322 thread_group_cputime(tsk, &ct); 323 store_samples(samples, ct.stime, ct.utime, ct.sum_exec_runtime); 324 } 325 326 /* 327 * Sample a process (thread group) clock for the given task clkid. If the 328 * group's cputime accounting is already enabled, read the atomic 329 * store. Otherwise a full update is required. clkid is already validated. 330 */ 331 static u64 cpu_clock_sample_group(const clockid_t clkid, struct task_struct *p, 332 bool start) 333 { 334 struct thread_group_cputimer *cputimer = &p->signal->cputimer; 335 struct posix_cputimers *pct = &p->signal->posix_cputimers; 336 u64 samples[CPUCLOCK_MAX]; 337 338 if (!READ_ONCE(pct->timers_active)) { 339 if (start) 340 thread_group_start_cputime(p, samples); 341 else 342 __thread_group_cputime(p, samples); 343 } else { 344 proc_sample_cputime_atomic(&cputimer->cputime_atomic, samples); 345 } 346 347 return samples[clkid]; 348 } 349 350 static int posix_cpu_clock_get(const clockid_t clock, struct timespec64 *tp) 351 { 352 const clockid_t clkid = CPUCLOCK_WHICH(clock); 353 struct task_struct *tsk; 354 u64 t; 355 356 rcu_read_lock(); 357 tsk = pid_task(pid_for_clock(clock, true), clock_pid_type(clock)); 358 if (!tsk) { 359 rcu_read_unlock(); 360 return -EINVAL; 361 } 362 363 if (CPUCLOCK_PERTHREAD(clock)) 364 t = cpu_clock_sample(clkid, tsk); 365 else 366 t = cpu_clock_sample_group(clkid, tsk, false); 367 rcu_read_unlock(); 368 369 *tp = ns_to_timespec64(t); 370 return 0; 371 } 372 373 /* 374 * Validate the clockid_t for a new CPU-clock timer, and initialize the timer. 375 * This is called from sys_timer_create() and do_cpu_nanosleep() with the 376 * new timer already all-zeros initialized. 377 */ 378 static int posix_cpu_timer_create(struct k_itimer *new_timer) 379 { 380 struct pid *pid; 381 382 rcu_read_lock(); 383 pid = pid_for_clock(new_timer->it_clock, false); 384 if (!pid) { 385 rcu_read_unlock(); 386 return -EINVAL; 387 } 388 389 new_timer->kclock = &clock_posix_cpu; 390 timerqueue_init(&new_timer->it.cpu.node); 391 new_timer->it.cpu.pid = get_pid(pid); 392 rcu_read_unlock(); 393 return 0; 394 } 395 396 /* 397 * Clean up a CPU-clock timer that is about to be destroyed. 398 * This is called from timer deletion with the timer already locked. 399 * If we return TIMER_RETRY, it's necessary to release the timer's lock 400 * and try again. (This happens when the timer is in the middle of firing.) 401 */ 402 static int posix_cpu_timer_del(struct k_itimer *timer) 403 { 404 struct cpu_timer *ctmr = &timer->it.cpu; 405 struct sighand_struct *sighand; 406 struct task_struct *p; 407 unsigned long flags; 408 int ret = 0; 409 410 rcu_read_lock(); 411 p = cpu_timer_task_rcu(timer); 412 if (!p) 413 goto out; 414 415 /* 416 * Protect against sighand release/switch in exit/exec and process/ 417 * thread timer list entry concurrent read/writes. 418 */ 419 sighand = lock_task_sighand(p, &flags); 420 if (unlikely(sighand == NULL)) { 421 /* 422 * This raced with the reaping of the task. The exit cleanup 423 * should have removed this timer from the timer queue. 424 */ 425 WARN_ON_ONCE(ctmr->head || timerqueue_node_queued(&ctmr->node)); 426 } else { 427 if (timer->it.cpu.firing) 428 ret = TIMER_RETRY; 429 else 430 cpu_timer_dequeue(ctmr); 431 432 unlock_task_sighand(p, &flags); 433 } 434 435 out: 436 rcu_read_unlock(); 437 if (!ret) 438 put_pid(ctmr->pid); 439 440 return ret; 441 } 442 443 static void cleanup_timerqueue(struct timerqueue_head *head) 444 { 445 struct timerqueue_node *node; 446 struct cpu_timer *ctmr; 447 448 while ((node = timerqueue_getnext(head))) { 449 timerqueue_del(head, node); 450 ctmr = container_of(node, struct cpu_timer, node); 451 ctmr->head = NULL; 452 } 453 } 454 455 /* 456 * Clean out CPU timers which are still armed when a thread exits. The 457 * timers are only removed from the list. No other updates are done. The 458 * corresponding posix timers are still accessible, but cannot be rearmed. 459 * 460 * This must be called with the siglock held. 461 */ 462 static void cleanup_timers(struct posix_cputimers *pct) 463 { 464 cleanup_timerqueue(&pct->bases[CPUCLOCK_PROF].tqhead); 465 cleanup_timerqueue(&pct->bases[CPUCLOCK_VIRT].tqhead); 466 cleanup_timerqueue(&pct->bases[CPUCLOCK_SCHED].tqhead); 467 } 468 469 /* 470 * These are both called with the siglock held, when the current thread 471 * is being reaped. When the final (leader) thread in the group is reaped, 472 * posix_cpu_timers_exit_group will be called after posix_cpu_timers_exit. 473 */ 474 void posix_cpu_timers_exit(struct task_struct *tsk) 475 { 476 cleanup_timers(&tsk->posix_cputimers); 477 } 478 void posix_cpu_timers_exit_group(struct task_struct *tsk) 479 { 480 cleanup_timers(&tsk->signal->posix_cputimers); 481 } 482 483 /* 484 * Insert the timer on the appropriate list before any timers that 485 * expire later. This must be called with the sighand lock held. 486 */ 487 static void arm_timer(struct k_itimer *timer, struct task_struct *p) 488 { 489 int clkidx = CPUCLOCK_WHICH(timer->it_clock); 490 struct cpu_timer *ctmr = &timer->it.cpu; 491 u64 newexp = cpu_timer_getexpires(ctmr); 492 struct posix_cputimer_base *base; 493 494 if (CPUCLOCK_PERTHREAD(timer->it_clock)) 495 base = p->posix_cputimers.bases + clkidx; 496 else 497 base = p->signal->posix_cputimers.bases + clkidx; 498 499 if (!cpu_timer_enqueue(&base->tqhead, ctmr)) 500 return; 501 502 /* 503 * We are the new earliest-expiring POSIX 1.b timer, hence 504 * need to update expiration cache. Take into account that 505 * for process timers we share expiration cache with itimers 506 * and RLIMIT_CPU and for thread timers with RLIMIT_RTTIME. 507 */ 508 if (newexp < base->nextevt) 509 base->nextevt = newexp; 510 511 if (CPUCLOCK_PERTHREAD(timer->it_clock)) 512 tick_dep_set_task(p, TICK_DEP_BIT_POSIX_TIMER); 513 else 514 tick_dep_set_signal(p->signal, TICK_DEP_BIT_POSIX_TIMER); 515 } 516 517 /* 518 * The timer is locked, fire it and arrange for its reload. 519 */ 520 static void cpu_timer_fire(struct k_itimer *timer) 521 { 522 struct cpu_timer *ctmr = &timer->it.cpu; 523 524 if ((timer->it_sigev_notify & ~SIGEV_THREAD_ID) == SIGEV_NONE) { 525 /* 526 * User don't want any signal. 527 */ 528 cpu_timer_setexpires(ctmr, 0); 529 } else if (unlikely(timer->sigq == NULL)) { 530 /* 531 * This a special case for clock_nanosleep, 532 * not a normal timer from sys_timer_create. 533 */ 534 wake_up_process(timer->it_process); 535 cpu_timer_setexpires(ctmr, 0); 536 } else if (!timer->it_interval) { 537 /* 538 * One-shot timer. Clear it as soon as it's fired. 539 */ 540 posix_timer_event(timer, 0); 541 cpu_timer_setexpires(ctmr, 0); 542 } else if (posix_timer_event(timer, ++timer->it_requeue_pending)) { 543 /* 544 * The signal did not get queued because the signal 545 * was ignored, so we won't get any callback to 546 * reload the timer. But we need to keep it 547 * ticking in case the signal is deliverable next time. 548 */ 549 posix_cpu_timer_rearm(timer); 550 ++timer->it_requeue_pending; 551 } 552 } 553 554 /* 555 * Guts of sys_timer_settime for CPU timers. 556 * This is called with the timer locked and interrupts disabled. 557 * If we return TIMER_RETRY, it's necessary to release the timer's lock 558 * and try again. (This happens when the timer is in the middle of firing.) 559 */ 560 static int posix_cpu_timer_set(struct k_itimer *timer, int timer_flags, 561 struct itimerspec64 *new, struct itimerspec64 *old) 562 { 563 clockid_t clkid = CPUCLOCK_WHICH(timer->it_clock); 564 u64 old_expires, new_expires, old_incr, val; 565 struct cpu_timer *ctmr = &timer->it.cpu; 566 struct sighand_struct *sighand; 567 struct task_struct *p; 568 unsigned long flags; 569 int ret = 0; 570 571 rcu_read_lock(); 572 p = cpu_timer_task_rcu(timer); 573 if (!p) { 574 /* 575 * If p has just been reaped, we can no 576 * longer get any information about it at all. 577 */ 578 rcu_read_unlock(); 579 return -ESRCH; 580 } 581 582 /* 583 * Use the to_ktime conversion because that clamps the maximum 584 * value to KTIME_MAX and avoid multiplication overflows. 585 */ 586 new_expires = ktime_to_ns(timespec64_to_ktime(new->it_value)); 587 588 /* 589 * Protect against sighand release/switch in exit/exec and p->cpu_timers 590 * and p->signal->cpu_timers read/write in arm_timer() 591 */ 592 sighand = lock_task_sighand(p, &flags); 593 /* 594 * If p has just been reaped, we can no 595 * longer get any information about it at all. 596 */ 597 if (unlikely(sighand == NULL)) { 598 rcu_read_unlock(); 599 return -ESRCH; 600 } 601 602 /* 603 * Disarm any old timer after extracting its expiry time. 604 */ 605 old_incr = timer->it_interval; 606 old_expires = cpu_timer_getexpires(ctmr); 607 608 if (unlikely(timer->it.cpu.firing)) { 609 timer->it.cpu.firing = -1; 610 ret = TIMER_RETRY; 611 } else { 612 cpu_timer_dequeue(ctmr); 613 } 614 615 /* 616 * We need to sample the current value to convert the new 617 * value from to relative and absolute, and to convert the 618 * old value from absolute to relative. To set a process 619 * timer, we need a sample to balance the thread expiry 620 * times (in arm_timer). With an absolute time, we must 621 * check if it's already passed. In short, we need a sample. 622 */ 623 if (CPUCLOCK_PERTHREAD(timer->it_clock)) 624 val = cpu_clock_sample(clkid, p); 625 else 626 val = cpu_clock_sample_group(clkid, p, true); 627 628 if (old) { 629 if (old_expires == 0) { 630 old->it_value.tv_sec = 0; 631 old->it_value.tv_nsec = 0; 632 } else { 633 /* 634 * Update the timer in case it has overrun already. 635 * If it has, we'll report it as having overrun and 636 * with the next reloaded timer already ticking, 637 * though we are swallowing that pending 638 * notification here to install the new setting. 639 */ 640 u64 exp = bump_cpu_timer(timer, val); 641 642 if (val < exp) { 643 old_expires = exp - val; 644 old->it_value = ns_to_timespec64(old_expires); 645 } else { 646 old->it_value.tv_nsec = 1; 647 old->it_value.tv_sec = 0; 648 } 649 } 650 } 651 652 if (unlikely(ret)) { 653 /* 654 * We are colliding with the timer actually firing. 655 * Punt after filling in the timer's old value, and 656 * disable this firing since we are already reporting 657 * it as an overrun (thanks to bump_cpu_timer above). 658 */ 659 unlock_task_sighand(p, &flags); 660 goto out; 661 } 662 663 if (new_expires != 0 && !(timer_flags & TIMER_ABSTIME)) { 664 new_expires += val; 665 } 666 667 /* 668 * Install the new expiry time (or zero). 669 * For a timer with no notification action, we don't actually 670 * arm the timer (we'll just fake it for timer_gettime). 671 */ 672 cpu_timer_setexpires(ctmr, new_expires); 673 if (new_expires != 0 && val < new_expires) { 674 arm_timer(timer, p); 675 } 676 677 unlock_task_sighand(p, &flags); 678 /* 679 * Install the new reload setting, and 680 * set up the signal and overrun bookkeeping. 681 */ 682 timer->it_interval = timespec64_to_ktime(new->it_interval); 683 684 /* 685 * This acts as a modification timestamp for the timer, 686 * so any automatic reload attempt will punt on seeing 687 * that we have reset the timer manually. 688 */ 689 timer->it_requeue_pending = (timer->it_requeue_pending + 2) & 690 ~REQUEUE_PENDING; 691 timer->it_overrun_last = 0; 692 timer->it_overrun = -1; 693 694 if (new_expires != 0 && !(val < new_expires)) { 695 /* 696 * The designated time already passed, so we notify 697 * immediately, even if the thread never runs to 698 * accumulate more time on this clock. 699 */ 700 cpu_timer_fire(timer); 701 } 702 703 ret = 0; 704 out: 705 rcu_read_unlock(); 706 if (old) 707 old->it_interval = ns_to_timespec64(old_incr); 708 709 return ret; 710 } 711 712 static void posix_cpu_timer_get(struct k_itimer *timer, struct itimerspec64 *itp) 713 { 714 clockid_t clkid = CPUCLOCK_WHICH(timer->it_clock); 715 struct cpu_timer *ctmr = &timer->it.cpu; 716 u64 now, expires = cpu_timer_getexpires(ctmr); 717 struct task_struct *p; 718 719 rcu_read_lock(); 720 p = cpu_timer_task_rcu(timer); 721 if (!p) 722 goto out; 723 724 /* 725 * Easy part: convert the reload time. 726 */ 727 itp->it_interval = ktime_to_timespec64(timer->it_interval); 728 729 if (!expires) 730 goto out; 731 732 /* 733 * Sample the clock to take the difference with the expiry time. 734 */ 735 if (CPUCLOCK_PERTHREAD(timer->it_clock)) 736 now = cpu_clock_sample(clkid, p); 737 else 738 now = cpu_clock_sample_group(clkid, p, false); 739 740 if (now < expires) { 741 itp->it_value = ns_to_timespec64(expires - now); 742 } else { 743 /* 744 * The timer should have expired already, but the firing 745 * hasn't taken place yet. Say it's just about to expire. 746 */ 747 itp->it_value.tv_nsec = 1; 748 itp->it_value.tv_sec = 0; 749 } 750 out: 751 rcu_read_unlock(); 752 } 753 754 #define MAX_COLLECTED 20 755 756 static u64 collect_timerqueue(struct timerqueue_head *head, 757 struct list_head *firing, u64 now) 758 { 759 struct timerqueue_node *next; 760 int i = 0; 761 762 while ((next = timerqueue_getnext(head))) { 763 struct cpu_timer *ctmr; 764 u64 expires; 765 766 ctmr = container_of(next, struct cpu_timer, node); 767 expires = cpu_timer_getexpires(ctmr); 768 /* Limit the number of timers to expire at once */ 769 if (++i == MAX_COLLECTED || now < expires) 770 return expires; 771 772 ctmr->firing = 1; 773 cpu_timer_dequeue(ctmr); 774 list_add_tail(&ctmr->elist, firing); 775 } 776 777 return U64_MAX; 778 } 779 780 static void collect_posix_cputimers(struct posix_cputimers *pct, u64 *samples, 781 struct list_head *firing) 782 { 783 struct posix_cputimer_base *base = pct->bases; 784 int i; 785 786 for (i = 0; i < CPUCLOCK_MAX; i++, base++) { 787 base->nextevt = collect_timerqueue(&base->tqhead, firing, 788 samples[i]); 789 } 790 } 791 792 static inline void check_dl_overrun(struct task_struct *tsk) 793 { 794 if (tsk->dl.dl_overrun) { 795 tsk->dl.dl_overrun = 0; 796 __group_send_sig_info(SIGXCPU, SEND_SIG_PRIV, tsk); 797 } 798 } 799 800 static bool check_rlimit(u64 time, u64 limit, int signo, bool rt, bool hard) 801 { 802 if (time < limit) 803 return false; 804 805 if (print_fatal_signals) { 806 pr_info("%s Watchdog Timeout (%s): %s[%d]\n", 807 rt ? "RT" : "CPU", hard ? "hard" : "soft", 808 current->comm, task_pid_nr(current)); 809 } 810 __group_send_sig_info(signo, SEND_SIG_PRIV, current); 811 return true; 812 } 813 814 /* 815 * Check for any per-thread CPU timers that have fired and move them off 816 * the tsk->cpu_timers[N] list onto the firing list. Here we update the 817 * tsk->it_*_expires values to reflect the remaining thread CPU timers. 818 */ 819 static void check_thread_timers(struct task_struct *tsk, 820 struct list_head *firing) 821 { 822 struct posix_cputimers *pct = &tsk->posix_cputimers; 823 u64 samples[CPUCLOCK_MAX]; 824 unsigned long soft; 825 826 if (dl_task(tsk)) 827 check_dl_overrun(tsk); 828 829 if (expiry_cache_is_inactive(pct)) 830 return; 831 832 task_sample_cputime(tsk, samples); 833 collect_posix_cputimers(pct, samples, firing); 834 835 /* 836 * Check for the special case thread timers. 837 */ 838 soft = task_rlimit(tsk, RLIMIT_RTTIME); 839 if (soft != RLIM_INFINITY) { 840 /* Task RT timeout is accounted in jiffies. RTTIME is usec */ 841 unsigned long rttime = tsk->rt.timeout * (USEC_PER_SEC / HZ); 842 unsigned long hard = task_rlimit_max(tsk, RLIMIT_RTTIME); 843 844 /* At the hard limit, send SIGKILL. No further action. */ 845 if (hard != RLIM_INFINITY && 846 check_rlimit(rttime, hard, SIGKILL, true, true)) 847 return; 848 849 /* At the soft limit, send a SIGXCPU every second */ 850 if (check_rlimit(rttime, soft, SIGXCPU, true, false)) { 851 soft += USEC_PER_SEC; 852 tsk->signal->rlim[RLIMIT_RTTIME].rlim_cur = soft; 853 } 854 } 855 856 if (expiry_cache_is_inactive(pct)) 857 tick_dep_clear_task(tsk, TICK_DEP_BIT_POSIX_TIMER); 858 } 859 860 static inline void stop_process_timers(struct signal_struct *sig) 861 { 862 struct posix_cputimers *pct = &sig->posix_cputimers; 863 864 /* Turn off the active flag. This is done without locking. */ 865 WRITE_ONCE(pct->timers_active, false); 866 tick_dep_clear_signal(sig, TICK_DEP_BIT_POSIX_TIMER); 867 } 868 869 static void check_cpu_itimer(struct task_struct *tsk, struct cpu_itimer *it, 870 u64 *expires, u64 cur_time, int signo) 871 { 872 if (!it->expires) 873 return; 874 875 if (cur_time >= it->expires) { 876 if (it->incr) 877 it->expires += it->incr; 878 else 879 it->expires = 0; 880 881 trace_itimer_expire(signo == SIGPROF ? 882 ITIMER_PROF : ITIMER_VIRTUAL, 883 task_tgid(tsk), cur_time); 884 __group_send_sig_info(signo, SEND_SIG_PRIV, tsk); 885 } 886 887 if (it->expires && it->expires < *expires) 888 *expires = it->expires; 889 } 890 891 /* 892 * Check for any per-thread CPU timers that have fired and move them 893 * off the tsk->*_timers list onto the firing list. Per-thread timers 894 * have already been taken off. 895 */ 896 static void check_process_timers(struct task_struct *tsk, 897 struct list_head *firing) 898 { 899 struct signal_struct *const sig = tsk->signal; 900 struct posix_cputimers *pct = &sig->posix_cputimers; 901 u64 samples[CPUCLOCK_MAX]; 902 unsigned long soft; 903 904 /* 905 * If there are no active process wide timers (POSIX 1.b, itimers, 906 * RLIMIT_CPU) nothing to check. Also skip the process wide timer 907 * processing when there is already another task handling them. 908 */ 909 if (!READ_ONCE(pct->timers_active) || pct->expiry_active) 910 return; 911 912 /* 913 * Signify that a thread is checking for process timers. 914 * Write access to this field is protected by the sighand lock. 915 */ 916 pct->expiry_active = true; 917 918 /* 919 * Collect the current process totals. Group accounting is active 920 * so the sample can be taken directly. 921 */ 922 proc_sample_cputime_atomic(&sig->cputimer.cputime_atomic, samples); 923 collect_posix_cputimers(pct, samples, firing); 924 925 /* 926 * Check for the special case process timers. 927 */ 928 check_cpu_itimer(tsk, &sig->it[CPUCLOCK_PROF], 929 &pct->bases[CPUCLOCK_PROF].nextevt, 930 samples[CPUCLOCK_PROF], SIGPROF); 931 check_cpu_itimer(tsk, &sig->it[CPUCLOCK_VIRT], 932 &pct->bases[CPUCLOCK_VIRT].nextevt, 933 samples[CPUCLOCK_VIRT], SIGVTALRM); 934 935 soft = task_rlimit(tsk, RLIMIT_CPU); 936 if (soft != RLIM_INFINITY) { 937 /* RLIMIT_CPU is in seconds. Samples are nanoseconds */ 938 unsigned long hard = task_rlimit_max(tsk, RLIMIT_CPU); 939 u64 ptime = samples[CPUCLOCK_PROF]; 940 u64 softns = (u64)soft * NSEC_PER_SEC; 941 u64 hardns = (u64)hard * NSEC_PER_SEC; 942 943 /* At the hard limit, send SIGKILL. No further action. */ 944 if (hard != RLIM_INFINITY && 945 check_rlimit(ptime, hardns, SIGKILL, false, true)) 946 return; 947 948 /* At the soft limit, send a SIGXCPU every second */ 949 if (check_rlimit(ptime, softns, SIGXCPU, false, false)) { 950 sig->rlim[RLIMIT_CPU].rlim_cur = soft + 1; 951 softns += NSEC_PER_SEC; 952 } 953 954 /* Update the expiry cache */ 955 if (softns < pct->bases[CPUCLOCK_PROF].nextevt) 956 pct->bases[CPUCLOCK_PROF].nextevt = softns; 957 } 958 959 if (expiry_cache_is_inactive(pct)) 960 stop_process_timers(sig); 961 962 pct->expiry_active = false; 963 } 964 965 /* 966 * This is called from the signal code (via posixtimer_rearm) 967 * when the last timer signal was delivered and we have to reload the timer. 968 */ 969 static void posix_cpu_timer_rearm(struct k_itimer *timer) 970 { 971 clockid_t clkid = CPUCLOCK_WHICH(timer->it_clock); 972 struct task_struct *p; 973 struct sighand_struct *sighand; 974 unsigned long flags; 975 u64 now; 976 977 rcu_read_lock(); 978 p = cpu_timer_task_rcu(timer); 979 if (!p) 980 goto out; 981 982 /* 983 * Fetch the current sample and update the timer's expiry time. 984 */ 985 if (CPUCLOCK_PERTHREAD(timer->it_clock)) 986 now = cpu_clock_sample(clkid, p); 987 else 988 now = cpu_clock_sample_group(clkid, p, true); 989 990 bump_cpu_timer(timer, now); 991 992 /* Protect timer list r/w in arm_timer() */ 993 sighand = lock_task_sighand(p, &flags); 994 if (unlikely(sighand == NULL)) 995 goto out; 996 997 /* 998 * Now re-arm for the new expiry time. 999 */ 1000 arm_timer(timer, p); 1001 unlock_task_sighand(p, &flags); 1002 out: 1003 rcu_read_unlock(); 1004 } 1005 1006 /** 1007 * task_cputimers_expired - Check whether posix CPU timers are expired 1008 * 1009 * @samples: Array of current samples for the CPUCLOCK clocks 1010 * @pct: Pointer to a posix_cputimers container 1011 * 1012 * Returns true if any member of @samples is greater than the corresponding 1013 * member of @pct->bases[CLK].nextevt. False otherwise 1014 */ 1015 static inline bool 1016 task_cputimers_expired(const u64 *samples, struct posix_cputimers *pct) 1017 { 1018 int i; 1019 1020 for (i = 0; i < CPUCLOCK_MAX; i++) { 1021 if (samples[i] >= pct->bases[i].nextevt) 1022 return true; 1023 } 1024 return false; 1025 } 1026 1027 /** 1028 * fastpath_timer_check - POSIX CPU timers fast path. 1029 * 1030 * @tsk: The task (thread) being checked. 1031 * 1032 * Check the task and thread group timers. If both are zero (there are no 1033 * timers set) return false. Otherwise snapshot the task and thread group 1034 * timers and compare them with the corresponding expiration times. Return 1035 * true if a timer has expired, else return false. 1036 */ 1037 static inline bool fastpath_timer_check(struct task_struct *tsk) 1038 { 1039 struct posix_cputimers *pct = &tsk->posix_cputimers; 1040 struct signal_struct *sig; 1041 1042 if (!expiry_cache_is_inactive(pct)) { 1043 u64 samples[CPUCLOCK_MAX]; 1044 1045 task_sample_cputime(tsk, samples); 1046 if (task_cputimers_expired(samples, pct)) 1047 return true; 1048 } 1049 1050 sig = tsk->signal; 1051 pct = &sig->posix_cputimers; 1052 /* 1053 * Check if thread group timers expired when timers are active and 1054 * no other thread in the group is already handling expiry for 1055 * thread group cputimers. These fields are read without the 1056 * sighand lock. However, this is fine because this is meant to be 1057 * a fastpath heuristic to determine whether we should try to 1058 * acquire the sighand lock to handle timer expiry. 1059 * 1060 * In the worst case scenario, if concurrently timers_active is set 1061 * or expiry_active is cleared, but the current thread doesn't see 1062 * the change yet, the timer checks are delayed until the next 1063 * thread in the group gets a scheduler interrupt to handle the 1064 * timer. This isn't an issue in practice because these types of 1065 * delays with signals actually getting sent are expected. 1066 */ 1067 if (READ_ONCE(pct->timers_active) && !READ_ONCE(pct->expiry_active)) { 1068 u64 samples[CPUCLOCK_MAX]; 1069 1070 proc_sample_cputime_atomic(&sig->cputimer.cputime_atomic, 1071 samples); 1072 1073 if (task_cputimers_expired(samples, pct)) 1074 return true; 1075 } 1076 1077 if (dl_task(tsk) && tsk->dl.dl_overrun) 1078 return true; 1079 1080 return false; 1081 } 1082 1083 /* 1084 * This is called from the timer interrupt handler. The irq handler has 1085 * already updated our counts. We need to check if any timers fire now. 1086 * Interrupts are disabled. 1087 */ 1088 void run_posix_cpu_timers(void) 1089 { 1090 struct task_struct *tsk = current; 1091 struct k_itimer *timer, *next; 1092 unsigned long flags; 1093 LIST_HEAD(firing); 1094 1095 lockdep_assert_irqs_disabled(); 1096 1097 /* 1098 * The fast path checks that there are no expired thread or thread 1099 * group timers. If that's so, just return. 1100 */ 1101 if (!fastpath_timer_check(tsk)) 1102 return; 1103 1104 lockdep_posixtimer_enter(); 1105 if (!lock_task_sighand(tsk, &flags)) { 1106 lockdep_posixtimer_exit(); 1107 return; 1108 } 1109 /* 1110 * Here we take off tsk->signal->cpu_timers[N] and 1111 * tsk->cpu_timers[N] all the timers that are firing, and 1112 * put them on the firing list. 1113 */ 1114 check_thread_timers(tsk, &firing); 1115 1116 check_process_timers(tsk, &firing); 1117 1118 /* 1119 * We must release these locks before taking any timer's lock. 1120 * There is a potential race with timer deletion here, as the 1121 * siglock now protects our private firing list. We have set 1122 * the firing flag in each timer, so that a deletion attempt 1123 * that gets the timer lock before we do will give it up and 1124 * spin until we've taken care of that timer below. 1125 */ 1126 unlock_task_sighand(tsk, &flags); 1127 1128 /* 1129 * Now that all the timers on our list have the firing flag, 1130 * no one will touch their list entries but us. We'll take 1131 * each timer's lock before clearing its firing flag, so no 1132 * timer call will interfere. 1133 */ 1134 list_for_each_entry_safe(timer, next, &firing, it.cpu.elist) { 1135 int cpu_firing; 1136 1137 spin_lock(&timer->it_lock); 1138 list_del_init(&timer->it.cpu.elist); 1139 cpu_firing = timer->it.cpu.firing; 1140 timer->it.cpu.firing = 0; 1141 /* 1142 * The firing flag is -1 if we collided with a reset 1143 * of the timer, which already reported this 1144 * almost-firing as an overrun. So don't generate an event. 1145 */ 1146 if (likely(cpu_firing >= 0)) 1147 cpu_timer_fire(timer); 1148 spin_unlock(&timer->it_lock); 1149 } 1150 lockdep_posixtimer_exit(); 1151 } 1152 1153 /* 1154 * Set one of the process-wide special case CPU timers or RLIMIT_CPU. 1155 * The tsk->sighand->siglock must be held by the caller. 1156 */ 1157 void set_process_cpu_timer(struct task_struct *tsk, unsigned int clkid, 1158 u64 *newval, u64 *oldval) 1159 { 1160 u64 now, *nextevt; 1161 1162 if (WARN_ON_ONCE(clkid >= CPUCLOCK_SCHED)) 1163 return; 1164 1165 nextevt = &tsk->signal->posix_cputimers.bases[clkid].nextevt; 1166 now = cpu_clock_sample_group(clkid, tsk, true); 1167 1168 if (oldval) { 1169 /* 1170 * We are setting itimer. The *oldval is absolute and we update 1171 * it to be relative, *newval argument is relative and we update 1172 * it to be absolute. 1173 */ 1174 if (*oldval) { 1175 if (*oldval <= now) { 1176 /* Just about to fire. */ 1177 *oldval = TICK_NSEC; 1178 } else { 1179 *oldval -= now; 1180 } 1181 } 1182 1183 if (!*newval) 1184 return; 1185 *newval += now; 1186 } 1187 1188 /* 1189 * Update expiration cache if this is the earliest timer. CPUCLOCK_PROF 1190 * expiry cache is also used by RLIMIT_CPU!. 1191 */ 1192 if (*newval < *nextevt) 1193 *nextevt = *newval; 1194 1195 tick_dep_set_signal(tsk->signal, TICK_DEP_BIT_POSIX_TIMER); 1196 } 1197 1198 static int do_cpu_nanosleep(const clockid_t which_clock, int flags, 1199 const struct timespec64 *rqtp) 1200 { 1201 struct itimerspec64 it; 1202 struct k_itimer timer; 1203 u64 expires; 1204 int error; 1205 1206 /* 1207 * Set up a temporary timer and then wait for it to go off. 1208 */ 1209 memset(&timer, 0, sizeof timer); 1210 spin_lock_init(&timer.it_lock); 1211 timer.it_clock = which_clock; 1212 timer.it_overrun = -1; 1213 error = posix_cpu_timer_create(&timer); 1214 timer.it_process = current; 1215 1216 if (!error) { 1217 static struct itimerspec64 zero_it; 1218 struct restart_block *restart; 1219 1220 memset(&it, 0, sizeof(it)); 1221 it.it_value = *rqtp; 1222 1223 spin_lock_irq(&timer.it_lock); 1224 error = posix_cpu_timer_set(&timer, flags, &it, NULL); 1225 if (error) { 1226 spin_unlock_irq(&timer.it_lock); 1227 return error; 1228 } 1229 1230 while (!signal_pending(current)) { 1231 if (!cpu_timer_getexpires(&timer.it.cpu)) { 1232 /* 1233 * Our timer fired and was reset, below 1234 * deletion can not fail. 1235 */ 1236 posix_cpu_timer_del(&timer); 1237 spin_unlock_irq(&timer.it_lock); 1238 return 0; 1239 } 1240 1241 /* 1242 * Block until cpu_timer_fire (or a signal) wakes us. 1243 */ 1244 __set_current_state(TASK_INTERRUPTIBLE); 1245 spin_unlock_irq(&timer.it_lock); 1246 schedule(); 1247 spin_lock_irq(&timer.it_lock); 1248 } 1249 1250 /* 1251 * We were interrupted by a signal. 1252 */ 1253 expires = cpu_timer_getexpires(&timer.it.cpu); 1254 error = posix_cpu_timer_set(&timer, 0, &zero_it, &it); 1255 if (!error) { 1256 /* 1257 * Timer is now unarmed, deletion can not fail. 1258 */ 1259 posix_cpu_timer_del(&timer); 1260 } 1261 spin_unlock_irq(&timer.it_lock); 1262 1263 while (error == TIMER_RETRY) { 1264 /* 1265 * We need to handle case when timer was or is in the 1266 * middle of firing. In other cases we already freed 1267 * resources. 1268 */ 1269 spin_lock_irq(&timer.it_lock); 1270 error = posix_cpu_timer_del(&timer); 1271 spin_unlock_irq(&timer.it_lock); 1272 } 1273 1274 if ((it.it_value.tv_sec | it.it_value.tv_nsec) == 0) { 1275 /* 1276 * It actually did fire already. 1277 */ 1278 return 0; 1279 } 1280 1281 error = -ERESTART_RESTARTBLOCK; 1282 /* 1283 * Report back to the user the time still remaining. 1284 */ 1285 restart = ¤t->restart_block; 1286 restart->nanosleep.expires = expires; 1287 if (restart->nanosleep.type != TT_NONE) 1288 error = nanosleep_copyout(restart, &it.it_value); 1289 } 1290 1291 return error; 1292 } 1293 1294 static long posix_cpu_nsleep_restart(struct restart_block *restart_block); 1295 1296 static int posix_cpu_nsleep(const clockid_t which_clock, int flags, 1297 const struct timespec64 *rqtp) 1298 { 1299 struct restart_block *restart_block = ¤t->restart_block; 1300 int error; 1301 1302 /* 1303 * Diagnose required errors first. 1304 */ 1305 if (CPUCLOCK_PERTHREAD(which_clock) && 1306 (CPUCLOCK_PID(which_clock) == 0 || 1307 CPUCLOCK_PID(which_clock) == task_pid_vnr(current))) 1308 return -EINVAL; 1309 1310 error = do_cpu_nanosleep(which_clock, flags, rqtp); 1311 1312 if (error == -ERESTART_RESTARTBLOCK) { 1313 1314 if (flags & TIMER_ABSTIME) 1315 return -ERESTARTNOHAND; 1316 1317 restart_block->fn = posix_cpu_nsleep_restart; 1318 restart_block->nanosleep.clockid = which_clock; 1319 } 1320 return error; 1321 } 1322 1323 static long posix_cpu_nsleep_restart(struct restart_block *restart_block) 1324 { 1325 clockid_t which_clock = restart_block->nanosleep.clockid; 1326 struct timespec64 t; 1327 1328 t = ns_to_timespec64(restart_block->nanosleep.expires); 1329 1330 return do_cpu_nanosleep(which_clock, TIMER_ABSTIME, &t); 1331 } 1332 1333 #define PROCESS_CLOCK make_process_cpuclock(0, CPUCLOCK_SCHED) 1334 #define THREAD_CLOCK make_thread_cpuclock(0, CPUCLOCK_SCHED) 1335 1336 static int process_cpu_clock_getres(const clockid_t which_clock, 1337 struct timespec64 *tp) 1338 { 1339 return posix_cpu_clock_getres(PROCESS_CLOCK, tp); 1340 } 1341 static int process_cpu_clock_get(const clockid_t which_clock, 1342 struct timespec64 *tp) 1343 { 1344 return posix_cpu_clock_get(PROCESS_CLOCK, tp); 1345 } 1346 static int process_cpu_timer_create(struct k_itimer *timer) 1347 { 1348 timer->it_clock = PROCESS_CLOCK; 1349 return posix_cpu_timer_create(timer); 1350 } 1351 static int process_cpu_nsleep(const clockid_t which_clock, int flags, 1352 const struct timespec64 *rqtp) 1353 { 1354 return posix_cpu_nsleep(PROCESS_CLOCK, flags, rqtp); 1355 } 1356 static int thread_cpu_clock_getres(const clockid_t which_clock, 1357 struct timespec64 *tp) 1358 { 1359 return posix_cpu_clock_getres(THREAD_CLOCK, tp); 1360 } 1361 static int thread_cpu_clock_get(const clockid_t which_clock, 1362 struct timespec64 *tp) 1363 { 1364 return posix_cpu_clock_get(THREAD_CLOCK, tp); 1365 } 1366 static int thread_cpu_timer_create(struct k_itimer *timer) 1367 { 1368 timer->it_clock = THREAD_CLOCK; 1369 return posix_cpu_timer_create(timer); 1370 } 1371 1372 const struct k_clock clock_posix_cpu = { 1373 .clock_getres = posix_cpu_clock_getres, 1374 .clock_set = posix_cpu_clock_set, 1375 .clock_get_timespec = posix_cpu_clock_get, 1376 .timer_create = posix_cpu_timer_create, 1377 .nsleep = posix_cpu_nsleep, 1378 .timer_set = posix_cpu_timer_set, 1379 .timer_del = posix_cpu_timer_del, 1380 .timer_get = posix_cpu_timer_get, 1381 .timer_rearm = posix_cpu_timer_rearm, 1382 }; 1383 1384 const struct k_clock clock_process = { 1385 .clock_getres = process_cpu_clock_getres, 1386 .clock_get_timespec = process_cpu_clock_get, 1387 .timer_create = process_cpu_timer_create, 1388 .nsleep = process_cpu_nsleep, 1389 }; 1390 1391 const struct k_clock clock_thread = { 1392 .clock_getres = thread_cpu_clock_getres, 1393 .clock_get_timespec = thread_cpu_clock_get, 1394 .timer_create = thread_cpu_timer_create, 1395 }; 1396