2019-05-27 13:55:01 +07:00
|
|
|
/* SPDX-License-Identifier: GPL-2.0-or-later */
|
2005-11-11 17:15:21 +07:00
|
|
|
#ifndef _VDSO_DATAPAGE_H
|
|
|
|
#define _VDSO_DATAPAGE_H
|
2005-12-17 04:43:46 +07:00
|
|
|
#ifdef __KERNEL__
|
2005-11-11 17:15:21 +07:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Copyright (C) 2002 Peter Bergner <bergner@vnet.ibm.com>, IBM
|
|
|
|
* Copyright (C) 2005 Benjamin Herrenschmidy <benh@kernel.crashing.org>,
|
|
|
|
* IBM Corp.
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Note about this structure:
|
|
|
|
*
|
|
|
|
* This structure was historically called systemcfg and exposed to
|
|
|
|
* userland via /proc/ppc64/systemcfg. Unfortunately, this became an
|
|
|
|
* ABI issue as some proprietary software started relying on being able
|
|
|
|
* to mmap() it, thus we have to keep the base layout at least for a
|
|
|
|
* few kernel versions.
|
|
|
|
*
|
|
|
|
* However, since ppc32 doesn't suffer from this backward handicap,
|
|
|
|
* a simpler version of the data structure is used there with only the
|
|
|
|
* fields actually used by the vDSO.
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If the major version changes we are incompatible.
|
|
|
|
* Minor version changes are a hint.
|
|
|
|
*/
|
|
|
|
#define SYSTEMCFG_MAJOR 1
|
|
|
|
#define SYSTEMCFG_MINOR 1
|
|
|
|
|
|
|
|
#ifndef __ASSEMBLY__
|
|
|
|
|
|
|
|
#include <linux/unistd.h>
|
2008-10-28 06:56:03 +07:00
|
|
|
#include <linux/time.h>
|
2005-11-11 17:15:21 +07:00
|
|
|
|
2015-11-19 13:04:53 +07:00
|
|
|
#define SYSCALL_MAP_SIZE ((NR_syscalls + 31) / 32)
|
2005-11-11 17:15:21 +07:00
|
|
|
|
|
|
|
/*
|
|
|
|
* So here is the ppc64 backward compatible version
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifdef CONFIG_PPC64
|
|
|
|
|
|
|
|
struct vdso_data {
|
|
|
|
__u8 eye_catcher[16]; /* Eyecatcher: SYSTEMCFG:PPC64 0x00 */
|
|
|
|
struct { /* Systemcfg version numbers */
|
|
|
|
__u32 major; /* Major number 0x10 */
|
|
|
|
__u32 minor; /* Minor number 0x14 */
|
|
|
|
} version;
|
|
|
|
|
2006-03-28 19:15:54 +07:00
|
|
|
/* Note about the platform flags: it now only contains the lpar
|
2011-03-31 08:57:33 +07:00
|
|
|
* bit. The actual platform number is dead and buried
|
2006-03-28 19:15:54 +07:00
|
|
|
*/
|
2005-11-11 17:15:21 +07:00
|
|
|
__u32 platform; /* Platform flags 0x18 */
|
|
|
|
__u32 processor; /* Processor type 0x1C */
|
|
|
|
__u64 processorCount; /* # of physical processors 0x20 */
|
|
|
|
__u64 physicalMemorySize; /* Size of real memory(B) 0x28 */
|
|
|
|
__u64 tb_orig_stamp; /* Timebase at boot 0x30 */
|
|
|
|
__u64 tb_ticks_per_sec; /* Timebase tics / sec 0x38 */
|
|
|
|
__u64 tb_to_xs; /* Inverse of TB to 2^20 0x40 */
|
|
|
|
__u64 stamp_xsec; /* 0x48 */
|
|
|
|
__u64 tb_update_count; /* Timebase atomicity ctr 0x50 */
|
|
|
|
__u32 tz_minuteswest; /* Minutes west of Greenwich 0x58 */
|
|
|
|
__u32 tz_dsttime; /* Type of dst correction 0x5C */
|
|
|
|
__u32 dcache_size; /* L1 d-cache size 0x60 */
|
|
|
|
__u32 dcache_line_size; /* L1 d-cache line size 0x64 */
|
|
|
|
__u32 icache_size; /* L1 i-cache size 0x68 */
|
|
|
|
__u32 icache_line_size; /* L1 i-cache line size 0x6C */
|
|
|
|
|
|
|
|
/* those additional ones don't have to be located anywhere
|
|
|
|
* special as they were not part of the original systemcfg
|
|
|
|
*/
|
2007-11-20 08:24:45 +07:00
|
|
|
__u32 dcache_block_size; /* L1 d-cache block size */
|
|
|
|
__u32 icache_block_size; /* L1 i-cache block size */
|
|
|
|
__u32 dcache_log_block_size; /* L1 d-cache log block size */
|
|
|
|
__u32 icache_log_block_size; /* L1 i-cache log block size */
|
powerpc/vdso64: Fix CLOCK_MONOTONIC inconsistencies across Y2038
Jakub Drnec reported:
Setting the realtime clock can sometimes make the monotonic clock go
back by over a hundred years. Decreasing the realtime clock across
the y2k38 threshold is one reliable way to reproduce. Allegedly this
can also happen just by running ntpd, I have not managed to
reproduce that other than booting with rtc at >2038 and then running
ntp. When this happens, anything with timers (e.g. openjdk) breaks
rather badly.
And included a test case (slightly edited for brevity):
#define _POSIX_C_SOURCE 199309L
#include <stdio.h>
#include <time.h>
#include <stdlib.h>
#include <unistd.h>
long get_time(void) {
struct timespec tp;
clock_gettime(CLOCK_MONOTONIC, &tp);
return tp.tv_sec + tp.tv_nsec / 1000000000;
}
int main(void) {
long last = get_time();
while(1) {
long now = get_time();
if (now < last) {
printf("clock went backwards by %ld seconds!\n", last - now);
}
last = now;
sleep(1);
}
return 0;
}
Which when run concurrently with:
# date -s 2040-1-1
# date -s 2037-1-1
Will detect the clock going backward.
The root cause is that wtom_clock_sec in struct vdso_data is only a
32-bit signed value, even though we set its value to be equal to
tk->wall_to_monotonic.tv_sec which is 64-bits.
Because the monotonic clock starts at zero when the system boots the
wall_to_montonic.tv_sec offset is negative for current and future
dates. Currently on a freshly booted system the offset will be in the
vicinity of negative 1.5 billion seconds.
However if the wall clock is set past the Y2038 boundary, the offset
from wall to monotonic becomes less than negative 2^31, and no longer
fits in 32-bits. When that value is assigned to wtom_clock_sec it is
truncated and becomes positive, causing the VDSO assembly code to
calculate CLOCK_MONOTONIC incorrectly.
That causes CLOCK_MONOTONIC to jump ahead by ~4 billion seconds which
it is not meant to do. Worse, if the time is then set back before the
Y2038 boundary CLOCK_MONOTONIC will jump backward.
We can fix it simply by storing the full 64-bit offset in the
vdso_data, and using that in the VDSO assembly code. We also shuffle
some of the fields in vdso_data to avoid creating a hole.
The original commit that added the CLOCK_MONOTONIC support to the VDSO
did actually use a 64-bit value for wtom_clock_sec, see commit
a7f290dad32e ("[PATCH] powerpc: Merge vdso's and add vdso support to
32 bits kernel") (Nov 2005). However just 3 days later it was
converted to 32-bits in commit 0c37ec2aa88b ("[PATCH] powerpc: vdso
fixes (take #2)"), and the bug has existed since then AFAICS.
Fixes: 0c37ec2aa88b ("[PATCH] powerpc: vdso fixes (take #2)")
Cc: stable@vger.kernel.org # v2.6.15+
Link: http://lkml.kernel.org/r/HaC.ZfES.62bwlnvAvMP.1STMMj@seznam.cz
Reported-by: Jakub Drnec <jaydee@email.cz>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
2019-03-13 20:14:38 +07:00
|
|
|
__u32 stamp_sec_fraction; /* fractional seconds of stamp_xtime */
|
|
|
|
__s32 wtom_clock_nsec; /* Wall to monotonic clock nsec */
|
|
|
|
__s64 wtom_clock_sec; /* Wall to monotonic clock sec */
|
|
|
|
struct timespec stamp_xtime; /* xtime as at tb_orig_stamp */
|
2005-11-11 17:15:21 +07:00
|
|
|
__u32 syscall_map_64[SYSCALL_MAP_SIZE]; /* map of syscalls */
|
|
|
|
__u32 syscall_map_32[SYSCALL_MAP_SIZE]; /* map of syscalls */
|
|
|
|
};
|
|
|
|
|
|
|
|
#else /* CONFIG_PPC64 */
|
|
|
|
|
|
|
|
/*
|
|
|
|
* And here is the simpler 32 bits version
|
|
|
|
*/
|
|
|
|
struct vdso_data {
|
|
|
|
__u64 tb_orig_stamp; /* Timebase at boot 0x30 */
|
|
|
|
__u64 tb_ticks_per_sec; /* Timebase tics / sec 0x38 */
|
|
|
|
__u64 tb_to_xs; /* Inverse of TB to 2^20 0x40 */
|
|
|
|
__u64 stamp_xsec; /* 0x48 */
|
|
|
|
__u32 tb_update_count; /* Timebase atomicity ctr 0x50 */
|
|
|
|
__u32 tz_minuteswest; /* Minutes west of Greenwich 0x58 */
|
|
|
|
__u32 tz_dsttime; /* Type of dst correction 0x5C */
|
|
|
|
__s32 wtom_clock_sec; /* Wall to monotonic clock */
|
|
|
|
__s32 wtom_clock_nsec;
|
2008-10-28 06:56:03 +07:00
|
|
|
struct timespec stamp_xtime; /* xtime as at tb_orig_stamp */
|
powerpc: Rework VDSO gettimeofday to prevent time going backwards
Currently it is possible for userspace to see the result of
gettimeofday() going backwards by 1 microsecond, assuming that
userspace is using the gettimeofday() in the VDSO. The VDSO
gettimeofday() algorithm computes the time in "xsecs", which are
units of 2^-20 seconds, or approximately 0.954 microseconds,
using the algorithm
now = (timebase - tb_orig_stamp) * tb_to_xs + stamp_xsec
and then converts the time in xsecs to seconds and microseconds.
The kernel updates the tb_orig_stamp and stamp_xsec values every
tick in update_vsyscall(). If the length of the tick is not an
integer number of xsecs, then some precision is lost in converting
the current time to xsecs. For example, with CONFIG_HZ=1000, the
tick is 1ms long, which is 1048.576 xsecs. That means that
stamp_xsec will advance by either 1048 or 1049 on each tick.
With the right conditions, it is possible for userspace to get
(timebase - tb_orig_stamp) * tb_to_xs being 1049 if the kernel is
slightly late in updating the vdso_datapage, and then for stamp_xsec
to advance by 1048 when the kernel does update it, and for userspace
to then see (timebase - tb_orig_stamp) * tb_to_xs being zero due to
integer truncation. The result is that time appears to go backwards
by 1 microsecond.
To fix this we change the VDSO gettimeofday to use a new field in the
VDSO datapage which stores the nanoseconds part of the time as a
fractional number of seconds in a 0.32 binary fraction format.
(Or put another way, as a 32-bit number in units of 0.23283 ns.)
This is convenient because we can use the mulhwu instruction to
convert it to either microseconds or nanoseconds.
Since it turns out that computing the time of day using this new field
is simpler than either using stamp_xsec (as gettimeofday does) or
stamp_xtime.tv_nsec (as clock_gettime does), this converts both
gettimeofday and clock_gettime to use the new field. The existing
__do_get_tspec function is converted to use the new field and take
a parameter in r7 that indicates the desired resolution, 1,000,000
for microseconds or 1,000,000,000 for nanoseconds. The __do_get_xsec
function is then unused and is deleted.
The new algorithm is
now = ((timebase - tb_orig_stamp) << 12) * tb_to_xs
+ (stamp_xtime_seconds << 32) + stamp_sec_fraction
with 'now' in units of 2^-32 seconds. That is then converted to
seconds and either microseconds or nanoseconds with
seconds = now >> 32
partseconds = ((now & 0xffffffff) * resolution) >> 32
The 32-bit VDSO code also makes a further simplification: it ignores
the bottom 32 bits of the tb_to_xs value, which is a 0.64 format binary
fraction. Doing so gets rid of 4 multiply instructions. Assuming
a timebase frequency of 1GHz or less and an update interval of no
more than 10ms, the upper 32 bits of tb_to_xs will be at least
4503599, so the error from ignoring the low 32 bits will be at most
2.2ns, which is more than an order of magnitude less than the time
taken to do gettimeofday or clock_gettime on our fastest processors,
so there is no possibility of seeing inconsistent values due to this.
This also moves update_gtod() down next to its only caller, and makes
update_vsyscall use the time passed in via the wall_time argument rather
than accessing xtime directly. At present, wall_time always points to
xtime, but that could change in future.
Signed-off-by: Paul Mackerras <paulus@samba.org>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
2010-06-21 02:03:08 +07:00
|
|
|
__u32 stamp_sec_fraction; /* fractional seconds of stamp_xtime */
|
2005-11-11 17:15:21 +07:00
|
|
|
__u32 syscall_map_32[SYSCALL_MAP_SIZE]; /* map of syscalls */
|
2007-11-20 08:24:45 +07:00
|
|
|
__u32 dcache_block_size; /* L1 d-cache block size */
|
|
|
|
__u32 icache_block_size; /* L1 i-cache block size */
|
|
|
|
__u32 dcache_log_block_size; /* L1 d-cache log block size */
|
|
|
|
__u32 icache_log_block_size; /* L1 i-cache log block size */
|
2005-11-11 17:15:21 +07:00
|
|
|
};
|
|
|
|
|
|
|
|
#endif /* CONFIG_PPC64 */
|
|
|
|
|
|
|
|
extern struct vdso_data *vdso_data;
|
|
|
|
|
|
|
|
#endif /* __ASSEMBLY__ */
|
|
|
|
|
2005-12-17 04:43:46 +07:00
|
|
|
#endif /* __KERNEL__ */
|
2005-11-11 17:15:21 +07:00
|
|
|
#endif /* _SYSTEMCFG_H */
|