projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[PATCH] hrtimers: fix possible use of NULL pointer in posix-timers
[linux-2.6-block.git] / kernel / itimer.c
CommitLineData
1da177e4
LT		 1/*
2 * linux/kernel/itimer.c
3 *
4 * Copyright (C) 1992 Darren Senn
5 */
6
7/* These are all the functions necessary to implement itimers */
8
9#include <linux/mm.h>
10#include <linux/smp_lock.h>
11#include <linux/interrupt.h>
12#include <linux/syscalls.h>
13#include <linux/time.h>
14#include <linux/posix-timers.h>
2ff678b8 15#include <linux/hrtimer.h>
1da177e4
LT		 16
17#include <asm/uaccess.h>
18
2ff678b8
TG		 19/**
20 * itimer_get_remtime - get remaining time for the timer
21 *
22 * @timer: the timer to read
23 *
24 * Returns the delta between the expiry time and now, which can be
25 * less than zero or 1usec for an pending expired timer
26 */
27static struct timeval itimer_get_remtime(struct hrtimer *timer)
1da177e4 28{
2ff678b8 29 ktime_t rem = hrtimer_get_remaining(timer);
1da177e4 30
2ff678b8
TG		 31 /*
32 * Racy but safe: if the itimer expires after the above
33 * hrtimer_get_remtime() call but before this condition
34 * then we return 0 - which is correct.
35 */
36 if (hrtimer_active(timer)) {
37 if (rem.tv64 <= 0)
38 rem.tv64 = NSEC_PER_USEC;
39 } else
40 rem.tv64 = 0;
41
42 return ktime_to_timeval(rem);
1da177e4
LT		 43}
44
45int do_getitimer(int which, struct itimerval *value)
46{
47 struct task_struct *tsk = current;
1da177e4
LT		 48 cputime_t cinterval, cval;
49
50 switch (which) {
51 case ITIMER_REAL:
bc1978d4 52 spin_lock_irq(&tsk->sighand->siglock);
2ff678b8
TG		 53 value->it_value = itimer_get_remtime(&tsk->signal->real_timer);
54 value->it_interval =
55 ktime_to_timeval(tsk->signal->it_real_incr);
bc1978d4 56 spin_unlock_irq(&tsk->sighand->siglock);
1da177e4
LT		 57 break;
58 case ITIMER_VIRTUAL:
59 read_lock(&tasklist_lock);
60 spin_lock_irq(&tsk->sighand->siglock);
61 cval = tsk->signal->it_virt_expires;
62 cinterval = tsk->signal->it_virt_incr;
63 if (!cputime_eq(cval, cputime_zero)) {
64 struct task_struct *t = tsk;
65 cputime_t utime = tsk->signal->utime;
66 do {
67 utime = cputime_add(utime, t->utime);
68 t = next_thread(t);
69 } while (t != tsk);
70 if (cputime_le(cval, utime)) { /* about to fire */
71 cval = jiffies_to_cputime(1);
72 } else {
73 cval = cputime_sub(cval, utime);
74 }
75 }
76 spin_unlock_irq(&tsk->sighand->siglock);
77 read_unlock(&tasklist_lock);
78 cputime_to_timeval(cval, &value->it_value);
79 cputime_to_timeval(cinterval, &value->it_interval);
80 break;
81 case ITIMER_PROF:
82 read_lock(&tasklist_lock);
83 spin_lock_irq(&tsk->sighand->siglock);
84 cval = tsk->signal->it_prof_expires;
85 cinterval = tsk->signal->it_prof_incr;
86 if (!cputime_eq(cval, cputime_zero)) {
87 struct task_struct *t = tsk;
88 cputime_t ptime = cputime_add(tsk->signal->utime,
89 tsk->signal->stime);
90 do {
91 ptime = cputime_add(ptime,
92 cputime_add(t->utime,
93 t->stime));
94 t = next_thread(t);
95 } while (t != tsk);
96 if (cputime_le(cval, ptime)) { /* about to fire */
97 cval = jiffies_to_cputime(1);
98 } else {
99 cval = cputime_sub(cval, ptime);
100 }
101 }
102 spin_unlock_irq(&tsk->sighand->siglock);
103 read_unlock(&tasklist_lock);
104 cputime_to_timeval(cval, &value->it_value);
105 cputime_to_timeval(cinterval, &value->it_interval);
106 break;
107 default:
108 return(-EINVAL);
109 }
110 return 0;
111}
112
113asmlinkage long sys_getitimer(int which, struct itimerval __user *value)
114{
115 int error = -EFAULT;
116 struct itimerval get_buffer;
117
118 if (value) {
119 error = do_getitimer(which, &get_buffer);
120 if (!error &&
121 copy_to_user(value, &get_buffer, sizeof(get_buffer)))
122 error = -EFAULT;
123 }
124 return error;
125}
126
1da177e4 127
2ff678b8
TG		 128/*
129 * The timer is automagically restarted, when interval != 0
130 */
131int it_real_fn(void *data)
1da177e4 132{
2ff678b8 133 struct task_struct *tsk = (struct task_struct *) data;
1da177e4 134
2ff678b8 135 send_group_sig_info(SIGALRM, SEND_SIG_PRIV, tsk);
1da177e4 136
2ff678b8
TG		 137 if (tsk->signal->it_real_incr.tv64 != 0) {
138 hrtimer_forward(&tsk->signal->real_timer,
139 tsk->signal->it_real_incr);
140
141 return HRTIMER_RESTART;
142 }
143 return HRTIMER_NORESTART;
1da177e4
LT		 144}
145
146int do_setitimer(int which, struct itimerval *value, struct itimerval *ovalue)
147{
148 struct task_struct *tsk = current;
2ff678b8
TG		 149 struct hrtimer *timer;
150 ktime_t expires;
1da177e4
LT		 151 cputime_t cval, cinterval, nval, ninterval;
152
153 switch (which) {
154 case ITIMER_REAL:
bc1978d4
TG		 155again:
156 spin_lock_irq(&tsk->sighand->siglock);
2ff678b8 157 timer = &tsk->signal->real_timer;
bc1978d4
TG		 158 /* We are sharing ->siglock with it_real_fn() */
159 if (hrtimer_try_to_cancel(timer) < 0) {
160 spin_unlock_irq(&tsk->sighand->siglock);
161 goto again;
162 }
1da177e4 163 if (ovalue) {
2ff678b8
TG		 164 ovalue->it_value = itimer_get_remtime(timer);
165 ovalue->it_interval
166 = ktime_to_timeval(tsk->signal->it_real_incr);
1da177e4 167 }
2ff678b8
TG		 168 tsk->signal->it_real_incr =
169 timeval_to_ktime(value->it_interval);
170 expires = timeval_to_ktime(value->it_value);
171 if (expires.tv64 != 0)
172 hrtimer_start(timer, expires, HRTIMER_REL);
bc1978d4 173 spin_unlock_irq(&tsk->sighand->siglock);
1da177e4
LT		 174 break;
175 case ITIMER_VIRTUAL:
176 nval = timeval_to_cputime(&value->it_value);
177 ninterval = timeval_to_cputime(&value->it_interval);
178 read_lock(&tasklist_lock);
179 spin_lock_irq(&tsk->sighand->siglock);
180 cval = tsk->signal->it_virt_expires;
181 cinterval = tsk->signal->it_virt_incr;
182 if (!cputime_eq(cval, cputime_zero) ||
183 !cputime_eq(nval, cputime_zero)) {
184 if (cputime_gt(nval, cputime_zero))
185 nval = cputime_add(nval,
186 jiffies_to_cputime(1));
187 set_process_cpu_timer(tsk, CPUCLOCK_VIRT,
188 &nval, &cval);
189 }
190 tsk->signal->it_virt_expires = nval;
191 tsk->signal->it_virt_incr = ninterval;
192 spin_unlock_irq(&tsk->sighand->siglock);
193 read_unlock(&tasklist_lock);
194 if (ovalue) {
195 cputime_to_timeval(cval, &ovalue->it_value);
196 cputime_to_timeval(cinterval, &ovalue->it_interval);
197 }
198 break;
199 case ITIMER_PROF:
200 nval = timeval_to_cputime(&value->it_value);
201 ninterval = timeval_to_cputime(&value->it_interval);
202 read_lock(&tasklist_lock);
203 spin_lock_irq(&tsk->sighand->siglock);
204 cval = tsk->signal->it_prof_expires;
205 cinterval = tsk->signal->it_prof_incr;
206 if (!cputime_eq(cval, cputime_zero) ||
207 !cputime_eq(nval, cputime_zero)) {
208 if (cputime_gt(nval, cputime_zero))
209 nval = cputime_add(nval,
210 jiffies_to_cputime(1));
211 set_process_cpu_timer(tsk, CPUCLOCK_PROF,
212 &nval, &cval);
213 }
214 tsk->signal->it_prof_expires = nval;
215 tsk->signal->it_prof_incr = ninterval;
216 spin_unlock_irq(&tsk->sighand->siglock);
217 read_unlock(&tasklist_lock);
218 if (ovalue) {
219 cputime_to_timeval(cval, &ovalue->it_value);
220 cputime_to_timeval(cinterval, &ovalue->it_interval);
221 }
222 break;
223 default:
224 return -EINVAL;
225 }
226 return 0;
227}
228
229asmlinkage long sys_setitimer(int which,
230 struct itimerval __user *value,
231 struct itimerval __user *ovalue)
232{
233 struct itimerval set_buffer, get_buffer;
234 int error;
235
236 if (value) {
237 if(copy_from_user(&set_buffer, value, sizeof(set_buffer)))
238 return -EFAULT;
239 } else
240 memset((char *) &set_buffer, 0, sizeof(set_buffer));
241
242 error = do_setitimer(which, &set_buffer, ovalue ? &get_buffer : NULL);
243 if (error || !ovalue)
244 return error;
245
246 if (copy_to_user(ovalue, &get_buffer, sizeof(get_buffer)))
247 return -EFAULT;
248 return 0;
249}
Linux 6.x block layer and io_uring tree(s)