Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp7307633rwd; Tue, 6 Jun 2023 08:58:14 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7PgNcDb+zQ/VPG/iHamMr1gCoeOosHMUxfj4izjdAHCVJ4zFe7ovNUjsxNbw6swwvhDYiP X-Received: by 2002:a05:6a20:258b:b0:106:5dff:5dc6 with SMTP id k11-20020a056a20258b00b001065dff5dc6mr212056pzd.16.1686067094474; Tue, 06 Jun 2023 08:58:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1686067094; cv=none; d=google.com; s=arc-20160816; b=NN3ITtfeYVzUVWBypeVai0A7yT7xN8X7Dagl4rMZ8wDnw4yr519Wmj13SXti69VAX4 Dun34GoNt+3hAtgcTbUIUgBkg4XbWyZcHmU7ig9cHLpU4P+J4H3D9GzCS6UI06WTJsRh Pr1rkZZzy4wE/9qbl0MJWoFnJ+g2z91V0BrihdvRPKaGLyuXO7EpuWC9DqRLJH4ZNezh ysqRNsVw6IwFzoG9JXVFhm8+WGZ2DgPYpRr7k4lltDFxHXuycRdd0ZiRIzbwmBDcWfZP ItHQ516WAq802OvqzcI60GzhXffw+cQ0ho7livTgAF4iSPrEgOsEJ9zkq6NVS9D5vw0C Npnw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:date:mime-version:references:subject:cc:to:from :dkim-signature:dkim-signature:message-id; bh=IE+/o+H4G+/DJ08h5MOIwSs6Di0NMd0uAJ8BN6taE4E=; b=fFNZ9iCmVWq30JzD/ZbqB3gpFgSqUU+9GF77/3AOeKpFifNhDusWmxaUg8Uwpd7Fb/ JTBVxN6EEGS1QyyhwdGI+sqRF4WL3PmttKXPMuAJuXoEmc5f11jsh6oQ/WxO2IY2bmvq YX8Pdxddb/rMy2QoQ/QPBkZB5BKcU3EWnGRSWjIANBzVqZu4y0nWs+uIMjaAqYZptdFr DmCr8pGccrAi3cIpFjqBxtuTEfOIy/HnjjBQwVm/CUoI8GypvTmI16Kbbsl+mApaZRbI I6ielbszAgnAL7KI2dfWGVJKsJ+oHt6yOKksayT29vqQpMj8OndCIScmOvhQzzC07h2Z Flmg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=zIJxWHdU; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y63-20020a638a42000000b0053f479ef132si7327320pgd.889.2023.06.06.08.58.02; Tue, 06 Jun 2023 08:58:14 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=zIJxWHdU; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238337AbjFFOkl (ORCPT + 99 others); Tue, 6 Jun 2023 10:40:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42366 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238281AbjFFOjY (ORCPT ); Tue, 6 Jun 2023 10:39:24 -0400 Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C6CBB173E for ; Tue, 6 Jun 2023 07:38:23 -0700 (PDT) Message-ID: <20230606142032.599847383@linutronix.de> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1686062283; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: references:references; bh=IE+/o+H4G+/DJ08h5MOIwSs6Di0NMd0uAJ8BN6taE4E=; b=zIJxWHdUqM4n7bDb1/OCIIoG2UlagFbiwmxrqg8dvkJ5ygXMH7gVqE4XowoOn9QGXa+/pH /DauAZgropTMZ552OMqoZZGes+EvSCLW65weFBD3kRg/96tWgQIxK3cRedD/qX4FSekFFV GXLj+zaD6CXsijyqayQizYSYclMKkIVfz5MGTKRxjDZj7z7NJ6as/lImmj/7v9VIlNmYOm BPnIGg3bJVs6eC8ImSwVEj3hG1408+yjUAaJXaqVovuOsP1v/zTrWBf4HyywVaqwDd11SJ MqHKGzV/DQaTyjdcAuIpvS2BPUCIXAE+SZ8081xRyuOupldHJUqj+PKXH6t/Wg== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1686062283; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: references:references; bh=IE+/o+H4G+/DJ08h5MOIwSs6Di0NMd0uAJ8BN6taE4E=; b=wKlW6c9/tmJd3EDbm0eBxWX51b7a+W86UZZgl1eeqOI4mOlHm5BIph2/T5pfwQWr0nISIY Kfgex+wV+4YEniCA== From: Thomas Gleixner To: LKML Cc: Frederic Weisbecker , Anna-Maria Behnsen , John Stultz , Peter Zijlstra , Ingo Molnar , Stephen Boyd , Eric Biederman , Oleg Nesterov Subject: [patch 28/45] posix-timers: Make signal delivery consistent References: <20230606132949.068951363@linutronix.de> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Date: Tue, 6 Jun 2023 16:38:03 +0200 (CEST) X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Signals of timers which are reprogammed, disarmed or deleted can deliver signals related to the past. The POSIX spec is blury about this: - "The effect of disarming or resetting a timer with pending expiration notifications is unspecified." - "The disposition of pending signals for the deleted timer is unspecified." In both cases it is reasonable to expect that pending signals are discarded. Especially in the reprogramming case it does not make sense to account for previous overruns or to deliver a signal for a timer which has been disarmed. This makes the behaviour consistent and understandable. Remove the si_sys_private check from the signal delivery code and invoke posix_timer_deliver_signal() unconditionally. Change that function so it controls the actual signal delivery via the return value. It now instructs the signal code to drop the signal when: 1) The timer does not longer exist in the hash table 2) The timer signal_seq value is not the same as the si_sys_private value which was set when the signal was queued. Signed-off-by: Thomas Gleixner --- include/linux/posix-timers.h | 2 -- kernel/signal.c | 2 +- kernel/time/posix-timers.c | 25 +++++++++++++++---------- 3 files changed, 16 insertions(+), 13 deletions(-) --- a/include/linux/posix-timers.h +++ b/include/linux/posix-timers.h @@ -200,8 +200,6 @@ static inline void clear_posix_cputimers static inline void posix_cputimers_init_work(void) { } #endif -#define REQUEUE_PENDING 1 - /** * struct k_itimer - POSIX.1b interval timer structure. * @list: List head for binding the timer to signals->posix_timers --- a/kernel/signal.c +++ b/kernel/signal.c @@ -620,7 +620,7 @@ int dequeue_signal(sigset_t *mask, kerne } if (IS_ENABLED(CONFIG_POSIX_TIMERS)) { - if (unlikely(info->si_code == SI_TIMER && info->si_sys_private)) { + if (unlikely(info->si_code == SI_TIMER)) { if (!posixtimer_deliver_signal(info)) goto again; } --- a/kernel/time/posix-timers.c +++ b/kernel/time/posix-timers.c @@ -269,7 +269,10 @@ bool posixtimer_deliver_signal(struct ke if (!timr) goto out; - if (timr->it_interval && timr->it_signal_seq == info->si_sys_private) { + if (timr->it_signal_seq != info->si_sys_private) + goto out_unlock; + + if (timr->it_interval && timr->it_status == POSIX_TIMER_REQUEUE_PENDING) { timr->kclock->timer_rearm(timr); timr->it_status = POSIX_TIMER_ARMED; @@ -281,6 +284,7 @@ bool posixtimer_deliver_signal(struct ke } ret = true; +out_unlock: unlock_timer(timr, flags); out: spin_lock(¤t->sighand->siglock); @@ -293,19 +297,19 @@ bool posixtimer_deliver_signal(struct ke int posix_timer_queue_signal(struct k_itimer *timr) { enum posix_timer_state state = POSIX_TIMER_DISARMED; - int ret, si_private = 0; enum pid_type type; + int ret; lockdep_assert_held(&timr->it_lock); if (timr->it_interval) { + timr->it_signal_seq++; state = POSIX_TIMER_REQUEUE_PENDING; - si_private = ++timr->it_signal_seq; } timr->it_status = state; type = !(timr->it_sigev_notify & SIGEV_THREAD_ID) ? PIDTYPE_TGID : PIDTYPE_PID; - ret = send_sigqueue(timr->sigq, timr->it_pid, type, si_private); + ret = send_sigqueue(timr->sigq, timr->it_pid, type, timr->it_signal_seq); /* If we failed to send the signal the timer stops. */ return ret > 0; } @@ -665,7 +669,7 @@ void common_timer_get(struct k_itimer *t * is a SIGEV_NONE timer move the expiry time forward by intervals, * so expiry is > now. */ - if (iv && (timr->it_signal_seq & REQUEUE_PENDING || sig_none)) + if (iv && timr->it_status != POSIX_TIMER_ARMED) timr->it_overrun += kc->timer_forward(timr, now); remaining = kc->timer_remaining(timr, now); @@ -865,8 +869,6 @@ void posix_timer_set_common(struct k_iti if (new_setting->it_value.tv_sec || new_setting->it_value.tv_nsec) timer->it_interval = timespec64_to_ktime(new_setting->it_interval); - /* Prevent reloading in case there is a signal pending */ - timer->it_signal_seq = (timer->it_signal_seq + 2) & ~REQUEUE_PENDING; /* Reset overrun accounting */ timer->it_overrun_last = 0; timer->it_overrun = -1LL; @@ -884,8 +886,6 @@ int common_timer_set(struct k_itimer *ti if (old_setting) common_timer_get(timr, old_setting); - /* Prevent rearming by clearing the interval */ - timr->it_interval = 0; /* * Careful here. On SMP systems the timer expiry function could be * active and spinning on timr->it_lock. @@ -935,6 +935,9 @@ static int do_timer_settime(timer_t time if (old_spec64) old_spec64->it_interval = ktime_to_timespec64(timr->it_interval); + /* Prevent signal delivery and rearming. */ + timr->it_signal_seq++; + kc = timr->kclock; if (WARN_ON_ONCE(!kc || !kc->timer_set)) error = -EINVAL; @@ -1003,7 +1006,6 @@ int common_timer_del(struct k_itimer *ti { const struct k_clock *kc = timer->kclock; - timer->it_interval = 0; if (kc->timer_try_to_cancel(timer) < 0) return TIMER_RETRY; timer->it_status = POSIX_TIMER_DISARMED; @@ -1031,6 +1033,9 @@ SYSCALL_DEFINE1(timer_delete, timer_t, t if (!timer) return -EINVAL; + /* Prevent signal delivery and rearming. */ + timer->it_signal_seq++; + if (unlikely(timer_delete_hook(timer) == TIMER_RETRY)) { /* Unlocks and relocks the timer if it still exists */ timer = timer_wait_running(timer, &flags);