ntp_timer.c revision 293896
1/* 2 * ntp_timer.c - event timer support routines 3 */ 4#ifdef HAVE_CONFIG_H 5# include <config.h> 6#endif 7 8#include "ntp_machine.h" 9#include "ntpd.h" 10#include "ntp_stdlib.h" 11#include "ntp_calendar.h" 12#include "ntp_leapsec.h" 13 14#if defined(HAVE_IO_COMPLETION_PORT) 15# include "ntp_iocompletionport.h" 16# include "ntp_timer.h" 17#endif 18 19#include <stdio.h> 20#include <signal.h> 21#ifdef HAVE_SYS_SIGNAL_H 22# include <sys/signal.h> 23#endif 24#ifdef HAVE_UNISTD_H 25# include <unistd.h> 26#endif 27 28#ifdef KERNEL_PLL 29#include "ntp_syscall.h" 30#endif /* KERNEL_PLL */ 31 32#ifdef AUTOKEY 33#include <openssl/rand.h> 34#endif /* AUTOKEY */ 35 36 37/* TC_ERR represents the timer_create() error return value. */ 38#ifdef SYS_VXWORKS 39#define TC_ERR ERROR 40#else 41#define TC_ERR (-1) 42#endif 43 44 45static void check_leapsec(u_int32, const time_t*, int/*BOOL*/); 46 47/* 48 * These routines provide support for the event timer. The timer is 49 * implemented by an interrupt routine which sets a flag once every 50 * second, and a timer routine which is called when the mainline code 51 * gets around to seeing the flag. The timer routine dispatches the 52 * clock adjustment code if its time has come, then searches the timer 53 * queue for expiries which are dispatched to the transmit procedure. 54 * Finally, we call the hourly procedure to do cleanup and print a 55 * message. 56 */ 57volatile int interface_interval; /* init_io() sets def. 300s */ 58 59/* 60 * Initializing flag. All async routines watch this and only do their 61 * thing when it is clear. 62 */ 63int initializing; 64 65/* 66 * Alarm flag. The mainline code imports this. 67 */ 68volatile int alarm_flag; 69 70/* 71 * The counters and timeouts 72 */ 73static u_long interface_timer; /* interface update timer */ 74static u_long adjust_timer; /* second timer */ 75static u_long stats_timer; /* stats timer */ 76static u_long leapf_timer; /* Report leapfile problems once/day */ 77static u_long huffpuff_timer; /* huff-n'-puff timer */ 78static u_long worker_idle_timer;/* next check for idle intres */ 79u_long leapsec; /* seconds to next leap (proximity class) */ 80int leapdif; /* TAI difference step at next leap second*/ 81u_long orphwait; /* orphan wait time */ 82#ifdef AUTOKEY 83static u_long revoke_timer; /* keys revoke timer */ 84static u_long keys_timer; /* session key timer */ 85u_long sys_revoke = KEY_REVOKE; /* keys revoke timeout (log2 s) */ 86u_long sys_automax = NTP_AUTOMAX; /* key list timeout (log2 s) */ 87#endif /* AUTOKEY */ 88 89/* 90 * Statistics counter for the interested. 91 */ 92volatile u_long alarm_overflow; 93 94u_long current_time; /* seconds since startup */ 95 96/* 97 * Stats. Number of overflows and number of calls to transmit(). 98 */ 99u_long timer_timereset; 100u_long timer_overflows; 101u_long timer_xmtcalls; 102 103#if defined(VMS) 104static int vmstimer[2]; /* time for next timer AST */ 105static int vmsinc[2]; /* timer increment */ 106#endif /* VMS */ 107 108#ifdef SYS_WINNT 109HANDLE WaitableTimerHandle; 110#else 111static RETSIGTYPE alarming (int); 112#endif /* SYS_WINNT */ 113 114#if !defined(VMS) 115# if !defined SYS_WINNT || defined(SYS_CYGWIN32) 116# ifdef HAVE_TIMER_CREATE 117static timer_t timer_id; 118typedef struct itimerspec intervaltimer; 119# define itv_frac tv_nsec 120# else 121typedef struct itimerval intervaltimer; 122# define itv_frac tv_usec 123# endif 124intervaltimer itimer; 125# endif 126#endif 127 128#if !defined(SYS_WINNT) && !defined(VMS) 129void set_timer_or_die(const intervaltimer *); 130#endif 131 132 133#if !defined(SYS_WINNT) && !defined(VMS) 134void 135set_timer_or_die( 136 const intervaltimer * ptimer 137 ) 138{ 139 const char * setfunc; 140 int rc; 141 142# ifdef HAVE_TIMER_CREATE 143 setfunc = "timer_settime"; 144 rc = timer_settime(timer_id, 0, &itimer, NULL); 145# else 146 setfunc = "setitimer"; 147 rc = setitimer(ITIMER_REAL, &itimer, NULL); 148# endif 149 if (-1 == rc) { 150 msyslog(LOG_ERR, "interval timer %s failed, %m", 151 setfunc); 152 exit(1); 153 } 154} 155#endif /* !SYS_WINNT && !VMS */ 156 157 158/* 159 * reinit_timer - reinitialize interval timer after a clock step. 160 */ 161void 162reinit_timer(void) 163{ 164#if !defined(SYS_WINNT) && !defined(VMS) 165 ZERO(itimer); 166# ifdef HAVE_TIMER_CREATE 167 timer_gettime(timer_id, &itimer); 168# else 169 getitimer(ITIMER_REAL, &itimer); 170# endif 171 if (itimer.it_value.tv_sec < 0 || 172 itimer.it_value.tv_sec > (1 << EVENT_TIMEOUT)) 173 itimer.it_value.tv_sec = (1 << EVENT_TIMEOUT); 174 if (itimer.it_value.itv_frac < 0) 175 itimer.it_value.itv_frac = 0; 176 if (0 == itimer.it_value.tv_sec && 177 0 == itimer.it_value.itv_frac) 178 itimer.it_value.tv_sec = (1 << EVENT_TIMEOUT); 179 itimer.it_interval.tv_sec = (1 << EVENT_TIMEOUT); 180 itimer.it_interval.itv_frac = 0; 181 set_timer_or_die(&itimer); 182# endif /* VMS */ 183} 184 185 186/* 187 * init_timer - initialize the timer data structures 188 */ 189void 190init_timer(void) 191{ 192 /* 193 * Initialize... 194 */ 195 alarm_flag = FALSE; 196 alarm_overflow = 0; 197 adjust_timer = 1; 198 stats_timer = SECSPERHR; 199 leapf_timer = SECSPERDAY; 200 huffpuff_timer = 0; 201 interface_timer = 0; 202 current_time = 0; 203 timer_overflows = 0; 204 timer_xmtcalls = 0; 205 timer_timereset = 0; 206 207#ifndef SYS_WINNT 208 /* 209 * Set up the alarm interrupt. The first comes 2**EVENT_TIMEOUT 210 * seconds from now and they continue on every 2**EVENT_TIMEOUT 211 * seconds. 212 */ 213# ifndef VMS 214# ifdef HAVE_TIMER_CREATE 215 if (TC_ERR == timer_create(CLOCK_REALTIME, NULL, &timer_id)) { 216 msyslog(LOG_ERR, "timer_create failed, %m"); 217 exit(1); 218 } 219# endif 220 signal_no_reset(SIGALRM, alarming); 221 itimer.it_interval.tv_sec = 222 itimer.it_value.tv_sec = (1 << EVENT_TIMEOUT); 223 itimer.it_interval.itv_frac = itimer.it_value.itv_frac = 0; 224 set_timer_or_die(&itimer); 225# else /* VMS follows */ 226 vmsinc[0] = 10000000; /* 1 sec */ 227 vmsinc[1] = 0; 228 lib$emul(&(1<<EVENT_TIMEOUT), &vmsinc, &0, &vmsinc); 229 230 sys$gettim(&vmstimer); /* that's "now" as abstime */ 231 232 lib$addx(&vmsinc, &vmstimer, &vmstimer); 233 sys$setimr(0, &vmstimer, alarming, alarming, 0); 234# endif /* VMS */ 235#else /* SYS_WINNT follows */ 236 /* 237 * Set up timer interrupts for every 2**EVENT_TIMEOUT seconds 238 * Under Windows/NT, 239 */ 240 241 WaitableTimerHandle = CreateWaitableTimer(NULL, FALSE, NULL); 242 if (WaitableTimerHandle == NULL) { 243 msyslog(LOG_ERR, "CreateWaitableTimer failed: %m"); 244 exit(1); 245 } 246 else { 247 DWORD Period; 248 LARGE_INTEGER DueTime; 249 BOOL rc; 250 251 Period = (1 << EVENT_TIMEOUT) * 1000; 252 DueTime.QuadPart = Period * 10000i64; 253 rc = SetWaitableTimer(WaitableTimerHandle, &DueTime, 254 Period, NULL, NULL, FALSE); 255 if (!rc) { 256 msyslog(LOG_ERR, "SetWaitableTimer failed: %m"); 257 exit(1); 258 } 259 } 260 261#endif /* SYS_WINNT */ 262} 263 264 265/* 266 * intres_timeout_req(s) is invoked in the parent to schedule an idle 267 * timeout to fire in s seconds, if not reset earlier by a call to 268 * intres_timeout_req(0), which clears any pending timeout. When the 269 * timeout expires, worker_idle_timer_fired() is invoked (again, in the 270 * parent). 271 * 272 * sntp and ntpd each provide implementations adapted to their timers. 273 */ 274void 275intres_timeout_req( 276 u_int seconds /* 0 cancels */ 277 ) 278{ 279 if (0 == seconds) { 280 worker_idle_timer = 0; 281 return; 282 } 283 worker_idle_timer = current_time + seconds; 284} 285 286 287/* 288 * timer - event timer 289 */ 290void 291timer(void) 292{ 293 struct peer * p; 294 struct peer * next_peer; 295 l_fp now; 296 time_t tnow; 297 298 /* 299 * The basic timerevent is one second. This is used to adjust the 300 * system clock in time and frequency, implement the kiss-o'-death 301 * function and the association polling function. 302 */ 303 current_time++; 304 if (adjust_timer <= current_time) { 305 adjust_timer += 1; 306 adj_host_clock(); 307#ifdef REFCLOCK 308 for (p = peer_list; p != NULL; p = next_peer) { 309 next_peer = p->p_link; 310 if (FLAG_REFCLOCK & p->flags) 311 refclock_timer(p); 312 } 313#endif /* REFCLOCK */ 314 } 315 316 /* 317 * Now dispatch any peers whose event timer has expired. Be 318 * careful here, since the peer structure might go away as the 319 * result of the call. 320 */ 321 for (p = peer_list; p != NULL; p = next_peer) { 322 next_peer = p->p_link; 323 324 /* 325 * Restrain the non-burst packet rate not more 326 * than one packet every 16 seconds. This is 327 * usually tripped using iburst and minpoll of 328 * 128 s or less. 329 */ 330 if (p->throttle > 0) 331 p->throttle--; 332 if (p->nextdate <= current_time) { 333#ifdef REFCLOCK 334 if (FLAG_REFCLOCK & p->flags) 335 refclock_transmit(p); 336 else 337#endif /* REFCLOCK */ 338 transmit(p); 339 } 340 } 341 342 /* 343 * Orphan mode is active when enabled and when no servers less 344 * than the orphan stratum are available. A server with no other 345 * synchronization source is an orphan. It shows offset zero and 346 * reference ID the loopback address. 347 */ 348 if (sys_orphan < STRATUM_UNSPEC && sys_peer == NULL && 349 current_time > orphwait) { 350 if (sys_leap == LEAP_NOTINSYNC) { 351 set_sys_leap(LEAP_NOWARNING); 352#ifdef AUTOKEY 353 if (crypto_flags) 354 crypto_update(); 355#endif /* AUTOKEY */ 356 } 357 sys_stratum = (u_char)sys_orphan; 358 if (sys_stratum > 1) 359 sys_refid = htonl(LOOPBACKADR); 360 else 361 memcpy(&sys_refid, "LOOP", 4); 362 sys_offset = 0; 363 sys_rootdelay = 0; 364 sys_rootdisp = 0; 365 } 366 367 get_systime(&now); 368 time(&tnow); 369 370 /* 371 * Leapseconds. Get time and defer to worker if either something 372 * is imminent or every 8th second. 373 */ 374 if (leapsec > LSPROX_NOWARN || 0 == (current_time & 7)) 375 check_leapsec(now.l_ui, &tnow, 376 (sys_leap == LEAP_NOTINSYNC)); 377 if (sys_leap != LEAP_NOTINSYNC) { 378 if (leapsec >= LSPROX_ANNOUNCE && leapdif) { 379 if (leapdif > 0) 380 set_sys_leap(LEAP_ADDSECOND); 381 else 382 set_sys_leap(LEAP_DELSECOND); 383 } else { 384 set_sys_leap(LEAP_NOWARNING); 385 } 386 } 387 388 /* 389 * Update huff-n'-puff filter. 390 */ 391 if (huffpuff_timer <= current_time) { 392 huffpuff_timer += HUFFPUFF; 393 huffpuff(); 394 } 395 396#ifdef AUTOKEY 397 /* 398 * Garbage collect expired keys. 399 */ 400 if (keys_timer <= current_time) { 401 keys_timer += 1 << sys_automax; 402 auth_agekeys(); 403 } 404 405 /* 406 * Generate new private value. This causes all associations 407 * to regenerate cookies. 408 */ 409 if (revoke_timer && revoke_timer <= current_time) { 410 revoke_timer += 1 << sys_revoke; 411 RAND_bytes((u_char *)&sys_private, 4); 412 } 413#endif /* AUTOKEY */ 414 415 /* 416 * Interface update timer 417 */ 418 if (interface_interval && interface_timer <= current_time) { 419 timer_interfacetimeout(current_time + 420 interface_interval); 421 DPRINTF(2, ("timer: interface update\n")); 422 interface_update(NULL, NULL); 423 } 424 425 if (worker_idle_timer && worker_idle_timer <= current_time) 426 worker_idle_timer_fired(); 427 428 /* 429 * Finally, write hourly stats and do the hourly 430 * and daily leapfile checks. 431 */ 432 if (stats_timer <= current_time) { 433 stats_timer += SECSPERHR; 434 write_stats(); 435 if (leapf_timer <= current_time) { 436 leapf_timer += SECSPERDAY; 437 check_leap_file(TRUE, now.l_ui, &tnow); 438 } else { 439 check_leap_file(FALSE, now.l_ui, &tnow); 440 } 441 } 442} 443 444 445#ifndef SYS_WINNT 446/* 447 * alarming - tell the world we've been alarmed 448 */ 449static RETSIGTYPE 450alarming( 451 int sig 452 ) 453{ 454# ifdef DEBUG 455 const char *msg = "alarming: initializing TRUE\n"; 456# endif 457 458 if (!initializing) { 459 if (alarm_flag) { 460 alarm_overflow++; 461# ifdef DEBUG 462 msg = "alarming: overflow\n"; 463# endif 464 } else { 465# ifndef VMS 466 alarm_flag++; 467# else 468 /* VMS AST routine, increment is no good */ 469 alarm_flag = 1; 470# endif 471# ifdef DEBUG 472 msg = "alarming: normal\n"; 473# endif 474 } 475 } 476# ifdef VMS 477 lib$addx(&vmsinc, &vmstimer, &vmstimer); 478 sys$setimr(0, &vmstimer, alarming, alarming, 0); 479# endif 480# ifdef DEBUG 481 if (debug >= 4) 482 (void)(-1 == write(1, msg, strlen(msg))); 483# endif 484} 485#endif /* SYS_WINNT */ 486 487 488void 489timer_interfacetimeout(u_long timeout) 490{ 491 interface_timer = timeout; 492} 493 494 495/* 496 * timer_clr_stats - clear timer module stat counters 497 */ 498void 499timer_clr_stats(void) 500{ 501 timer_overflows = 0; 502 timer_xmtcalls = 0; 503 timer_timereset = current_time; 504} 505 506 507static void 508check_leap_sec_in_progress( const leap_result_t *lsdata ) { 509 int prv_leap_sec_in_progress = leap_sec_in_progress; 510 leap_sec_in_progress = lsdata->tai_diff && (lsdata->ddist < 3); 511 512 /* if changed we may have to update the leap status sent to clients */ 513 if (leap_sec_in_progress != prv_leap_sec_in_progress) 514 set_sys_leap(sys_leap); 515} 516 517 518static void 519check_leapsec( 520 u_int32 now , 521 const time_t * tpiv , 522 int/*BOOL*/ reset) 523{ 524 static const char leapmsg_p_step[] = 525 "Positive leap second, stepped backward."; 526 static const char leapmsg_p_slew[] = 527 "Positive leap second, no step correction. " 528 "System clock will be inaccurate for a long time."; 529 530 static const char leapmsg_n_step[] = 531 "Negative leap second, stepped forward."; 532 static const char leapmsg_n_slew[] = 533 "Negative leap second, no step correction. " 534 "System clock will be inaccurate for a long time."; 535 536 leap_result_t lsdata; 537 u_int32 lsprox; 538#ifdef AUTOKEY 539 int/*BOOL*/ update_autokey = FALSE; 540#endif 541 542#ifndef SYS_WINNT /* WinNT port has its own leap second handling */ 543# ifdef KERNEL_PLL 544 leapsec_electric(pll_control && kern_enable); 545# else 546 leapsec_electric(0); 547# endif 548#endif 549#ifdef LEAP_SMEAR 550 leap_smear.enabled = leap_smear_intv != 0; 551#endif 552 if (reset) { 553 lsprox = LSPROX_NOWARN; 554 leapsec_reset_frame(); 555 memset(&lsdata, 0, sizeof(lsdata)); 556 } else { 557 int fired = leapsec_query(&lsdata, now, tpiv); 558 559 DPRINTF(1, ("*** leapsec_query: fired %i, now %u (0x%08X), tai_diff %i, ddist %u\n", 560 fired, now, now, lsdata.tai_diff, lsdata.ddist)); 561 562#ifdef LEAP_SMEAR 563 leap_smear.in_progress = 0; 564 leap_smear.doffset = 0.0; 565 566 if (leap_smear.enabled) { 567 if (lsdata.tai_diff) { 568 if (leap_smear.interval == 0) { 569 leap_smear.interval = leap_smear_intv; 570 leap_smear.intv_end = lsdata.ttime.Q_s; 571 leap_smear.intv_start = leap_smear.intv_end - leap_smear.interval; 572 DPRINTF(1, ("*** leapsec_query: setting leap_smear interval %li, begin %.0f, end %.0f\n", 573 leap_smear.interval, leap_smear.intv_start, leap_smear.intv_end)); 574 } 575 } 576 else { 577 if (leap_smear.interval) 578 DPRINTF(1, ("*** leapsec_query: clearing leap_smear interval\n")); 579 leap_smear.interval = 0; 580 } 581 582 if (leap_smear.interval) { 583 double dtemp = now; 584 if (dtemp >= leap_smear.intv_start && dtemp <= leap_smear.intv_end) { 585 double leap_smear_time = dtemp - leap_smear.intv_start; 586 /* 587 * For now we just do a linear interpolation over the smear interval 588 */ 589#if 0 590 // linear interpolation 591 leap_smear.doffset = -(leap_smear_time * lsdata.tai_diff / leap_smear.interval); 592#else 593 // Google approach: lie(t) = (1.0 - cos(pi * t / w)) / 2.0 594 leap_smear.doffset = -((double) lsdata.tai_diff - cos( M_PI * leap_smear_time / leap_smear.interval)) / 2.0; 595#endif 596 /* 597 * TODO see if we're inside an inserted leap second, so we need to compute 598 * leap_smear.doffset = 1.0 - leap_smear.doffset 599 */ 600 leap_smear.in_progress = 1; 601#if 0 && defined( DEBUG ) 602 msyslog(LOG_NOTICE, "*** leapsec_query: [%.0f:%.0f] (%li), now %u (%.0f), smear offset %.6f ms\n", 603 leap_smear.intv_start, leap_smear.intv_end, leap_smear.interval, 604 now, leap_smear_time, leap_smear.doffset); 605#else 606 DPRINTF(1, ("*** leapsec_query: [%.0f:%.0f] (%li), now %u (%.0f), smear offset %.6f ms\n", 607 leap_smear.intv_start, leap_smear.intv_end, leap_smear.interval, 608 now, leap_smear_time, leap_smear.doffset)); 609#endif 610 611 } 612 } 613 } 614 else 615 leap_smear.interval = 0; 616 617 /* 618 * Update the current leap smear offset, eventually 0.0 if outside smear interval. 619 */ 620 DTOLFP(leap_smear.doffset, &leap_smear.offset); 621 622#endif /* LEAP_SMEAR */ 623 624 if (fired) { 625 /* Full hit. Eventually step the clock, but always 626 * announce the leap event has happened. 627 */ 628 const char *leapmsg = NULL; 629 double lswarp = lsdata.warped; 630 if (lswarp < 0.0) { 631 if (clock_max_back > 0.0 && 632 clock_max_back < -lswarp) { 633 step_systime(lswarp); 634 leapmsg = leapmsg_p_step; 635 } else { 636 leapmsg = leapmsg_p_slew; 637 } 638 } else if (lswarp > 0.0) { 639 if (clock_max_fwd > 0.0 && 640 clock_max_fwd < lswarp) { 641 step_systime(lswarp); 642 leapmsg = leapmsg_n_step; 643 } else { 644 leapmsg = leapmsg_n_slew; 645 } 646 } 647 if (leapmsg) 648 msyslog(LOG_NOTICE, "%s", leapmsg); 649 report_event(EVNT_LEAP, NULL, NULL); 650#ifdef AUTOKEY 651 update_autokey = TRUE; 652#endif 653 lsprox = LSPROX_NOWARN; 654 leapsec = LSPROX_NOWARN; 655 sys_tai = lsdata.tai_offs; 656 } else { 657#ifdef AUTOKEY 658 update_autokey = (sys_tai != lsdata.tai_offs); 659#endif 660 lsprox = lsdata.proximity; 661 sys_tai = lsdata.tai_offs; 662 } 663 } 664 665 /* We guard against panic alarming during the red alert phase. 666 * Strange and evil things might happen if we go from stone cold 667 * to piping hot in one step. If things are already that wobbly, 668 * we let the normal clock correction take over, even if a jump 669 * is involved. 670 * Also make sure the alarming events are edge-triggered, that is, 671 * ceated only when the threshold is crossed. 672 */ 673 if ( (leapsec > 0 || lsprox < LSPROX_ALERT) 674 && leapsec < lsprox ) { 675 if ( leapsec < LSPROX_SCHEDULE 676 && lsprox >= LSPROX_SCHEDULE) { 677 if (lsdata.dynamic) 678 report_event(PEVNT_ARMED, sys_peer, NULL); 679 else 680 report_event(EVNT_ARMED, NULL, NULL); 681 } 682 leapsec = lsprox; 683 } 684 if (leapsec > lsprox) { 685 if ( leapsec >= LSPROX_SCHEDULE 686 && lsprox < LSPROX_SCHEDULE) { 687 report_event(EVNT_DISARMED, NULL, NULL); 688 } 689 leapsec = lsprox; 690 } 691 692 if (leapsec >= LSPROX_SCHEDULE) 693 leapdif = lsdata.tai_diff; 694 else 695 leapdif = 0; 696 697 check_leap_sec_in_progress(&lsdata); 698 699#ifdef AUTOKEY 700 if (update_autokey) 701 crypto_update_taichange(); 702#endif 703} 704