lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <7bf7d444-4a08-4df4-9aa1-9cd28609d166@app.fastmail.com>
Date: Tue, 12 Mar 2024 12:17:48 +0100
From: "Arnd Bergmann" <arnd@...db.de>
To: "Sagi Maimon" <maimon.sagi@...il.com>,
 "Richard Cochran" <richardcochran@...il.com>,
 "Andy Lutomirski" <luto@...nel.org>, datglx@...utronix.de,
 "Ingo Molnar" <mingo@...hat.com>, "Borislav Petkov" <bp@...en8.de>,
 "Dave Hansen" <dave.hansen@...ux.intel.com>, x86@...nel.org,
 "H. Peter Anvin" <hpa@...or.com>,
 "Geert Uytterhoeven" <geert@...ux-m68k.org>,
 "Peter Zijlstra" <peterz@...radead.org>,
 "Johannes Weiner" <hannes@...xchg.org>,
 "Sohil Mehta" <sohil.mehta@...el.com>,
 "Rick Edgecombe" <rick.p.edgecombe@...el.com>,
 "Nhat Pham" <nphamcs@...il.com>, "Palmer Dabbelt" <palmer@...ive.com>,
 "Kees Cook" <keescook@...omium.org>, "Alexey Gladkov" <legion@...nel.org>,
 "Mark Rutland" <mark.rutland@....com>,
 "Miklos Szeredi" <mszeredi@...hat.com>,
 "Casey Schaufler" <casey@...aufler-ca.com>, reibax@...il.com,
 "David S . Miller" <davem@...emloft.net>,
 "Christian Brauner" <brauner@...nel.org>
Cc: linux-kernel@...r.kernel.org, linux-api@...r.kernel.org,
 Linux-Arch <linux-arch@...r.kernel.org>, Netdev <netdev@...r.kernel.org>
Subject: Re: [PATCH v6] posix-timers: add clock_compare system call

On Tue, Mar 12, 2024, at 10:50, Sagi Maimon wrote:
> Some user space applications need to read a couple of different clocks.
> Each read requires moving from user space to kernel space.
> Reading each clock separately (syscall) introduces extra
> unpredictable/unmeasurable delay. Minimizing this delay contributes to user
> space actions on these clocks (e.g. synchronization etc).
>
> Introduce a new system call clock_compare, which can be used to measure
> the offset between two clocks, from variety of types: PHC, virtual PHC
> and various system clocks (CLOCK_REALTIME, CLOCK_MONOTONIC, etc).
> The system call returns the clocks timestamps.
>
> When possible, use crosstimespec to sync read values.
> Else, read clock A twice (before, and after reading clock B) and average these
> times – to be as close as possible to the time we read clock B.
>
> Signed-off-by: Sagi Maimon <maimon.sagi@...il.com>

I like this a lot better than the previous versions I looked at,
so just a few ideas here how this might be improved further.

> +/**
> + * clock_compare - Get couple of clocks time stamps
> + * @clock_a:	clock a ID
> + * @clock_b:	clock b ID
> + * @tp_a:		Pointer to a user space timespec64 for clock a storage
> + * @tp_b:		Pointer to a user space timespec64 for clock b storage
> + *
> + * clock_compare gets time sample of two clocks.
> + * Supported clocks IDs: PHC, virtual PHC and various system clocks.
> + *
> + * In case of PHC that supports crosstimespec and the other clock is 
> Monotonic raw
> + * or system time, crosstimespec will be used to synchronously capture
> + * system/device time stamp.
> + *
> + * In other cases: Read clock_a twice (before, and after reading 
> clock_b) and
> + * average these times – to be as close as possible to the time we 
> read clock_b.
> + *
> + * Returns:
> + *	0		Success. @tp_a and @tp_b contains the time stamps
> + *	-EINVAL		@clock a or b ID is not a valid clock ID
> + *	-EFAULT		Copying the time stamp to @tp_a or @tp_b faulted
> + *	-EOPNOTSUPP	Dynamic POSIX clock does not support crosstimespec()
> + **/
> +SYSCALL_DEFINE5(clock_compare, const clockid_t, clock_a, const 
> clockid_t, clock_b,
> +		struct __kernel_timespec __user *, tp_a, struct __kernel_timespec 
> __user *,
> +		tp_b, int64_t __user *, offs_err)

The system call is well-formed in the way that the ABI is the
same across all supported architectures, good.

A minor issue is the use of int64_t, which in user interfaces
can cause namespace problems. Please change that to the kernel
side __s64 type.

> +	kc_a = clockid_to_kclock(clock_a);
> +	if (!kc_a) {
> +		error = -EINVAL;
> +		return error;
> +	}
> +
> +	kc_b = clockid_to_kclock(clock_b);
> +	if (!kc_b) {
> +		error = -EINVAL;
> +		return error;
> +	}

I'm not sure if we really need to have it generic enough to
support any combination of clocks here. It complicates the
implementation a bit but it also generalizes the user space
side of it.

Can you think of cases where you want to compare against
something other than CLOCK_MONOTONIC_RAW or CLOCK_REALTIME,
or are these going to be the ones that you expect to
be used anyway?

> +	if (crosstime_support_a) {
> +		ktime_a1 = xtstamp_a1.device;
> +		ktime_a2 = xtstamp_a2.device;
> +	} else {
> +		ktime_a1 = timespec64_to_ktime(ts_a1);
> +		ktime_a2 = timespec64_to_ktime(ts_a2);
> +	}
> +
> +	ktime_a = ktime_add(ktime_a1, ktime_a2);
> +
> +	ts_offs = ktime_divns(ktime_a, 2);
> +
> +	ts_a1 = ns_to_timespec64(ts_offs);

Converting nanoseconds to timespec64 is rather expensive,
so I wonder if this could be changed to something cheaper,
either by returning nanoseconds in the end and consistently
working on those, or by doing the calculation on the
timespec64 itself.

     Arnd

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ