2 * refclock_shm - clock driver for utc via shared memory
3 * - under construction -
4 * To add new modes: Extend or union the shmTime-struct. Do not
5 * extend/shrink size, because otherwise existing implementations
6 * will specify wrong size of shared memory-segment
14 #include "ntp_types.h"
16 #if defined(REFCLOCK) && defined(CLOCK_SHM)
22 #include "ntp_refclock.h"
24 #include "timespecops.h"
26 #include "ntp_stdlib.h"
27 #include "ntp_assert.h"
41 #ifdef HAVE_STDATOMIC_H
42 # include <stdatomic.h>
43 #endif /* HAVE_STDATOMIC_H */
46 * This driver supports a reference clock attached thru shared memory
50 * SHM interface definitions
52 #define PRECISION (-1) /* precision assumed (0.5 s) */
53 #define REFID "SHM" /* reference ID */
54 #define DESCRIPTION "SHM/Shared memory interface"
56 #define NSAMPLES 3 /* stages of median filter */
61 #define SHM_MODE_PRIVATE 0x0001
66 static int shm_start (int unit, struct peer *peer);
67 static void shm_shutdown (int unit, struct peer *peer);
68 static void shm_poll (int unit, struct peer *peer);
69 static void shm_timer (int unit, struct peer *peer);
70 static void shm_clockstats (int unit, struct peer *peer);
71 static void shm_control (int unit, const struct refclockstat * in_st,
72 struct refclockstat * out_st, struct peer *peer);
77 struct refclock refclock_shm = {
78 shm_start, /* start up driver */
79 shm_shutdown, /* shut down driver */
80 shm_poll, /* transmit poll message */
81 shm_control, /* control settings */
82 noentry, /* not used: init */
83 noentry, /* not used: buginfo */
84 shm_timer, /* once per second */
88 int mode; /* 0 - if valid is set:
91 * 1 - if valid is set:
92 * if count before and after read of values is equal,
97 time_t clockTimeStampSec;
98 int clockTimeStampUSec;
99 time_t receiveTimeStampSec;
100 int receiveTimeStampUSec;
105 unsigned clockTimeStampNSec; /* Unsigned ns timestamps */
106 unsigned receiveTimeStampNSec; /* Unsigned ns timestamps */
111 struct shmTime *shm; /* pointer to shared memory segment */
112 int forall; /* access for all UIDs? */
114 /* debugging/monitoring counters - reset when printed */
115 int ticks; /* number of attempts to read data*/
116 int good; /* number of valid samples */
117 int notready; /* number of peeks without data ready */
118 int bad; /* number of invalid samples */
119 int clash; /* number of access clashes while reading */
121 time_t max_delta; /* difference limit */
122 time_t max_delay; /* age/stale limit */
126 static struct shmTime*
132 struct shmTime *p = NULL;
138 /* 0x4e545030 is NTP0.
139 * Big units will give non-ascii but that's OK
140 * as long as everybody does it the same way.
142 shmid=shmget(0x4e545030 + unit, sizeof (struct shmTime),
143 IPC_CREAT | (forall ? 0666 : 0600));
144 if (shmid == -1) { /* error */
145 msyslog(LOG_ERR, "SHM shmget (unit %d): %m", unit);
148 p = (struct shmTime *)shmat (shmid, 0, 0);
149 if (p == (struct shmTime *)-1) { /* error */
150 msyslog(LOG_ERR, "SHM shmat (unit %d): %m", unit);
157 static const char * nspref[2] = { "Local", "Global" };
159 LPSECURITY_ATTRIBUTES psec = 0;
161 SECURITY_DESCRIPTOR sd;
162 SECURITY_ATTRIBUTES sa;
165 numch = snprintf(buf, sizeof(buf), "%s\\NTP%d",
166 nspref[forall != 0], (unit & 0xFF));
167 if (numch >= sizeof(buf)) {
168 msyslog(LOG_ERR, "SHM name too long (unit %d)", unit);
171 if (forall) { /* world access */
172 if (!InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION)) {
173 msyslog(LOG_ERR,"SHM InitializeSecurityDescriptor (unit %d): %m", unit);
176 if (!SetSecurityDescriptorDacl(&sd, TRUE, NULL, FALSE)) {
177 msyslog(LOG_ERR, "SHM SetSecurityDescriptorDacl (unit %d): %m", unit);
180 sa.nLength = sizeof(SECURITY_ATTRIBUTES);
181 sa.lpSecurityDescriptor = &sd;
182 sa.bInheritHandle = FALSE;
185 shmid = CreateFileMapping ((HANDLE)0xffffffff, psec, PAGE_READWRITE,
186 0, sizeof (struct shmTime), buf);
187 if (shmid == NULL) { /*error*/
189 FormatMessage (FORMAT_MESSAGE_FROM_SYSTEM,
190 0, GetLastError (), 0, buf, sizeof (buf), 0);
191 msyslog(LOG_ERR, "SHM CreateFileMapping (unit %d): %s", unit, buf);
194 p = (struct shmTime *)MapViewOfFile(shmid, FILE_MAP_WRITE, 0, 0,
195 sizeof (struct shmTime));
196 if (p == NULL) { /*error*/
198 FormatMessage (FORMAT_MESSAGE_FROM_SYSTEM,
199 0, GetLastError (), 0, buf, sizeof (buf), 0);
200 msyslog(LOG_ERR,"SHM MapViewOfFile (unit %d): %s", unit, buf);
208 ENSURE(!"getShmTime(): Not reached.");
213 * shm_start - attach to shared memory
221 struct refclockproc * const pp = peer->procptr;
222 struct shmunit * const up = emalloc_zero(sizeof(*up));
224 pp->io.clock_recv = noentry;
225 pp->io.srcclock = peer;
229 up->forall = (unit >= 2) && !(peer->ttl & SHM_MODE_PRIVATE);
231 up->shm = getShmTime(unit, up->forall);
234 * Initialize miscellaneous peer variables
236 memcpy((char *)&pp->refid, REFID, 4);
239 up->shm->precision = PRECISION;
240 peer->precision = up->shm->precision;
242 up->shm->nsamples = NSAMPLES;
243 pp->clockdesc = DESCRIPTION;
244 /* items to be changed later in 'shm_control()': */
246 up->max_delta = 4*3600;
257 * shm_control - configure flag1/time2 params
259 * These are not yet available during 'shm_start', so we have to do any
260 * pre-computations we want to avoid during regular poll/timer callbacks
266 const struct refclockstat * in_st,
267 struct refclockstat * out_st,
271 struct refclockproc * const pp = peer->procptr;
272 struct shmunit * const up = pp->unitptr;
279 if (pp->sloppyclockflag & CLK_FLAG1)
281 else if (pp->fudgetime2 < 1. || pp->fudgetime2 > 86400.)
282 up->max_delta = 4*3600;
284 up->max_delta = (time_t)floor(pp->fudgetime2 + 0.5);
289 * shm_shutdown - shut down the clock
297 struct refclockproc * const pp = peer->procptr;
298 struct shmunit * const up = pp->unitptr;
305 /* HMS: shmdt() wants char* or const void * */
306 (void)shmdt((char *)up->shm);
310 UnmapViewOfFile(up->shm);
318 * shm_poll - called by the transmit procedure
326 struct refclockproc * const pp = peer->procptr;
327 struct shmunit * const up = pp->unitptr;
332 /* get dominant reason if we have no samples at all */
333 major_error = max(up->notready, up->bad);
334 major_error = max(major_error, up->clash);
337 * Process median filter samples. If none received, see what
338 * happened, tell the core and keep going.
340 if (pp->coderecv != pp->codeproc) {
341 /* have some samples, everything OK */
342 pp->lastref = pp->lastrec;
343 refclock_receive(peer);
344 } else if (NULL == up->shm) { /* is this possible at all? */
345 /* we're out of business without SHM access */
346 refclock_report(peer, CEVNT_FAULT);
347 } else if (major_error == up->clash) {
348 /* too many collisions is like a bad signal */
349 refclock_report(peer, CEVNT_PROP);
350 } else if (major_error == up->bad) {
351 /* too much stale/bad/garbled data */
352 refclock_report(peer, CEVNT_BADREPLY);
354 /* in any other case assume it's just a timeout */
355 refclock_report(peer, CEVNT_TIMEOUT);
357 /* shm_clockstats() clears the tallies, so it must be last... */
358 shm_clockstats(unit, peer);
363 OK, NO_SEGMENT, NOT_READY, BAD_MODE, CLASH
369 struct timespec tvc, tvr, tvt;
374 static inline void memory_barrier(void)
376 #ifdef HAVE_ATOMIC_THREAD_FENCE
377 atomic_thread_fence(memory_order_seq_cst);
378 #endif /* HAVE_ATOMIC_THREAD_FENCE */
381 static enum segstat_t shm_query(volatile struct shmTime *shm_in, struct shm_stat_t *shm_stat)
382 /* try to grab a sample from the specified SHM segment */
384 struct shmTime shmcopy;
385 volatile struct shmTime *shm = shm_in;
388 unsigned int cns_new, rns_new;
391 * This is the main routine. It snatches the time from the shm
392 * board and tacks on a local timestamp.
395 shm_stat->status = NO_SEGMENT;
399 /*@-type@*//* splint is confused about struct timespec */
400 shm_stat->tvc.tv_sec = shm_stat->tvc.tv_nsec = 0;
405 shm_stat->tvc.tv_sec = now;
408 /* relying on word access to be atomic here */
409 if (shm->valid == 0) {
410 shm_stat->status = NOT_READY;
417 * This is proof against concurrency issues if either
418 * (a) the memory_barrier() call works on this host, or
419 * (b) memset compiles to an uninterruptible single-instruction bitblt.
422 memcpy(&shmcopy, (void*)(uintptr_t)shm, sizeof(struct shmTime));
427 * Clash detection in case neither (a) nor (b) was true.
428 * Not supported in mode 0, and word access to the count field
429 * must be atomic for this to work.
431 if (shmcopy.mode > 0 && cnt != shm->count) {
432 shm_stat->status = CLASH;
433 return shm_stat->status;
436 shm_stat->status = OK;
437 shm_stat->mode = shmcopy.mode;
439 switch (shmcopy.mode) {
441 shm_stat->tvr.tv_sec = shmcopy.receiveTimeStampSec;
442 shm_stat->tvr.tv_nsec = shmcopy.receiveTimeStampUSec * 1000;
443 rns_new = shmcopy.receiveTimeStampNSec;
444 shm_stat->tvt.tv_sec = shmcopy.clockTimeStampSec;
445 shm_stat->tvt.tv_nsec = shmcopy.clockTimeStampUSec * 1000;
446 cns_new = shmcopy.clockTimeStampNSec;
448 /* Since the following comparisons are between unsigned
449 ** variables they are always well defined, and any
450 ** (signed) underflow will turn into very large unsigned
451 ** values, well above the 1000 cutoff.
453 ** Note: The usecs *must* be a *truncated*
454 ** representation of the nsecs. This code will fail for
455 ** *rounded* usecs, and the logic to deal with
456 ** wrap-arounds in the presence of rounded values is
457 ** much more convoluted.
459 if ( ((cns_new - (unsigned)shm_stat->tvt.tv_nsec) < 1000)
460 && ((rns_new - (unsigned)shm_stat->tvr.tv_nsec) < 1000)) {
461 shm_stat->tvt.tv_nsec = cns_new;
462 shm_stat->tvr.tv_nsec = rns_new;
464 /* At this point shm_stat->tvr and shm_stat->tvt contain valid ns-level
465 ** timestamps, possibly generated by extending the old
466 ** us-level timestamps
472 shm_stat->tvr.tv_sec = shmcopy.receiveTimeStampSec;
473 shm_stat->tvr.tv_nsec = shmcopy.receiveTimeStampUSec * 1000;
474 rns_new = shmcopy.receiveTimeStampNSec;
475 shm_stat->tvt.tv_sec = shmcopy.clockTimeStampSec;
476 shm_stat->tvt.tv_nsec = shmcopy.clockTimeStampUSec * 1000;
477 cns_new = shmcopy.clockTimeStampNSec;
479 /* See the case above for an explanation of the
482 if ( ((cns_new - (unsigned)shm_stat->tvt.tv_nsec) < 1000)
483 && ((rns_new - (unsigned)shm_stat->tvr.tv_nsec) < 1000)) {
484 shm_stat->tvt.tv_nsec = cns_new;
485 shm_stat->tvr.tv_nsec = rns_new;
487 /* At this point shm_stat->tvr and shm_stat->tvt contains valid ns-level
488 ** timestamps, possibly generated by extending the old
489 ** us-level timestamps
494 shm_stat->status = BAD_MODE;
500 * leap field is not a leap offset but a leap notification code.
501 * The values are magic numbers used by NTP and set by GPSD, if at all, in
504 shm_stat->leap = shmcopy.leap;
505 shm_stat->precision = shmcopy.precision;
507 return shm_stat->status;
511 * shm_timer - called once every second.
513 * This tries to grab a sample from the SHM segment, filtering bad ones
521 struct refclockproc * const pp = peer->procptr;
522 struct shmunit * const up = pp->unitptr;
524 volatile struct shmTime *shm;
530 /* for formatting 'a_lastcode': */
535 enum segstat_t status;
536 struct shm_stat_t shm_stat;
539 if ((shm = up->shm) == NULL) {
540 /* try to map again - this may succeed if meanwhile some-
541 body has ipcrm'ed the old (unaccessible) shared mem segment */
542 shm = up->shm = getShmTime(unit, up->forall);
544 DPRINTF(1, ("%s: no SHM segment\n",
545 refnumtoa(&peer->srcadr)));
550 /* query the segment, atomically */
551 status = shm_query(shm, &shm_stat);
555 DPRINTF(2, ("%s: SHM type %d sample\n",
556 refnumtoa(&peer->srcadr), shm_stat.mode));
559 /* should never happen, but is harmless */
562 DPRINTF(1, ("%s: SHM not ready\n",refnumtoa(&peer->srcadr)));
566 DPRINTF(1, ("%s: SHM type blooper, mode=%d\n",
567 refnumtoa(&peer->srcadr), shm->mode));
569 msyslog (LOG_ERR, "SHM: bad mode found in shared memory: %d",
573 DPRINTF(1, ("%s: type 1 access clash\n",
574 refnumtoa(&peer->srcadr)));
575 msyslog (LOG_NOTICE, "SHM: access clash in shared memory");
579 DPRINTF(1, ("%s: internal error, unknown SHM fetch status\n",
580 refnumtoa(&peer->srcadr)));
581 msyslog (LOG_NOTICE, "internal error, unknown SHM fetch status");
587 /* format the last time code in human-readable form into
588 * 'pp->a_lastcode'. Someone claimed: "NetBSD has incompatible
589 * tv_sec". I can't find a base for this claim, but we can work
590 * around that potential problem. BTW, simply casting a pointer
591 * is a receipe for disaster on some architectures.
593 tt = (time_t)shm_stat.tvt.tv_sec;
594 ts = time_to_vint64(&tt);
595 ntpcal_time_to_date(&cd, &ts);
597 /* add ntpq -c cv timecode in ISO 8601 format */
598 c = snprintf(pp->a_lastcode, sizeof(pp->a_lastcode),
599 "%04u-%02u-%02uT%02u:%02u:%02u.%09ldZ",
600 cd.year, cd.month, cd.monthday,
601 cd.hour, cd.minute, cd.second,
602 (long)shm_stat.tvt.tv_nsec);
603 pp->lencode = (c < sizeof(pp->a_lastcode)) ? c : 0;
605 /* check 1: age control of local time stamp */
606 tt = shm_stat.tvc.tv_sec - shm_stat.tvr.tv_sec;
607 if (tt < 0 || tt > up->max_delay) {
608 DPRINTF(1, ("%s:SHM stale/bad receive time, delay=%llds\n",
609 refnumtoa(&peer->srcadr), (long long)tt));
611 msyslog (LOG_ERR, "SHM: stale/bad receive time, delay=%llds",
616 /* check 2: delta check */
617 tt = shm_stat.tvr.tv_sec - shm_stat.tvt.tv_sec - (shm_stat.tvr.tv_nsec < shm_stat.tvt.tv_nsec);
620 if (up->max_delta > 0 && tt > up->max_delta) {
621 DPRINTF(1, ("%s: SHM diff limit exceeded, delta=%llds\n",
622 refnumtoa(&peer->srcadr), (long long)tt));
624 msyslog (LOG_ERR, "SHM: difference limit exceeded, delta=%llds\n",
629 /* if we really made it to this point... we're winners! */
630 DPRINTF(2, ("%s: SHM feeding data\n",
631 refnumtoa(&peer->srcadr)));
632 tsrcv = tspec_stamp_to_lfp(shm_stat.tvr);
633 tsref = tspec_stamp_to_lfp(shm_stat.tvt);
634 pp->leap = shm_stat.leap;
635 peer->precision = shm_stat.precision;
636 refclock_process_offset(pp, tsref, tsrcv, pp->fudgetime1);
641 * shm_clockstats - dump and reset counters
643 static void shm_clockstats(
648 struct refclockproc * const pp = peer->procptr;
649 struct shmunit * const up = pp->unitptr;
652 if (pp->sloppyclockflag & CLK_FLAG4) {
654 &peer->srcadr, "%3d %3d %3d %3d %3d",
655 up->ticks, up->good, up->notready,
658 up->ticks = up->good = up->notready = up->bad = up->clash = 0;
662 NONEMPTY_TRANSLATION_UNIT
663 #endif /* REFCLOCK */
projects / FreeBSD / releng / 9.3.git / blob