diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2026-06-15 13:39:12 +0530 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2026-06-15 13:39:12 +0530 |
| commit | a60ce761d99ff2d9eefe33374c5f20726465a140 (patch) | |
| tree | a7883dcce89453fe59d7cf614620e0b20bea3895 /net | |
| parent | f20e2fdaaeb74330a6c5d65af22a8c47409a7a91 (diff) | |
| parent | 87bd2ad568e15b90d5f7d4bcd70342d05dad649c (diff) | |
| download | ath-a60ce761d99ff2d9eefe33374c5f20726465a140.tar.gz | |
Merge tag 'timers-core-2026-06-13' of gitolite.kernel.org:pub/scm/linux/kernel/git/tip/tip
Pull timer core updates from Thomas Gleixner:
"Updates for the time/timer core subsystem:
- Harden the user space controllable hrtimer interfaces further to
protect against unpriviledged DoS attempts by arming timers in the
past.
- Add per-capacity hierarchies to the timer migration code to prevent
timer migration accross different capacity domains. This code has
been disabled last minute as there is a pathological problem with
SoCs which advertise a larger number of capacity domains. The
problem is under investigation and the code won't be active before
v7.3, but that turned out to be less intrusive than a full revert
as it preserves the preparatory steps and allows people to work on
the final resolution
- Export time namespace functionality as a recent user can be built
as a module.
- Initialize the jiffies clocksource before using it. The recent
hardening against time moving backward requires that the related
members of struct clocksource have been initialized, otherwise it
clamps the readout to 0, which makes time stand sill and causes
boot delays.
- Fix a more than twenty year old PID reference count leak in an
error path of the POSIX CPU timer code.
- The usual small fixes, improvements and cleanups all over the
place"
* tag 'timers-core-2026-06-13' of gitolite.kernel.org:pub/scm/linux/kernel/git/tip/tip: (31 commits)
posix-cpu-timers: Fix pid refcount leak in do_cpu_nanosleep() error path
time/jiffies: Register jiffies clocksource before usage
timers/migration: Temporarily disable per capacity hierarchies
timers/migration: Turn tmigr_hierarchy level_list into a flexible array
timers/migration: Deactivate per-capacity hierarchies under nohz_full
timers/migration: Fix hotplug migrator selection target on asymetric capacity machines
ntsync: Honour caller's time namespace for absolute MONOTONIC timeouts
time/namespace: Export init_time_ns and do_timens_ktime_to_host()
timers/migration: Update stale @online doc to @available
timers: Fix flseep() typo in kernel-doc comment
hrtimer: Fix the bogus return type of __hrtimer_start_range_ns()
hrtimer: Return ktime_t from hrtimer_get_next_event()/hrtimer_next_event_without()
clocksource: Clean up clocksource_update_freq() functions
alarmtimer: Remove stale return description from alarm_handle_timer()
selftests/posix_timers: Use CLOCK_THREAD_CPUTIME_ID for ITIMER_PROF measurements
scripts/timers: Add timer_migration_tree.py
timers/migration: Handle capacity in connect tracepoints
timers/migration: Split per-capacity hierarchies
timers/migration: Track CPUs in a hierarchy
timers/migration: Abstract out hierarchy to prepare for CPU capacity awareness
...
Diffstat (limited to 'net')
| -rw-r--r-- | net/netfilter/xt_IDLETIMER.c | 24 |
1 files changed, 18 insertions, 6 deletions
diff --git a/net/netfilter/xt_IDLETIMER.c b/net/netfilter/xt_IDLETIMER.c index 517106165ad2a..bfcf2d44e93db 100644 --- a/net/netfilter/xt_IDLETIMER.c +++ b/net/netfilter/xt_IDLETIMER.c @@ -115,6 +115,21 @@ static void idletimer_tg_alarmproc(struct alarm *alarm, ktime_t now) schedule_work(&timer->work); } +static void idletimer_start_alarm_ktime(struct idletimer_tg *timer, ktime_t timeout) +{ + /* + * The timer should always be queued as @tout it should be least one + * second, but handle it correctly in any case. Virt will manage! + */ + if (!alarm_start_timer(&timer->alarm, timeout, true)) + schedule_work(&timer->work); +} + +static void idletimer_start_alarm_sec(struct idletimer_tg *timer, unsigned int seconds) +{ + idletimer_start_alarm_ktime(timer, ktime_set(seconds, 0)); +} + static int idletimer_check_sysfs_name(const char *name, unsigned int size) { int ret; @@ -220,12 +235,10 @@ static int idletimer_tg_create_v1(struct idletimer_tg_info_v1 *info) INIT_WORK(&info->timer->work, idletimer_tg_work); if (info->timer->timer_type & XT_IDLETIMER_ALARM) { - ktime_t tout; alarm_init(&info->timer->alarm, ALARM_BOOTTIME, idletimer_tg_alarmproc); info->timer->alarm.data = info->timer; - tout = ktime_set(info->timeout, 0); - alarm_start_relative(&info->timer->alarm, tout); + idletimer_start_alarm_sec(info->timer, info->timeout); } else { timer_setup(&info->timer->timer, idletimer_tg_expired, 0); mod_timer(&info->timer->timer, @@ -271,8 +284,7 @@ static unsigned int idletimer_tg_target_v1(struct sk_buff *skb, info->label, info->timeout); if (info->timer->timer_type & XT_IDLETIMER_ALARM) { - ktime_t tout = ktime_set(info->timeout, 0); - alarm_start_relative(&info->timer->alarm, tout); + idletimer_start_alarm_sec(info->timer, info->timeout); } else { mod_timer(&info->timer->timer, secs_to_jiffies(info->timeout) + jiffies); @@ -384,7 +396,7 @@ static int idletimer_tg_checkentry_v1(const struct xt_tgchk_param *par) if (ktimespec.tv_sec > 0) { pr_debug("time_expiry_remaining %lld\n", ktimespec.tv_sec); - alarm_start_relative(&info->timer->alarm, tout); + idletimer_start_alarm_ktime(info->timer, tout); } } else { mod_timer(&info->timer->timer, |
