VirtualBox

source: vbox/trunk/src/VBox/Additions/common/VBoxService/VBoxServiceTimeSync.cpp@ 75559

Last change on this file since 75559 was 75559, checked in by vboxsync, 6 years ago

VBoxService: Always set the time on startup on OS/2.
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 31.6 KB
Line 
1/* $Id: VBoxServiceTimeSync.cpp 75559 2018-11-18 19:46:04Z vboxsync $ */
2/** @file
3 * VBoxService - Guest Additions TimeSync Service.
4 */
5
6/*
7 * Copyright (C) 2007-2017 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 */
17
18
19/** @page pg_vgsvc_timesync VBoxService - The Time Sync Service
20 *
21 * The time sync subservice synchronizes the guest OS walltime with the host.
22 *
23 * The time sync service plays along with the Time Manager (TM) in the VMM
24 * to keep the guest time accurate using the host machine as a reference.
25 * Communication is facilitated by VMMDev. TM will try its best to make sure
26 * all timer ticks get delivered so that there isn't normally any need to
27 * adjust the guest time.
28 *
29 * There are three normal (= acceptable) cases:
30 * -# When the service starts up. This is because ticks and such might
31 * be lost during VM and OS startup. (Need to figure out exactly why!)
32 * -# When the TM is unable to deliver all the ticks and swallows a
33 * backlog of ticks. The threshold for this is configurable with
34 * a default of 60 seconds.
35 * -# The time is adjusted on the host. This can be caused manually by
36 * the user or by some time sync daemon (NTP, LAN server, etc.).
37 *
38 * There are a number of very odd case where adjusting is needed. Here
39 * are some of them:
40 * -# Timer device emulation inaccuracies (like rounding).
41 * -# Inaccuracies in time source VirtualBox uses.
42 * -# The Guest and/or Host OS doesn't perform proper time keeping. This
43 * can come about as a result of OS and/or hardware issues.
44 *
45 * The TM is our source for the host time and will make adjustments for
46 * current timer delivery lag. The simplistic approach taken by TM is to
47 * adjust the host time by the current guest timer delivery lag, meaning that
48 * if the guest is behind 1 second with PIT/RTC/++ ticks, this should be
49 * reflected in the guest wall time as well.
50 *
51 * Now, there is any amount of trouble we can cause by changing the time.
52 * Most applications probably use the wall time when they need to measure
53 * things. A walltime that is being juggled about every so often, even if just
54 * a little bit, could occasionally upset these measurements by for instance
55 * yielding negative results.
56 *
57 * This bottom line here is that the time sync service isn't really supposed
58 * to do anything and will try avoid having to do anything when possible.
59 *
60 * The implementation uses the latency it takes to query host time as the
61 * absolute maximum precision to avoid messing up under timer tick catchup
62 * and/or heavy host/guest load. (Rationale is that a *lot* of stuff may
63 * happen on our way back from ring-3 and TM/VMMDev since we're taking the
64 * route thru the inner EM loop with its force flag processing.)
65 *
66 * But this latency has to be measured from our perspective, which means it
67 * could just as easily come out as 0. (OS/2 and Windows guests only update
68 * the current time when the timer ticks for instance.) The good thing is
69 * that this isn't really a problem since we won't ever do anything unless
70 * the drift is noticeable.
71 *
72 * It now boils down to these three (configuration) factors:
73 * -# g_cMsTimeSyncMinAdjust - The minimum drift we will ever bother with.
74 * -# g_TimeSyncLatencyFactor - The factor we multiply the latency by to
75 * calculate the dynamic minimum adjust factor.
76 * -# g_cMsTimeSyncMaxLatency - When to start discarding the data as utterly
77 * useless and take a rest (someone is too busy to give us good data).
78 * -# g_TimeSyncSetThreshold - The threshold at which we will just set the time
79 * instead of trying to adjust it (milliseconds).
80 */
81
82
83/*********************************************************************************************************************************
84* Header Files *
85*********************************************************************************************************************************/
86#ifdef RT_OS_WINDOWS
87# include <iprt/win/windows.h>
88#else
89# include <unistd.h>
90# include <errno.h>
91# include <time.h>
92# include <sys/time.h>
93#endif
94
95#include <iprt/thread.h>
96#include <iprt/string.h>
97#include <iprt/semaphore.h>
98#include <iprt/time.h>
99#include <iprt/assert.h>
100#include <VBox/VBoxGuestLib.h>
101#include "VBoxServiceInternal.h"
102#include "VBoxServiceUtils.h"
103
104
105/*********************************************************************************************************************************
106* Global Variables *
107*********************************************************************************************************************************/
108/** The timesync interval (milliseconds). */
109static uint32_t g_TimeSyncInterval = 0;
110/**
111 * @see pg_vgsvc_timesync
112 *
113 * @remark OS/2: There is either a 1 second resolution on the DosSetDateTime
114 * API or a bug in my settimeofday implementation. Thus, don't
115 * bother unless there is at least a 1 second drift.
116 */
117#ifdef RT_OS_OS2
118static uint32_t g_cMsTimeSyncMinAdjust = 1000;
119#else
120static uint32_t g_cMsTimeSyncMinAdjust = 100;
121#endif
122/** @see pg_vgsvc_timesync */
123static uint32_t g_TimeSyncLatencyFactor = 8;
124/** @see pg_vgsvc_timesync */
125static uint32_t g_cMsTimeSyncMaxLatency = 250;
126/** @see pg_vgsvc_timesync */
127static uint32_t g_TimeSyncSetThreshold = 20*60*1000;
128/** Whether the next adjustment should just set the time instead of trying to
129 * adjust it. This is used to implement --timesync-set-start.
130 * For purposes of setting the kernel timezone, OS/2 always starts with this. */
131#ifdef RT_OS_OS2
132static bool volatile g_fTimeSyncSetOnStart = true;
133#else
134static bool volatile g_fTimeSyncSetOnStart = false;
135#endif
136/** Whether to set the time when the VM was restored. */
137static bool g_fTimeSyncSetOnRestore = true;
138/** The logging verbosity level.
139 * This uses the global verbosity level by default. */
140static uint32_t g_cTimeSyncVerbosity = 0;
141
142/** Current error count. Used to decide when to bitch and when not to. */
143static uint32_t g_cTimeSyncErrors = 0;
144
145/** The semaphore we're blocking on. */
146static RTSEMEVENTMULTI g_TimeSyncEvent = NIL_RTSEMEVENTMULTI;
147
148/** The VM session ID. Changes whenever the VM is restored or reset. */
149static uint64_t g_idTimeSyncSession;
150
151#ifdef RT_OS_WINDOWS
152/** Process token. */
153static HANDLE g_hTokenProcess = NULL;
154/** Old token privileges. */
155static TOKEN_PRIVILEGES g_TkOldPrivileges;
156/** Backup values for time adjustment. */
157static DWORD g_dwWinTimeAdjustment;
158static DWORD g_dwWinTimeIncrement;
159static BOOL g_bWinTimeAdjustmentDisabled;
160#endif
161
162
163/**
164 * @interface_method_impl{VBOXSERVICE,pfnPreInit}
165 */
166static DECLCALLBACK(int) vgsvcTimeSyncPreInit(void)
167{
168 /* Use global verbosity as default. */
169 g_cTimeSyncVerbosity = g_cVerbosity;
170
171#ifdef VBOX_WITH_GUEST_PROPS
172 /** @todo Merge this function with vgsvcTimeSyncOption() to generalize
173 * the "command line args override guest property values" behavior. */
174
175 /*
176 * Read the service options from the VM's guest properties.
177 * Note that these options can be overridden by the command line options later.
178 */
179 uint32_t uGuestPropSvcClientID;
180 int rc = VbglR3GuestPropConnect(&uGuestPropSvcClientID);
181 if (RT_FAILURE(rc))
182 {
183 if (rc == VERR_HGCM_SERVICE_NOT_FOUND) /* Host service is not available. */
184 {
185 VGSvcVerbose(0, "VMInfo: Guest property service is not available, skipping\n");
186 rc = VINF_SUCCESS;
187 }
188 else
189 VGSvcError("Failed to connect to the guest property service! Error: %Rrc\n", rc);
190 }
191 else
192 {
193 rc = VGSvcReadPropUInt32(uGuestPropSvcClientID, "/VirtualBox/GuestAdd/VBoxService/--timesync-interval",
194 &g_TimeSyncInterval, 50, UINT32_MAX - 1);
195 if ( RT_SUCCESS(rc)
196 || rc == VERR_NOT_FOUND)
197 rc = VGSvcReadPropUInt32(uGuestPropSvcClientID, "/VirtualBox/GuestAdd/VBoxService/--timesync-min-adjust",
198 &g_cMsTimeSyncMinAdjust, 0, 3600000);
199 if ( RT_SUCCESS(rc)
200 || rc == VERR_NOT_FOUND)
201 rc = VGSvcReadPropUInt32(uGuestPropSvcClientID, "/VirtualBox/GuestAdd/VBoxService/--timesync-latency-factor",
202 &g_TimeSyncLatencyFactor, 1, 1024);
203 if ( RT_SUCCESS(rc)
204 || rc == VERR_NOT_FOUND)
205 rc = VGSvcReadPropUInt32(uGuestPropSvcClientID, "/VirtualBox/GuestAdd/VBoxService/--timesync-max-latency",
206 &g_cMsTimeSyncMaxLatency, 1, 3600000);
207 if ( RT_SUCCESS(rc)
208 || rc == VERR_NOT_FOUND)
209 rc = VGSvcReadPropUInt32(uGuestPropSvcClientID, "/VirtualBox/GuestAdd/VBoxService/--timesync-set-threshold",
210 &g_TimeSyncSetThreshold, 0, 7*24*60*60*1000 /* a week */);
211 if ( RT_SUCCESS(rc)
212 || rc == VERR_NOT_FOUND)
213 {
214 rc = VGSvcCheckPropExist(uGuestPropSvcClientID, "/VirtualBox/GuestAdd/VBoxService/--timesync-set-start");
215 if (RT_SUCCESS(rc))
216 g_fTimeSyncSetOnStart = true;
217 }
218 if ( RT_SUCCESS(rc)
219 || rc == VERR_NOT_FOUND)
220 {
221 rc = VGSvcCheckPropExist(uGuestPropSvcClientID, "/VirtualBox/GuestAdd/VBoxService/--timesync-no-set-start");
222 if (RT_SUCCESS(rc))
223 g_fTimeSyncSetOnStart = false;
224 }
225 if ( RT_SUCCESS(rc)
226 || rc == VERR_NOT_FOUND)
227 {
228 rc = VGSvcCheckPropExist(uGuestPropSvcClientID, "/VirtualBox/GuestAdd/VBoxService/--timesync-set-on-restore");
229 if (RT_SUCCESS(rc))
230 g_fTimeSyncSetOnRestore = true;
231 }
232 if ( RT_SUCCESS(rc)
233 || rc == VERR_NOT_FOUND)
234 {
235 rc = VGSvcCheckPropExist(uGuestPropSvcClientID, "/VirtualBox/GuestAdd/VBoxService/--timesync-no-set-on-restore");
236 if (RT_SUCCESS(rc))
237 g_fTimeSyncSetOnRestore = false;
238 }
239 if ( RT_SUCCESS(rc)
240 || rc == VERR_NOT_FOUND)
241 {
242 uint32_t uValue;
243 rc = VGSvcReadPropUInt32(uGuestPropSvcClientID, "/VirtualBox/GuestAdd/VBoxService/--timesync-verbosity",
244 &uValue, 0 /*uMin*/, 255 /*uMax*/);
245 if (RT_SUCCESS(rc))
246 g_cTimeSyncVerbosity = uValue;
247 }
248 VbglR3GuestPropDisconnect(uGuestPropSvcClientID);
249 }
250
251 if (rc == VERR_NOT_FOUND) /* If a value is not found, don't be sad! */
252 rc = VINF_SUCCESS;
253 return rc;
254#else
255 /* Nothing to do here yet. */
256 return VINF_SUCCESS;
257#endif
258}
259
260
261/**
262 * Displays a verbose message based on the currently
263 * set timesync verbosity level.
264 *
265 * @param iLevel Minimum log level required to display this message.
266 * @param pszFormat The message text.
267 * @param ... Format arguments.
268 */
269static void vgsvcTimeSyncLog(unsigned iLevel, const char *pszFormat, ...)
270{
271 if (iLevel <= g_cTimeSyncVerbosity)
272 {
273 va_list va;
274 va_start(va, pszFormat);
275 VGSvcLogV(pszFormat, va);
276 va_end(va);
277 }
278}
279
280
281/**
282 * @interface_method_impl{VBOXSERVICE,pfnOption}
283 */
284static DECLCALLBACK(int) vgsvcTimeSyncOption(const char **ppszShort, int argc, char **argv, int *pi)
285{
286 int rc = VINF_SUCCESS;
287 if (ppszShort)
288 rc = -1 ;/* no short options */
289 else if (!strcmp(argv[*pi], "--timesync-interval"))
290 rc = VGSvcArgUInt32(argc, argv, "", pi, &g_TimeSyncInterval, 50, UINT32_MAX - 1);
291 else if (!strcmp(argv[*pi], "--timesync-min-adjust"))
292 rc = VGSvcArgUInt32(argc, argv, "", pi, &g_cMsTimeSyncMinAdjust, 0, 3600000);
293 else if (!strcmp(argv[*pi], "--timesync-latency-factor"))
294 rc = VGSvcArgUInt32(argc, argv, "", pi, &g_TimeSyncLatencyFactor, 1, 1024);
295 else if (!strcmp(argv[*pi], "--timesync-max-latency"))
296 rc = VGSvcArgUInt32(argc, argv, "", pi, &g_cMsTimeSyncMaxLatency, 1, 3600000);
297 else if (!strcmp(argv[*pi], "--timesync-set-threshold"))
298 rc = VGSvcArgUInt32(argc, argv, "", pi, &g_TimeSyncSetThreshold, 0, 7*24*60*60*1000); /* a week */
299 else if (!strcmp(argv[*pi], "--timesync-set-start"))
300 g_fTimeSyncSetOnStart = true;
301 else if (!strcmp(argv[*pi], "--timesync-no-set-start"))
302 g_fTimeSyncSetOnStart = false;
303 else if (!strcmp(argv[*pi], "--timesync-set-on-restore"))
304 g_fTimeSyncSetOnRestore = true;
305 else if (!strcmp(argv[*pi], "--timesync-no-set-on-restore"))
306 g_fTimeSyncSetOnRestore = false;
307 else if (!strcmp(argv[*pi], "--timesync-verbosity"))
308 rc = VGSvcArgUInt32(argc, argv, "", pi, &g_cTimeSyncVerbosity, 0 /*uMin*/, 255 /*uMax*/);
309 else
310 rc = -1;
311
312 return rc;
313}
314
315
316/**
317 * @interface_method_impl{VBOXSERVICE,pfnInit}
318 */
319static DECLCALLBACK(int) vgsvcTimeSyncInit(void)
320{
321 /*
322 * If not specified, find the right interval default.
323 * Then create the event sem to block on.
324 */
325 if (!g_TimeSyncInterval)
326 g_TimeSyncInterval = g_DefaultInterval * 1000;
327 if (!g_TimeSyncInterval)
328 g_TimeSyncInterval = 10 * 1000;
329
330 VbglR3GetSessionId(&g_idTimeSyncSession);
331 /* The status code is ignored as this information is not available with VBox < 3.2.10. */
332
333 int rc = RTSemEventMultiCreate(&g_TimeSyncEvent);
334 AssertRC(rc);
335#ifdef RT_OS_WINDOWS
336 if (RT_SUCCESS(rc))
337 {
338 /*
339 * Adjust privileges of this process so we can make system time adjustments.
340 */
341 if (OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &g_hTokenProcess))
342 {
343 TOKEN_PRIVILEGES tkPriv;
344 RT_ZERO(tkPriv);
345 tkPriv.PrivilegeCount = 1;
346 tkPriv.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
347 if (LookupPrivilegeValue(NULL, SE_SYSTEMTIME_NAME, &tkPriv.Privileges[0].Luid))
348 {
349 DWORD cbRet = sizeof(g_TkOldPrivileges);
350 if (AdjustTokenPrivileges(g_hTokenProcess, FALSE, &tkPriv, sizeof(TOKEN_PRIVILEGES), &g_TkOldPrivileges, &cbRet))
351 rc = VINF_SUCCESS;
352 else
353 {
354 DWORD dwErr = GetLastError();
355 rc = RTErrConvertFromWin32(dwErr);
356 VGSvcError("vgsvcTimeSyncInit: Adjusting token privileges (SE_SYSTEMTIME_NAME) failed with status code %u/%Rrc!\n",
357 dwErr, rc);
358 }
359 }
360 else
361 {
362 DWORD dwErr = GetLastError();
363 rc = RTErrConvertFromWin32(dwErr);
364 VGSvcError("vgsvcTimeSyncInit: Looking up token privileges (SE_SYSTEMTIME_NAME) failed with status code %u/%Rrc!\n",
365 dwErr, rc);
366 }
367 if (RT_FAILURE(rc))
368 {
369 CloseHandle(g_hTokenProcess);
370 g_hTokenProcess = NULL;
371 }
372 }
373 else
374 {
375 DWORD dwErr = GetLastError();
376 rc = RTErrConvertFromWin32(dwErr);
377 VGSvcError("vgsvcTimeSyncInit: Opening process token (SE_SYSTEMTIME_NAME) failed with status code %u/%Rrc!\n",
378 dwErr, rc);
379 g_hTokenProcess = NULL;
380 }
381 }
382
383 if (g_pfnGetSystemTimeAdjustment)
384 {
385 if (g_pfnGetSystemTimeAdjustment(&g_dwWinTimeAdjustment, &g_dwWinTimeIncrement, &g_bWinTimeAdjustmentDisabled))
386 vgsvcTimeSyncLog(0, "vgsvcTimeSyncInit: Initially %ld (100ns) units per %ld (100 ns) units interval, disabled=%d\n",
387 g_dwWinTimeAdjustment, g_dwWinTimeIncrement, g_bWinTimeAdjustmentDisabled ? 1 : 0);
388 else
389 {
390 DWORD dwErr = GetLastError();
391 rc = RTErrConvertFromWin32(dwErr);
392 VGSvcError("vgsvcTimeSyncInit: Could not get time adjustment values! Last error: %ld!\n", dwErr);
393 }
394 }
395#endif /* RT_OS_WINDOWS */
396
397 return rc;
398}
399
400
401/**
402 * Try adjusting the time using adjtime or similar.
403 *
404 * @returns true on success, false on failure.
405 *
406 * @param pDrift The time adjustment.
407 */
408static bool vgsvcTimeSyncAdjust(PCRTTIMESPEC pDrift)
409{
410#ifdef RT_OS_WINDOWS
411/** @todo r=bird: g_hTokenProcess cannot be NULL here.
412 * vgsvcTimeSyncInit will fail and the service will not be started with
413 * it being NULL. vgsvcTimeSyncInit OTOH will *NOT* be called until the
414 * service thread has terminated. If anything
415 * else is the case, there is buggy code somewhere.*/
416 if (g_hTokenProcess == NULL) /* Is the token already closed when shutting down? */
417 return false;
418
419 /* The API appeared in NT 3.50. */
420 if ( !g_pfnSetSystemTimeAdjustment
421 || !g_pfnGetSystemTimeAdjustment)
422 return false;
423
424 DWORD dwWinTimeAdjustment, dwWinNewTimeAdjustment, dwWinTimeIncrement;
425 BOOL fWinTimeAdjustmentDisabled;
426 if (g_pfnGetSystemTimeAdjustment(&dwWinTimeAdjustment, &dwWinTimeIncrement, &fWinTimeAdjustmentDisabled))
427 {
428 DWORD dwDiffMax = g_dwWinTimeAdjustment * 0.50;
429 DWORD dwDiffNew = dwWinTimeAdjustment * 0.10;
430
431 if (RTTimeSpecGetMilli(pDrift) > 0)
432 {
433 dwWinNewTimeAdjustment = dwWinTimeAdjustment + dwDiffNew;
434 if (dwWinNewTimeAdjustment > (g_dwWinTimeAdjustment + dwDiffMax))
435 {
436 dwWinNewTimeAdjustment = g_dwWinTimeAdjustment + dwDiffMax;
437 dwDiffNew = dwDiffMax;
438 }
439 }
440 else
441 {
442 dwWinNewTimeAdjustment = dwWinTimeAdjustment - dwDiffNew;
443 if (dwWinNewTimeAdjustment < (g_dwWinTimeAdjustment - dwDiffMax))
444 {
445 dwWinNewTimeAdjustment = g_dwWinTimeAdjustment - dwDiffMax;
446 dwDiffNew = dwDiffMax;
447 }
448 }
449
450 vgsvcTimeSyncLog(3, "vgsvcTimeSyncAdjust: Drift=%lldms\n", RTTimeSpecGetMilli(pDrift));
451 vgsvcTimeSyncLog(3, "vgsvcTimeSyncAdjust: OrgTA=%ld, CurTA=%ld, NewTA=%ld, DiffNew=%ld, DiffMax=%ld\n",
452 g_dwWinTimeAdjustment, dwWinTimeAdjustment, dwWinNewTimeAdjustment, dwDiffNew, dwDiffMax);
453 if (g_pfnSetSystemTimeAdjustment(dwWinNewTimeAdjustment, FALSE /* Periodic adjustments enabled. */))
454 {
455 g_cTimeSyncErrors = 0;
456 return true;
457 }
458
459 if (g_cTimeSyncErrors++ < 10)
460 VGSvcError("vgsvcTimeSyncAdjust: SetSystemTimeAdjustment failed, error=%u\n", GetLastError());
461 }
462 else if (g_cTimeSyncErrors++ < 10)
463 VGSvcError("vgsvcTimeSyncAdjust: GetSystemTimeAdjustment failed, error=%ld\n", GetLastError());
464
465#elif defined(RT_OS_OS2) || defined(RT_OS_HAIKU)
466 /* No API for doing gradual time adjustments. */
467
468#else /* PORTME */
469 /*
470 * Try using adjtime(), most unix-like systems have this.
471 */
472 struct timeval tv;
473 RTTimeSpecGetTimeval(pDrift, &tv);
474 if (adjtime(&tv, NULL) == 0)
475 {
476 vgsvcTimeSyncLog(1, "vgsvcTimeSyncAdjust: adjtime by %RDtimespec\n", pDrift);
477 g_cTimeSyncErrors = 0;
478 return true;
479 }
480#endif
481
482 /* failed */
483 return false;
484}
485
486
487/**
488 * Cancels any pending time adjustment.
489 *
490 * Called when we've caught up and before calls to vgsvcTimeSyncSet.
491 */
492static void vgsvcTimeSyncCancelAdjust(void)
493{
494#ifdef RT_OS_WINDOWS
495/** @todo r=bird: g_hTokenProcess cannot be NULL here. See argumentation in
496 * vgsvcTimeSyncAdjust. */
497 if (g_hTokenProcess == NULL) /* No process token (anymore)? */
498 return;
499 if (!g_pfnSetSystemTimeAdjustment)
500 return;
501 if (g_pfnSetSystemTimeAdjustment(0, TRUE /* Periodic adjustments disabled. */))
502 vgsvcTimeSyncLog(5, "vgsvcTimeSyncCancelAdjust: Windows Time Adjustment is now disabled.\n");
503 else if (g_cTimeSyncErrors++ < 10)
504 VGSvcError("vgsvcTimeSyncCancelAdjust: SetSystemTimeAdjustment(,disable) failed, error=%u\n", GetLastError());
505#endif /* !RT_OS_WINDOWS */
506}
507
508
509/**
510 * Set the wall clock to compensate for drift.
511 *
512 * @returns true on success, false on failure.
513 *
514 * @param pDrift The time adjustment.
515 */
516static void vgsvcTimeSyncSet(PCRTTIMESPEC pDrift)
517{
518 /*
519 * Query the current time, adjust it by adding the drift and set it.
520 */
521 RTTIMESPEC NewGuestTime;
522 int rc = RTTimeSet(RTTimeSpecAdd(RTTimeNow(&NewGuestTime), pDrift));
523 if (RT_SUCCESS(rc))
524 {
525 /* Succeeded - reset the error count and log the change. */
526 g_cTimeSyncErrors = 0;
527
528 if (g_cTimeSyncVerbosity >= 1)
529 {
530 char sz[64];
531 RTTIME Time;
532 vgsvcTimeSyncLog(1, "time set to %s\n", RTTimeToString(RTTimeExplode(&Time, &NewGuestTime), sz, sizeof(sz)));
533#ifdef DEBUG
534 RTTIMESPEC Tmp;
535 vgsvcTimeSyncLog(3, " now %s\n", RTTimeToString(RTTimeExplode(&Time, RTTimeNow(&Tmp)), sz, sizeof(sz)));
536#endif
537 }
538 }
539 else if (g_cTimeSyncErrors++ < 10)
540 VGSvcError("vgsvcTimeSyncSet: RTTimeSet(%RDtimespec) failed: %Rrc\n", &NewGuestTime, rc);
541}
542
543
544/**
545 * @interface_method_impl{VBOXSERVICE,pfnWorker}
546 */
547DECLCALLBACK(int) vgsvcTimeSyncWorker(bool volatile *pfShutdown)
548{
549 RTTIME Time;
550 int rc = VINF_SUCCESS;
551
552 /*
553 * Tell the control thread that it can continue spawning services.
554 */
555 RTThreadUserSignal(RTThreadSelf());
556
557 /*
558 * Initialize the last host and guest times to prevent log message.
559 * We also track whether we set the time in the previous loop.
560 */
561 RTTIMESPEC HostLast;
562 if (RT_FAILURE(VbglR3GetHostTime(&HostLast)))
563 RTTimeSpecSetNano(&HostLast, 0);
564 RTTIMESPEC GuestLast;
565 RTTimeNow(&GuestLast);
566 bool fSetTimeLastLoop = false;
567
568 /*
569 * The Work Loop.
570 */
571 for (;;)
572 {
573 /*
574 * Try to get a reliable time reading.
575 */
576 int cTries = 3;
577 do
578 {
579 /*
580 * Query the session id (first to keep lantency low) and the time.
581 */
582 uint64_t idNewSession = g_idTimeSyncSession;
583 if (g_fTimeSyncSetOnRestore)
584 VbglR3GetSessionId(&idNewSession);
585
586 RTTIMESPEC GuestNow0;
587 RTTimeNow(&GuestNow0);
588
589 RTTIMESPEC HostNow;
590 int rc2 = VbglR3GetHostTime(&HostNow);
591 if (RT_FAILURE(rc2))
592 {
593 if (g_cTimeSyncErrors++ < 10)
594 VGSvcError("vgsvcTimeSyncWorker: VbglR3GetHostTime failed; rc2=%Rrc\n", rc2);
595 break;
596 }
597
598 RTTIMESPEC GuestNow;
599 RTTimeNow(&GuestNow);
600
601 /*
602 * Calc latency and check if it's ok.
603 */
604 RTTIMESPEC GuestElapsed = GuestNow;
605 RTTimeSpecSub(&GuestElapsed, &GuestNow0);
606 if ((uint32_t)RTTimeSpecGetMilli(&GuestElapsed) < g_cMsTimeSyncMaxLatency)
607 {
608 /*
609 * If we were just restored, set the adjustment threshold to zero to force a resync.
610 */
611 uint32_t TimeSyncSetThreshold = g_TimeSyncSetThreshold;
612 if ( g_fTimeSyncSetOnRestore
613 && idNewSession != g_idTimeSyncSession)
614 {
615 vgsvcTimeSyncLog(2, "vgsvcTimeSyncWorker: The VM session ID changed, forcing resync.\n");
616 g_idTimeSyncSession = idNewSession;
617 TimeSyncSetThreshold = 0;
618 }
619
620 /*
621 * Calculate the adjustment threshold and the current drift.
622 */
623 uint32_t MinAdjust = RTTimeSpecGetMilli(&GuestElapsed) * g_TimeSyncLatencyFactor;
624 if (MinAdjust < g_cMsTimeSyncMinAdjust)
625 MinAdjust = g_cMsTimeSyncMinAdjust;
626
627 RTTIMESPEC Drift = HostNow;
628 RTTimeSpecSub(&Drift, &GuestNow);
629 if (RTTimeSpecGetMilli(&Drift) < 0)
630 MinAdjust += g_cMsTimeSyncMinAdjust; /* extra buffer against moving time backwards. */
631
632 RTTIMESPEC AbsDrift = Drift;
633 RTTimeSpecAbsolute(&AbsDrift);
634
635 if (g_cTimeSyncVerbosity >= 4)
636 {
637 char sz1[64];
638 char sz2[64];
639 vgsvcTimeSyncLog(4, "vgsvcTimeSyncWorker: Host: %s (MinAdjust: %RU32 ms), Guest: %s => %RDtimespec drift\n",
640 RTTimeToString(RTTimeExplode(&Time, &HostNow), sz1, sizeof(sz1)), MinAdjust,
641 RTTimeToString(RTTimeExplode(&Time, &GuestNow), sz2, sizeof(sz2)), &Drift);
642 }
643
644 bool fSetTimeInThisLoop = false;
645 uint64_t AbsDriftMilli = RTTimeSpecGetMilli(&AbsDrift);
646 if ( AbsDriftMilli > MinAdjust
647 || g_fTimeSyncSetOnStart)
648 {
649 /*
650 * Ok, the drift is above the threshold.
651 *
652 * Try a gradual adjustment first, if that fails or the drift is
653 * too big, fall back on just setting the time.
654 */
655 if ( AbsDriftMilli > TimeSyncSetThreshold
656 || g_fTimeSyncSetOnStart
657 || !vgsvcTimeSyncAdjust(&Drift))
658 {
659 vgsvcTimeSyncCancelAdjust();
660 vgsvcTimeSyncSet(&Drift);
661 fSetTimeInThisLoop = true;
662 }
663
664 /*
665 * Log radical host time changes.
666 */
667 int64_t cNsHostDelta = RTTimeSpecGetNano(&HostNow) - RTTimeSpecGetNano(&HostLast);
668 if ((uint64_t)RT_ABS(cNsHostDelta) > RT_NS_1HOUR / 2)
669 vgsvcTimeSyncLog(0, "vgsvcTimeSyncWorker: Radical host time change: %'RI64ns (HostNow=%RDtimespec HostLast=%RDtimespec)\n",
670 cNsHostDelta, &HostNow, &HostLast);
671 }
672 else
673 vgsvcTimeSyncCancelAdjust();
674 HostLast = HostNow;
675
676 /*
677 * Log radical guest time changes (we could be the cause of these, mind).
678 * Note! Right now we don't care about an extra log line after we called
679 * vgsvcTimeSyncSet. fSetTimeLastLoop helps show it though.
680 */
681 int64_t cNsGuestDelta = RTTimeSpecGetNano(&GuestNow) - RTTimeSpecGetNano(&GuestLast);
682 if ((uint64_t)RT_ABS(cNsGuestDelta) > RT_NS_1HOUR / 2)
683 vgsvcTimeSyncLog(0, "vgsvcTimeSyncWorker: Radical guest time change: %'RI64ns (GuestNow=%RDtimespec GuestLast=%RDtimespec fSetTimeLastLoop=%RTbool)\n",
684 cNsGuestDelta, &GuestNow, &GuestLast, fSetTimeLastLoop);
685 GuestLast = GuestNow;
686 fSetTimeLastLoop = fSetTimeInThisLoop;
687 break;
688 }
689 vgsvcTimeSyncLog(3, "vgsvcTimeSyncWorker: %RDtimespec: latency too high (%RDtimespec, max %ums) sleeping 1s\n",
690 &GuestNow, &GuestElapsed, g_cMsTimeSyncMaxLatency);
691 RTThreadSleep(1000);
692 } while (--cTries > 0);
693
694 /* Clear the set-next/set-start flag. */
695 g_fTimeSyncSetOnStart = false;
696
697 /*
698 * Block for a while.
699 *
700 * The event semaphore takes care of ignoring interruptions and it
701 * allows us to implement service wakeup later.
702 */
703 if (*pfShutdown)
704 break;
705 int rc2 = RTSemEventMultiWait(g_TimeSyncEvent, g_TimeSyncInterval);
706 if (*pfShutdown)
707 break;
708 if (rc2 != VERR_TIMEOUT && RT_FAILURE(rc2))
709 {
710 VGSvcError("vgsvcTimeSyncWorker: RTSemEventMultiWait failed; rc2=%Rrc\n", rc2);
711 rc = rc2;
712 break;
713 }
714 }
715
716 vgsvcTimeSyncCancelAdjust();
717 return rc;
718}
719
720
721/**
722 * @interface_method_impl{VBOXSERVICE,pfnStop}
723 */
724static DECLCALLBACK(void) vgsvcTimeSyncStop(void)
725{
726 if (g_TimeSyncEvent != NIL_RTSEMEVENTMULTI)
727 RTSemEventMultiSignal(g_TimeSyncEvent);
728}
729
730
731/**
732 * @interface_method_impl{VBOXSERVICE,pfnTerm}
733 */
734static DECLCALLBACK(void) vgsvcTimeSyncTerm(void)
735{
736#ifdef RT_OS_WINDOWS
737 /*
738 * Restore the SE_SYSTEMTIME_NAME token privileges (if init succeeded).
739 */
740 if (g_hTokenProcess)
741 {
742 if (!AdjustTokenPrivileges(g_hTokenProcess, FALSE, &g_TkOldPrivileges, sizeof(TOKEN_PRIVILEGES), NULL, NULL))
743 {
744 DWORD dwErr = GetLastError();
745 VGSvcError("vgsvcTimeSyncTerm: Restoring token privileges (SE_SYSTEMTIME_NAME) failed with code %u!\n", dwErr);
746 }
747 CloseHandle(g_hTokenProcess);
748 g_hTokenProcess = NULL;
749 }
750#endif /* !RT_OS_WINDOWS */
751
752 if (g_TimeSyncEvent != NIL_RTSEMEVENTMULTI)
753 {
754 RTSemEventMultiDestroy(g_TimeSyncEvent);
755 g_TimeSyncEvent = NIL_RTSEMEVENTMULTI;
756 }
757}
758
759
760/**
761 * The 'timesync' service description.
762 */
763VBOXSERVICE g_TimeSync =
764{
765 /* pszName. */
766 "timesync",
767 /* pszDescription. */
768 "Time synchronization",
769 /* pszUsage. */
770 " [--timesync-interval <ms>] [--timesync-min-adjust <ms>]\n"
771 " [--timesync-latency-factor <x>] [--timesync-max-latency <ms>]\n"
772 " [--timesync-set-threshold <ms>]\n"
773 " [--timesync-set-start|--timesync-no-set-start]\n"
774 " [--timesync-set-on-restore|--timesync-no-set-on-restore]\n"
775 " [--timesync-verbosity <level>]"
776 ,
777 /* pszOptions. */
778 " --timesync-interval Specifies the interval at which to synchronize the\n"
779 " time with the host. The default is 10000 ms.\n"
780 " --timesync-min-adjust The minimum absolute drift value measured in\n"
781 " milliseconds to make adjustments for.\n"
782 " The default is 1000 ms on OS/2 and 100 ms elsewhere.\n"
783 " --timesync-latency-factor\n"
784 " The factor to multiply the time query latency with\n"
785 " to calculate the dynamic minimum adjust time.\n"
786 " The default is 8 times.\n"
787 " --timesync-max-latency The max host timer query latency to accept.\n"
788 " The default is 250 ms.\n"
789 " --timesync-set-threshold\n"
790 " The absolute drift threshold, given as milliseconds,\n"
791 " where to start setting the time instead of trying to\n"
792 " adjust it. The default is 20 min.\n"
793 " --timesync-set-start, --timesync-no-set-start \n"
794 " Set the time when starting the time sync service.\n"
795#ifdef RT_OS_OS2
796 " Default: --timesync-set-start\n"
797#else
798 " Default: --timesync-no-set-start\n"
799#endif
800 " --timesync-set-on-restore, --timesync-no-set-on-restore\n"
801 " Whether to immediately set the time when the VM is\n"
802 " restored or not. Default: --timesync-set-on-restore\n"
803 " --timesync-verbosity Sets the verbosity level. Defaults to service wide\n"
804 " verbosity level.\n"
805 ,
806 /* methods */
807 vgsvcTimeSyncPreInit,
808 vgsvcTimeSyncOption,
809 vgsvcTimeSyncInit,
810 vgsvcTimeSyncWorker,
811 vgsvcTimeSyncStop,
812 vgsvcTimeSyncTerm
813};
814
Note: See TracBrowser for help on using the repository browser.

© 2023 Oracle
ContactPrivacy policyTerms of Use