On Thu, 7 Feb 2019, Thomas Gleixner wrote: > Does this really need to be an out of line call? If you stick this into the > clock_get() implementations then it boils down to: > > static inline void timens_add_monotonic(struct timespec64 *ts) > { > struct timens_offsets *ns_offsets = current->nsproxy->time_ns->offsets; > > if (ns_offsets) > *ts = timespec64_add(*ts, ns_offsets->monotonic_time_offset); And this needs to be a special variant of timespec64-add_safe(). timespec64_add_safe() is not sufficient, because it assumes that both values are positive, which is not the case here.. In timer_set() implementations you move the timespec_valid() check after the add. That's wrong because you really want to check the input value from user space. Assume that the caller supplied value is valid and the adjustment brings it out of range then how should the caller understand why it it rejected? So timespec64_add_namespace() must check for under and overflow. But doing this with timespecs is a pain. I rather suggest to rework the whole thing so hrtimer_nanosleep() takes a ktime_t expiry value and move the conversion to the call sites. Then the whole offset magic becomes: expires = timespec64_to_ktime(rqtp); if (abstime) expires = timens_to_host_mono(expires); and that function can nicely do the underflow and overflow detection and cap the values to 0 on underflow and KTIME_MAX on overflow. Hmm? Thanks, tglx _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers