uefi: fs: Add file times plumbing #138918
Conversation
rustbot
added
S-waiting-on-review
|
(I'll initially mark these PRs as waiting on author in the sense that, that they are waiting for the author to summon @nicholasbishop and get a review. It can be marked as ready when there's a review.) |
rustbot
added
S-waiting-on-author
|
@rustbot label +O-UEFI |
joboet
left a comment
joboet
left a comment
There was a problem hiding this comment.
I'm a bit worried about the edge cases here. It's not that uncommon to end up with a system time of 1970-1-1 if the devices clock is uninitialised. If the current timezone is positive, this might lead to a panic when converting it to a UNIX time. Considering the insanely large bounds afforded by secs being 64-bit, using a signed integer in the conversion algorithm would allow converting dates before the UNIX epoch as well.
Aside from that, the checked methods on SystemTime operate on the assumption that the operation will fail if the time is not representable in the operating system format – but this is currently not the case: UEFI allows times from the year 1900 up to and including the year 9999, whereas a Duration since the UNIX epoch allows representing times from 1970 up to the heat death of the universe, but not before that. I think it would be better to use the UEFI time representation for SystemTime and only convert it into a Duration for the addition/subtraction operations.
library/std/src/sys/pal/uefi/time.rs
Outdated
| let secs = if timezone == r_efi::efi::UNSPECIFIED_TIMEZONE { | ||
| dur.as_secs() | ||
| } else { | ||
| dur.as_secs().checked_add_signed(-timezone as i64).unwrap() |
There was a problem hiding this comment.
I'd use subtraction here, just like the formula in the UEFI spec.
| dur.as_secs().checked_add_signed(-timezone as i64).unwrap() | |
| dur.as_secs().checked_sub_signed(timezone as i64).expect("times should be representable as local UEFI times") |
There was a problem hiding this comment.
checked_sub_signed is currently unstable. I can add the feature if that is fine though.
| let remaining_secs = secs % SECS_IN_DAY; | ||
| let z = days + 719468; | ||
| let era = z / 146097; | ||
| let doe = z - (era * 146097); |
There was a problem hiding this comment.
This is clear by operator precedence, and the source doesn't use parenthesis here either.
| let doe = z - (era * 146097); | |
| let doe = z - era * 146097; |
Yes, I did come to the same conclusion. I think the reason I initially went with duration was to have a simple implementation for all the function implemented on SystemTime (since all the results there are in |
|
☔ The latest upstream changes (presumably #145300) made this pull request unmergeable. Please resolve the merge conflicts. |
Ayush1325
force-pushed
the
uefi-fs-time
branch
from
4c497b4 to
48330eb
Compare
|
@rustbot ready ping @nicholasbishop @joboet |
rustbot
added
S-waiting-on-review
|
r? @joboet |
library/std/src/sys/fs/uefi.rs
Outdated
|
|
||
| #[derive(Copy, Clone, Debug, Default)] | ||
| pub struct FileTimes {} | ||
| #[derive(Copy, Clone, Debug)] |
There was a problem hiding this comment.
Time implements Default, so can't we keep deriving Default here and remove ZERO_TIME?
Ayush1325
force-pushed
the
uefi-fs-time
branch
from
48330eb to
e21995b
Compare
library/std/src/sys/fs/uefi.rs
Outdated
| pub fn set_modified(&mut self, _t: SystemTime) {} | ||
| pub fn set_accessed(&mut self, t: SystemTime) { | ||
| self.accessed = | ||
| t.to_uefi(self.accessed.timezone, self.accessed.daylight).expect("Invalid Time"); |
There was a problem hiding this comment.
Can we avoid this panic? As the SystemTime was created successfully (i.e. checked_add did not return an error), this panic will come as a surprise to users.
A better way perhaps would be to try the initial timezone first, and if that fails, return the closest timezone (minute offset) that still allows the time to be represented. If filesystems ignore the timezone field, this would lead to the first and last 1440 minutes being collapsed into one minute, which doesn't seem too bad.
There was a problem hiding this comment.
I have added the appropriate helpers to use the closest timezone. I have also added the tests that I have used locally to check the new timezone.
Ayush1325
force-pushed
the
uefi-fs-time
branch
from
e21995b to
6637ec8
Compare
library/std/src/sys/pal/uefi/time.rs
Outdated
| system_time_internal::to_uefi(&self.0, timezone, daylight) | ||
| } | ||
|
|
||
| /// Create UEFI Time with the closes timezone (minute offset) that still allows the time to be |
There was a problem hiding this comment.
| /// Create UEFI Time with the closes timezone (minute offset) that still allows the time to be | |
| /// Create UEFI Time with the closest timezone (minute offset) that still allows the time to be |
Ayush1325
force-pushed
the
uefi-fs-time
branch
from
6637ec8 to
0632fd5
Compare
library/std/src/sys/fs/uefi.rs
Outdated
| pub struct FileAttr { | ||
| attr: u64, | ||
| size: u64, | ||
| created: r_efi::efi::Time, |
There was a problem hiding this comment.
UEFI allows creation time to be set, so created should be part of the FileTimes struct (a future PR can then use it to implement set_created in an extension trait like on Windows and Apple platforms).
library/std/src/sys/fs/uefi.rs
Outdated
| pub fn set_accessed(&mut self, _t: SystemTime) {} | ||
| pub fn set_modified(&mut self, _t: SystemTime) {} | ||
| pub fn set_accessed(&mut self, t: SystemTime) { | ||
| self.accessed = t.to_uefi_loose(self.accessed.timezone, self.accessed.daylight); |
There was a problem hiding this comment.
.timezone and .daylight will always be zero here (unless set_accessed/set_modified was called previously and that time had to have it's timezone adjusted to fit in the range of EFI_TIME). The EDK II FAT driver will ignore the timezone when setting the time.. As FAT stores timestamps in the system local time, this conversion should use the current system timezone from the runtime services GetTime in order to be compatible with that driver's behaviour. This conversion should be done in the File::set_times implementation to have consistent behaviour in the (unlikely) event the timezone is changed between the call to set_accessed and the actual setting of the file times in File::set_times (which I believe isn't being implemented in this PR); therefore the FileTimes struct should look something like struct FileTimes { accessed: SystemTime, modified: SystemTime, created: SystemTime }.
There was a problem hiding this comment.
I have converted all FileTimes members to be SystemTime.
library/std/src/sys/fs/uefi.rs
Outdated
|
|
||
| pub fn modified(&self) -> io::Result<SystemTime> { | ||
| unsupported() | ||
| Ok(SystemTime::from_uefi(self.times.modified)) |
There was a problem hiding this comment.
FAT timestamps are always stored in local time in the system timezone, and the EDK II FAT driver uses EFI_UNSPECIFIED_TIMEZONE to represent this. Therefore, if the modified/accessed/created EFI time has a timezone of unspecified, this conversion should use the timezone from the runtime services GetTime in order to be compatible.
There was a problem hiding this comment.
Since this PR does not have any boundary code, I have added helper uefi_to_systemtime that uses the timezone from current time in unspecified timezone cases.
When converting back to UEFI time, I am also using local timezone now in the helper systemtime_to_uefi
All these helpers are local fs since we do not know if some other subsystem might want to handle these specific cases differently.
Ayush1325
force-pushed
the
uefi-fs-time
branch
from
9425040 to
0629cda
Compare
This comment has been minimized.
This comment has been minimized.
rustbot
added
S-waiting-on-review
library/std/src/sys/fs/uefi.rs
Outdated
| pub struct FileAttr { | ||
| attr: u64, | ||
| size: u64, | ||
| times: FileTimes, |
There was a problem hiding this comment.
If I understand correctly, UEFI's EFI_FILE_INFO always contains the file times, right? Then this shouldn't be FileTimes, but rather unconditionally contain the SystemTimes. That also gets rid of the weird unsupported error in the accessors below.
| assert_eq!(from_uefi(&t), Duration::new(1440 * SECS_IN_MINUTE, 0)); | ||
| assert_eq!(t, to_uefi(&from_uefi(&t), 0, 0).unwrap()); | ||
| assert!(to_uefi(&from_uefi(&t), -1440, 0).is_some()); | ||
| assert!(to_uefi(&from_uefi(&t), -1440, 0).is_err()); |
There was a problem hiding this comment.
Something is wrong in the code, this should succeed (localtime = UTC - timezone, so the local time is after the 1st of january 1900).
There was a problem hiding this comment.
My bad, ran it locally and it does succeed. So the test was wrong instead of the implementation.
|
|
||
| let inp = Duration::from_secs(1450 * SECS_IN_MINUTE + 10); | ||
| let new_tz = to_uefi(&inp, 1440, 0).err().unwrap(); | ||
| assert_eq!(new_tz, 9); |
There was a problem hiding this comment.
This is incorrect, if 1450 * SECS_IN_MINUTE is representable in timezone 10, then times after that should be too, right?
There was a problem hiding this comment.
Again, ran it locally, and yes, the testcase currently fails. It should be 10. So the test was wrong instead of the implementation.
library/std/src/sys/pal/uefi/time.rs
Outdated
| const SECS_IN_HOUR: u64 = SECS_IN_MINUTE * 60; | ||
| const SECS_IN_DAY: u64 = SECS_IN_HOUR * 24; | ||
| const TIMEZONE_DELTA: u64 = 1440 * SECS_IN_MINUTE; | ||
| const SYSTEMTIME_TIMEZONE: u64 = 1440 * SECS_IN_MINUTE; |
There was a problem hiding this comment.
The timezone for SystemTime is -1440, since that is the timezone with the earliest representable value. So the sign of this value should be flipped (as well as the sign of the additions/subtractions you use it for).
library/std/src/sys/pal/uefi/time.rs
Outdated
| let adjusted_localtime_epoc: u64 = localtime_epoch + SYSTEMTIME_TIMEZONE; | ||
|
|
||
| let epoch: u64 = if t.timezone == r_efi::efi::UNSPECIFIED_TIMEZONE { | ||
| adjusted_localtime_epoc | ||
| } else { | ||
| adjusted_localtime_epoc | ||
| .checked_add_signed((t.timezone as i64) * SECS_IN_MINUTE as i64) | ||
| .unwrap() | ||
| }; |
There was a problem hiding this comment.
Splitting this calculation is confusing to me, as we want to do a conversion from the original timezone to timezone -1440. Could you perhaps normalise the timezone first (change UNSPECIFIED_TIMEZONE to UTC) and then do the conversion in one go?
library/std/src/sys/pal/uefi/time.rs
Outdated
|
|
||
| // FIXME(#126043): use checked_sub_signed once stabilized | ||
| let secs = | ||
| dur.as_secs().checked_add_signed((-timezone as i64) * SECS_IN_MINUTE as i64).unwrap(); |
There was a problem hiding this comment.
This will still panic for Duration::ZERO in e.g. timezone 1440 though.
joboet
added
S-waiting-on-author
|
☔ The latest upstream changes (presumably #147826) made this pull request unmergeable. Please resolve the merge conflicts. |
- Add FileTimes implementation. Signed-off-by: Ayush Singh <[email protected]>
Ayush1325
force-pushed
the
uefi-fs-time
branch
from
0629cda to
1f0ad37
Compare
|
This PR was rebased onto a different main commit. Here's a range-diff highlighting what actually changed. Rebasing is a normal part of keeping PRs up to date, so no action is needed—this note is just to help reviewers. |
|
@rustbot ready |
rustbot
added
S-waiting-on-review
|
|
||
| #[test] | ||
| fn max_time() { | ||
| let inp = MAX_UEFI_TIME.0; |
There was a problem hiding this comment.
Does this compile? MAX_UEFI_TIME is a Duration, isn't it?
There was a problem hiding this comment.
Yes, it does. MAX_UEFI_TIME is SystemTime. So 0 field is the actual duration.
|
r=me after answering |
|
✌️ @Ayush1325, you can now approve this pull request! If @joboet told you to " |
bors
added
S-waiting-on-bors
|
☀️ Test successful - checks-actions |
What is this?This is an experimental post-merge analysis report that shows differences in test outcomes between the merged PR and its parent PR.Comparing c910098 (parent) -> 42f4793 (this PR) Test differencesShow 2 test diffs2 doctest diffs were found. These are ignored, as they are noisy. Test dashboardRun cargo run --manifest-path src/ci/citool/Cargo.toml -- \
test-dashboard 42f4793e5a514858221b07ac379029d90353913e --output-dir test-dashboardAnd then open Job duration changes
How to interpret the job duration changes?Job durations can vary a lot, based on the actual runner instance |
|
Finished benchmarking commit (42f4793): comparison URL. Overall result: no relevant changes - no action needed@rustbot label: -perf-regression Instruction countThis benchmark run did not return any relevant results for this metric. Max RSS (memory usage)Results (secondary -2.3%)A less reliable metric. May be of interest, but not used to determine the overall result above.
CyclesThis benchmark run did not return any relevant results for this metric. Binary sizeThis benchmark run did not return any relevant results for this metric. Bootstrap: 472.486s -> 473.087s (0.13%) |
9 participants
cc @nicholasbishop
r? @petrochenkov