#4691 closed enhancement (fixed)

Add support for FACE Technical Standard Restriction on POSIX Absolute Timers

Reported by: Joel Sherrill Owned by: Joel Sherrill
Priority: normal Milestone: 6.1
Component: posix Version: 6
Severity: normal Keywords: qualification
Cc: Blocked By:



Most of the time, the FACE Technical Standard (https://opengroup.org/face) defines a subset (e.g. profile) of a standard. It currently includes four profiles of the POSIX 1003.1-2008 standard with a few optional features like multiple processes and IPV6. However, in one case, it defines an error case for something POSIX defines as required behavior. This ticket is intended to track adding support for an application being able to configure whether it wants the POSIX behavior or that defined by the FACE Technical Standard.

FACE Technical Standard Requirements

POSIX allows for setting a timer on CLOCK_REALTIME[1] while the FACE Technical Standard defines this as an error. This behavior and deviation from POSIX has been in the FACE Technical Standard since the beginning and was present in Edition 1.0[2]. This is the language from Edition 1.0 of the FACE Technical Standard which was written in the tone of a white paper rather than as a set of requirements:

3.9.4 Time Management

Partial support for the POSIX CLOCK_REALTIME, which permits a calendar-based clock time to be set that becomes available to all partitions. Due to safety and security-related considerations in the POSIX definitions of this clock’s behavior, the configuration data will specify which partitions (preferably one partition) have permissions to set (using the clock_settime API) this clock. All partitions may have access to read this clock, but an error will be returned for any partition that attempts to set an alarm based on this clock that is based on absolute time (setting of an alarm based on a relative time is supported). Partitions authorized to set the calendar time will also be authorized to set the time zone value that is visible to all other partitions.

Subsequent editions of the FACE Technical Standard have fine-tuned the language and made requirements clearer with simpler direct "shall" statements.

Also, although the term OSS UoC was defined in Edition 1.0, the requirements now use this acronym for Operating System Segment Unit of Conformance to refer to the operating system and foundational services. Other types of segments are defined for applications, communications, and device management. In Edition 3.1[3], the language has the same intent as Edition 1.0 but the requirements are stated in a more direct and clearer manner. OSS POSIX Clock Requirements

An OSS UoC provides support for POSIX clocks.

  1. An OSS UoC shall support the POSIX Monotonic Clock option (CLOCK_MONOTONIC), including setting absolute and relative timers on this clock.
  2. An OSS UoC shall support clock read-access based POSIX CLOCK_REALTIME clock (calendar-based clock time).
  3. An OSS UoC shall support setting a relative timer-based POSIX CLOCK_REALTIME clock (calendar-based clock time).
  4. An OSS UoC shall support clock time write access for POSIX CLOCK_REALTIME clock value under the constraint that configuration data specifies the partition is authorized to set the clock time (using the clock_settime() API).

Note: The time value set by one partition becomes visible to all other partitions. The timezone value set by one POSIX process using the tzset() or setenv() APIs is local to that POSIX process.

  1. An OSS UoC shall return an error when a software component attempts to set an absolute timer on the POSIX CLOCK_REALTIME clock.

Note: The behavior is necessary (e.g., to prevent backwards and forwards shifts in sequential timers) due to the setting of POSIX_CLOCK_REALTIME clock impacting all partitions.

The use of the word "partition" is intentional because the FACE Technical Standard includes ARINC 653 and POSIX standards. ARINC 653 defines a time and space partitioned real-time environment. POSIX or ARINC 653 applications can be hosted in a partition. In three of the four profiles, ARINC 653 is required while in the fourth it is optional. RTEMS can be hosted in an ARINC 653 partition using a paravirtualized configuration with a BSP that adapts it to the environment.

The requirement being addressed by this ticket is (5) since RTEMS currently meets the other requirements. (5) contradicts the POSIX standard and modifying RTEMS to not support absolute POSIX timers is not an acceptable option.

Proposed Solution

The proposed solution is to add a confdefs.h configure option that enables this behavior when the OSS UoC (e.g. operating system) must provide FACE conformant behavior. When not defined, the POSIX behavior will be in effect.

This will require additions to the confdefs.h family of headers, adding a test, and updating documentation.


[1] POSIX timer_create - https://pubs.opengroup.org/onlinepubs/9699919799/functions/timer_create.html

[2] FACE Technical Standard, Edition 1.0. January 2012. https://publications.opengroup.org/c122.

[3] FACE Technical Standard, Edition 3.1. July 2020. https://publications.opengroup.org/c207.

Change History (10)

comment:1 Changed on 08/02/22 at 01:24:38 by Chris Johns

What structure and naming convention do you propose for confdefs.h?

Could I configure the following to get all FACE related configures enabled:



comment:2 Changed on 08/10/22 at 19:07:27 by Joel Sherrill <joel@…>

In 4b04589b/rtems:


This adds the configure option CONFIGURE_POSIX_TIMERS_FACE_BEHAVIOR
which allows the application to choose whether to have the POSIX
timer_create() function follow the behavior defined by POSIX or
the FACE Technical Standard.

Updates #4691.

comment:3 Changed on 08/11/22 at 05:46:29 by Duc Doan <dtbpkmte@…>

In c655c72d/rtems:

build/cpukit: Add confdefs/face.h to install rule

Updates #4691

comment:4 Changed on 08/11/22 at 18:01:47 by Joel Sherrill <joel@…>

In 996d18c/rtems:

psxtimer_face01: Improve coverage and documentation

Updates #4691.

comment:5 Changed on 08/31/22 at 11:09:53 by Sebastian Huber <sebastian.huber@…>

In b3d2e3fe/rtems:

config: Include <rtems/posix/timer.h> on demand

Updates #4691.

comment:6 Changed on 09/05/22 at 06:47:03 by Joel Sherrill <joel@…>

In b1fd623/rtems-central:

Add POSIX Timer FACE Behavior Configuration

Updates #4691.

comment:7 Changed on 09/05/22 at 06:47:04 by Sebastian Huber <sebastian.huber@…>

In 1a5be0d/rtems-central:

spec: Add glossary link

Updates #4691.

comment:8 Changed on 09/05/22 at 06:48:21 by Sebastian Huber <sebastian.huber@…>

In b06ec5b6/rtems:


Update #4691.

comment:9 Changed on 09/05/22 at 06:53:06 by Joel Sherrill <joel@…>

Resolution: fixed
Status: assignedclosed

In 4f9e9e5/rtems-docs:

c-user/config/face.rst: New file -- add CONFIGURE_POSIX_TIMERS_FACE_BEHAVIOR

Closes #4691.

comment:10 Changed on 10/31/23 at 11:49:58 by Sebastian Huber

Keywords: qualification added
Note: See TracTickets for help on using tickets.