[PATCH 2/2] watchdog: add watchdog behavior configuration

Michael Walle michael at walle.cc
Sun Oct 4 16:55:32 CEST 2020 

Hi all,

Am 2020-09-25 15:04, schrieb Wolfgang Denk:
> Dear Heinrich Schuchardt,
> 
> In message <ceeb82b7-eef0-7435-0d0c-958c0bf07e04 at gmx.de> you wrote:
>> 
>> > Any so-called "watchdog" that can be disabled / switched off by
>> > software is not really woth this name.  As such, the concept of
>> > disabling a watchdog in software, is misleading at best and should
>> > never ibe implemented.
>> 
>> If we want to boot UEFI payloads, we will have to follow the UEFI
>> specification even if we think it is not perfect.
> 
> That's perfectly OK.  But if the OS expects that the watchdog is
> disabled, then we should not enable it in U-Boot in the first place.
> 
> Keep in ind that any real watchdog (which is worth the money and the
> name) _cannot_ be disabled by software once it was started.

How do we proceed here? There seems to be no final conclusion what to
do.

I guess one thing we agree on is that after a system is booted with
bootefi the watchdog should be disabled. So Wolfgang argues, that the
watchdog shouldn't be enabled in the first place then. With this patch
this would actually be possible, the user could just choose to not
enable it at all; if he has a watchdog which can be disabled again,
he can choose that behavior too.

OTOH Mark argues, that in the bootefi case, the watchdog should be
disabled in _any_ case. But that would mean to change the behavior
of current boards. So the question is: is this acceptable?

So if this is not acceptable, I don't think there will be any
changes to this patch (otherwise than having some additional help
text).

If it is acceptable, I'd stop the watchdog before bootefi
unconditionally (and printing a message if SUPERVISE_OS is set), but
keep the current logic for bootm. Personally I'd also prefer this,
because in the end you'll have a bootloader which can boot an OS via
EFI in any case.

Tom, you've mentioned the IMX_WATCHDOG with !CONFIG_WDT. One key
difference is that without CONFIG_WDT the watchdog is only started
if CONFIG_WATCHDOG is enabled (or I missed something here). And I
don't think this patch will apply for that case, right? I think
in that case the watchdog can't even be stopped; there seems to be
only functions to initialize and kick it. Therefore, it also won't
be compatible the EFI spec. There might be warning during the build
if HW_WATCHDOG && EFI_LOADER is set. With a note which suggest the
move to CONFIG_WDT.

-michael

More information about the U-Boot mailing list