[PATCH 2/2] watchdog: add watchdog behavior configuration

Michael Walle michael at walle.cc
Thu Sep 24 22:30:24 CEST 2020 

Am 2020-09-24 15:19, schrieb Tom Rini:
> On Thu, Sep 24, 2020 at 09:33:50AM +0200, Michael Walle wrote:
>> Am 2020-09-23 19:35, schrieb Tom Rini:
[..]

>> > > Not printf(), maybe log_info().
>> > >
>> > > The disabling has to occur in ExitBootServices() (aka.
>> > > efi_exit_boot_services()). Here we are in the middle of an executing
>> > > UEFI application. Printing anything on the screen may mess up the
>> > > output
>> > > of the UEFI application.
>> > >
>> > > So, please, don't output anything.
>> >
>> > We need to find a good way to inform the user we're disabling their
>> > watchdog.  Maybe before we fully jump in to UEFI note that it will be
>> > disabled before entering the OS?  Or something a bit more generally
>> > understood than ExitBootServices() having been called.  I don't know
>> > _where_ the best place is, but I think it's important to inform the
>> > user.
>> 
>> The watchdog is only disabled in the "supervise u-boot" mode, why
>> would we need to inform the user? It was the users choice to have
>> the timer only enabled in u-boot.
>> 
>> Or do you mean if for example the vendor chooses that option and
>> in this case the user doesn't know anything about it? The mode
>> is indicated in the "WDT:" output.
> 
> I'm talking about the case where we say we've enabled the WDT to
> supervise OS, but then bootefi something and have disabled the watchdog
> (to meet UEFI requirements) but didn't tell the user we've turned off
> the WDT that we had told them is on.

Ah, do you really want to have a different behavior between bootm and
bootefi? Thats even more suprising IMHO.

I had the following in mind:

+config WATCHDOG_SUPERVISE_OS
+       bool "Supervise U-boot and operating system"
+       help
+         Upon U-Boot startup the first watchdog will be started 
automatically
+         and kept running even after booting the operating system.
+         Be aware, that the operating system needs to service the 
watchdog!
+
+         Additionally, this is not UEFI compliant because:
+          - the timeout won't be set to 5 minutes before starting the 
OS and
+          - the watchdog timer isn't stopped after the OS calls
+            ExitBootServices().

-michael

More information about the U-Boot mailing list