[PATCH 1/1] efi_loader: stop watchdogs in ExitBootServices()
Mark Kettenis
mark.kettenis at xs4all.nl
Tue Nov 9 15:46:43 CET 2021
> From: Michael Walle <michael at walle.cc>
> Date: Tue, 9 Nov 2021 15:20:17 +0100
>
> > The UEFI specification requires for ExitBootServices() that "the boot
> > services watchdog timer is disabled". We already disable the software
> > watchdog. We should additionally disable the hardware watchdogs.
>
> What about watchdogs that cannot be stopped? IIRC the IMX SoCs are
> like that.
You have to hope that your OS takes control of the watchdog quickly
enough for the machine not to reset in between. Strictly speaking
such a platform can not be fully compliant with the UEFI standard. In
practice this doesn't really matter as the OS has to do this quickly
enough if you're using a non-UEFI bootpath anyway.
Maybe somebody who cares enough can get the UEFI standard amended to
handle this scenario. Maybe an interface can be added to the standard
to provide more control over the watchdog such that the timeout can be
set to a larger value before ExitBootServices() gets called. And add
a way to keep the watchdog enabled on SoCs where it can be disabled.
Last time this issue came up, someone pointed out that a watchdog that
can be turned off isn't a proper watchdog. And indeed, turning the
watchdog off when ExitBootServices() gets called means there is a time
window where the watchdog isn't running and where the OS could hang
forever.
Cheers,
Mark
More information about the U-Boot
mailing list