This is currently supported in firmware deployed on oak, hana and elm mt8173
chromebook devices. The kernel driver is written to be a generic SMC
watchdog driver.
Arm Trusted Firmware upstreaming review:
https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3405
Patch to add oak, hana, elm device tree:
https://lore.kernel.org/linux-arm-kernel/[email protected]/
I would like to add the device tree support after the above patch is
accepted.
Changes in v3:
- Change name back to arm
- Add optional get_timeleft op
- change name to arm_smc_wdt
Changes in v2:
- Change name arm > mt8173
- use watchdog_stop_on_reboot
- use watchdog_stop_on_unregister
- use devm_watchdog_register_device
- remove smcwd_shutdown, smcwd_remove
- change error codes
Evan Benn (1):
dt-bindings: watchdog: Add ARM smc wdt for mt8173 watchdog
Julius Werner (1):
watchdog: Add new arm_smd_wdt watchdog driver
.../bindings/watchdog/arm-smc-wdt.yaml | 30 +++
MAINTAINERS | 7 +
arch/arm64/configs/defconfig | 1 +
drivers/watchdog/Kconfig | 13 ++
drivers/watchdog/Makefile | 1 +
drivers/watchdog/arm_smc_wdt.c | 181 ++++++++++++++++++
6 files changed, 233 insertions(+)
create mode 100644 Documentation/devicetree/bindings/watchdog/arm-smc-wdt.yaml
create mode 100644 drivers/watchdog/arm_smc_wdt.c
--
2.26.0.292.g33ef6b2f38-goog
From: Julius Werner <[email protected]>
This patch adds a watchdog driver that can be used on ARM systems
with the appropriate watchdog implemented in Secure Monitor firmware.
The driver communicates with firmware via a Secure Monitor Call.
This may be useful for platforms using TrustZone that want
the Secure Monitor firmware to have the final control over the watchdog.
This is implemented on mt8173 chromebook devices oak, elm and hana in
arm trusted firmware file plat/mediatek/mt8173/drivers/wdt/wdt.c.
Signed-off-by: Julius Werner <[email protected]>
Signed-off-by: Evan Benn <[email protected]>
---
Changes in v3:
- Add optional get_timeleft op
- change name to arm_smc_wdt
Changes in v2:
- use watchdog_stop_on_reboot
- use watchdog_stop_on_unregister
- use devm_watchdog_register_device
- remove smcwd_shutdown, smcwd_remove
- change error codes
MAINTAINERS | 1 +
arch/arm64/configs/defconfig | 1 +
drivers/watchdog/Kconfig | 13 +++
drivers/watchdog/Makefile | 1 +
drivers/watchdog/arm_smc_wdt.c | 181 +++++++++++++++++++++++++++++++++
5 files changed, 197 insertions(+)
create mode 100644 drivers/watchdog/arm_smc_wdt.c
diff --git a/MAINTAINERS b/MAINTAINERS
index af8842b998a93..2ec83d4c1032f 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1426,6 +1426,7 @@ M: Julius Werner <[email protected]>
R: Evan Benn <[email protected]>
S: Maintained
F: devicetree/bindings/watchdog/arm-smc-wdt.yaml
+F: drivers/watchdog/arm_smc_wdt.c
ARM SMMU DRIVERS
M: Will Deacon <[email protected]>
diff --git a/arch/arm64/configs/defconfig b/arch/arm64/configs/defconfig
index 4db223dbc5499..b5117d46c1d96 100644
--- a/arch/arm64/configs/defconfig
+++ b/arch/arm64/configs/defconfig
@@ -467,6 +467,7 @@ CONFIG_QCOM_SPMI_TEMP_ALARM=m
CONFIG_UNIPHIER_THERMAL=y
CONFIG_WATCHDOG=y
CONFIG_ARM_SP805_WATCHDOG=y
+CONFIG_ARM_SMC_WATCHDOG=y
CONFIG_S3C2410_WATCHDOG=y
CONFIG_DW_WATCHDOG=y
CONFIG_SUNXI_WATCHDOG=m
diff --git a/drivers/watchdog/Kconfig b/drivers/watchdog/Kconfig
index 9ea2b43d4b012..2a44af10d9beb 100644
--- a/drivers/watchdog/Kconfig
+++ b/drivers/watchdog/Kconfig
@@ -859,6 +859,19 @@ config DIGICOLOR_WATCHDOG
To compile this driver as a module, choose M here: the
module will be called digicolor_wdt.
+config ARM_SMC_WATCHDOG
+ tristate "ARM Secure Monitor Call based watchdog support"
+ depends on ARM || ARM64
+ depends on OF
+ depends on HAVE_ARM_SMCCC
+ select WATCHDOG_CORE
+ help
+ Say Y here to include support for a watchdog timer
+ implemented by the EL3 Secure Monitor on ARM platforms.
+ Requires firmware support.
+ To compile this driver as a module, choose M here: the
+ module will be called arm_smc_wdt.
+
config LPC18XX_WATCHDOG
tristate "LPC18xx/43xx Watchdog"
depends on ARCH_LPC18XX || COMPILE_TEST
diff --git a/drivers/watchdog/Makefile b/drivers/watchdog/Makefile
index 2ee352bf3372d..ec9d4337dad70 100644
--- a/drivers/watchdog/Makefile
+++ b/drivers/watchdog/Makefile
@@ -93,6 +93,7 @@ obj-$(CONFIG_UNIPHIER_WATCHDOG) += uniphier_wdt.o
obj-$(CONFIG_RTD119X_WATCHDOG) += rtd119x_wdt.o
obj-$(CONFIG_SPRD_WATCHDOG) += sprd_wdt.o
obj-$(CONFIG_PM8916_WATCHDOG) += pm8916_wdt.o
+obj-$(CONFIG_ARM_SMC_WATCHDOG) += arm_smc_wdt.o
# X86 (i386 + ia64 + x86_64) Architecture
obj-$(CONFIG_ACQUIRE_WDT) += acquirewdt.o
diff --git a/drivers/watchdog/arm_smc_wdt.c b/drivers/watchdog/arm_smc_wdt.c
new file mode 100644
index 0000000000000..468995f776b3c
--- /dev/null
+++ b/drivers/watchdog/arm_smc_wdt.c
@@ -0,0 +1,181 @@
+// SPDX-License-Identifier: GPL-2.0-only
+/*
+ * ARM Secure Monitor Call watchdog driver
+ *
+ * Copyright 2020 Google LLC.
+ * Julius Werner <[email protected]>
+ * Based on mtk_wdt.c
+ */
+
+#include <linux/arm-smccc.h>
+#include <linux/err.h>
+#include <linux/module.h>
+#include <linux/moduleparam.h>
+#include <linux/of.h>
+#include <linux/platform_device.h>
+#include <linux/types.h>
+#include <linux/watchdog.h>
+#include <uapi/linux/psci.h>
+
+#define DRV_NAME "arm_smc_wdt"
+#define DRV_VERSION "1.0"
+
+#define SMCWD_FUNC_ID 0x82003d06
+
+enum smcwd_call {
+ SMCWD_INIT = 0,
+ SMCWD_SET_TIMEOUT = 1,
+ SMCWD_ENABLE = 2,
+ SMCWD_PET = 3,
+ SMCWD_GET_TIMELEFT = 4,
+};
+
+static bool nowayout = WATCHDOG_NOWAYOUT;
+static unsigned int timeout;
+
+static int smcwd_call(enum smcwd_call call, unsigned long arg,
+ struct arm_smccc_res *res)
+{
+ struct arm_smccc_res local_res;
+
+ if (!res)
+ res = &local_res;
+
+ arm_smccc_smc(SMCWD_FUNC_ID, call, arg, 0, 0, 0, 0, 0, res);
+
+ if (res->a0 == PSCI_RET_NOT_SUPPORTED)
+ return -ENODEV;
+ if (res->a0 == PSCI_RET_INVALID_PARAMS)
+ return -EINVAL;
+ if (res->a0 != PSCI_RET_SUCCESS)
+ return -EIO;
+ return 0;
+}
+
+static int smcwd_ping(struct watchdog_device *wdd)
+{
+ return smcwd_call(SMCWD_PET, 0, NULL);
+}
+
+static unsigned int smcwd_get_timeleft(struct watchdog_device *wdd)
+{
+ struct arm_smccc_res res;
+
+ smcwd_call(SMCWD_GET_TIMELEFT, 0, &res);
+ return res.a0;
+}
+
+static int smcwd_set_timeout(struct watchdog_device *wdd, unsigned int timeout)
+{
+ int res;
+
+ res = smcwd_call(SMCWD_SET_TIMEOUT, timeout, NULL);
+ if (!res)
+ wdd->timeout = timeout;
+ return res;
+}
+
+static int smcwd_stop(struct watchdog_device *wdd)
+{
+ return smcwd_call(SMCWD_ENABLE, 0, NULL);
+}
+
+static int smcwd_start(struct watchdog_device *wdd)
+{
+ return smcwd_call(SMCWD_ENABLE, 1, NULL);
+}
+
+static const struct watchdog_info smcwd_info = {
+ .identity = DRV_NAME,
+ .options = WDIOF_SETTIMEOUT |
+ WDIOF_KEEPALIVEPING |
+ WDIOF_MAGICCLOSE,
+};
+
+static const struct watchdog_ops smcwd_ops = {
+ .start = smcwd_start,
+ .stop = smcwd_stop,
+ .ping = smcwd_ping,
+ .set_timeout = smcwd_set_timeout,
+};
+
+static const struct watchdog_ops smcwd_timeleft_ops = {
+ .start = smcwd_start,
+ .stop = smcwd_stop,
+ .ping = smcwd_ping,
+ .set_timeout = smcwd_set_timeout,
+ .get_timeleft = smcwd_get_timeleft,
+};
+
+static int smcwd_probe(struct platform_device *pdev)
+{
+ struct watchdog_device *wdd;
+ int err;
+ struct arm_smccc_res res;
+
+ err = smcwd_call(SMCWD_INIT, 0, &res);
+ if (err < 0)
+ return err;
+
+ wdd = devm_kzalloc(&pdev->dev, sizeof(*wdd), GFP_KERNEL);
+ if (!wdd)
+ return -ENOMEM;
+
+ platform_set_drvdata(pdev, wdd);
+
+ wdd->info = &smcwd_info;
+ /* get_timeleft is optional */
+ if (smcwd_call(SMCWD_GET_TIMELEFT, 0, NULL))
+ wdd->ops = &smcwd_ops;
+ else
+ wdd->ops = &smcwd_timeleft_ops;
+ wdd->timeout = res.a2;
+ wdd->max_timeout = res.a2;
+ wdd->min_timeout = res.a1;
+ wdd->parent = &pdev->dev;
+
+ watchdog_stop_on_reboot(wdd);
+ watchdog_stop_on_unregister(wdd);
+ watchdog_set_nowayout(wdd, nowayout);
+ watchdog_init_timeout(wdd, timeout, &pdev->dev);
+ err = smcwd_set_timeout(wdd, wdd->timeout);
+ if (err)
+ return err;
+
+ err = devm_watchdog_register_device(&pdev->dev, wdd);
+ if (err)
+ return err;
+
+ dev_info(&pdev->dev, "Watchdog registered (timeout=%d sec, nowayout=%d)\n",
+ wdd->timeout, nowayout);
+
+ return 0;
+}
+
+static const struct of_device_id smcwd_dt_ids[] = {
+ { .compatible = "mediatek,mt8173-smc-wdt" },
+ {}
+};
+MODULE_DEVICE_TABLE(of, smcwd_dt_ids);
+
+static struct platform_driver smcwd_driver = {
+ .probe = smcwd_probe,
+ .driver = {
+ .name = DRV_NAME,
+ .of_match_table = smcwd_dt_ids,
+ },
+};
+
+module_platform_driver(smcwd_driver);
+
+module_param(timeout, uint, 0);
+MODULE_PARM_DESC(timeout, "Watchdog heartbeat in seconds");
+
+module_param(nowayout, bool, 0);
+MODULE_PARM_DESC(nowayout, "Watchdog cannot be stopped once started (default="
+ __MODULE_STRING(WATCHDOG_NOWAYOUT) ")");
+
+MODULE_LICENSE("GPL");
+MODULE_AUTHOR("Julius Werner <[email protected]>");
+MODULE_DESCRIPTION("ARM Secure Monitor Call Watchdog Driver");
+MODULE_VERSION(DRV_VERSION);
--
2.26.0.292.g33ef6b2f38-goog
This watchdog can be used on ARM systems with a Secure
Monitor firmware to forward watchdog operations to
firmware via a Secure Monitor Call.
Signed-off-by: Evan Benn <[email protected]>
---
Changes in v3:
- Change name back to arm
Changes in v2:
- Change name arm > mt8173
.../bindings/watchdog/arm-smc-wdt.yaml | 30 +++++++++++++++++++
MAINTAINERS | 6 ++++
2 files changed, 36 insertions(+)
create mode 100644 Documentation/devicetree/bindings/watchdog/arm-smc-wdt.yaml
diff --git a/Documentation/devicetree/bindings/watchdog/arm-smc-wdt.yaml b/Documentation/devicetree/bindings/watchdog/arm-smc-wdt.yaml
new file mode 100644
index 0000000000000..24968f199413b
--- /dev/null
+++ b/Documentation/devicetree/bindings/watchdog/arm-smc-wdt.yaml
@@ -0,0 +1,30 @@
+# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
+%YAML 1.2
+---
+$id: http://devicetree.org/schemas/watchdog/arm-smc-wdt.yaml#
+$schema: http://devicetree.org/meta-schemas/core.yaml#
+
+title: ARM Secure Monitor Call based watchdog
+
+allOf:
+ - $ref: "watchdog.yaml#"
+
+maintainers:
+ - Julius Werner <[email protected]>
+
+properties:
+ compatible:
+ enum:
+ - mediatek,mt8173-smc-wdt
+
+required:
+ - compatible
+
+examples:
+ - |
+ watchdog {
+ compatible = "mediatek,mt8173-smc-wdt";
+ timeout-sec = <15>;
+ };
+
+...
diff --git a/MAINTAINERS b/MAINTAINERS
index a6fbdf354d343..af8842b998a93 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1421,6 +1421,12 @@ S: Maintained
F: Documentation/devicetree/bindings/interrupt-controller/amazon,al-fic.txt
F: drivers/irqchip/irq-al-fic.c
+ARM SMC WATCHDOG DRIVER
+M: Julius Werner <[email protected]>
+R: Evan Benn <[email protected]>
+S: Maintained
+F: devicetree/bindings/watchdog/arm-smc-wdt.yaml
+
ARM SMMU DRIVERS
M: Will Deacon <[email protected]>
R: Robin Murphy <[email protected]>
--
2.26.0.292.g33ef6b2f38-goog
On Fri, Apr 03, 2020 at 04:29:00PM +1100, Evan Benn wrote:
> From: Julius Werner <[email protected]>
>
> This patch adds a watchdog driver that can be used on ARM systems
> with the appropriate watchdog implemented in Secure Monitor firmware.
> The driver communicates with firmware via a Secure Monitor Call.
> This may be useful for platforms using TrustZone that want
> the Secure Monitor firmware to have the final control over the watchdog.
>
> This is implemented on mt8173 chromebook devices oak, elm and hana in
> arm trusted firmware file plat/mediatek/mt8173/drivers/wdt/wdt.c.
>
> Signed-off-by: Julius Werner <[email protected]>
> Signed-off-by: Evan Benn <[email protected]>
Reviewed-by: Guenter Roeck <[email protected]>
Guenter
Apologies I forgot to add this note to my cover letter.
Xingyu do you mind seeing if you can modify your ATF firmware to match
this driver?
We can add a compatible or make other changes to suit you.
Thanks
On Fri, Apr 3, 2020 at 4:29 PM Evan Benn <[email protected]> wrote:
>
> This is currently supported in firmware deployed on oak, hana and elm mt8173
> chromebook devices. The kernel driver is written to be a generic SMC
> watchdog driver.
>
> Arm Trusted Firmware upstreaming review:
> https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3405
>
> Patch to add oak, hana, elm device tree:
> https://lore.kernel.org/linux-arm-kernel/[email protected]/
> I would like to add the device tree support after the above patch is
> accepted.
>
> Changes in v3:
> - Change name back to arm
> - Add optional get_timeleft op
> - change name to arm_smc_wdt
>
> Changes in v2:
> - Change name arm > mt8173
> - use watchdog_stop_on_reboot
> - use watchdog_stop_on_unregister
> - use devm_watchdog_register_device
> - remove smcwd_shutdown, smcwd_remove
> - change error codes
>
> Evan Benn (1):
> dt-bindings: watchdog: Add ARM smc wdt for mt8173 watchdog
>
> Julius Werner (1):
> watchdog: Add new arm_smd_wdt watchdog driver
>
> .../bindings/watchdog/arm-smc-wdt.yaml | 30 +++
> MAINTAINERS | 7 +
> arch/arm64/configs/defconfig | 1 +
> drivers/watchdog/Kconfig | 13 ++
> drivers/watchdog/Makefile | 1 +
> drivers/watchdog/arm_smc_wdt.c | 181 ++++++++++++++++++
> 6 files changed, 233 insertions(+)
> create mode 100644 Documentation/devicetree/bindings/watchdog/arm-smc-wdt.yaml
> create mode 100644 drivers/watchdog/arm_smc_wdt.c
>
> --
> 2.26.0.292.g33ef6b2f38-goog
>
> + wdd->info = &smcwd_info;
> + /* get_timeleft is optional */
> + if (smcwd_call(SMCWD_GET_TIMELEFT, 0, NULL))
How is this supposed to work? A firmware that implements this call
would return the time left here which may not be 0 (maybe the watchdog
was already primed by the bootloader or whatever), so smcwd_call()
would interpret it as an error.
I think the cleanest solution would be to stick to the same return
codes in a0 and use a1 to report the time left when a0 is
PSCI_SUCCESS. This is more consistent with SMCWD_INIT too.
On Sat, Apr 4, 2020 at 9:56 AM Julius Werner <[email protected]> wrote:
>
> > + wdd->info = &smcwd_info;
> > + /* get_timeleft is optional */
> > + if (smcwd_call(SMCWD_GET_TIMELEFT, 0, NULL))
>
> How is this supposed to work? A firmware that implements this call
> would return the time left here which may not be 0 (maybe the watchdog
> was already primed by the bootloader or whatever), so smcwd_call()
> would interpret it as an error.
>
> I think the cleanest solution would be to stick to the same return
> codes in a0 and use a1 to report the time left when a0 is
> PSCI_SUCCESS. This is more consistent with SMCWD_INIT too.
Yes you are right, I have the wrong return code in the get_timeleft
implementation. It should use ->a1 for the actual timeleft, a0 is for
the error code.
Here smcwd_call returns the error code, which is NOT_IMPLEMENTED if
the firmware does not implement timeleft. The timeleft itself cannot
return error codes else we would just return that there I guess.
Hi,Evan
On 2020/4/11 23:06, Xingyu Chen wrote:
> Hi, Evan
>
> On 2020/4/3 14:04, Evan Benn wrote:
>> Apologies I forgot to add this note to my cover letter.
>>
>> Xingyu do you mind seeing if you can modify your ATF firmware to match
>> this driver?
>> We can add a compatible or make other changes to suit you.
> Thanks for your patch [0], I will test this patch on the meson-A1
> platform, but It looks more
> convenient to be compatible with other platforms if using the compatible
> strings to correlate
> platform differences include function ID and wdt_ops.
>
> [0]: https://patchwork.kernel.org/patch/11471829/
I have tested your patch on the meson-A1, but I use the compatible
strings to correlate the following platform differences,it works normally.
static const struct smcwd_data smcwd_mtk_data = {
.func_id = 0x82003d06,
.ops = &smcwd_ops,
}
static const struct smcwd_data smcwd_meson_data = {
.func_id = 0x82000086,
.ops = &smcwd_timeleft_ops,
}
In addition, It looks more reasonable to use the "msec" as the unit of
timeout parameter for the ATF fw interface with SMCWD_SET_TIMEOUT:
- The fw interface will compatible with the uboot generic watchdog
interface at [0], and there is no need to convert timeout from msec
to sec.
- Some vendor's watchdog may be not support the "wdt_trigger_reset"
reset operation, but they can use the method below to reset the system
by the watchdog right now.
watchdog_set_time(1); //1ms
watchdog_enable();
[0]:
https://gitlab.denx.de/u-boot/u-boot/-/blob/master/drivers/watchdog/wdt-uclass.c
Best Regards
>> Thanks
>>
>> On Fri, Apr 3, 2020 at 4:29 PM Evan Benn <[email protected]
>> <mailto:[email protected]>> wrote:
>>
>> This is currently supported in firmware deployed on oak, hana and
>> elm mt8173
>> chromebook devices. The kernel driver is written to be a generic SMC
>> watchdog driver.
>>
>> Arm Trusted Firmware upstreaming review:
>> https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3405
>>
>> Patch to add oak, hana, elm device tree:
>> https://lore.kernel.org/linux-arm-kernel/[email protected]/
>> I would like to add the device tree support after the above patch is
>> accepted.
>>
>> Changes in v3:
>> - Change name back to arm
>> - Add optional get_timeleft op
>> - change name to arm_smc_wdt
>>
>> Changes in v2:
>> - Change name arm > mt8173
>> - use watchdog_stop_on_reboot
>> - use watchdog_stop_on_unregister
>> - use devm_watchdog_register_device
>> - remove smcwd_shutdown, smcwd_remove
>> - change error codes
>>
>> Evan Benn (1):
>> dt-bindings: watchdog: Add ARM smc wdt for mt8173 watchdog
>>
>> Julius Werner (1):
>> watchdog: Add new arm_smd_wdt watchdog driver
>>
>> .../bindings/watchdog/arm-smc-wdt.yaml | 30 +++
>> MAINTAINERS | 7 +
>> arch/arm64/configs/defconfig | 1 +
>> drivers/watchdog/Kconfig | 13 ++
>> drivers/watchdog/Makefile | 1 +
>> drivers/watchdog/arm_smc_wdt.c | 181
>> ++++++++++++++++++
>> 6 files changed, 233 insertions(+)
>> create mode 100644
>> Documentation/devicetree/bindings/watchdog/arm-smc-wdt.yaml
>> create mode 100644 drivers/watchdog/arm_smc_wdt.c
>>
>> --
>> 2.26.0.292.g33ef6b2f38-goog
>>
> In addition, It looks more reasonable to use the "msec" as the unit of
> timeout parameter for the ATF fw interface with SMCWD_SET_TIMEOUT:
>
> - The fw interface will compatible with the uboot generic watchdog
> interface at [0], and there is no need to convert timeout from msec
> to sec.
I think we're trying hard to keep this compatible to a Trusted
Firmware counterpart that we have already shipped, so we would prefer
to keep it at seconds if possible. That's what the Linux watchdog core
uses as well after all, so it just seems natural. I don't really see
how what U-Boot does would have anything to do with this.
> - Some vendor's watchdog may be not support the "wdt_trigger_reset"
> reset operation, but they can use the method below to reset the system
> by the watchdog right now.
>
> watchdog_set_time(1); //1ms
> watchdog_enable();
They can still do that but they should do that on the Trusted Firmware
side. Emulating a missing reset functionality should be handled by the
hardware abstraction layer (in this case Trusted Firmware), not at the
Linux API level. So Linux would still send a PSCI_SYSTEM_RESET SMC,
but then Trusted Firmware can choose to implement that by setting the
watchdog to the smallest possible timeout (which it can because it's
accessing it directly, not through this SMC interface) and letting it
expire.
On Wed, Apr 15, 2020 at 03:29:29PM -0700, Julius Werner wrote:
> > In addition, It looks more reasonable to use the "msec" as the unit of
> > timeout parameter for the ATF fw interface with SMCWD_SET_TIMEOUT:
> >
> > - The fw interface will compatible with the uboot generic watchdog
> > interface at [0], and there is no need to convert timeout from msec
> > to sec.
>
> I think we're trying hard to keep this compatible to a Trusted
> Firmware counterpart that we have already shipped, so we would prefer
> to keep it at seconds if possible. That's what the Linux watchdog core
> uses as well after all, so it just seems natural. I don't really see
> how what U-Boot does would have anything to do with this.
>
> > - Some vendor's watchdog may be not support the "wdt_trigger_reset"
> > reset operation, but they can use the method below to reset the system
> > by the watchdog right now.
> >
> > watchdog_set_time(1); //1ms
> > watchdog_enable();
>
> They can still do that but they should do that on the Trusted Firmware
> side. Emulating a missing reset functionality should be handled by the
> hardware abstraction layer (in this case Trusted Firmware), not at the
> Linux API level. So Linux would still send a PSCI_SYSTEM_RESET SMC,
> but then Trusted Firmware can choose to implement that by setting the
> watchdog to the smallest possible timeout (which it can because it's
> accessing it directly, not through this SMC interface) and letting it
> expire.
I agree. Using a watchdog to implement reset functionality is always a
means of last resort and should be avoided if possible.
Guenter
> Can anyone provide advice about making SMCWD_FUNC_ID a device tree
> param directly, vs using the compatible to select from a table.
Sounds like most people prefer the way with using different compatible
strings? (Personally I don't really care either way.)
Thanks Xingyu,
Can anyone provide advice about making SMCWD_FUNC_ID a device tree
param directly, vs using the compatible to select from a table.
Please note get_timeleft erroneously returns res.a0 instead of res.a1
in this version.
Evan
On Thu, Apr 16, 2020 at 9:12 AM Guenter Roeck <[email protected]> wrote:
>
> On Wed, Apr 15, 2020 at 03:29:29PM -0700, Julius Werner wrote:
> > > In addition, It looks more reasonable to use the "msec" as the unit of
> > > timeout parameter for the ATF fw interface with SMCWD_SET_TIMEOUT:
> > >
> > > - The fw interface will compatible with the uboot generic watchdog
> > > interface at [0], and there is no need to convert timeout from msec
> > > to sec.
> >
> > I think we're trying hard to keep this compatible to a Trusted
> > Firmware counterpart that we have already shipped, so we would prefer
> > to keep it at seconds if possible. That's what the Linux watchdog core
> > uses as well after all, so it just seems natural. I don't really see
> > how what U-Boot does would have anything to do with this.
> >
> > > - Some vendor's watchdog may be not support the "wdt_trigger_reset"
> > > reset operation, but they can use the method below to reset the system
> > > by the watchdog right now.
> > >
> > > watchdog_set_time(1); //1ms
> > > watchdog_enable();
> >
> > They can still do that but they should do that on the Trusted Firmware
> > side. Emulating a missing reset functionality should be handled by the
> > hardware abstraction layer (in this case Trusted Firmware), not at the
> > Linux API level. So Linux would still send a PSCI_SYSTEM_RESET SMC,
> > but then Trusted Firmware can choose to implement that by setting the
> > watchdog to the smallest possible timeout (which it can because it's
> > accessing it directly, not through this SMC interface) and letting it
> > expire.
>
> I agree. Using a watchdog to implement reset functionality is always a
> means of last resort and should be avoided if possible.
>
> Guenter
Hi,Julius
On 2020/4/16 6:29, Julius Werner wrote:
>> In addition, It looks more reasonable to use the "msec" as the unit of
>> timeout parameter for the ATF fw interface with SMCWD_SET_TIMEOUT:
>>
>> - The fw interface will compatible with the uboot generic watchdog
>> interface at [0], and there is no need to convert timeout from msec
>> to sec.
>
> I think we're trying hard to keep this compatible to a Trusted
> Firmware counterpart that we have already shipped, so we would prefer
> to keep it at seconds if possible. That's what the Linux watchdog core
> uses as well after all, so it just seems natural. I don't really see
> how what U-Boot does would have anything to do with this.
If the uboot introduces a smcwd driver, and it maybe work like this:
static const struct wdt_ops XXX_wdt_ops = {
.start = XXX_wdt_start,
...
}
static int XXX_wdt_start(struct udevice *dev, u64 ms, ulong flags) {
timeout = ms / 1000; //convert timeout from msec to sec.
smcwd_call(SMCWD_SET_TIMEOUT, timeout, NULL);
smcwd_call(SMCWD_ENABLE, 0, NULL);
}
Best Regards
>
>> - Some vendor's watchdog may be not support the "wdt_trigger_reset"
>> reset operation, but they can use the method below to reset the system
>> by the watchdog right now.
>>
>> watchdog_set_time(1); //1ms
>> watchdog_enable();
>
> They can still do that but they should do that on the Trusted Firmware
> side. Emulating a missing reset functionality should be handled by the
> hardware abstraction layer (in this case Trusted Firmware), not at the
> Linux API level. So Linux would still send a PSCI_SYSTEM_RESET SMC,
> but then Trusted Firmware can choose to implement that by setting the
> watchdog to the smallest possible timeout (which it can because it's
> accessing it directly, not through this SMC interface) and letting it
> expire.
>
> .
>
On 4/15/2020 5:56 PM, Julius Werner wrote:
>> Can anyone provide advice about making SMCWD_FUNC_ID a device tree
>> param directly, vs using the compatible to select from a table.
>
> Sounds like most people prefer the way with using different compatible
> strings? (Personally I don't really care either way.)
The PSCI binding itself has provision for specifying function IDs for
different functions, and this seems to be followed by other subsystems
as well like SCMI:
https://www.spinics.net/lists/arm-kernel/msg791270.html
I could easily imagine that a firmware would provide two functions IDs
(one for AArch32, one for AArch64) and that it could change those over
time while not changing the compatible string at all.
--
Florian
Thanks Florian,
> The PSCI binding itself has provision for specifying function IDs for
> different functions, and this seems to be followed by other subsystems
> as well like SCMI:
>
> https://www.spinics.net/lists/arm-kernel/msg791270.html
Are you referring to this line in the devicetree linked?
+- arm,smc-id : SMC id required when using smc or hvc transports
I cannot find any prior definition of this in the devicetree yaml
format, so I will add that as well.
Did you have a link for the psci usage that you referenced?
Thanks
Evan
On 4/20/2020 6:08 PM, Evan Benn wrote:
> Thanks Florian,
>
>> The PSCI binding itself has provision for specifying function IDs for
>> different functions, and this seems to be followed by other subsystems
>> as well like SCMI:
>>
>> https://www.spinics.net/lists/arm-kernel/msg791270.html
>
> Are you referring to this line in the devicetree linked?
>
> +- arm,smc-id : SMC id required when using smc or hvc transports
>
> I cannot find any prior definition of this in the devicetree yaml
> format, so I will add that as well.
> Did you have a link for the psci usage that you referenced?
Sure, line 80 and below from psci.yaml:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/devicetree/bindings/arm/psci.yaml#n80
--
Florian