lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 10 Jun 2019 15:51:52 +0000
From:   Ken Sloat <KSloat@...pglobal.com>
To:     "Nicolas.Ferre@...rochip.com" <Nicolas.Ferre@...rochip.com>
CC:     Ken Sloat <KSloat@...pglobal.com>,
        "alexandre.belloni@...e-electrons.com" 
        <alexandre.belloni@...e-electrons.com>,
        "wim@...ana.be" <wim@...ana.be>,
        "linux@...ck-us.net" <linux@...ck-us.net>,
        "linux-arm-kernel@...ts.infradead.org" 
        <linux-arm-kernel@...ts.infradead.org>,
        "linux-watchdog@...r.kernel.org" <linux-watchdog@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: [RFE]: watchdog: atmel: atmel-sama5d4-wdt

Hello Nicolas,

I wanted to open a discussion proposing new functionality to allow disabling of the watchdog timer upon entering 
suspend in the SAMA5D2/4.

Typical use case of a hardware watchdog timer in the kernel is a userspace application opens the watchdog timer and
periodically "kicks" it. If the application hits a deadlock somewhere and is no longer able to kick it, then the watchdog
intervenes and often resets the processor. Such is the case for the Atmel driver (which also allows a watchdog interrupt
to be asserted in lieu of a system reset). In most use cases, upon entering a low power/suspend state, the application 
will no longer be able to "kick" the watchdog. If the watchdog is not disabled or kicked via another method, then it will
reset the system. This is the current behavior of the Atmel driver as of today.

The watchdog peripheral itself does have a "WDIDLEHLT" bit however, and this is enabled via the "atmel,idle-halt" dt
property. However, this is not very useful, as it literally only makes the watchdog count when the CPU is active. This 
results in non-deterministic triggering of the WDT and means that if a critical application were to crash, it may be
quite a long time before the WDT would ever trigger. Below is a similar statement made in the device-tree doc for this
peripheral:

- atmel,idle-halt: present if you want to stop the watchdog when the CPU is
		   in idle state.
	CAUTION: This property should be used with care, it actually makes the
	watchdog not counting when the CPU is in idle state, therefore the
	watchdog reset time depends on mean CPU usage and will not reset at all
	if the CPU stop working while it is in idle state, which is probably
	not what you want.

It seems to me, that it would be logical and useful to introduce a new property that would cause the Atmel WDT
to disable on suspend and re-enable on resume. It also appears that the WDT is re-initialized anyways upon
resume, so the only piece missing here would really be a dt flag and a call to disable.

I would be happy to submit a patch implementing this change, but wanted to open up a discussion here as to the
merits of this idea as perhaps it has been considered in the past.

Thanks,
Ken Sloat

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ