lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <0c5e1e72-f1c9-4ffc-853f-f094a6d7799c@linux.alibaba.com>
Date: Wed, 19 Feb 2025 14:48:53 +0800
From: Heyi Guo <guoheyi@...ux.alibaba.com>
To: Guenter Roeck <linux@...ck-us.net>, devicetree@...r.kernel.org,
 linux-arm-kernel@...ts.infradead.org, linux-aspeed@...ts.ozlabs.org,
 linux-kernel@...r.kernel.org, linux-watchdog@...r.kernel.org
Cc: Wim Van Sebroeck <wim@...ux-watchdog.org>, Joel Stanley <joel@....id.au>,
 Andrew Jeffery <andrew@...econstruct.com.au>,
 Eddie James <eajames@...ux.ibm.com>
Subject: Re: [PATCH 1/2] driver/aspeed-wdt: fix pretimeout for counting down
 logic


On 2025/2/19 14:07, Guenter Roeck wrote:
> On 2/18/25 19:41, Heyi Guo wrote:
>> Hi Guenter,
>>
>> Thanks for your comments.
>>
>> On 2025/2/18 13:33, Guenter Roeck wrote:
>>> On 2/17/25 19:16, Heyi Guo wrote:
>>>> Aspeed watchdog uses counting down logic, so the value set to register
>>>> should be the value of subtracting pretimeout from total timeout.
>>>>
>>>> Fixes: 9ec0b7e06835 ("watchdog: aspeed: Enable pre-timeout interrupt")
>>>>
>>>> Signed-off-by: Heyi Guo <guoheyi@...ux.alibaba.com>
>>>>
>>>> Cc: Wim Van Sebroeck <wim@...ux-watchdog.org>
>>>> Cc: Guenter Roeck <linux@...ck-us.net>
>>>> Cc: Joel Stanley <joel@....id.au>
>>>> Cc: Andrew Jeffery <andrew@...econstruct.com.au>
>>>> Cc: Eddie James <eajames@...ux.ibm.com>
>>>> ---
>>>>   drivers/watchdog/aspeed_wdt.c | 7 +++++++
>>>>   1 file changed, 7 insertions(+)
>>>>
>>>> diff --git a/drivers/watchdog/aspeed_wdt.c 
>>>> b/drivers/watchdog/aspeed_wdt.c
>>>> index b4773a6aaf8c..520d8aba12a5 100644
>>>> --- a/drivers/watchdog/aspeed_wdt.c
>>>> +++ b/drivers/watchdog/aspeed_wdt.c
>>>> @@ -187,6 +187,13 @@ static int aspeed_wdt_set_pretimeout(struct 
>>>> watchdog_device *wdd,
>>>>       u32 actual = pretimeout * WDT_RATE_1MHZ;
>>>>       u32 s = wdt->cfg->irq_shift;
>>>>       u32 m = wdt->cfg->irq_mask;
>>>> +    u32 reload = readl(wdt->base + WDT_RELOAD_VALUE);
>>>> +
>>>
>>> It is unusual to use a register value here and not the configured 
>>> timeout
>>> value. I would have assumed that pretimeout is compared against 
>>> wdt->timout,
>>> not against the register value, and that the multiplication with 
>>> WDT_RATE_1MHZ
>>> is done after validation. This needs an explanation.
>> It was supposed to be a straight-forward way to check if the 
>> pretimeout value is supported by the hardware. I can change to 
>> wdt->timeout if it is better.
>>
>> Further, in the case of wdt->timeout > max_hw_heartbeat_ms, shall we 
>> restrict the pretimeout to be larger than wdt->timeout - 
>> max_hw_heartbeat_ms  / 2? For the watchdog_kworker works in 
>> max_hw_heartbeat_ms  / 2 interval, pretimeout event may be triggered 
>> unexpected when watchdog is not pinged in (max_hw_heartbeat_ms - 
>> (timeout - pretimeout)).
>>
>
> The kernel internal logic should handle that. If not, it needs to be 
> modified/fixed.
Do you mean the watchdog core should also handle the case in which 
pretimeout < wdt->timeout - max_hw_heartbeat_ms  / 2?
>
>>>
>>>> +    if (actual >= reload)
>>>> +        return -EINVAL;
>>>> +
>>>
>>> On top of that, you'll also need to explain why 
>>> watchdog_pretimeout_invalid()
>>> and with it the validation in watchdog_set_pretimeout() does not 
>>> work for this
>>> watchdog and why this extra validation is necessary.
>>
>> watchdog_pretimeout_invalid() will return false if wdt->timeout == 0, 
>> but we can't determine the hardware pretimeout value if timeout == 0 
>> here.
>>
>
> Sorry, I don't understand what you mean. If watchdog_pretimeout_invalid()
> returns false if timeout == 0, aspeed_wdt_set_pretimeout() won't be 
> called.
> Why does that preclude depending on it ?

if timeout == 0, watchdog_pretimeout_invalid() returns false, so the 
code will go on to call wdd->ops->set_pretimeout().

static int watchdog_set_pretimeout(struct watchdog_device *wdd,
                    unsigned int timeout)
{
     int err = 0;

     if (!watchdog_have_pretimeout(wdd))
         return -EOPNOTSUPP;

     if (watchdog_pretimeout_invalid(wdd, timeout))
         return -EINVAL;

     if (wdd->ops->set_pretimeout && (wdd->info->options & 
WDIOF_PRETIMEOUT))
         err = wdd->ops->set_pretimeout(wdd, timeout);

>
> On a side note, I do wonder why the driver accepts a timeout value of 
> 0 seconds.

 From the code, it seems timeout == 0 / pretimeout == 0 will be 
considered as a turn off switch.

Thanks,

Heyi

>
> Guenter

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ