From ec1ab412ee0fc4eb433394878db3c444e86e95c1 Mon Sep 17 00:00:00 2001 From: Oleksij Rempel Date: Fri, 15 Feb 2019 13:43:51 +0100 Subject: Documentation: efi: provide (U)EFI watchdog documentation Signed-off-by: Oleksij Rempel Signed-off-by: Sascha Hauer --- Documentation/boards/efi.rst | 35 ++++++++++++++++++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) (limited to 'Documentation') diff --git a/Documentation/boards/efi.rst b/Documentation/boards/efi.rst index f59bb1d5ba..3da2daac99 100644 --- a/Documentation/boards/efi.rst +++ b/Documentation/boards/efi.rst @@ -216,7 +216,6 @@ has a device parameter ``devpath`` which contains its device path: barebox:/ echo ${handle-00000000d0012198.devpath} pci_root(0)/Pci(0x1d,0x0)/Usb(0x1,0x0)/Usb(0x2,0x0) - EFI variables ------------- @@ -327,3 +326,37 @@ compile EDK2. mov %fs, %rax pushq %rax +(U)EFI Watchdog +--------------- + +(U)EFI provides basic watchdog support. Depending on the system implementation +it can be a software or hardware watchdog. Within the (U)EFI specification it +is described as follows: + +.. epigraph:: + + If the watchdog timer expires, the event is logged by the firmware. The system + may then either reset with the Runtime Service ResetSystem(), or perform a + platform specific action that must eventually cause the platform to be reset. + The watchdog timer is armed before the firmware's boot manager invokes an EFI + boot option. The watchdog must be set to a period of 5 minutes. The EFI Image + may reset or disable the watchdog timer as needed. If control is returned to + the firmware's boot manager, the watchdog timer must be disabled. The watchdog + timer is only used during boot services. On successful completion of + ExitBootServices() the watchdog timer is disabled. + +See page 186: +https://uefi.org/sites/default/files/resources/UEFI_Spec_2_1_D.pdf + +Current linux kernel (v5.0) will execute ExitBootServices() during the early +boot stage and thus will automatically disable the (U)EFI watchdog. Since it is +a proper behavior according to the (U)EFI specification, it is impossible to +protect full boot chain by using this watchdog only. It is recommended to use +an alternative hardware watchdog, preferably started before the bootloader. If (U)EFI +firmware lacks this feature, the bootloader should be able to start an alternative +hardware watchdog on its own. Before implementing this kind of workaround +please make sure (U)EFI watchdog is not using the same hardware as the alternative +watchdog. + +Nevertheless, barebox provides access to the (U)EFI SetWatchdogTimer() +interface over its internal watchdog framework. -- cgit v1.2.3