On Tue, 29 Jun 2021 at 17:00, Tom Rini <trini@konsulko.com> wrote:

On Tue, Jun 29, 2021 at 02:23:15PM +0200, Heinrich Schuchardt wrote:
> On 6/29/21 12:48 PM, François Ozog wrote:
> > Hi
> >
> > Following a discussion with Civil Infrastructure Project TSC, there is
> > a watchdog protection issue with EFI: the time between the call to
> > ExitBootService and Linux kernel takes over watchdog service is not
> > covered by any watchdog protection.
>
> The UEFI specification requires a watchdog. So this must be an
> implementation specific problem. Which firmware-hardware combination are
> you referring to?
>
> U-Boot provides hardware watchdogs.

Without side-tracking things too much, I do want to note the last time
within U-Boot we talked about watchdogs and UEFI specification, I
believe there was still some doubt how hardware watchdogs are handled vs
the notion of a software watchdog, and it should probably be clarified
which things we're talking about here.

My reading is that implementation may choose between "soft" are hardware watchdog. But the watchdog is active only up until ExitBootService: "Resets and sets a watchdog timer used during boot services time.". So I can understand some implementations that use hardware watchdog enhance the behavior and keeps active after ExitBootService is called: but that is a platform specific behavior. I'd like a specification and implementations for it.

--
Tom

François-Frédéric Ozog | Director Business Development

T: +33.67221.6485
francois.ozog@linaro.org | Skype: ffozog