tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

reboot: replace __hw_protection_shutdown bool action parameter with an enum

Patch series "reboot: support runtime configuration of emergency
hw_protection action", v3.

We currently leave the decision of whether to shutdown or reboot to
protect hardware in an emergency situation to the individual drivers.

This works out in some cases, where the driver detecting the critical
failure has inside knowledge: It binds to the system management controller
for example or is guided by hardware description that defines what to do.

This is inadequate in the general case though as a driver reporting e.g.
an imminent power failure can't know whether a shutdown or a reboot would
be more appropriate for a given hardware platform.

To address this, this series adds a hw_protection kernel parameter and
sysfs toggle that can be used to change the action from the shutdown
default to reboot. A new hw_protection_trigger API then makes use of this
default action.

My particular use case is unattended embedded systems that don't have
support for shutdown and that power on automatically when power is
supplied:

- A brief power cycle gets detected by the driver
- The kernel powers down the system and SoC goes into shutdown mode
- Power is restored
- The system remains oblivious to the restored power
- System needs to be manually power cycled for a duration long enough
to drain the capacitors

With this series, such systems can configure the kernel with
hw_protection=reboot to have the boot firmware worry about critical
conditions.


This patch (of 12):

Currently __hw_protection_shutdown() either reboots or shuts down the
system according to its shutdown argument.

To make the logic easier to follow, both inside __hw_protection_shutdown
and at caller sites, lets replace the bool parameter with an enum.

This will be extra useful, when in a later commit, a third action is added
to the enumeration.

No functional change.

Link: https://lkml.kernel.org/r/20250217-hw_protection-reboot-v3-0-e1c09b090c0c@pengutronix.de
Link: https://lkml.kernel.org/r/20250217-hw_protection-reboot-v3-1-e1c09b090c0c@pengutronix.de
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
Reviewed-by: Tzung-Bi Shih <tzungbi@kernel.org>
Cc: Benson Leung <bleung@chromium.org>
Cc: Mark Brown <broonie@kernel.org>
Cc: Daniel Lezcano <daniel.lezcano@linaro.org>
Cc: Fabio Estevam <festevam@denx.de>
Cc: Guenter Roeck <groeck@chromium.org>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Liam Girdwood <lgirdwood@gmail.com>
Cc: Lukasz Luba <lukasz.luba@arm.com>
Cc: Matteo Croce <teknoraver@meta.com>
Cc: Matti Vaittinen <mazziesaccount@gmail.com>
Cc: "Rafael J. Wysocki" <rafael@kernel.org>
Cc: Rob Herring <robh@kernel.org>
Cc: Rui Zhang <rui.zhang@intel.com>
Cc: Sascha Hauer <kernel@pengutronix.de>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

authored by

Ahmad Fatoum and committed by
Andrew Morton 318f05a0 bd0ee47d

+21 -11
+15 -3
include/linux/reboot.h
··· 177 177 178 178 extern void orderly_poweroff(bool force); 179 179 extern void orderly_reboot(void); 180 - void __hw_protection_shutdown(const char *reason, int ms_until_forced, bool shutdown); 180 + 181 + /** 182 + * enum hw_protection_action - Hardware protection action 183 + * 184 + * @HWPROT_ACT_SHUTDOWN: 185 + * The system should be shut down (powered off) for HW protection. 186 + * @HWPROT_ACT_REBOOT: 187 + * The system should be rebooted for HW protection. 188 + */ 189 + enum hw_protection_action { HWPROT_ACT_SHUTDOWN, HWPROT_ACT_REBOOT }; 190 + 191 + void __hw_protection_shutdown(const char *reason, int ms_until_forced, 192 + enum hw_protection_action action); 181 193 182 194 static inline void hw_protection_reboot(const char *reason, int ms_until_forced) 183 195 { 184 - __hw_protection_shutdown(reason, ms_until_forced, false); 196 + __hw_protection_shutdown(reason, ms_until_forced, HWPROT_ACT_REBOOT); 185 197 } 186 198 187 199 static inline void hw_protection_shutdown(const char *reason, int ms_until_forced) 188 200 { 189 - __hw_protection_shutdown(reason, ms_until_forced, true); 201 + __hw_protection_shutdown(reason, ms_until_forced, HWPROT_ACT_SHUTDOWN); 190 202 } 191 203 192 204 /*
+6 -8
kernel/reboot.c
··· 983 983 * @ms_until_forced: Time to wait for orderly shutdown or reboot before 984 984 * triggering it. Negative value disables the forced 985 985 * shutdown or reboot. 986 - * @shutdown: If true, indicates that a shutdown will happen 987 - * after the critical tempeature is reached. 988 - * If false, indicates that a reboot will happen 989 - * after the critical tempeature is reached. 986 + * @action: The hardware protection action to be taken. 990 987 * 991 988 * Initiate an emergency system shutdown or reboot in order to protect 992 989 * hardware from further damage. Usage examples include a thermal protection. ··· 991 994 * pending even if the previous request has given a large timeout for forced 992 995 * shutdown/reboot. 993 996 */ 994 - void __hw_protection_shutdown(const char *reason, int ms_until_forced, bool shutdown) 997 + void __hw_protection_shutdown(const char *reason, int ms_until_forced, 998 + enum hw_protection_action action) 995 999 { 996 1000 static atomic_t allow_proceed = ATOMIC_INIT(1); 997 1001 ··· 1007 1009 * orderly_poweroff failure 1008 1010 */ 1009 1011 hw_failure_emergency_poweroff(ms_until_forced); 1010 - if (shutdown) 1011 - orderly_poweroff(true); 1012 - else 1012 + if (action == HWPROT_ACT_REBOOT) 1013 1013 orderly_reboot(); 1014 + else 1015 + orderly_poweroff(true); 1014 1016 } 1015 1017 EXPORT_SYMBOL_GPL(__hw_protection_shutdown); 1016 1018