1 // SPDX-License-Identifier: GPL-2.0+ 2 /* 3 * watchdog_dev.c 4 * 5 * (c) Copyright 2008-2011 Alan Cox <alan@lxorguk.ukuu.org.uk>, 6 * All Rights Reserved. 7 * 8 * (c) Copyright 2008-2011 Wim Van Sebroeck <wim@iguana.be>. 9 * 10 * (c) Copyright 2021 Hewlett Packard Enterprise Development LP. 11 * 12 * This source code is part of the generic code that can be used 13 * by all the watchdog timer drivers. 14 * 15 * This part of the generic code takes care of the following 16 * misc device: /dev/watchdog. 17 * 18 * Based on source code of the following authors: 19 * Matt Domsch <Matt_Domsch@dell.com>, 20 * Rob Radez <rob@osinvestor.com>, 21 * Rusty Lynch <rusty@linux.co.intel.com> 22 * Satyam Sharma <satyam@infradead.org> 23 * Randy Dunlap <randy.dunlap@oracle.com> 24 * 25 * Neither Alan Cox, CymruNet Ltd., Wim Van Sebroeck nor Iguana vzw. 26 * admit liability nor provide warranty for any of this software. 27 * This material is provided "AS-IS" and at no charge. 28 */ 29 30 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 31 32 #include <linux/cdev.h> /* For character device */ 33 #include <linux/errno.h> /* For the -ENODEV/... values */ 34 #include <linux/fs.h> /* For file operations */ 35 #include <linux/init.h> /* For __init/__exit/... */ 36 #include <linux/hrtimer.h> /* For hrtimers */ 37 #include <linux/kernel.h> /* For printk/panic/... */ 38 #include <linux/kstrtox.h> /* For kstrto* */ 39 #include <linux/kthread.h> /* For kthread_work */ 40 #include <linux/miscdevice.h> /* For handling misc devices */ 41 #include <linux/module.h> /* For module stuff/... */ 42 #include <linux/mutex.h> /* For mutexes */ 43 #include <linux/slab.h> /* For memory functions */ 44 #include <linux/types.h> /* For standard types (like size_t) */ 45 #include <linux/watchdog.h> /* For watchdog specific items */ 46 #include <linux/uaccess.h> /* For copy_to_user/put_user/... */ 47 48 #include "watchdog_core.h" 49 #include "watchdog_pretimeout.h" 50 51 #include <trace/events/watchdog.h> 52 53 /* the dev_t structure to store the dynamically allocated watchdog devices */ 54 static dev_t watchdog_devt; 55 /* Reference to watchdog device behind /dev/watchdog */ 56 static struct watchdog_core_data *old_wd_data; 57 58 static struct kthread_worker *watchdog_kworker; 59 60 static bool handle_boot_enabled = 61 IS_ENABLED(CONFIG_WATCHDOG_HANDLE_BOOT_ENABLED); 62 63 static unsigned open_timeout = CONFIG_WATCHDOG_OPEN_TIMEOUT; 64 65 static bool watchdog_past_open_deadline(struct watchdog_core_data *data) 66 { 67 return ktime_after(ktime_get(), data->open_deadline); 68 } 69 70 static void watchdog_set_open_deadline(struct watchdog_core_data *data) 71 { 72 data->open_deadline = open_timeout ? 73 ktime_get() + ktime_set(open_timeout, 0) : KTIME_MAX; 74 } 75 76 static inline bool watchdog_need_worker(struct watchdog_device *wdd) 77 { 78 /* All variables in milli-seconds */ 79 unsigned int hm = wdd->max_hw_heartbeat_ms; 80 unsigned int t = wdd->timeout * 1000; 81 82 /* 83 * A worker to generate heartbeat requests is needed if all of the 84 * following conditions are true. 85 * - Userspace activated the watchdog. 86 * - The driver provided a value for the maximum hardware timeout, and 87 * thus is aware that the framework supports generating heartbeat 88 * requests. 89 * - Userspace requests a longer timeout than the hardware can handle. 90 * 91 * Alternatively, if userspace has not opened the watchdog 92 * device, we take care of feeding the watchdog if it is 93 * running. 94 */ 95 return (hm && watchdog_active(wdd) && t > hm) || 96 (t && !watchdog_active(wdd) && watchdog_hw_running(wdd)); 97 } 98 99 static ktime_t watchdog_next_keepalive(struct watchdog_device *wdd) 100 { 101 struct watchdog_core_data *wd_data = wdd->wd_data; 102 unsigned int timeout_ms = wdd->timeout * 1000; 103 ktime_t keepalive_interval; 104 ktime_t last_heartbeat, latest_heartbeat; 105 ktime_t virt_timeout; 106 unsigned int hw_heartbeat_ms; 107 108 if (watchdog_active(wdd)) 109 virt_timeout = ktime_add(wd_data->last_keepalive, 110 ms_to_ktime(timeout_ms)); 111 else 112 virt_timeout = wd_data->open_deadline; 113 114 hw_heartbeat_ms = min_not_zero(timeout_ms, wdd->max_hw_heartbeat_ms); 115 keepalive_interval = ms_to_ktime(hw_heartbeat_ms / 2); 116 117 /* 118 * To ensure that the watchdog times out wdd->timeout seconds 119 * after the most recent ping from userspace, the last 120 * worker ping has to come in hw_heartbeat_ms before this timeout. 121 */ 122 last_heartbeat = ktime_sub(virt_timeout, ms_to_ktime(hw_heartbeat_ms)); 123 latest_heartbeat = ktime_sub(last_heartbeat, ktime_get()); 124 if (ktime_before(latest_heartbeat, keepalive_interval)) 125 return latest_heartbeat; 126 return keepalive_interval; 127 } 128 129 static inline void watchdog_update_worker(struct watchdog_device *wdd) 130 { 131 struct watchdog_core_data *wd_data = wdd->wd_data; 132 133 if (watchdog_need_worker(wdd)) { 134 ktime_t t = watchdog_next_keepalive(wdd); 135 136 if (t > 0) 137 hrtimer_start(&wd_data->timer, t, 138 HRTIMER_MODE_REL_HARD); 139 } else { 140 hrtimer_cancel(&wd_data->timer); 141 } 142 } 143 144 static int __watchdog_ping(struct watchdog_device *wdd) 145 { 146 struct watchdog_core_data *wd_data = wdd->wd_data; 147 ktime_t earliest_keepalive, now; 148 int err; 149 150 earliest_keepalive = ktime_add(wd_data->last_hw_keepalive, 151 ms_to_ktime(wdd->min_hw_heartbeat_ms)); 152 now = ktime_get(); 153 154 if (ktime_after(earliest_keepalive, now)) { 155 hrtimer_start(&wd_data->timer, 156 ktime_sub(earliest_keepalive, now), 157 HRTIMER_MODE_REL_HARD); 158 return 0; 159 } 160 161 wd_data->last_hw_keepalive = now; 162 163 if (wdd->ops->ping) { 164 err = wdd->ops->ping(wdd); /* ping the watchdog */ 165 trace_watchdog_ping(wdd, err); 166 } else { 167 err = wdd->ops->start(wdd); /* restart watchdog */ 168 trace_watchdog_start(wdd, err); 169 } 170 171 if (err == 0) 172 watchdog_hrtimer_pretimeout_start(wdd); 173 174 watchdog_update_worker(wdd); 175 176 return err; 177 } 178 179 /* 180 * watchdog_ping - ping the watchdog 181 * @wdd: The watchdog device to ping 182 * 183 * If the watchdog has no own ping operation then it needs to be 184 * restarted via the start operation. This wrapper function does 185 * exactly that. 186 * We only ping when the watchdog device is running. 187 * The caller must hold wd_data->lock. 188 * 189 * Return: 0 on success, error otherwise. 190 */ 191 static int watchdog_ping(struct watchdog_device *wdd) 192 { 193 struct watchdog_core_data *wd_data = wdd->wd_data; 194 195 if (!watchdog_active(wdd) && !watchdog_hw_running(wdd)) 196 return 0; 197 198 set_bit(_WDOG_KEEPALIVE, &wd_data->status); 199 200 wd_data->last_keepalive = ktime_get(); 201 return __watchdog_ping(wdd); 202 } 203 204 static bool watchdog_worker_should_ping(struct watchdog_core_data *wd_data) 205 { 206 struct watchdog_device *wdd = wd_data->wdd; 207 208 if (!wdd) 209 return false; 210 211 if (watchdog_active(wdd)) 212 return true; 213 214 return watchdog_hw_running(wdd) && !watchdog_past_open_deadline(wd_data); 215 } 216 217 static void watchdog_ping_work(struct kthread_work *work) 218 { 219 struct watchdog_core_data *wd_data; 220 221 wd_data = container_of(work, struct watchdog_core_data, work); 222 223 mutex_lock(&wd_data->lock); 224 if (watchdog_worker_should_ping(wd_data)) 225 __watchdog_ping(wd_data->wdd); 226 mutex_unlock(&wd_data->lock); 227 } 228 229 static enum hrtimer_restart watchdog_timer_expired(struct hrtimer *timer) 230 { 231 struct watchdog_core_data *wd_data; 232 233 wd_data = container_of(timer, struct watchdog_core_data, timer); 234 235 kthread_queue_work(watchdog_kworker, &wd_data->work); 236 return HRTIMER_NORESTART; 237 } 238 239 /* 240 * watchdog_start - wrapper to start the watchdog 241 * @wdd: The watchdog device to start 242 * 243 * Start the watchdog if it is not active and mark it active. 244 * The caller must hold wd_data->lock. 245 * 246 * Return: 0 on success or a negative errno code for failure. 247 */ 248 static int watchdog_start(struct watchdog_device *wdd) 249 { 250 struct watchdog_core_data *wd_data = wdd->wd_data; 251 ktime_t started_at; 252 int err; 253 254 if (watchdog_active(wdd)) 255 return 0; 256 257 set_bit(_WDOG_KEEPALIVE, &wd_data->status); 258 259 started_at = ktime_get(); 260 if (watchdog_hw_running(wdd) && wdd->ops->ping) { 261 err = __watchdog_ping(wdd); 262 if (err == 0) { 263 set_bit(WDOG_ACTIVE, &wdd->status); 264 watchdog_hrtimer_pretimeout_start(wdd); 265 } 266 } else { 267 err = wdd->ops->start(wdd); 268 trace_watchdog_start(wdd, err); 269 if (err == 0) { 270 set_bit(WDOG_ACTIVE, &wdd->status); 271 wd_data->last_keepalive = started_at; 272 wd_data->last_hw_keepalive = started_at; 273 watchdog_update_worker(wdd); 274 watchdog_hrtimer_pretimeout_start(wdd); 275 } 276 } 277 278 return err; 279 } 280 281 /* 282 * watchdog_stop - wrapper to stop the watchdog 283 * @wdd: The watchdog device to stop 284 * 285 * Stop the watchdog if it is still active and unmark it active. 286 * If the 'nowayout' feature was set, the watchdog cannot be stopped. 287 * The caller must hold wd_data->lock. 288 * 289 * Return: 0 on success or a negative errno code for failure. 290 */ 291 static int watchdog_stop(struct watchdog_device *wdd) 292 { 293 int err = 0; 294 295 if (!watchdog_active(wdd)) 296 return 0; 297 298 if (test_bit(WDOG_NO_WAY_OUT, &wdd->status)) { 299 pr_info("watchdog%d: nowayout prevents watchdog being stopped!\n", 300 wdd->id); 301 return -EBUSY; 302 } 303 304 if (wdd->ops->stop) { 305 clear_bit(WDOG_HW_RUNNING, &wdd->status); 306 err = wdd->ops->stop(wdd); 307 trace_watchdog_stop(wdd, err); 308 } else { 309 set_bit(WDOG_HW_RUNNING, &wdd->status); 310 } 311 312 if (err == 0) { 313 clear_bit(WDOG_ACTIVE, &wdd->status); 314 watchdog_update_worker(wdd); 315 watchdog_hrtimer_pretimeout_stop(wdd); 316 } 317 318 return err; 319 } 320 321 /* 322 * watchdog_get_status - wrapper to get the watchdog status 323 * @wdd: The watchdog device to get the status from 324 * 325 * Get the watchdog's status flags. 326 * The caller must hold wd_data->lock. 327 * 328 * Return: watchdog's status flags. 329 */ 330 static unsigned int watchdog_get_status(struct watchdog_device *wdd) 331 { 332 struct watchdog_core_data *wd_data = wdd->wd_data; 333 unsigned int status; 334 335 if (wdd->ops->status) 336 status = wdd->ops->status(wdd); 337 else 338 status = wdd->bootstatus & (WDIOF_CARDRESET | 339 WDIOF_OVERHEAT | 340 WDIOF_FANFAULT | 341 WDIOF_EXTERN1 | 342 WDIOF_EXTERN2 | 343 WDIOF_POWERUNDER | 344 WDIOF_POWEROVER); 345 346 if (test_bit(_WDOG_ALLOW_RELEASE, &wd_data->status)) 347 status |= WDIOF_MAGICCLOSE; 348 349 if (test_and_clear_bit(_WDOG_KEEPALIVE, &wd_data->status)) 350 status |= WDIOF_KEEPALIVEPING; 351 352 if (IS_ENABLED(CONFIG_WATCHDOG_HRTIMER_PRETIMEOUT)) 353 status |= WDIOF_PRETIMEOUT; 354 355 return status; 356 } 357 358 /* 359 * watchdog_set_timeout - set the watchdog timer timeout 360 * @wdd: The watchdog device to set the timeout for 361 * @timeout: Timeout to set in seconds 362 * 363 * The caller must hold wd_data->lock. 364 * 365 * Return: 0 if successful, error otherwise. 366 */ 367 static int watchdog_set_timeout(struct watchdog_device *wdd, 368 unsigned int timeout) 369 { 370 int err = 0; 371 372 if (!(wdd->info->options & WDIOF_SETTIMEOUT)) 373 return -EOPNOTSUPP; 374 375 if (watchdog_timeout_invalid(wdd, timeout)) 376 return -EINVAL; 377 378 if (wdd->ops->set_timeout) { 379 err = wdd->ops->set_timeout(wdd, timeout); 380 trace_watchdog_set_timeout(wdd, timeout, err); 381 } else { 382 wdd->timeout = timeout; 383 /* Disable pretimeout if it doesn't fit the new timeout */ 384 if (wdd->pretimeout >= wdd->timeout) 385 wdd->pretimeout = 0; 386 } 387 388 watchdog_update_worker(wdd); 389 390 return err; 391 } 392 393 /* 394 * watchdog_set_pretimeout - set the watchdog timer pretimeout 395 * @wdd: The watchdog device to set the timeout for 396 * @timeout: pretimeout to set in seconds 397 * 398 * Return: 0 if successful, error otherwise. 399 */ 400 static int watchdog_set_pretimeout(struct watchdog_device *wdd, 401 unsigned int timeout) 402 { 403 int err = 0; 404 405 if (!watchdog_have_pretimeout(wdd)) 406 return -EOPNOTSUPP; 407 408 if (watchdog_pretimeout_invalid(wdd, timeout)) 409 return -EINVAL; 410 411 if (wdd->ops->set_pretimeout && (wdd->info->options & WDIOF_PRETIMEOUT)) 412 err = wdd->ops->set_pretimeout(wdd, timeout); 413 else 414 wdd->pretimeout = timeout; 415 416 return err; 417 } 418 419 /* 420 * watchdog_get_timeleft - wrapper to get the time left before a reboot 421 * @wdd: The watchdog device to get the remaining time from 422 * @timeleft: The time that's left 423 * 424 * Get the time before a watchdog will reboot (if not pinged). 425 * The caller must hold wd_data->lock. 426 * 427 * Return: 0 if successful, error otherwise. 428 */ 429 static int watchdog_get_timeleft(struct watchdog_device *wdd, 430 unsigned int *timeleft) 431 { 432 *timeleft = 0; 433 434 if (!wdd->ops->get_timeleft) 435 return -EOPNOTSUPP; 436 437 *timeleft = wdd->ops->get_timeleft(wdd); 438 439 return 0; 440 } 441 442 #ifdef CONFIG_WATCHDOG_SYSFS 443 static ssize_t nowayout_show(struct device *dev, struct device_attribute *attr, 444 char *buf) 445 { 446 struct watchdog_device *wdd = dev_get_drvdata(dev); 447 448 return sysfs_emit(buf, "%d\n", !!test_bit(WDOG_NO_WAY_OUT, 449 &wdd->status)); 450 } 451 452 static ssize_t nowayout_store(struct device *dev, struct device_attribute *attr, 453 const char *buf, size_t len) 454 { 455 struct watchdog_device *wdd = dev_get_drvdata(dev); 456 unsigned int value; 457 int ret; 458 459 ret = kstrtouint(buf, 0, &value); 460 if (ret) 461 return ret; 462 if (value > 1) 463 return -EINVAL; 464 /* nowayout cannot be disabled once set */ 465 if (test_bit(WDOG_NO_WAY_OUT, &wdd->status) && !value) 466 return -EPERM; 467 watchdog_set_nowayout(wdd, value); 468 return len; 469 } 470 static DEVICE_ATTR_RW(nowayout); 471 472 static ssize_t status_show(struct device *dev, struct device_attribute *attr, 473 char *buf) 474 { 475 struct watchdog_device *wdd = dev_get_drvdata(dev); 476 struct watchdog_core_data *wd_data = wdd->wd_data; 477 unsigned int status; 478 479 mutex_lock(&wd_data->lock); 480 status = watchdog_get_status(wdd); 481 mutex_unlock(&wd_data->lock); 482 483 return sysfs_emit(buf, "0x%x\n", status); 484 } 485 static DEVICE_ATTR_RO(status); 486 487 static ssize_t bootstatus_show(struct device *dev, 488 struct device_attribute *attr, char *buf) 489 { 490 struct watchdog_device *wdd = dev_get_drvdata(dev); 491 492 return sysfs_emit(buf, "%u\n", wdd->bootstatus); 493 } 494 static DEVICE_ATTR_RO(bootstatus); 495 496 static ssize_t timeleft_show(struct device *dev, struct device_attribute *attr, 497 char *buf) 498 { 499 struct watchdog_device *wdd = dev_get_drvdata(dev); 500 struct watchdog_core_data *wd_data = wdd->wd_data; 501 ssize_t status; 502 unsigned int val; 503 504 mutex_lock(&wd_data->lock); 505 status = watchdog_get_timeleft(wdd, &val); 506 mutex_unlock(&wd_data->lock); 507 if (!status) 508 status = sysfs_emit(buf, "%u\n", val); 509 510 return status; 511 } 512 static DEVICE_ATTR_RO(timeleft); 513 514 static ssize_t timeout_show(struct device *dev, struct device_attribute *attr, 515 char *buf) 516 { 517 struct watchdog_device *wdd = dev_get_drvdata(dev); 518 519 return sysfs_emit(buf, "%u\n", wdd->timeout); 520 } 521 static DEVICE_ATTR_RO(timeout); 522 523 static ssize_t min_timeout_show(struct device *dev, 524 struct device_attribute *attr, char *buf) 525 { 526 struct watchdog_device *wdd = dev_get_drvdata(dev); 527 528 return sysfs_emit(buf, "%u\n", wdd->min_timeout); 529 } 530 static DEVICE_ATTR_RO(min_timeout); 531 532 static ssize_t max_timeout_show(struct device *dev, 533 struct device_attribute *attr, char *buf) 534 { 535 struct watchdog_device *wdd = dev_get_drvdata(dev); 536 537 return sysfs_emit(buf, "%u\n", wdd->max_timeout); 538 } 539 static DEVICE_ATTR_RO(max_timeout); 540 541 static ssize_t pretimeout_show(struct device *dev, 542 struct device_attribute *attr, char *buf) 543 { 544 struct watchdog_device *wdd = dev_get_drvdata(dev); 545 546 return sysfs_emit(buf, "%u\n", wdd->pretimeout); 547 } 548 static DEVICE_ATTR_RO(pretimeout); 549 550 static ssize_t fw_version_show(struct device *dev, struct device_attribute *attr, 551 char *buf) 552 { 553 struct watchdog_device *wdd = dev_get_drvdata(dev); 554 555 return sysfs_emit(buf, "%d\n", wdd->info->firmware_version); 556 } 557 static DEVICE_ATTR_RO(fw_version); 558 559 static ssize_t identity_show(struct device *dev, struct device_attribute *attr, 560 char *buf) 561 { 562 struct watchdog_device *wdd = dev_get_drvdata(dev); 563 564 return sysfs_emit(buf, "%s\n", wdd->info->identity); 565 } 566 static DEVICE_ATTR_RO(identity); 567 568 static ssize_t state_show(struct device *dev, struct device_attribute *attr, 569 char *buf) 570 { 571 struct watchdog_device *wdd = dev_get_drvdata(dev); 572 573 if (watchdog_active(wdd)) 574 return sysfs_emit(buf, "active\n"); 575 576 return sysfs_emit(buf, "inactive\n"); 577 } 578 static DEVICE_ATTR_RO(state); 579 580 static ssize_t pretimeout_available_governors_show(struct device *dev, 581 struct device_attribute *attr, char *buf) 582 { 583 return watchdog_pretimeout_available_governors_get(buf); 584 } 585 static DEVICE_ATTR_RO(pretimeout_available_governors); 586 587 static ssize_t pretimeout_governor_show(struct device *dev, 588 struct device_attribute *attr, 589 char *buf) 590 { 591 struct watchdog_device *wdd = dev_get_drvdata(dev); 592 593 return watchdog_pretimeout_governor_get(wdd, buf); 594 } 595 596 static ssize_t pretimeout_governor_store(struct device *dev, 597 struct device_attribute *attr, 598 const char *buf, size_t count) 599 { 600 struct watchdog_device *wdd = dev_get_drvdata(dev); 601 int ret = watchdog_pretimeout_governor_set(wdd, buf); 602 603 if (!ret) 604 ret = count; 605 606 return ret; 607 } 608 static DEVICE_ATTR_RW(pretimeout_governor); 609 610 static umode_t wdt_is_visible(struct kobject *kobj, struct attribute *attr, 611 int n) 612 { 613 struct device *dev = kobj_to_dev(kobj); 614 struct watchdog_device *wdd = dev_get_drvdata(dev); 615 umode_t mode = attr->mode; 616 617 if (attr == &dev_attr_timeleft.attr && !wdd->ops->get_timeleft) 618 mode = 0; 619 else if (attr == &dev_attr_pretimeout.attr && !watchdog_have_pretimeout(wdd)) 620 mode = 0; 621 else if ((attr == &dev_attr_pretimeout_governor.attr || 622 attr == &dev_attr_pretimeout_available_governors.attr) && 623 (!watchdog_have_pretimeout(wdd) || !IS_ENABLED(CONFIG_WATCHDOG_PRETIMEOUT_GOV))) 624 mode = 0; 625 626 return mode; 627 } 628 static struct attribute *wdt_attrs[] = { 629 &dev_attr_state.attr, 630 &dev_attr_fw_version.attr, 631 &dev_attr_identity.attr, 632 &dev_attr_timeout.attr, 633 &dev_attr_min_timeout.attr, 634 &dev_attr_max_timeout.attr, 635 &dev_attr_pretimeout.attr, 636 &dev_attr_timeleft.attr, 637 &dev_attr_bootstatus.attr, 638 &dev_attr_status.attr, 639 &dev_attr_nowayout.attr, 640 &dev_attr_pretimeout_governor.attr, 641 &dev_attr_pretimeout_available_governors.attr, 642 NULL, 643 }; 644 645 static const struct attribute_group wdt_group = { 646 .attrs = wdt_attrs, 647 .is_visible = wdt_is_visible, 648 }; 649 __ATTRIBUTE_GROUPS(wdt); 650 #else 651 #define wdt_groups NULL 652 #endif 653 654 /* 655 * watchdog_ioctl_op - call the watchdog drivers ioctl op if defined 656 * @wdd: The watchdog device to do the ioctl on 657 * @cmd: Watchdog command 658 * @arg: Argument pointer 659 * 660 * The caller must hold wd_data->lock. 661 * 662 * Return: 0 if successful, error otherwise. 663 */ 664 static int watchdog_ioctl_op(struct watchdog_device *wdd, unsigned int cmd, 665 unsigned long arg) 666 { 667 if (!wdd->ops->ioctl) 668 return -ENOIOCTLCMD; 669 670 return wdd->ops->ioctl(wdd, cmd, arg); 671 } 672 673 /* 674 * watchdog_write - writes to the watchdog 675 * @file: File from VFS 676 * @data: User address of data 677 * @len: Length of data 678 * @ppos: Pointer to the file offset 679 * 680 * A write to a watchdog device is defined as a keepalive ping. 681 * Writing the magic 'V' sequence allows the next close to turn 682 * off the watchdog (if 'nowayout' is not set). 683 * 684 * Return: @len if successful, error otherwise. 685 */ 686 static ssize_t watchdog_write(struct file *file, const char __user *data, 687 size_t len, loff_t *ppos) 688 { 689 struct watchdog_core_data *wd_data = file->private_data; 690 struct watchdog_device *wdd; 691 int err; 692 size_t i; 693 char c; 694 695 if (len == 0) 696 return 0; 697 698 /* 699 * Note: just in case someone wrote the magic character 700 * five months ago... 701 */ 702 clear_bit(_WDOG_ALLOW_RELEASE, &wd_data->status); 703 704 /* scan to see whether or not we got the magic character */ 705 for (i = 0; i != len; i++) { 706 if (get_user(c, data + i)) 707 return -EFAULT; 708 if (c == 'V') 709 set_bit(_WDOG_ALLOW_RELEASE, &wd_data->status); 710 } 711 712 /* someone wrote to us, so we send the watchdog a keepalive ping */ 713 714 err = -ENODEV; 715 mutex_lock(&wd_data->lock); 716 wdd = wd_data->wdd; 717 if (wdd) 718 err = watchdog_ping(wdd); 719 mutex_unlock(&wd_data->lock); 720 721 if (err < 0) 722 return err; 723 724 return len; 725 } 726 727 /* 728 * watchdog_ioctl - handle the different ioctl's for the watchdog device 729 * @file: File handle to the device 730 * @cmd: Watchdog command 731 * @arg: Argument pointer 732 * 733 * The watchdog API defines a common set of functions for all watchdogs 734 * according to their available features. 735 * 736 * Return: 0 if successful, error otherwise. 737 */ 738 739 static long watchdog_ioctl(struct file *file, unsigned int cmd, 740 unsigned long arg) 741 { 742 struct watchdog_core_data *wd_data = file->private_data; 743 void __user *argp = (void __user *)arg; 744 struct watchdog_device *wdd; 745 int __user *p = argp; 746 unsigned int val; 747 int err; 748 749 mutex_lock(&wd_data->lock); 750 751 wdd = wd_data->wdd; 752 if (!wdd) { 753 err = -ENODEV; 754 goto out_ioctl; 755 } 756 757 err = watchdog_ioctl_op(wdd, cmd, arg); 758 if (err != -ENOIOCTLCMD) 759 goto out_ioctl; 760 761 switch (cmd) { 762 case WDIOC_GETSUPPORT: 763 err = copy_to_user(argp, wdd->info, 764 sizeof(struct watchdog_info)) ? -EFAULT : 0; 765 break; 766 case WDIOC_GETSTATUS: 767 val = watchdog_get_status(wdd); 768 err = put_user(val, p); 769 break; 770 case WDIOC_GETBOOTSTATUS: 771 err = put_user(wdd->bootstatus, p); 772 break; 773 case WDIOC_SETOPTIONS: 774 if (get_user(val, p)) { 775 err = -EFAULT; 776 break; 777 } 778 if (val & WDIOS_DISABLECARD) { 779 err = watchdog_stop(wdd); 780 if (err < 0) 781 break; 782 } 783 if (val & WDIOS_ENABLECARD) 784 err = watchdog_start(wdd); 785 break; 786 case WDIOC_KEEPALIVE: 787 if (!(wdd->info->options & WDIOF_KEEPALIVEPING)) { 788 err = -EOPNOTSUPP; 789 break; 790 } 791 err = watchdog_ping(wdd); 792 break; 793 case WDIOC_SETTIMEOUT: 794 if (get_user(val, p)) { 795 err = -EFAULT; 796 break; 797 } 798 err = watchdog_set_timeout(wdd, val); 799 if (err < 0) 800 break; 801 /* If the watchdog is active then we send a keepalive ping 802 * to make sure that the watchdog keep's running (and if 803 * possible that it takes the new timeout) */ 804 err = watchdog_ping(wdd); 805 if (err < 0) 806 break; 807 fallthrough; 808 case WDIOC_GETTIMEOUT: 809 /* timeout == 0 means that we don't know the timeout */ 810 if (wdd->timeout == 0) { 811 err = -EOPNOTSUPP; 812 break; 813 } 814 err = put_user(wdd->timeout, p); 815 break; 816 case WDIOC_GETTIMELEFT: 817 err = watchdog_get_timeleft(wdd, &val); 818 if (err < 0) 819 break; 820 err = put_user(val, p); 821 break; 822 case WDIOC_SETPRETIMEOUT: 823 if (get_user(val, p)) { 824 err = -EFAULT; 825 break; 826 } 827 err = watchdog_set_pretimeout(wdd, val); 828 break; 829 case WDIOC_GETPRETIMEOUT: 830 err = put_user(wdd->pretimeout, p); 831 break; 832 default: 833 err = -ENOTTY; 834 break; 835 } 836 837 out_ioctl: 838 mutex_unlock(&wd_data->lock); 839 return err; 840 } 841 842 /* 843 * watchdog_open - open the /dev/watchdog* devices 844 * @inode: Inode of device 845 * @file: File handle to device 846 * 847 * When the /dev/watchdog* device gets opened, we start the watchdog. 848 * Watch out: the /dev/watchdog device is single open, so we make sure 849 * it can only be opened once. 850 * 851 * Return: 0 if successful, error otherwise. 852 */ 853 static int watchdog_open(struct inode *inode, struct file *file) 854 { 855 struct watchdog_core_data *wd_data; 856 struct watchdog_device *wdd; 857 bool hw_running; 858 int err; 859 860 /* Get the corresponding watchdog device */ 861 if (imajor(inode) == MISC_MAJOR) 862 wd_data = old_wd_data; 863 else 864 wd_data = container_of(inode->i_cdev, struct watchdog_core_data, 865 cdev); 866 867 /* the watchdog is single open! */ 868 if (test_and_set_bit(_WDOG_DEV_OPEN, &wd_data->status)) 869 return -EBUSY; 870 871 wdd = wd_data->wdd; 872 873 /* 874 * If the /dev/watchdog device is open, we don't want the module 875 * to be unloaded. 876 */ 877 hw_running = watchdog_hw_running(wdd); 878 if (!hw_running && !try_module_get(wdd->ops->owner)) { 879 err = -EBUSY; 880 goto out_clear; 881 } 882 883 err = watchdog_start(wdd); 884 if (err < 0) 885 goto out_mod; 886 887 file->private_data = wd_data; 888 889 if (!hw_running) 890 get_device(&wd_data->dev); 891 892 /* 893 * open_timeout only applies for the first open from 894 * userspace. Set open_deadline to infinity so that the kernel 895 * will take care of an always-running hardware watchdog in 896 * case the device gets magic-closed or WDIOS_DISABLECARD is 897 * applied. 898 */ 899 wd_data->open_deadline = KTIME_MAX; 900 901 /* dev/watchdog is a virtual (and thus non-seekable) filesystem */ 902 return stream_open(inode, file); 903 904 out_mod: 905 module_put(wd_data->wdd->ops->owner); 906 out_clear: 907 clear_bit(_WDOG_DEV_OPEN, &wd_data->status); 908 return err; 909 } 910 911 static void watchdog_core_data_release(struct device *dev) 912 { 913 struct watchdog_core_data *wd_data; 914 915 wd_data = container_of(dev, struct watchdog_core_data, dev); 916 917 kfree(wd_data); 918 } 919 920 /* 921 * watchdog_release - release the watchdog device 922 * @inode: Inode of device 923 * @file: File handle to device 924 * 925 * This is the code for when /dev/watchdog gets closed. We will only 926 * stop the watchdog when we have received the magic char (and nowayout 927 * was not set), else the watchdog will keep running. 928 * 929 * Always returns 0. 930 */ 931 static int watchdog_release(struct inode *inode, struct file *file) 932 { 933 struct watchdog_core_data *wd_data = file->private_data; 934 struct watchdog_device *wdd; 935 int err = -EBUSY; 936 bool running; 937 938 mutex_lock(&wd_data->lock); 939 940 wdd = wd_data->wdd; 941 if (!wdd) 942 goto done; 943 944 /* 945 * We only stop the watchdog if we received the magic character 946 * or if WDIOF_MAGICCLOSE is not set. If nowayout was set then 947 * watchdog_stop will fail. 948 */ 949 if (!watchdog_active(wdd)) 950 err = 0; 951 else if (test_and_clear_bit(_WDOG_ALLOW_RELEASE, &wd_data->status) || 952 !(wdd->info->options & WDIOF_MAGICCLOSE)) 953 err = watchdog_stop(wdd); 954 955 /* If the watchdog was not stopped, send a keepalive ping */ 956 if (err < 0) { 957 pr_crit("watchdog%d: watchdog did not stop!\n", wdd->id); 958 watchdog_ping(wdd); 959 } 960 961 watchdog_update_worker(wdd); 962 963 /* make sure that /dev/watchdog can be re-opened */ 964 clear_bit(_WDOG_DEV_OPEN, &wd_data->status); 965 966 done: 967 running = wdd && watchdog_hw_running(wdd); 968 mutex_unlock(&wd_data->lock); 969 /* 970 * Allow the owner module to be unloaded again unless the watchdog 971 * is still running. If the watchdog is still running, it can not 972 * be stopped, and its driver must not be unloaded. 973 */ 974 if (!running) { 975 module_put(wd_data->cdev.owner); 976 put_device(&wd_data->dev); 977 } 978 return 0; 979 } 980 981 static const struct file_operations watchdog_fops = { 982 .owner = THIS_MODULE, 983 .write = watchdog_write, 984 .unlocked_ioctl = watchdog_ioctl, 985 .compat_ioctl = compat_ptr_ioctl, 986 .open = watchdog_open, 987 .release = watchdog_release, 988 }; 989 990 static struct miscdevice watchdog_miscdev = { 991 .minor = WATCHDOG_MINOR, 992 .name = "watchdog", 993 .fops = &watchdog_fops, 994 }; 995 996 static struct class watchdog_class = { 997 .name = "watchdog", 998 .owner = THIS_MODULE, 999 .dev_groups = wdt_groups, 1000 }; 1001 1002 /* 1003 * watchdog_cdev_register - register watchdog character device 1004 * @wdd: Watchdog device 1005 * 1006 * Register a watchdog character device including handling the legacy 1007 * /dev/watchdog node. /dev/watchdog is actually a miscdevice and 1008 * thus we set it up like that. 1009 * 1010 * Return: 0 if successful, error otherwise. 1011 */ 1012 static int watchdog_cdev_register(struct watchdog_device *wdd) 1013 { 1014 struct watchdog_core_data *wd_data; 1015 int err; 1016 1017 wd_data = kzalloc(sizeof(struct watchdog_core_data), GFP_KERNEL); 1018 if (!wd_data) 1019 return -ENOMEM; 1020 mutex_init(&wd_data->lock); 1021 1022 wd_data->wdd = wdd; 1023 wdd->wd_data = wd_data; 1024 1025 if (IS_ERR_OR_NULL(watchdog_kworker)) { 1026 kfree(wd_data); 1027 return -ENODEV; 1028 } 1029 1030 device_initialize(&wd_data->dev); 1031 wd_data->dev.devt = MKDEV(MAJOR(watchdog_devt), wdd->id); 1032 wd_data->dev.class = &watchdog_class; 1033 wd_data->dev.parent = wdd->parent; 1034 wd_data->dev.groups = wdd->groups; 1035 wd_data->dev.release = watchdog_core_data_release; 1036 dev_set_drvdata(&wd_data->dev, wdd); 1037 err = dev_set_name(&wd_data->dev, "watchdog%d", wdd->id); 1038 if (err) { 1039 put_device(&wd_data->dev); 1040 return err; 1041 } 1042 1043 kthread_init_work(&wd_data->work, watchdog_ping_work); 1044 hrtimer_init(&wd_data->timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL_HARD); 1045 wd_data->timer.function = watchdog_timer_expired; 1046 watchdog_hrtimer_pretimeout_init(wdd); 1047 1048 if (wdd->id == 0) { 1049 old_wd_data = wd_data; 1050 watchdog_miscdev.parent = wdd->parent; 1051 err = misc_register(&watchdog_miscdev); 1052 if (err != 0) { 1053 pr_err("%s: cannot register miscdev on minor=%d (err=%d).\n", 1054 wdd->info->identity, WATCHDOG_MINOR, err); 1055 if (err == -EBUSY) 1056 pr_err("%s: a legacy watchdog module is probably present.\n", 1057 wdd->info->identity); 1058 old_wd_data = NULL; 1059 put_device(&wd_data->dev); 1060 return err; 1061 } 1062 } 1063 1064 /* Fill in the data structures */ 1065 cdev_init(&wd_data->cdev, &watchdog_fops); 1066 1067 /* Add the device */ 1068 err = cdev_device_add(&wd_data->cdev, &wd_data->dev); 1069 if (err) { 1070 pr_err("watchdog%d unable to add device %d:%d\n", 1071 wdd->id, MAJOR(watchdog_devt), wdd->id); 1072 if (wdd->id == 0) { 1073 misc_deregister(&watchdog_miscdev); 1074 old_wd_data = NULL; 1075 } 1076 put_device(&wd_data->dev); 1077 return err; 1078 } 1079 1080 wd_data->cdev.owner = wdd->ops->owner; 1081 1082 /* Record time of most recent heartbeat as 'just before now'. */ 1083 wd_data->last_hw_keepalive = ktime_sub(ktime_get(), 1); 1084 watchdog_set_open_deadline(wd_data); 1085 1086 /* 1087 * If the watchdog is running, prevent its driver from being unloaded, 1088 * and schedule an immediate ping. 1089 */ 1090 if (watchdog_hw_running(wdd)) { 1091 __module_get(wdd->ops->owner); 1092 get_device(&wd_data->dev); 1093 if (handle_boot_enabled) 1094 hrtimer_start(&wd_data->timer, 0, 1095 HRTIMER_MODE_REL_HARD); 1096 else 1097 pr_info("watchdog%d running and kernel based pre-userspace handler disabled\n", 1098 wdd->id); 1099 } 1100 1101 return 0; 1102 } 1103 1104 /* 1105 * watchdog_cdev_unregister - unregister watchdog character device 1106 * @wdd: Watchdog device 1107 * 1108 * Unregister watchdog character device and if needed the legacy 1109 * /dev/watchdog device. 1110 */ 1111 static void watchdog_cdev_unregister(struct watchdog_device *wdd) 1112 { 1113 struct watchdog_core_data *wd_data = wdd->wd_data; 1114 1115 cdev_device_del(&wd_data->cdev, &wd_data->dev); 1116 if (wdd->id == 0) { 1117 misc_deregister(&watchdog_miscdev); 1118 old_wd_data = NULL; 1119 } 1120 1121 if (watchdog_active(wdd) && 1122 test_bit(WDOG_STOP_ON_UNREGISTER, &wdd->status)) { 1123 watchdog_stop(wdd); 1124 } 1125 1126 watchdog_hrtimer_pretimeout_stop(wdd); 1127 1128 mutex_lock(&wd_data->lock); 1129 wd_data->wdd = NULL; 1130 wdd->wd_data = NULL; 1131 mutex_unlock(&wd_data->lock); 1132 1133 hrtimer_cancel(&wd_data->timer); 1134 kthread_cancel_work_sync(&wd_data->work); 1135 1136 put_device(&wd_data->dev); 1137 } 1138 1139 /** 1140 * watchdog_dev_register - register a watchdog device 1141 * @wdd: Watchdog device 1142 * 1143 * Register a watchdog device including handling the legacy 1144 * /dev/watchdog node. /dev/watchdog is actually a miscdevice and 1145 * thus we set it up like that. 1146 * 1147 * Return: 0 if successful, error otherwise. 1148 */ 1149 int watchdog_dev_register(struct watchdog_device *wdd) 1150 { 1151 int ret; 1152 1153 ret = watchdog_cdev_register(wdd); 1154 if (ret) 1155 return ret; 1156 1157 ret = watchdog_register_pretimeout(wdd); 1158 if (ret) 1159 watchdog_cdev_unregister(wdd); 1160 1161 return ret; 1162 } 1163 1164 /** 1165 * watchdog_dev_unregister - unregister a watchdog device 1166 * @wdd: watchdog device 1167 * 1168 * Unregister watchdog device and if needed the legacy 1169 * /dev/watchdog device. 1170 */ 1171 void watchdog_dev_unregister(struct watchdog_device *wdd) 1172 { 1173 watchdog_unregister_pretimeout(wdd); 1174 watchdog_cdev_unregister(wdd); 1175 } 1176 1177 /** 1178 * watchdog_set_last_hw_keepalive - set last HW keepalive time for watchdog 1179 * @wdd: Watchdog device 1180 * @last_ping_ms: Time since last HW heartbeat 1181 * 1182 * Adjusts the last known HW keepalive time for a watchdog timer. 1183 * This is needed if the watchdog is already running when the probe 1184 * function is called, and it can't be pinged immediately. This 1185 * function must be called immediately after watchdog registration, 1186 * and min_hw_heartbeat_ms must be set for this to be useful. 1187 * 1188 * Return: 0 if successful, error otherwise. 1189 */ 1190 int watchdog_set_last_hw_keepalive(struct watchdog_device *wdd, 1191 unsigned int last_ping_ms) 1192 { 1193 struct watchdog_core_data *wd_data; 1194 ktime_t now; 1195 1196 if (!wdd) 1197 return -EINVAL; 1198 1199 wd_data = wdd->wd_data; 1200 1201 now = ktime_get(); 1202 1203 wd_data->last_hw_keepalive = ktime_sub(now, ms_to_ktime(last_ping_ms)); 1204 1205 if (watchdog_hw_running(wdd) && handle_boot_enabled) 1206 return __watchdog_ping(wdd); 1207 1208 return 0; 1209 } 1210 EXPORT_SYMBOL_GPL(watchdog_set_last_hw_keepalive); 1211 1212 /** 1213 * watchdog_dev_init - init dev part of watchdog core 1214 * 1215 * Allocate a range of chardev nodes to use for watchdog devices. 1216 * 1217 * Return: 0 if successful, error otherwise. 1218 */ 1219 int __init watchdog_dev_init(void) 1220 { 1221 int err; 1222 1223 watchdog_kworker = kthread_create_worker(0, "watchdogd"); 1224 if (IS_ERR(watchdog_kworker)) { 1225 pr_err("Failed to create watchdog kworker\n"); 1226 return PTR_ERR(watchdog_kworker); 1227 } 1228 sched_set_fifo(watchdog_kworker->task); 1229 1230 err = class_register(&watchdog_class); 1231 if (err < 0) { 1232 pr_err("couldn't register class\n"); 1233 goto err_register; 1234 } 1235 1236 err = alloc_chrdev_region(&watchdog_devt, 0, MAX_DOGS, "watchdog"); 1237 if (err < 0) { 1238 pr_err("watchdog: unable to allocate char dev region\n"); 1239 goto err_alloc; 1240 } 1241 1242 return 0; 1243 1244 err_alloc: 1245 class_unregister(&watchdog_class); 1246 err_register: 1247 kthread_destroy_worker(watchdog_kworker); 1248 return err; 1249 } 1250 1251 /** 1252 * watchdog_dev_exit - exit dev part of watchdog core 1253 * 1254 * Release the range of chardev nodes used for watchdog devices. 1255 */ 1256 void __exit watchdog_dev_exit(void) 1257 { 1258 unregister_chrdev_region(watchdog_devt, MAX_DOGS); 1259 class_unregister(&watchdog_class); 1260 kthread_destroy_worker(watchdog_kworker); 1261 } 1262 1263 int watchdog_dev_suspend(struct watchdog_device *wdd) 1264 { 1265 struct watchdog_core_data *wd_data = wdd->wd_data; 1266 int ret = 0; 1267 1268 if (!wdd->wd_data) 1269 return -ENODEV; 1270 1271 /* ping for the last time before suspend */ 1272 mutex_lock(&wd_data->lock); 1273 if (watchdog_worker_should_ping(wd_data)) 1274 ret = __watchdog_ping(wd_data->wdd); 1275 mutex_unlock(&wd_data->lock); 1276 1277 if (ret) 1278 return ret; 1279 1280 /* 1281 * make sure that watchdog worker will not kick in when the wdog is 1282 * suspended 1283 */ 1284 hrtimer_cancel(&wd_data->timer); 1285 kthread_cancel_work_sync(&wd_data->work); 1286 1287 return 0; 1288 } 1289 1290 int watchdog_dev_resume(struct watchdog_device *wdd) 1291 { 1292 struct watchdog_core_data *wd_data = wdd->wd_data; 1293 int ret = 0; 1294 1295 if (!wdd->wd_data) 1296 return -ENODEV; 1297 1298 /* 1299 * __watchdog_ping will also retrigger hrtimer and therefore restore the 1300 * ping worker if needed. 1301 */ 1302 mutex_lock(&wd_data->lock); 1303 if (watchdog_worker_should_ping(wd_data)) 1304 ret = __watchdog_ping(wd_data->wdd); 1305 mutex_unlock(&wd_data->lock); 1306 1307 return ret; 1308 } 1309 1310 module_param(handle_boot_enabled, bool, 0444); 1311 MODULE_PARM_DESC(handle_boot_enabled, 1312 "Watchdog core auto-updates boot enabled watchdogs before userspace takes over (default=" 1313 __MODULE_STRING(IS_ENABLED(CONFIG_WATCHDOG_HANDLE_BOOT_ENABLED)) ")"); 1314 1315 module_param(open_timeout, uint, 0644); 1316 MODULE_PARM_DESC(open_timeout, 1317 "Maximum time (in seconds, 0 means infinity) for userspace to take over a running watchdog (default=" 1318 __MODULE_STRING(CONFIG_WATCHDOG_OPEN_TIMEOUT) ")"); 1319