Add Poweroff and reset driver ( DT )
The power supply updates for Linux 4.8 adds a "reboot mode" driver to the kernel. Andy Yan added this functionality with the commit 4fcd504edbf7c793325511c2df8dcd083958e28a on Jul 6, 2016. The patch provides a framework for registering reboot hooks corresponding to drivers that modifies hardware registers or SRAM. In the author's idea, each driver Should parse the reboot commands like "reboot bootloader" and "reboot recovery" to get a boot mode described in the device tree, then call the write interface to store the boot mode in some place like a special register or SRAM, which the bootloader can read after a system reboot, then the bootloader can take different action according to the mode stored. Android-based devices are a common use case with fastboot or recovery mode.
qcom-pon is a reboot-mode driver. Looking at its code, it just provides pm8916_reboot_mode_write() other than the others that each driver needs.
pm8916_reboot_mode_write() looking at the code, the function task is to write a magic number into a hardware register.
qcom-pon probe function recovers device data from the device tree and registers pm8916_reboot_mode_write() to the reboot-mode hooks.
The reboot syscall has the following signature:
int syscall(SYS_reboot, int magic, int magic2, int cmd, void *arg);Looking at the syscall definition inside the kernel source code, it appears evident that the arg needed to the reboot-mode callbacks to work is only used for the LINUX_REBOOT_CMD_RESTART2 command.
Another point that is useful for this test is that the GLIBC does not allow to use of the 'arg ' in its reboot implementation.
It appears evident that for testing this functionality, another reboot needs to be implemented.
.equ SYS_reboot, 142
.equ LINUX_REBOOT_CMD_RESTART2_LOW, 0xC3D4
.equ LINUX_REBOOT_CMD_RESTART2_HIGH, 0xA1B2
.equ LINUX_REBOOT_MAGIC1_LOW, 0xDEAD
.equ LINUX_REBOOT_MAGIC1_HIGH, 0xFEE1
.equ LINUX_REBOOT_MAGIC2_LOW, 0x1969
.equ LINUX_REBOOT_MAGIC2_HIGH, 0x2812
.text
_start:
mov x8, SYS_reboot
adr x3, ARG
movz x2, LINUX_REBOOT_CMD_RESTART2_LOW
movk x2, LINUX_REBOOT_CMD_RESTART2_HIGH, lsl 16
movz x1, LINUX_REBOOT_MAGIC2_LOW
movk x1, LINUX_REBOOT_MAGIC2_HIGH, lsl 16
movz x0, LINUX_REBOOT_MAGIC1_LOW
movk x0, LINUX_REBOOT_MAGIC1_HIGH, lsl 16
svc 0
ARG: .asciz "recovery"And since our target architecture is aarch64, it needs to be written in aarch64 assembly. Assembling, linking, stripping, and transforming this code in base64 gives an easy way to transport it on the target platform.
aarch64-linux-gnu-as reboot.s -o reboot.o && aarch64-linux-gnu-ld reboot.o -o reboot && aarch64-linux-gnu-strip reboot && cat reboot | base64
f0VMRgIBAQAAAAAAAAAAAAIAtwABAAAAeABAAAAAAABAAAAAAAAAALgAAAAAAAAAAAAAAEAAOAAB
AEAAAwACAAEAAAAFAAAAAAAAAAAAAAAAAEAAAAAAAAAAQAAAAAAApQAAAAAAAAClAAAAAAAAAAAA
AQAAAAAAyBGA0gMBABCCepjSQja08iEtg9JBAqXyoNWb0iDcv/IBAADUcmVjb3ZlcnkAAC5zaHN0
cnRhYgAudGV4dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAALAAAAAQAAAAYAAAAAAAAAeABAAAAAAAB4AAAAAAAAAC0AAAAA
AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAQAAAAMAAAAAAAAAAAAAAAAAAAAAAAAApQAAAAAA
AAARAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAA==The code can be pasted easily as executable into the target platform by simply using:
# cat |base64 -d >reboot
# chmod +x rebootAnd using ^d to terminate.
The evidence the code has worked on unmodified kernel, unfortunately, depends by the support for this functionality
[root@localhost ~]# ./reboot
[ 87.097089] sd 0:0:0:7: [sdh] Synchronizing SCSI cache
[ 87.097992] sd 0:0:0:6: [sdg] Synchronizing SCSI cache
[ 87.098037] sd 0:0:0:5: [sdf] Synchronizing SCSI cache
[ 87.098077] sd 0:0:0:4: [sde] Synchronizing SCSI cache
[ 87.098120] sd 0:0:0:3: [sdd] Synchronizing SCSI cache
[ 87.098162] sd 0:0:0:2: [sdc] Synchronizing SCSI cache
[ 87.098200] sd 0:0:0:1: [sdb] Synchronizing SCSI cache
[ 87.098242] sd 0:0:0:0: [sda] Synchronizing SCSI cache
[ 87.940644] ufshcd-qcom 1da4000.ufshc: genpd_runtime_resume()<#>,Caller is __rpm_callback+0x4c/0x140
[ 87.940683] PM: ufs_card_gdsc: Power-on latency exceeded, new value 22136 ns
[ 87.940688] ufshcd-qcom 1da4000.ufshc: resume latency exceeded, 1667 ns
[ 87.941002] reboot: Restarting system with command 'recovery'
Format: Log Type - Time(microsec) - Message - Optional Info
Log Type: B - Since Boot(Power On Reset), D - Delta, S - Statistic
S - QC_IMAGE_VERSION_STRING=BOOT.MXF.1.1-00467-MAKENA-1
S - IMAGE_VARIANT_STRING=SocMakenaAU
S - OEM_IMAGE_VERSION_STRING=san-w175-ma3-2-01
S - Boot Interface: UFS
S - Secure Boot: Off
S - Boot Config @ 0x00786064 = 0x00000001
S - JTAG ID @ 0x00786130 = 0x1014c0e1
S - OEM ID @ 0x00786138 = 0x00000000
S - Serial Number @ 0x00786134 = 0xfd2518e8
S - OEM Config Row 0 @ 0x007841c8 = 0x0000000000000000
S - OEM Config Row 1 @ 0x007841d0 = 0x0000000000000001
S - Feature Config Row 0 @ 0x00784148 = 0x0000000000000000
S - Feature Config Row 1 @ 0x00784150 = 0x0000000000000000
S - Core 0 Frequency, 1440 MHz
S - PBL Patch Ver: 0
D - 6020 - pbl_apps_init_timestamp
D - 38769 - bootable_media_detect_timestamp
D - 778 - bl_elf_metadata_loading_timestamp
D - 563 - bl_hash_seg_auth_timestamp
D - 6239 - bl_elf_loadable_segment_loading_timestamp
D - 3916 - bl_elf_segs_hash_verify_timestamp
D - 16542 - bl_sec_hash_seg_auth_timestamp
D - 753 - bl_sec_segs_hash_verify_timestamp
D - 12 - pbl_populate_shared_data_and_exit_timestamp
S - 73592 - PBL, End
B - 84668 - SBL1, Start
B - 218166 - SBL1 BUILD @ 01:13:14 on Dec 30 2021
B - 222680 - usb: usb2phy: PRIM success , 0x4
B - 225608 - usb: eud_serial_upd , 0xfd2518e8
D - 230061 - sbl1_hw_init
B - 234545 - smss_load_cancel
B - 238174 - TCSR_SAFE_ISBPR [0x0]
B - 240248 - SMSS_TCSR_SPARE1_REG0 [0xff]
B - 244030 - BIST Prepare
B - 248239 - BIST Start
B - 250801 - P1 MBIST:START
B - 256810 - P1 MBIST:END
B - 256810 - BIST Complete
B - 259646 - SMSS_TCSR_SPARE1_REG0 [0x1ff]
B - 262544 - SMSS CSM DCMM zero init
B - 277489 - SMSS Load [TRUE]
D - 42975 - smss_load_cancel
B - 280661 - UFS Boot LUN: 1
D - 3446 - boot_media_init
D - 0 - boot_check_recoveryinfo_partition
B - 289475 - BOOT_LUN_1
B - 294050 - Recovery: media open skip
B - 296551 - Recovery: Set AB usable
D - 10919 - boot_recovery_select_boot_partitions
D - 0 - boot_recovery_partitions_info_imem_init
D - 0 - boot_save_sbl_recovery_partition_info
B - 313967 - SMSS - Image Load, Start
D - 732 - Auth Metadata
Format: Log Type - Time(microsec) - Message - Optional Info
Log Type: B - Since Boot(Power On Reset), D - Delta, S - Statistic
S - QC_IMAGE_VERSION_STRING=BOOT.MXF.1.1-00467-MAKENA-1
S - IMAGE_VARIANT_STRING=SocMakenaAU
S - OEM_IMAGE_VERSION_STRING=san-w175-ma3-2-01
S - Boot Interface: UFS
S - Secure Boot: Off
S - Boot Config @ 0x00786064 = 0x00000001
S - JTAG ID @ 0x00786130 = 0x1014c0e1
S - OEM ID @ 0x00786138 = 0x00000000
S - Serial Number @ 0x00786134 = 0xfd2518e8
S - OEM Config Row 0 @ 0x007841c8 = 0x0000000000000000
S - OEM Config Row 1 @ 0x007841d0 = 0x0000000000000001
S - Feature Config Row 0 @ 0x00784148 = 0x0000000000000000
S - Feature Config Row 1 @ 0x00784150 = 0x0000000000000000
S - Core 0 Frequency, 1440 MHz
S - PBL Patch Ver: 0
D - 6020 - pbl_apps_init_timestamp
D - 38756 - bootable_media_detect_timestamp
D - 779 - bl_elf_metadata_loading_timestamp
D - 567 - bl_hash_seg_auth_timestamp
D - 6238 - bl_elf_loadable_segment_loading_timestamp
D - 3851 - bl_elf_segs_hash_verify_timestamp
D - 16545 - bl_sec_hash_seg_auth_timestamp
D - 754 - bl_sec_segs_hash_verify_timestamp
D - 12 - pbl_populate_shared_data_and_exit_timestamp
S - 73522 - PBL, End
B - 84942 - SBL1, Start
B - 218441 - SBL1 BUILD @ 01:13:14 on Dec 30 2021
B - 222924 - usb: usb2phy: PRIM success , 0x4
B - 225883 - usb: eud_serial_upd , 0xfd2518e8
D - 230336 - sbl1_hw_init
B - 234789 - smss_load_cancel
B - 239028 - TCSR_SAFE_ISBPR [0x0]
B - 240523 - SMSS_TCSR_SPARE1_REG0 [0x800007ff]
B - 244274 - SMSS Load [FALSE]
D - 14121 - smss_load_cancel
B - 252204 - UFS Boot LUN: 1
B - 290207 - UFS INQUIRY ID: KIOXIA THGJFAT0T44BAILB1001
D - 54869 - boot_media_init
D - 31 - boot_check_recoveryinfo_partition
B - 309910 - BOOT_LUN_1
B - 314668 - Recovery: partition magic not set
B - 316956 - Recovery: Info missing
D - 11620 - boot_recovery_select_boot_partitions
D - 0 - boot_recovery_partitions_info_imem_init
D - 0 - boot_save_sbl_recovery_partition_info
B - 335012 - SMSS - Image Load, Start
D - 4910 - SMSS - Image Loaded, Delta - (0 Bytes)
D - 0 - boot_recovery_media_partial_init_return
D - 763 - Auth Metadata
D - 5551 - sbl1_xblconfig_init
B - 356697 - XBL Config - Image Load, Start
D - 0 - shrm_load_cancel
B - 364383 - SHRM - Image Load, Start
D - 518 - Auth Metadata
D - 884 - Segments hash check
D - 11011 - SHRM - Image Loaded, Delta - (33472 Bytes)
D - 0 - boot_default_cdt_init
D - 275 - boot_cdt_init
B - 387624 - CDT - Image Load, Start
B - 390400 - CDT Version:3,Platform ID:25,Major ID:1,Minor ID:0,Subtype:2
D - 16561 - sbl1_hw_platform_pre_ddr
D - 0 - devcfg init
B - 416294 - PMIC A:3.0 C:3.0 E:3.0 G:3.0
B - 453901 - PM: PSI: b0x0f_v0x03
B - 457408 - PM: Device Init # SPMI Transn: 2349
D - 50447 - pm_device_init, Delta
B - 462136 - pm_driver_init, Start
B - 478392 - PM: Driver Init # SPMI Transn: 858
D - 12780 - pm_driver_init, Delta
B - 483059 - vsense_init, Start
D - 0 - vsense_init, Delta
B - 489769 - cpr_init, Start
D - 305 - cpr_init, Delta
D - 89975 - sbl1_hw_pre_ddr_init
D - 0 - boot_dload_handle_forced_dload_timeout
D - 2959 - sbl1_load_ddr_training_data
B - 507306 - Pre_DDR_clock_init, Start
D - 244 - Pre_DDR_clock_init, Delta
D - 12871 - sbl1_ddr_set_params
B - 518988 - sbl1_ddr_init, Start
B - 522373 - 8 channel DDR configuration
D - 28030 - sbl1_ddr_init, Delta
B - 550372 - DSF version = 265.0.69
B - 553758 - Manufacturer ID = ff, Device Type = 7
B - 557326 - Rank 0 size = 16384 MB, Rank 1 size = 0 MB
D - 43432 - sbl1_ddr_init
D - 0 - boot_pre_ddi_entry
B - 570380 - do_ddr_training, Start
B - 594231 - DDR: Start of DDR Training Restore
B - 606553 - Frequency = 1555 MHz
B - 606584 - Max enabled DDR Freq = 2092 MHz
B - 609969 - DDR: End of DDR Training Restore
D - 40778 - do_ddr_training, Delta
D - 48465 - sbl1_do_ddr_training
D - 249886 - boot_ddi_entry
B - 872269 - checksum write to safety dram
B - 875136 - Pimem init cmd, entry
D - 9028 - Pimem init cmd, exit
B - 890020 - External heap init, Start
B - 891789 - External heap init, End
D - 27816 - sbl1_post_ddr_init
D - 244 - sbl1_hw_init_secondary
B - 903318 - DDR - Image Load, Start
B - 906978 - usb: UFS Serial - 139ea98a
D - 3752 - boot_fedl_check
B - 914573 - APDP - Image Load, Start
D - 3050 - APDP - Image Loaded, Delta - (64 Bytes)
D - 0 - boot_dload_dump_security_regions
D - 0 - ramdump_load_cancel
B - 931043 - RamDump - Image Load, Start
D - 3294 - RamDump - Image Loaded, Delta - (0 Bytes)
D - 31 - boot_update_abnormal_reset_status
D - 0 - boot_cache_set_memory_barrier
D - 0 - boot_smem_debug_init
D - 183 - boot_smem_init
D - 0 - boot_smem_alloc_for_minidump
D - 61 - boot_smem_store_pon_status
D - 0 - sbl1_hw_platform_smem
B - 966941 - IOCTL features state
B - 970357 - DDR_ECC state = 0x2
D - 7137 - boot_ddr_share_data_to_aop
D - 335 - boot_clock_init_rpm
D - 0 - boot_vsense_copy_to_smem
D - 31 - boot_populate_ram_partition_table
D - 30 - boot_update_syndrome_regions
D - 0 - boot_populate_ddr_details_shared_table
D - 0 - boot_recovery_partitions_info_smem_init
D - 0 - sbl1_tlmm_init
D - 0 - sbl1_efs_handle_cookies
B - 1009763 - OEM_MISC - Image Load, Start
D - 610 - Auth Metadata
D - 122 - Segments hash check
D - 10645 - OEM_MISC - Image Loaded, Delta - (7624 Bytes)
B - 1023732 - QTI_MISC - Image Load, Start
D - 5704 - QTI_MISC - Image Loaded, Delta - (0 Bytes)
B - 1033645 - SMSS_TCSR_SPARE1_REG0 [0x800007ff]
B - 1039074 - SMSS_TCSR_SPARE1_REG0 [0x800007ff]
D - 10065 - smss_wait_for_bist
B - 1053653 - PM: PM Total Mem Allocated: 4292
D - 5307 - sbl1_pm_aop_pre_init_wrapper
B - 1058228 - AOP - Image Load, Start
D - 427 - Auth Metadata
D - 1128 - Segments hash check
D - 12718 - AOP - Image Loaded, Delta - (212316 Bytes)
B - 1074271 - QSEE Dev Config - Image Load, Start
D - 366 - Auth Metadata
D - 305 - Segments hash check
D - 13023 - QSEE Dev Config - Image Loaded, Delta - (53392 Bytes)
B - 1096322 - QSEE - Image Load, Start
D - 16592 - Auth Metadata
D - 15952 - Segments hash check
D - 64264 - QSEE - Image Loaded, Delta - (3759370 Bytes)
D - 0 - sbl1_hw_play_vibr
B - 1169522 - SEC - Image Load, Start
D - 3172 - SEC - Image Loaded, Delta - (64 Bytes)
B - 1176415 - CPUCPFW - Image Load, Start
D - 16379 - Auth Metadata
D - 16348 - Segments hash check
D - 43646 - CPUCPFW - Image Loaded, Delta - (119724 Bytes)
B - 1229089 - QHEE - Image Load, Start
D - 427 - Auth Metadata
D - 2104 - Segments hash check
D - 6740 - QHEE - Image Loaded, Delta - (477928 Bytes)
B - 1239154 - APPSBL - Image Load, Start
D - 397 - Auth Metadata
D - 9120 - Segments hash check
D - 20221 - APPSBL - Image Loaded, Delta - (2621440 Bytes)
D - 0 - sbl1_save_appsbl_index
S - Flash Throughput, 188905 KB/s (7367312 Bytes, 39591 us)
S - DDR Frequency, 2092 MHz
B - 1277675 - SBL1, End
D - 1195356 - SBL1, Delta
UEFI Start [ 1459]
- 0x09F001000 [ 1464] Sec.efi
ASLR : OFF [WARNING]
DEP : ON (RTB)
Timer Delta : +2 mS
RAM Entry 0 : Base 0x0080000000 Size 0x003744C000
RAM Entry 1 : Base 0x0800000000 Size 0x005A400000
RAM Entry 2 : Base 0x087FE20000 Size 0x00001E0000
RAM Entry 3 : Base 0x00C0000000 Size 0x0340000000
Total Available RAM : 15642 MB (0x03D1A2C000)
Total Installed RAM : 15781 MB (0x03DA5E0000)
Init 1 aux cores of 7
Init CPU core 1
UEFI Ver : 6.0.211230.BOOT.MXF.1.1-00467-MAKENA-1
Build Info : 64b Dec 30 2021 01:14:40
Boot Device : UFS
PROD Mode : TRUE
Retail : TRUE
> Scheduler up on Core 1
PM0: 30, PM2: 30, PM4: 30, PM6: 30,
UFS Boot LUN: 1
UFS INQUIRY ID: KIOXIA THGJFAT0T44BAILB1001
RawFsSimpleFsDriverEntryPoint:Failed. Status: Not Found.
/local/mnt/workspace/CRMBuilds/BOOT.MXF.1.1-00467-MAKENA-1_20211230_010441/b/boot_images/boot/QcomPkg/Drivers/TrEEDxe/
TpmDxe.c..TpmDxeInitialize:1137 Failed! input = 0xE
/local/mnt/workspace/CRMBuilds/BOOT.MXF.1.1-00467-MAKENA-1_20211230_010441/b/boot_images/boot/QcomPkg/Drivers/TrEEDxe/
TrEEDxe.c..TrEEDxeInitialize:825 Failed! input = 0xE
HW Wdog Setting from PCD : Disabled
ButtonsDxeTest: Keypress SDAM data payload 0
WaitParallelThreads InIt [ 1911]
Var Store : WARNING, not persistent
UEFI Ver : 6.0.211230.BOOT.MXF.1.1-00467-MAKENA-1
Platform : ADP
Subtype : 2
Boot Device : UFS
Chip Name : SA_MAKENA_ADAS
Chip Ver : 2.0
Chip Num : 0xFD2518E8
Chip ECID : 0x0428FD2518E8
-----------------------------
UEFI Total : 454 ms
POST Time [ 1913] OS Loader
Loader Build Info: Mar 1 2022 20:26:47
VB: Non-secure device: Security State: (0xFFF3F)
VB: RWDeviceState: Succeed using devinfo!
Total DDR Size: 0x00000003D1A2C000
KeyPress:0, BootReason:2
Fastboot=1, Recovery:0
SilentBoot Mode:11
tz_armv8_smc_call failed, TzStatus = 0xFFFFFFFF, SmcId = 0x2000609
GetVmData: No Vm data present! Status = (0x3)
VM Hyp calls not present
Launching fastboot
Fastboot Build Info: Mar 1 2022 20:26:40
UsbStartController: Starting Core 0 in mode: 4
UsbConfigPortsSetSimulate: UsbConfigPortsSetSimulate, event 2
usb2phy: PRIM success: 4
retimer, platform: 250002
usb3phy: PRIM success: lane_A: 145
SSUsb1InitCommon: End of SSusb1initcommon coreType 5
Fastboot: Initializing...
VB: Non-secure device: Security State: (0xFFF3F)
Partition not found : frp
Error Reading FRP partition: Not Found
Fastboot: Processing commands
Display menu is not enabled!
Dev_Common_Speed: Dev Bus Speed: High, state 2
Dev_Common_Speed: Dev Bus Speed: High, state 2Edited by Alessandro Carminati