On Fri, Jan 25, 2019 at 12:33:56PM +0530, Pramod Kumar wrote: [...]
> > This is an GPIO interrupt. This can not be marked secure as for that > we need to mark whole GPIO controller as secure which is not possible > as GPIO controller is meant for non-secure world having more than 100 > lines connected. > > I agree we have work around where we invoke handler in Linux and > switch to ATF via SMC and from ATF we need bring all secondary CPU to > ATF via sending SGI and and then respective core flushes the L1/L2 and > bring himself out of coherency domain and cluster and MCU shutdowns > the CPU subsystem gracefully. This could work for our requirement. > Need to check ATF support for that. > Yes platform specific requirement and platform specific solution, happy ending :). > But What about generic system? This patch address the generic > multi-master system's requirement. Why do we need to address this in generic system ? And what exactly is this multi-master system's requirement ? Linux runs on one or more masters and will own it completely. Shutdown must involve everything it owns if it needs to be graceful. > Consider system where shutting down the linux does not mean shutting > down the complete system. Why is that the case ? Is it forceful shutdown ? Does Linux just own CPUs and don't care about other blocks in the system ? Irrespective of what it owns, system shutdown will take care. > Lets take an example of smartnic case Where NIC master and CPUs access > cachable DDR. In smarnic its quite common to bring CPUs on demand means > when needed via MCU help. Yes you are talking about CPU hotplug or system here ? The above indicates, it's just CPU hotplug and a solution already exists for that. > Now in full-fledged system. if CPU subsystem is shutdown via poweroff > command which does not bring secondary CPUs out of coherency domain, > it will bring the complete system unstable when NIC master tries to > access DDR and snoop is send to CPUs as well which is not available. > Fabric/System hangs... > That's because your custom solution just sends ipi to stop CPUs. If you shutdown the system, all the required information is save to non-volatile memory and system is powered off gracefully. > I feel While shutting down the CPUs subsystem or powering off, All > secondary CPUs must be shutdown properly by bring-out of coherency > domain to remain rest of subsystem usable. I agree that introducing > PSCI call introduce delay for shutdown/reboot case but stability > matter than little delay. IPI_STOP is not designed to do a graceful shutdown of CPU subsystem. Use CPU hotplug. You are trying to make you custom requirement a generic one. We have CPU hotplug framework to do what you want, you just have to use it. Infact you are doing almost the same with you patch, I don't see any point as why CPU hotplug can't be used. -- Regards, Sudeep
