diff options
| author | Juan Castillo <juan.castillo@arm.com> | 2015-09-25 15:41:14 +0100 |
|---|---|---|
| committer | Juan Castillo <juan.castillo@arm.com> | 2015-10-28 09:13:40 +0000 |
| commit | 40fc6cd1416b94eacb96d56015a8989fc053d9fe (patch) | |
| tree | 7e01145c33d2b25da097472ba917a447f5e9df57 | |
| parent | 8d91ecfe3c04ed8a56a9b59768757ce853904420 (diff) | |
Add optional platform error handler API
This patch adds an optional API to the platform port:
void plat_error_handler(int err) __dead2;
The platform error handler is called when there is a specific error
condition after which Trusted Firmware cannot continue. While panic()
simply prints the crash report (if enabled) and spins, the platform
error handler can be used to hand control over to the platform port
so it can perform specific bookeeping or post-error actions (for
example, reset the system). This function must not return.
The parameter indicates the type of error using standard codes from
errno.h. Possible errors reported by the generic code are:
-EAUTH : a certificate or image could not be authenticated
(when Trusted Board Boot is enabled)
-ENOENT : the requested image or certificate could not be found
or an IO error was detected
-ENOMEM : resources exhausted. Trusted Firmware does not use
dynamic memory, so this error is usually an indication
of an incorrect array size
A default weak implementation of this function has been provided.
It simply implements an infinite loop.
Change-Id: Iffaf9eee82d037da6caa43b3aed51df555e597a3
| -rw-r--r-- | bl1/bl1_main.c | 6 | ||||
| -rw-r--r-- | bl2/bl2_main.c | 8 | ||||
| -rw-r--r-- | docs/porting-guide.md | 21 | ||||
| -rw-r--r-- | include/plat/common/platform.h | 1 | ||||
| -rw-r--r-- | plat/common/aarch64/platform_helpers.S | 10 |
5 files changed, 37 insertions, 9 deletions
diff --git a/bl1/bl1_main.c b/bl1/bl1_main.c index dad64e25..50cf4e0d 100644 --- a/bl1/bl1_main.c +++ b/bl1/bl1_main.c @@ -174,12 +174,8 @@ void bl1_main(void) &bl2_ep); if (err) { - /* - * TODO: print failure to load BL2 but also add a tzwdog timer - * which will reset the system eventually. - */ ERROR("Failed to load BL2 firmware.\n"); - panic(); + plat_error_handler(err); } /* diff --git a/bl2/bl2_main.c b/bl2/bl2_main.c index 404744b7..f8a2372f 100644 --- a/bl2/bl2_main.c +++ b/bl2/bl2_main.c @@ -219,7 +219,7 @@ void bl2_main(void) e = load_bl30(); if (e) { ERROR("Failed to load BL3-0 (%i)\n", e); - panic(); + plat_error_handler(e); } /* Perform platform setup in BL2 after loading BL3-0 */ @@ -235,14 +235,14 @@ void bl2_main(void) e = load_bl31(bl2_to_bl31_params, bl31_ep_info); if (e) { ERROR("Failed to load BL3-1 (%i)\n", e); - panic(); + plat_error_handler(e); } e = load_bl32(bl2_to_bl31_params); if (e) { if (e == -EAUTH) { ERROR("Failed to authenticate BL3-2\n"); - panic(); + plat_error_handler(e); } else { WARN("Failed to load BL3-2 (%i)\n", e); } @@ -251,7 +251,7 @@ void bl2_main(void) e = load_bl33(bl2_to_bl31_params); if (e) { ERROR("Failed to load BL3-3 (%i)\n", e); - panic(); + plat_error_handler(e); } /* Flush the params to be passed to memory */ diff --git a/docs/porting-guide.md b/docs/porting-guide.md index db6038a4..bf0ada72 100644 --- a/docs/porting-guide.md +++ b/docs/porting-guide.md @@ -650,6 +650,27 @@ it has restrictions for stack usage and it can use the registers x0 - x17 as scratch registers. It should preserve the value in x18 register as it is used by the caller to store the return address. +### Function : plat_error_handler() + + Argument : int + Return : void + +This API is called when the generic code encounters an error situation from +which it cannot continue. It allows the platform to perform error reporting or +recovery actions (for example, reset the system). This function must not return. + +The parameter indicates the type of error using standard codes from `errno.h`. +Possible errors reported by the generic code are: + +* `-EAUTH`: a certificate or image could not be authenticated (when Trusted + Board Boot is enabled) +* `-ENOENT`: the requested image or certificate could not be found or an IO + error was detected +* `-ENOMEM`: resources exhausted. Trusted Firmware does not use dynamic + memory, so this error is usually an indication of an incorrect array size + +The default implementation simply spins. + 3. Modifications specific to a Boot Loader stage ------------------------------------------------- diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h index 8071f394..de9848b7 100644 --- a/include/plat/common/platform.h +++ b/include/plat/common/platform.h @@ -81,6 +81,7 @@ unsigned long plat_get_my_stack(void); void plat_report_exception(unsigned long); int plat_crash_console_init(void); int plat_crash_console_putc(int c); +void plat_error_handler(int err) __dead2; /******************************************************************************* * Mandatory BL1 functions diff --git a/plat/common/aarch64/platform_helpers.S b/plat/common/aarch64/platform_helpers.S index f51d24e6..56b88bc0 100644 --- a/plat/common/aarch64/platform_helpers.S +++ b/plat/common/aarch64/platform_helpers.S @@ -38,6 +38,7 @@ .weak plat_reset_handler .weak plat_disable_acp .weak bl1_plat_prepare_exit + .weak plat_error_handler #if !ENABLE_PLAT_COMPAT .globl platform_get_core_pos @@ -121,3 +122,12 @@ endfunc plat_disable_acp func bl1_plat_prepare_exit ret endfunc bl1_plat_prepare_exit + + /* ----------------------------------------------------- + * void plat_error_handler(int err) __dead2; + * Endless loop by default. + * ----------------------------------------------------- + */ +func plat_error_handler + b plat_error_handler +endfunc plat_error_handler |