diff --git a/bl1/bl1_main.c b/bl1/bl1_main.c index dad64e259f5aad9f9afd285be5de30f63feab248..50cf4e0d858bd0d2c2802a8096ead74db63f1c1d 100644 --- a/bl1/bl1_main.c +++ b/bl1/bl1_main.c @@ -174,12 +174,8 @@ void bl1_main(void) &bl2_ep); if (err) { - /* - * TODO: print failure to load BL2 but also add a tzwdog timer - * which will reset the system eventually. - */ ERROR("Failed to load BL2 firmware.\n"); - panic(); + plat_error_handler(err); } /* diff --git a/bl2/bl2_main.c b/bl2/bl2_main.c index 404744b7892b22b470505f189c01261fafdf7f27..f8a2372fe5ee91c36f95684287f43dc6848029c7 100644 --- a/bl2/bl2_main.c +++ b/bl2/bl2_main.c @@ -219,7 +219,7 @@ void bl2_main(void) e = load_bl30(); if (e) { ERROR("Failed to load BL3-0 (%i)\n", e); - panic(); + plat_error_handler(e); } /* Perform platform setup in BL2 after loading BL3-0 */ @@ -235,14 +235,14 @@ void bl2_main(void) e = load_bl31(bl2_to_bl31_params, bl31_ep_info); if (e) { ERROR("Failed to load BL3-1 (%i)\n", e); - panic(); + plat_error_handler(e); } e = load_bl32(bl2_to_bl31_params); if (e) { if (e == -EAUTH) { ERROR("Failed to authenticate BL3-2\n"); - panic(); + plat_error_handler(e); } else { WARN("Failed to load BL3-2 (%i)\n", e); } @@ -251,7 +251,7 @@ void bl2_main(void) e = load_bl33(bl2_to_bl31_params); if (e) { ERROR("Failed to load BL3-3 (%i)\n", e); - panic(); + plat_error_handler(e); } /* Flush the params to be passed to memory */ diff --git a/docs/porting-guide.md b/docs/porting-guide.md index 08fef4a8e8a23d5f19a6d6d1844804bf4a951a27..6e71025cc6815cd7bf239a13ab393331186e1e04 100644 --- a/docs/porting-guide.md +++ b/docs/porting-guide.md @@ -650,6 +650,27 @@ it has restrictions for stack usage and it can use the registers x0 - x17 as scratch registers. It should preserve the value in x18 register as it is used by the caller to store the return address. +### Function : plat_error_handler() + + Argument : int + Return : void + +This API is called when the generic code encounters an error situation from +which it cannot continue. It allows the platform to perform error reporting or +recovery actions (for example, reset the system). This function must not return. + +The parameter indicates the type of error using standard codes from `errno.h`. +Possible errors reported by the generic code are: + +* `-EAUTH`: a certificate or image could not be authenticated (when Trusted + Board Boot is enabled) +* `-ENOENT`: the requested image or certificate could not be found or an IO + error was detected +* `-ENOMEM`: resources exhausted. Trusted Firmware does not use dynamic + memory, so this error is usually an indication of an incorrect array size + +The default implementation simply spins. + 3. Modifications specific to a Boot Loader stage ------------------------------------------------- diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h index 8071f39424c1ce325fdcf6f1b0f1204da19edf75..de9848b7c19f6c0df82c105e5d661ef402ff8f77 100644 --- a/include/plat/common/platform.h +++ b/include/plat/common/platform.h @@ -81,6 +81,7 @@ unsigned long plat_get_my_stack(void); void plat_report_exception(unsigned long); int plat_crash_console_init(void); int plat_crash_console_putc(int c); +void plat_error_handler(int err) __dead2; /******************************************************************************* * Mandatory BL1 functions diff --git a/plat/common/aarch64/platform_helpers.S b/plat/common/aarch64/platform_helpers.S index f51d24e6d12f8d18302b07137ec0e091a85c8f0b..56b88bc0e5ae04173a16dd7251cf759d480df62b 100644 --- a/plat/common/aarch64/platform_helpers.S +++ b/plat/common/aarch64/platform_helpers.S @@ -38,6 +38,7 @@ .weak plat_reset_handler .weak plat_disable_acp .weak bl1_plat_prepare_exit + .weak plat_error_handler #if !ENABLE_PLAT_COMPAT .globl platform_get_core_pos @@ -121,3 +122,12 @@ endfunc plat_disable_acp func bl1_plat_prepare_exit ret endfunc bl1_plat_prepare_exit + + /* ----------------------------------------------------- + * void plat_error_handler(int err) __dead2; + * Endless loop by default. + * ----------------------------------------------------- + */ +func plat_error_handler + b plat_error_handler +endfunc plat_error_handler