From 90b00de769e02186a9b75e5766f8a7b690af412e Mon Sep 17 00:00:00 2001 From: Nick Bofferding Date: Fri, 6 Jul 2018 13:46:35 -0500 Subject: Enhance RAS for case where boot firmware image is too big to load Provides a better fail indicator when the boot firmware image is too big to load Change-Id: I23831068aafa693109b7af1d084dd168ea755213 CQ: SW437090 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/72919 Tested-by: Jenkins Server Tested-by: Jenkins OP Build CI Tested-by: FSP CI Jenkins Tested-by: Jenkins OP HW Reviewed-by: Ilya Smirnov Reviewed-by: Matthew Raybuck Reviewed-by: Daniel M. Crowell --- src/bootloader/bootloader.C | 43 +++++++++++++++++++++++++++++++++++-------- 1 file changed, 35 insertions(+), 8 deletions(-) (limited to 'src/bootloader') diff --git a/src/bootloader/bootloader.C b/src/bootloader/bootloader.C index defac9b57..eb1cb8743 100644 --- a/src/bootloader/bootloader.C +++ b/src/bootloader/bootloader.C @@ -196,16 +196,14 @@ namespace Bootloader{ * respect to the first 8 bytes). * * @param[in] i_pHeader Void pointer to start of the container's secure - * header. Must not be nullptr or function will assert. + * header. Must not be nullptr. * @param[in] i_pComponentId Reference component ID to compare to. Must - * not be nullptr or function will assert. + * not be nullptr. */ void verifyComponentId( const void* const i_pHeader, const char* const i_pComponentId) { - assert(i_pHeader != nullptr); - assert(i_pComponentId != nullptr); const auto* const pHwPrefix = reinterpret_cast( @@ -444,8 +442,6 @@ namespace Bootloader{ l_errCode, l_pnorStart); - BOOTLOADER_TRACE(BTLDR_TRC_MAIN_GETHBBSECTION_RTN ); - if(PNOR::NO_ERROR == l_errCode) { // get hbbFlashOffset @@ -456,11 +452,42 @@ namespace Bootloader{ bool l_hbbEcc = ( g_blData->bl_hbbSection.integrity == FFS_INTEG_ECC_PROTECT); + uint32_t workingLength= (l_hbbEcc) ? + (l_hbbLength * LENGTH_W_ECC)/LENGTH_WO_ECC : l_hbbLength; + + // handleMMIO below always moves WORDSIZE chunks at a time, even + // if there is just one byte left, so subtract WORDSIZE from the + // limit to compensate + if(workingLength > (MEGABYTE-WORDSIZE)) + { + BOOTLOADER_TRACE(BTLDR_TRC_BAD_WORK_LEN); + /*@ + * @errortype + * @moduleid Bootloader::MOD_BOOTLOADER_MAIN + * @reasoncode Bootloader::RC_BAD_WORK_LEN + * @userdata1[0:15] TI_WITH_SRC + * @userdata1[16:31] TI_BOOTLOADER + * @userdata1[32:63] Failing address = 0 + * @userdata2[0:31] Length of data from TOC (bytes) + * @userdata2[32:63] Working length (bytes) + * @errorInfo[0:31] Max space available (bytes) + * @devdesc Not enough memory to load boot firmware + * @custdesc Failed to load boot firmware + */ + bl_terminate( + MOD_BOOTLOADER_MAIN, + RC_BAD_WORK_LEN, + l_hbbLength, + workingLength, + true, + 0, + (MEGABYTE-WORDSIZE)); + } + // Copy HB base code from PNOR to working location handleMMIO(l_pnorStart + l_hbbFlashOffset, (l_hbbEcc) ? HBB_ECC_WORKING_ADDR : HBB_WORKING_ADDR, - (l_hbbEcc) ? (l_hbbLength * LENGTH_W_ECC)/LENGTH_WO_ECC - : l_hbbLength, + workingLength, WORDSIZE); BOOTLOADER_TRACE(BTLDR_TRC_MAIN_WORKING_HANDLEMMIO_RTN); -- cgit v1.2.3