Convert asserts to error logs where it makes sense

Change-Id: Idd15e39cc6be44c0865f13503bfa4482d77fcf0d
RTC:181899
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/51042
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Martin Gloff <mgloff@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>

3 files changed, 177 insertions, 19 deletions

diff --git a/src/usr/secureboot/base/header.C b/src/usr/secureboot/base/header.C
index 77d756934..58f08c632 100644
--- a/src/usr/secureboot/base/header.C
+++ b/src/usr/secureboot/base/header.C
@@ -28,6 +28,9 @@
 #include <kernel/console.H>
 #include <errno.h>
 #include <kernel/bltohbdatamgr.H>
+#include "../common/securetrace.H"
+#include "../common/errlud_secure.H"
+#include <secureboot/secure_reasoncodes.H>
 
 namespace SECUREBOOT
 {
@@ -36,15 +39,44 @@ namespace SECUREBOOT
         return Singleton<Header>::instance();
     }
 
-    void Header::loadHeader()
+    errlHndl_t Header::loadHeader()
     {
+        errlHndl_t l_errl = nullptr;
+
+        do {
+
         const void* const pHeader = g_BlToHbDataManager.getHbbHeader();
 
         // Fatal code bug if called with nullptr pointer
-        assert(pHeader != nullptr,
-            "BUG! In Header::loadHeader(), expected valid address for base "
-            "image header, but got nullptr.");
+        if (pHeader == nullptr)
+        {
+            SB_ERR("Header::loadHeader(), expected valid address for base image header, but got nullptr.");
+            /*@
+             * @errortype
+             * @severity        ERRORLOG::ERRL_SEV_UNRECOVERABLE
+             * @moduleid        SECUREBOOT::MOD_SECURE_LOAD_HEADER
+             * @reasoncode      SECUREBOOT::RC_INVALID_BASE_HEADER
+             * @userdata1       0
+             * @userdata2       0
+             * @devdesc         Hostboot Base Image Header not valid
+             * @custdesc        Firmware Error
+             */
+            l_errl = new ERRORLOG::ErrlEntry(
+                            ERRORLOG::ERRL_SEV_UNRECOVERABLE,
+                            SECUREBOOT::MOD_SECURE_LOAD_HEADER,
+                            SECUREBOOT::RC_INVALID_BASE_HEADER,
+                            0,
+                            0,
+                            true);
+            addSecureUserDetailsToErrlog(l_errl);
+            l_errl->collectTrace(SECURE_COMP_NAME);
+            break;
+        }
+
         _set(pHeader);
+        } while(0);
+
+        return l_errl;
     }
 
     void Header::_set(
diff --git a/src/usr/secureboot/base/service.C b/src/usr/secureboot/base/service.C
index 21900a5fa..1f5b5d83d 100644
--- a/src/usr/secureboot/base/service.C
+++ b/src/usr/secureboot/base/service.C
@@ -234,8 +234,6 @@ errlHndl_t getAllSecurityRegisters(std::vector<SecureRegisterValues> & o_regs,
                                   DEVICE_FSI_ADDRESS(op_addr) );
             }
 
-            assert(op_actual_size == op_expected_size,"getAllSecurityRegisters: BUG! size returned from device write (%d) is not the expected size of %d", op_actual_size, op_expected_size);
-
             if( err )
             {
                 // Something failed on the read.  Commit the error
@@ -249,6 +247,33 @@ errlHndl_t getAllSecurityRegisters(std::vector<SecureRegisterValues> & o_regs,
                 errlCommit( err, SECURE_COMP_ID );
                 continue;
             }
+
+            if (op_actual_size != op_expected_size)
+            {
+                SB_ERR("getAllSecurityRegisters: size returned from device write (%d) is not the expected size of %d",
+                       op_actual_size, op_expected_size);
+                /*@
+                 * @errortype
+                 * @severity        ERRORLOG::ERRL_SEV_UNRECOVERABLE
+                 * @moduleid        SECUREBOOT::MOD_SECURE_GET_ALL_SEC_REGS
+                 * @reasoncode      SECUREBOOT::RC_DEVICE_WRITE_ERR
+                 * @userdata1       Actual size written
+                 * @userdata2       Expected size written
+                 * @devdesc         Device write did not return expected size
+                 * @custdesc        Firmware Error
+                 */
+                err = new ERRORLOG::ErrlEntry(
+                                ERRORLOG::ERRL_SEV_UNRECOVERABLE,
+                                SECUREBOOT::MOD_SECURE_GET_ALL_SEC_REGS,
+                                SECUREBOOT::RC_DEVICE_WRITE_ERR,
+                                op_actual_size,
+                                op_expected_size,
+                                true);
+                addSecureUserDetailsToErrlog(err);
+                err->collectTrace(SECURE_COMP_NAME);
+                break;
+            }
+
             // push back result
             l_secRegValues.tgt=procTgt;
             l_secRegValues.addr=op_addr;
@@ -316,7 +341,11 @@ void* initializeBase(void* unused)
 #endif
 
         // Load original header.
-        Singleton<Header>::instance().loadHeader();
+        l_errl = Singleton<Header>::instance().loadHeader();
+        if (l_errl)
+        {
+            break;
+        }
     } while(0);
 
     return l_errl;
@@ -613,11 +642,43 @@ uint8_t getSbeSecurityMode()
     return g_sbeSecurityMode;
 }
 
-void setSbeSecurityMode(uint8_t i_sbeSecurityMode)
+errlHndl_t setSbeSecurityMode(uint8_t i_sbeSecurityMode)
 {
-    assert(i_sbeSecurityMode == 0 || i_sbeSecurityMode == 1,
-        "SBE Security Mode can only be set to 0 or 1");
+    errlHndl_t l_errl = nullptr;
+
+    do {
+    // Ensure a valid mode
+    if (i_sbeSecurityMode != 0 && i_sbeSecurityMode != 1)
+    {
+        SB_ERR("SBE Security Mode can only be set to 0 or 1");
+
+        /*@
+         * @errortype
+         * @severity        ERRORLOG::ERRL_SEV_UNRECOVERABLE
+         * @moduleid        SECUREBOOT::MOD_SECURE_SET_SBE_SECURE_MODE
+         * @reasoncode      SECUREBOOT::RC_SBE_INVALID_SEC_MODE
+         * @userdata1       Security mode to set
+         * @userdata2       0
+         * @devdesc         Invalid SBE security mode
+         * @custdesc        Platform security problem detected
+         */
+        l_errl = new ERRORLOG::ErrlEntry(
+                        ERRORLOG::ERRL_SEV_UNRECOVERABLE,
+                        SECUREBOOT::MOD_SECURE_SET_SBE_SECURE_MODE,
+                        SECUREBOOT::RC_SBE_INVALID_SEC_MODE,
+                        i_sbeSecurityMode,
+                        0,
+                        true);
+        l_errl->collectTrace(SECURE_COMP_NAME);
+        addSecureUserDetailsToErrlog(l_errl);
+        break;
+    }
+
     g_sbeSecurityMode = i_sbeSecurityMode;
+
+    } while(0);
+
+    return l_errl;
 }
 
 } //namespace SECUREBOOT
diff --git a/src/usr/secureboot/base/settings.C b/src/usr/secureboot/base/settings.C
index eb25aea11..4ebb77dd1 100644
--- a/src/usr/secureboot/base/settings.C
+++ b/src/usr/secureboot/base/settings.C
@@ -284,9 +284,31 @@ namespace SECUREBOOT
             break;
         }
 
-        assert(actSize == expSize,
-            "writeSecurityRegister: BUG! size returned from device write (%d) "
-            "is not the expected size of %d",actSize,expSize);
+        if(actSize != expSize)
+        {
+            SB_ERR("writeSecurityRegister: size returned from device write (%d) is not the expected size of %d",
+                   actSize, expSize);
+            /*@
+             * @errortype
+             * @severity        ERRORLOG::ERRL_SEV_UNRECOVERABLE
+             * @moduleid        SECUREBOOT::MOD_SECURE_WRITE_REG
+             * @reasoncode      SECUREBOOT::RC_DEVICE_WRITE_ERR
+             * @userdata1       Actual size written
+             * @userdata2       Expected size written
+             * @devdesc         Device write did not return expected size
+             * @custdesc        Firmware Error
+             */
+            pError = new ERRORLOG::ErrlEntry(
+                            ERRORLOG::ERRL_SEV_UNRECOVERABLE,
+                            SECUREBOOT::MOD_SECURE_WRITE_REG,
+                            SECUREBOOT::RC_DEVICE_WRITE_ERR,
+                            actSize,
+                            expSize,
+                            true);
+            pError->collectTrace(SECURE_COMP_NAME);
+            addSecureUserDetailsToErrlog(pError);
+            break;
+        }
 
         } while(0);
 
@@ -341,10 +363,30 @@ namespace SECUREBOOT
         }
 
         // Make sure the processor is SCOMable
-        if (i_pProc != MASTER_PROCESSOR_CHIP_TARGET_SENTINEL)
+        if (i_pProc != MASTER_PROCESSOR_CHIP_TARGET_SENTINEL &&
+            !i_pProc->getAttr<ATTR_SCOM_SWITCHES>().useXscom)
         {
-            assert(i_pProc->getAttr<ATTR_SCOM_SWITCHES>().useXscom,
-                "Bug! Processor security register read too early.");
+            SB_ERR("readSecurityRegister: Processor security register read too early");
+            /*@
+             * @errortype
+             * @severity        ERRORLOG::ERRL_SEV_UNRECOVERABLE
+             * @moduleid        SECUREBOOT::MOD_SECURE_READ_REG
+             * @reasoncode      SECUREBOOT::RC_PROC_NOT_SCOMABLE
+             * @userdata1       Use XSCOM bool
+             * @userdata2       Target's HUID
+             * @devdesc         Processor security register read too early
+             * @custdesc        Firmware Error
+             */
+            l_errl = new ERRORLOG::ErrlEntry(
+                            ERRORLOG::ERRL_SEV_UNRECOVERABLE,
+                            SECUREBOOT::MOD_SECURE_READ_REG,
+                            SECUREBOOT::RC_PROC_NOT_SCOMABLE,
+                            i_pProc->getAttr<ATTR_SCOM_SWITCHES>().useXscom,
+                            TO_UINT64(get_huid(i_pProc)),
+                            true);
+            l_errl->collectTrace(SECURE_COMP_NAME);
+            addSecureUserDetailsToErrlog(l_errl);
+            break;
         }
 
         // Read security switch setting from processor.
@@ -356,9 +398,32 @@ namespace SECUREBOOT
         {
             break;
         }
-        assert(size == sizeof(o_regValue),
-            "size returned from device read is not the expected size of %i",
-                                                           sizeof(o_regValue));
+
+        if (size != sizeof(o_regValue))
+        {
+            SB_ERR("readSecurityRegister: size returned from device read (%d) is not the expected size of %d",
+                   size, sizeof(o_regValue));
+            /*@
+             * @errortype
+             * @severity        ERRORLOG::ERRL_SEV_UNRECOVERABLE
+             * @moduleid        SECUREBOOT::MOD_SECURE_READ_REG
+             * @reasoncode      SECUREBOOT::RC_DEVICE_READ_ERR
+             * @userdata1       Actual size read
+             * @userdata2       Expected size read
+             * @devdesc         Processor security register read too early
+             * @custdesc        Firmware Error
+             */
+            l_errl = new ERRORLOG::ErrlEntry(
+                            ERRORLOG::ERRL_SEV_UNRECOVERABLE,
+                            SECUREBOOT::MOD_SECURE_READ_REG,
+                            SECUREBOOT::RC_DEVICE_READ_ERR,
+                            size,
+                            sizeof(o_regValue),
+                            true);
+            l_errl->collectTrace(SECURE_COMP_NAME);
+            addSecureUserDetailsToErrlog(l_errl);
+            break;
+        }
 
         } while(0);