diff options
author | Stephen Cprek <smcprek@us.ibm.com> | 2017-12-15 10:24:02 -0600 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-12-20 13:54:35 -0500 |
commit | 34dbdc49d0d14933c317be2815302d0d558c5924 (patch) | |
tree | d65d06b6901b0188057263519bf0b2f127b3ddd0 /src/usr/secureboot | |
parent | 1dce3206aa219d0cef4501b6795255a730f4ecba (diff) | |
download | talos-hostboot-34dbdc49d0d14933c317be2815302d0d558c5924.tar.gz talos-hostboot-34dbdc49d0d14933c317be2815302d0d558c5924.zip |
Convert asserts to error logs where it makes sense
Change-Id: Idd15e39cc6be44c0865f13503bfa4482d77fcf0d
RTC:181899
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/51042
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Martin Gloff <mgloff@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot')
-rw-r--r-- | src/usr/secureboot/base/header.C | 40 | ||||
-rw-r--r-- | src/usr/secureboot/base/service.C | 73 | ||||
-rw-r--r-- | src/usr/secureboot/base/settings.C | 83 |
3 files changed, 177 insertions, 19 deletions
diff --git a/src/usr/secureboot/base/header.C b/src/usr/secureboot/base/header.C index 77d756934..58f08c632 100644 --- a/src/usr/secureboot/base/header.C +++ b/src/usr/secureboot/base/header.C @@ -28,6 +28,9 @@ #include <kernel/console.H> #include <errno.h> #include <kernel/bltohbdatamgr.H> +#include "../common/securetrace.H" +#include "../common/errlud_secure.H" +#include <secureboot/secure_reasoncodes.H> namespace SECUREBOOT { @@ -36,15 +39,44 @@ namespace SECUREBOOT return Singleton<Header>::instance(); } - void Header::loadHeader() + errlHndl_t Header::loadHeader() { + errlHndl_t l_errl = nullptr; + + do { + const void* const pHeader = g_BlToHbDataManager.getHbbHeader(); // Fatal code bug if called with nullptr pointer - assert(pHeader != nullptr, - "BUG! In Header::loadHeader(), expected valid address for base " - "image header, but got nullptr."); + if (pHeader == nullptr) + { + SB_ERR("Header::loadHeader(), expected valid address for base image header, but got nullptr."); + /*@ + * @errortype + * @severity ERRORLOG::ERRL_SEV_UNRECOVERABLE + * @moduleid SECUREBOOT::MOD_SECURE_LOAD_HEADER + * @reasoncode SECUREBOOT::RC_INVALID_BASE_HEADER + * @userdata1 0 + * @userdata2 0 + * @devdesc Hostboot Base Image Header not valid + * @custdesc Firmware Error + */ + l_errl = new ERRORLOG::ErrlEntry( + ERRORLOG::ERRL_SEV_UNRECOVERABLE, + SECUREBOOT::MOD_SECURE_LOAD_HEADER, + SECUREBOOT::RC_INVALID_BASE_HEADER, + 0, + 0, + true); + addSecureUserDetailsToErrlog(l_errl); + l_errl->collectTrace(SECURE_COMP_NAME); + break; + } + _set(pHeader); + } while(0); + + return l_errl; } void Header::_set( diff --git a/src/usr/secureboot/base/service.C b/src/usr/secureboot/base/service.C index 21900a5fa..1f5b5d83d 100644 --- a/src/usr/secureboot/base/service.C +++ b/src/usr/secureboot/base/service.C @@ -234,8 +234,6 @@ errlHndl_t getAllSecurityRegisters(std::vector<SecureRegisterValues> & o_regs, DEVICE_FSI_ADDRESS(op_addr) ); } - assert(op_actual_size == op_expected_size,"getAllSecurityRegisters: BUG! size returned from device write (%d) is not the expected size of %d", op_actual_size, op_expected_size); - if( err ) { // Something failed on the read. Commit the error @@ -249,6 +247,33 @@ errlHndl_t getAllSecurityRegisters(std::vector<SecureRegisterValues> & o_regs, errlCommit( err, SECURE_COMP_ID ); continue; } + + if (op_actual_size != op_expected_size) + { + SB_ERR("getAllSecurityRegisters: size returned from device write (%d) is not the expected size of %d", + op_actual_size, op_expected_size); + /*@ + * @errortype + * @severity ERRORLOG::ERRL_SEV_UNRECOVERABLE + * @moduleid SECUREBOOT::MOD_SECURE_GET_ALL_SEC_REGS + * @reasoncode SECUREBOOT::RC_DEVICE_WRITE_ERR + * @userdata1 Actual size written + * @userdata2 Expected size written + * @devdesc Device write did not return expected size + * @custdesc Firmware Error + */ + err = new ERRORLOG::ErrlEntry( + ERRORLOG::ERRL_SEV_UNRECOVERABLE, + SECUREBOOT::MOD_SECURE_GET_ALL_SEC_REGS, + SECUREBOOT::RC_DEVICE_WRITE_ERR, + op_actual_size, + op_expected_size, + true); + addSecureUserDetailsToErrlog(err); + err->collectTrace(SECURE_COMP_NAME); + break; + } + // push back result l_secRegValues.tgt=procTgt; l_secRegValues.addr=op_addr; @@ -316,7 +341,11 @@ void* initializeBase(void* unused) #endif // Load original header. - Singleton<Header>::instance().loadHeader(); + l_errl = Singleton<Header>::instance().loadHeader(); + if (l_errl) + { + break; + } } while(0); return l_errl; @@ -613,11 +642,43 @@ uint8_t getSbeSecurityMode() return g_sbeSecurityMode; } -void setSbeSecurityMode(uint8_t i_sbeSecurityMode) +errlHndl_t setSbeSecurityMode(uint8_t i_sbeSecurityMode) { - assert(i_sbeSecurityMode == 0 || i_sbeSecurityMode == 1, - "SBE Security Mode can only be set to 0 or 1"); + errlHndl_t l_errl = nullptr; + + do { + // Ensure a valid mode + if (i_sbeSecurityMode != 0 && i_sbeSecurityMode != 1) + { + SB_ERR("SBE Security Mode can only be set to 0 or 1"); + + /*@ + * @errortype + * @severity ERRORLOG::ERRL_SEV_UNRECOVERABLE + * @moduleid SECUREBOOT::MOD_SECURE_SET_SBE_SECURE_MODE + * @reasoncode SECUREBOOT::RC_SBE_INVALID_SEC_MODE + * @userdata1 Security mode to set + * @userdata2 0 + * @devdesc Invalid SBE security mode + * @custdesc Platform security problem detected + */ + l_errl = new ERRORLOG::ErrlEntry( + ERRORLOG::ERRL_SEV_UNRECOVERABLE, + SECUREBOOT::MOD_SECURE_SET_SBE_SECURE_MODE, + SECUREBOOT::RC_SBE_INVALID_SEC_MODE, + i_sbeSecurityMode, + 0, + true); + l_errl->collectTrace(SECURE_COMP_NAME); + addSecureUserDetailsToErrlog(l_errl); + break; + } + g_sbeSecurityMode = i_sbeSecurityMode; + + } while(0); + + return l_errl; } } //namespace SECUREBOOT diff --git a/src/usr/secureboot/base/settings.C b/src/usr/secureboot/base/settings.C index eb25aea11..4ebb77dd1 100644 --- a/src/usr/secureboot/base/settings.C +++ b/src/usr/secureboot/base/settings.C @@ -284,9 +284,31 @@ namespace SECUREBOOT break; } - assert(actSize == expSize, - "writeSecurityRegister: BUG! size returned from device write (%d) " - "is not the expected size of %d",actSize,expSize); + if(actSize != expSize) + { + SB_ERR("writeSecurityRegister: size returned from device write (%d) is not the expected size of %d", + actSize, expSize); + /*@ + * @errortype + * @severity ERRORLOG::ERRL_SEV_UNRECOVERABLE + * @moduleid SECUREBOOT::MOD_SECURE_WRITE_REG + * @reasoncode SECUREBOOT::RC_DEVICE_WRITE_ERR + * @userdata1 Actual size written + * @userdata2 Expected size written + * @devdesc Device write did not return expected size + * @custdesc Firmware Error + */ + pError = new ERRORLOG::ErrlEntry( + ERRORLOG::ERRL_SEV_UNRECOVERABLE, + SECUREBOOT::MOD_SECURE_WRITE_REG, + SECUREBOOT::RC_DEVICE_WRITE_ERR, + actSize, + expSize, + true); + pError->collectTrace(SECURE_COMP_NAME); + addSecureUserDetailsToErrlog(pError); + break; + } } while(0); @@ -341,10 +363,30 @@ namespace SECUREBOOT } // Make sure the processor is SCOMable - if (i_pProc != MASTER_PROCESSOR_CHIP_TARGET_SENTINEL) + if (i_pProc != MASTER_PROCESSOR_CHIP_TARGET_SENTINEL && + !i_pProc->getAttr<ATTR_SCOM_SWITCHES>().useXscom) { - assert(i_pProc->getAttr<ATTR_SCOM_SWITCHES>().useXscom, - "Bug! Processor security register read too early."); + SB_ERR("readSecurityRegister: Processor security register read too early"); + /*@ + * @errortype + * @severity ERRORLOG::ERRL_SEV_UNRECOVERABLE + * @moduleid SECUREBOOT::MOD_SECURE_READ_REG + * @reasoncode SECUREBOOT::RC_PROC_NOT_SCOMABLE + * @userdata1 Use XSCOM bool + * @userdata2 Target's HUID + * @devdesc Processor security register read too early + * @custdesc Firmware Error + */ + l_errl = new ERRORLOG::ErrlEntry( + ERRORLOG::ERRL_SEV_UNRECOVERABLE, + SECUREBOOT::MOD_SECURE_READ_REG, + SECUREBOOT::RC_PROC_NOT_SCOMABLE, + i_pProc->getAttr<ATTR_SCOM_SWITCHES>().useXscom, + TO_UINT64(get_huid(i_pProc)), + true); + l_errl->collectTrace(SECURE_COMP_NAME); + addSecureUserDetailsToErrlog(l_errl); + break; } // Read security switch setting from processor. @@ -356,9 +398,32 @@ namespace SECUREBOOT { break; } - assert(size == sizeof(o_regValue), - "size returned from device read is not the expected size of %i", - sizeof(o_regValue)); + + if (size != sizeof(o_regValue)) + { + SB_ERR("readSecurityRegister: size returned from device read (%d) is not the expected size of %d", + size, sizeof(o_regValue)); + /*@ + * @errortype + * @severity ERRORLOG::ERRL_SEV_UNRECOVERABLE + * @moduleid SECUREBOOT::MOD_SECURE_READ_REG + * @reasoncode SECUREBOOT::RC_DEVICE_READ_ERR + * @userdata1 Actual size read + * @userdata2 Expected size read + * @devdesc Processor security register read too early + * @custdesc Firmware Error + */ + l_errl = new ERRORLOG::ErrlEntry( + ERRORLOG::ERRL_SEV_UNRECOVERABLE, + SECUREBOOT::MOD_SECURE_READ_REG, + SECUREBOOT::RC_DEVICE_READ_ERR, + size, + sizeof(o_regValue), + true); + l_errl->collectTrace(SECURE_COMP_NAME); + addSecureUserDetailsToErrlog(l_errl); + break; + } } while(0); |