summaryrefslogtreecommitdiffstats
path: root/src/usr/secureboot/base/settings.C
diff options
context:
space:
mode:
Diffstat (limited to 'src/usr/secureboot/base/settings.C')
-rw-r--r--src/usr/secureboot/base/settings.C83
1 files changed, 74 insertions, 9 deletions
diff --git a/src/usr/secureboot/base/settings.C b/src/usr/secureboot/base/settings.C
index eb25aea11..4ebb77dd1 100644
--- a/src/usr/secureboot/base/settings.C
+++ b/src/usr/secureboot/base/settings.C
@@ -284,9 +284,31 @@ namespace SECUREBOOT
break;
}
- assert(actSize == expSize,
- "writeSecurityRegister: BUG! size returned from device write (%d) "
- "is not the expected size of %d",actSize,expSize);
+ if(actSize != expSize)
+ {
+ SB_ERR("writeSecurityRegister: size returned from device write (%d) is not the expected size of %d",
+ actSize, expSize);
+ /*@
+ * @errortype
+ * @severity ERRORLOG::ERRL_SEV_UNRECOVERABLE
+ * @moduleid SECUREBOOT::MOD_SECURE_WRITE_REG
+ * @reasoncode SECUREBOOT::RC_DEVICE_WRITE_ERR
+ * @userdata1 Actual size written
+ * @userdata2 Expected size written
+ * @devdesc Device write did not return expected size
+ * @custdesc Firmware Error
+ */
+ pError = new ERRORLOG::ErrlEntry(
+ ERRORLOG::ERRL_SEV_UNRECOVERABLE,
+ SECUREBOOT::MOD_SECURE_WRITE_REG,
+ SECUREBOOT::RC_DEVICE_WRITE_ERR,
+ actSize,
+ expSize,
+ true);
+ pError->collectTrace(SECURE_COMP_NAME);
+ addSecureUserDetailsToErrlog(pError);
+ break;
+ }
} while(0);
@@ -341,10 +363,30 @@ namespace SECUREBOOT
}
// Make sure the processor is SCOMable
- if (i_pProc != MASTER_PROCESSOR_CHIP_TARGET_SENTINEL)
+ if (i_pProc != MASTER_PROCESSOR_CHIP_TARGET_SENTINEL &&
+ !i_pProc->getAttr<ATTR_SCOM_SWITCHES>().useXscom)
{
- assert(i_pProc->getAttr<ATTR_SCOM_SWITCHES>().useXscom,
- "Bug! Processor security register read too early.");
+ SB_ERR("readSecurityRegister: Processor security register read too early");
+ /*@
+ * @errortype
+ * @severity ERRORLOG::ERRL_SEV_UNRECOVERABLE
+ * @moduleid SECUREBOOT::MOD_SECURE_READ_REG
+ * @reasoncode SECUREBOOT::RC_PROC_NOT_SCOMABLE
+ * @userdata1 Use XSCOM bool
+ * @userdata2 Target's HUID
+ * @devdesc Processor security register read too early
+ * @custdesc Firmware Error
+ */
+ l_errl = new ERRORLOG::ErrlEntry(
+ ERRORLOG::ERRL_SEV_UNRECOVERABLE,
+ SECUREBOOT::MOD_SECURE_READ_REG,
+ SECUREBOOT::RC_PROC_NOT_SCOMABLE,
+ i_pProc->getAttr<ATTR_SCOM_SWITCHES>().useXscom,
+ TO_UINT64(get_huid(i_pProc)),
+ true);
+ l_errl->collectTrace(SECURE_COMP_NAME);
+ addSecureUserDetailsToErrlog(l_errl);
+ break;
}
// Read security switch setting from processor.
@@ -356,9 +398,32 @@ namespace SECUREBOOT
{
break;
}
- assert(size == sizeof(o_regValue),
- "size returned from device read is not the expected size of %i",
- sizeof(o_regValue));
+
+ if (size != sizeof(o_regValue))
+ {
+ SB_ERR("readSecurityRegister: size returned from device read (%d) is not the expected size of %d",
+ size, sizeof(o_regValue));
+ /*@
+ * @errortype
+ * @severity ERRORLOG::ERRL_SEV_UNRECOVERABLE
+ * @moduleid SECUREBOOT::MOD_SECURE_READ_REG
+ * @reasoncode SECUREBOOT::RC_DEVICE_READ_ERR
+ * @userdata1 Actual size read
+ * @userdata2 Expected size read
+ * @devdesc Processor security register read too early
+ * @custdesc Firmware Error
+ */
+ l_errl = new ERRORLOG::ErrlEntry(
+ ERRORLOG::ERRL_SEV_UNRECOVERABLE,
+ SECUREBOOT::MOD_SECURE_READ_REG,
+ SECUREBOOT::RC_DEVICE_READ_ERR,
+ size,
+ sizeof(o_regValue),
+ true);
+ l_errl->collectTrace(SECURE_COMP_NAME);
+ addSecureUserDetailsToErrlog(l_errl);
+ break;
+ }
} while(0);
OpenPOWER on IntegriCloud