Use virtual dev-mode switch when told to.

If VbInit() is instructed to look at a virtual dev-mode switch, then it will use value contained in the TPM's firmware space instead of a hardware GPIO to determine if developer mode is enabled. This change just makes it look. It doesn't provide a way to actually set the value in the TPM. VbInit() isn't being told to look yet, either. Those changes are coming. BUG=chrome-os-partner:9706 TEST=none The usual sanity-check applies: make make runtests But to actually test that this stuff is working IRL requires special tweaks to other components and monitoring the serial debug output from both EC and CPU. We'll save the hands-on tests for when it's all done. Change-Id: Ie485ad2180224e192238bf2a5dbf95bbcb9130f9 Signed-off-by: Bill Richardson <wfrichar@chromium.org> Reviewed-on: https://gerrit.chromium.org/gerrit/23067 Reviewed-by: Randall Spangler <rspangler@chromium.org>
2025-11-25 18:55:24 +00:00 · 2012-05-17 13:26:05 -07:00
parent e97760cec3
commit b75d8adcc0
10 changed files with 206 additions and 142 deletions
--- a/firmware/include/vboot_api.h
+++ b/firmware/include/vboot_api.h
@@ -165,6 +165,10 @@ typedef struct VbCommonParams {
 /* Calling firmware supports read only firmware for normal/developer
 * boot path. */
 #define VB_INIT_FLAG_RO_NORMAL_SUPPORT   0x00000020
+/* This platform does not have a physical dev-switch, so we must rely on a
+ * virtual switch (kept in the TPM) instead. When this flag is set,
+ * VB_INIT_FLAG_DEV_SWITCH_ON is ignored. */
+#define VB_INIT_FLAG_VIRTUAL_DEV_SWITCH  0x00000040

 /* Output flags for VbInitParams.out_flags.  Used to indicate
 * potential boot paths and configuration to the calling firmware