Honor both fake_dev and virtual dev switch

BUG=chrome-os-partner:9706
TEST=none

No test yet. The entire boot/dev-mode/recovery flow depends on this working.
This is only part of the process, which will eventually be tested through
FAFT.

Change-Id: Iea6eaf59d4f349590cf9b920e4effb6a2641b2dc
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/23657
Reviewed-by: Randall Spangler <rspangler@chromium.org>

2 files changed, 13 insertions, 13 deletions

diff --git a/firmware/lib/rollback_index.c b/firmware/lib/rollback_index.c
index 038188a8..5cd13566 100644
--- a/firmware/lib/rollback_index.c
+++ b/firmware/lib/rollback_index.c
@@ -364,8 +364,7 @@ uint32_t SetupTPM(int recovery_mode, int developer_mode,
            rsf->struct_version, rsf->flags, rsf->fw_versions));
 
   /* The developer_mode value that's passed in is only set by a hardware
-   * dev-switch. We should OR it with any enabled virtual switch, since it
-   * can only be set by doing the keyboard-based dev-mode dance. */
+   * dev-switch. We should OR it with any enabled virtual switch. */
   if (rsf->flags & FLAG_VIRTUAL_DEV_MODE_ON)
     developer_mode = 1;
 
@@ -474,8 +473,8 @@ uint32_t RollbackFirmwareSetup(int recovery_mode, int hw_dev_sw,
 
   RETURN_ON_FAILURE(SetupTPM(recovery_mode, *dev_mode_ptr, &rsf));
   *version = rsf.fw_versions;
-  if (!hw_dev_sw)
-    *dev_mode_ptr = rsf.flags & FLAG_VIRTUAL_DEV_MODE_ON ? 1 : 0;
+  if (!hw_dev_sw && (rsf.flags & FLAG_VIRTUAL_DEV_MODE_ON))
+    *dev_mode_ptr = 1;                  /* OR with the TPM's value */
   VBDEBUG(("TPM: RollbackFirmwareSetup %x\n", (int)rsf.fw_versions));
   return TPM_SUCCESS;
 }
diff --git a/firmware/lib/vboot_api_init.c b/firmware/lib/vboot_api_init.c
index d64590c4..34323094 100644
--- a/firmware/lib/vboot_api_init.c
+++ b/firmware/lib/vboot_api_init.c
@@ -113,19 +113,22 @@ VbError_t VbInit(VbCommonParams* cparams, VbInitParams* iparams) {
     }
   } else {
 
-    /* We need to know about dev mode now */
+    /* We need to know about dev mode now. */
     if (iparams->flags & VB_INIT_FLAG_VIRTUAL_DEV_SWITCH)
       hw_dev_sw = 0;
-    else if (iparams->flags & VB_INIT_FLAG_DEV_SWITCH_ON)
+    if (iparams->flags & VB_INIT_FLAG_DEV_SWITCH_ON)
       is_dev = 1;
+    /* FIXME: How about a GBB flag to force dev-switch on? */
 
     VBPERFSTART("VB_TPMI");
     /* Initialize the TPM. *is_dev is both an input and output. The only time
-     * it should be 1 on input is when we have a hardware dev-switch and it's
-     * enabled. The only time it's promoted from 0 to 1 on return is when we
-     * have a virtual dev-switch and the TPM has a valid rollback space with
-     * the virtual switch already enabled. If the TPM space is initialized by
-     * this call, its virtual dev-switch will be disabled by default. */
+     * it should be 1 on input is when the hardware dev-switch is enabled
+     * (which includes the fake_dev switch from the EC). The only time
+     * it's promoted from 0 to 1 on return is when we have a virtual dev-switch
+     * and the TPM has a valid rollback space with the virtual switch already
+     * enabled (if the TPM space is initialized by this call, its virtual
+     * dev-switch will be disabled by default). The TPM just uses the input
+     * value to clear ownership if the dev state has changed. */
     tpm_status = RollbackFirmwareSetup(recovery, hw_dev_sw,
                                        &is_dev, &tpm_version);
     VBPERFEND("VB_TPMI");
@@ -160,8 +163,6 @@ VbError_t VbInit(VbCommonParams* cparams, VbInitParams* iparams) {
       shared->flags |= VBSD_BOOT_DEV_SWITCH_ON;
   }
 
-  /* FIXME: May need a GBB flag for initial value of virtual dev-switch */
-
   /* Allow BIOS to load arbitrary option ROMs? */
   if (gbb->flags & GBB_FLAG_LOAD_OPTION_ROMS)
     iparams->out_flags |= VB_INIT_OUT_ENABLE_OPROM;