firmware: kernel_phase1: Commit disable_dev_request if forbidden by FWMP

This patch makes kernel_phase1() check if developer mode is disabled by
FWMP and set the disable_dev_request nvdata flag right away in that
case.

This is a backport of CL:4178837 to the point before CL:3053541 and
CL:3041498 landed.

BRANCH=all
BUG=b:266013201
TEST=none

Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I950b0dfe2fd5ce5c1fa8eb2efb128fa5d709343a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/4178839
Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Commit-Queue: Yu-Ping Wu <yupingso@chromium.org>
Tested-by: Yu-Ping Wu <yupingso@chromium.org>

1 files changed, 9 insertions, 0 deletions

diff --git a/firmware/2lib/2kernel.c b/firmware/2lib/2kernel.c
index 763214dd..43ea085a 100644
--- a/firmware/2lib/2kernel.c
+++ b/firmware/2lib/2kernel.c
@@ -157,6 +157,15 @@ vb2_error_t vb2api_kernel_phase1(struct vb2_context *ctx)
 		vb2_secdata_kernel_get(ctx, VB2_SECDATA_KERNEL_VERSIONS);
 	sd->kernel_version = sd->kernel_version_secdata;
 
+	/* If we're in developer mode when we shouldn't be, disable as soon as
+	   possible and commit that decision right away (b/266013201). */
+	if (vb2_secdata_fwmp_get_flag(ctx, VB2_SECDATA_FWMP_DEV_DISABLE_BOOT) &&
+	    !(vb2_get_gbb(ctx)->flags & VB2_GBB_FLAG_FORCE_DEV_SWITCH_ON) &&
+	    (ctx->flags & VB2_CONTEXT_DEVELOPER_MODE)) {
+		vb2_nv_set(ctx, VB2_NV_DISABLE_DEV_REQUEST, 1);
+		vb2ex_commit_data(ctx);
+	}
+
 	/* Find the key to use to verify the kernel keyblock */
 	if ((ctx->flags & VB2_CONTEXT_RECOVERY_MODE)) {
 		/* Load recovery key from GBB. */