diff options
-rw-r--r-- | firmware/2lib/2misc.c | 8 | ||||
-rw-r--r-- | firmware/2lib/include/2api.h | 3 |
2 files changed, 11 insertions, 0 deletions
diff --git a/firmware/2lib/2misc.c b/firmware/2lib/2misc.c index 53f713b5..8d2cbf3f 100644 --- a/firmware/2lib/2misc.c +++ b/firmware/2lib/2misc.c @@ -224,6 +224,14 @@ int vb2_check_dev_switch(struct vb2_context *ctx) vb2_nv_set(ctx, VB2_NV_DISABLE_DEV_REQUEST, 0); } + if (ctx->flags & VB2_DISABLE_DEVELOPER_MODE) { + /* + * Hardware switch and GBB flag will take precedence over + * this. + */ + flags &= ~VB2_SECDATA_FLAG_DEV_MODE; + } + /* Check virtual dev switch */ if (flags & VB2_SECDATA_FLAG_DEV_MODE) is_dev = 1; diff --git a/firmware/2lib/include/2api.h b/firmware/2lib/include/2api.h index 92b815f8..d8cc9b8c 100644 --- a/firmware/2lib/include/2api.h +++ b/firmware/2lib/include/2api.h @@ -90,6 +90,9 @@ enum vb2_context_flags { /* Wipeout by the app should be requested. */ VB2_CONTEXT_FORCE_WIPEOUT_MODE = (1 << 8), + + /* Erase TPM developer mode state if it is enabled. */ + VB2_DISABLE_DEVELOPER_MODE = (1 << 9), }; /* |