commit 8122e0b8b13794ffcda7a0a0930b2bc6969e8364
author Shelley Chen <shchen@chromium.org> Fri Oct 20 10:28:29 2017 -0700
committer chrome-bot <chrome-bot@chromium.org> Fri Oct 20 17:59:29 2017 -0700
tree c1a571c51396cc755525e8d73831d54ec05a6074
parent 0329f9c2ec6a1ab951ad06d12e7706d63f6f0d8f

detachables: Print error if enable normal mode when FORCE_DEV on

Print a debug error and beep when user tries to enable normal mode
when FORCE_DEV gbb flag is enabled.

BUG=b:67828898
BRANCH=None
TEST=Boot up with gbb flag 0x8 enabled. Select "Enabled OS
     Verification" and select confirm.  Should see error message
     printed and a beep.  Confirm switching to normal mode
     screen will not appear.

Change-Id: Ic02558eb4a86555cebc9c1cd6972d0f0600b4ff1
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/730415
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>

firmware/lib/vboot_ui_menu.c

diff --git a/firmware/lib/vboot_ui_menu.c b/firmware/lib/vboot_ui_menu.c
index e569292..7a00f3d 100644
--- a/firmware/lib/vboot_ui_menu.c
+++ b/firmware/lib/vboot_ui_menu.c
@@ -953,22 +953,37 @@
 			/* Enabling verified boot */
 			if (current_menu == VB_MENU_TO_NORM &&
 			    current_menu_idx == VB_TO_NORM_CONFIRM) {
-				/*
-				 * See if we should disable virtual dev-mode
-				 * switch.
-				 */
-				VB2_DEBUG("%s shared->flags=0x%x\n",
-					  __func__, shared->flags);
-				/* Ignore space in VbUserConfirmsMenu()... */
-			        VB2_DEBUG("leaving dev-mode.\n");
-				vb2_nv_set(ctx, VB2_NV_DISABLE_DEV_REQUEST,
-					   1);
-				VbDisplayScreen(ctx,
+				if (gbb->flags & GBB_FLAG_FORCE_DEV_SWITCH_ON) {
+					/*
+					 * Throw error when user tries to
+					 * confirm transition to normal
+					 * mode if FORCE_DEV_SWITCH_ON
+					 * is enabled.
+					 */
+					VB2_DEBUG("TONORM rejected by "
+						  "FORCE_DEV_SWITCH_ON\n");
+					VbExDisplayDebugInfo(
+						"WARNING: TONORM prohibited by "
+						"GBB FORCE_DEV_SWITCH_ON.\n\n");
+					VbExBeep(120, 400);
+				} else {
+					/*
+					 * See if we should disable
+					 * virtual dev-mode switch.
+					 */
+					VB2_DEBUG("%s shared->flags=0x%x\n",
+						  __func__, shared->flags);
+					VB2_DEBUG("leaving dev-mode.\n");
+					vb2_nv_set(ctx,
+						   VB2_NV_DISABLE_DEV_REQUEST,
+						   1);
+					VbDisplayScreen(ctx,
 						cparams,
 						VB_SCREEN_TO_NORM_CONFIRMED,
 						0);
-				VbExSleepMs(5000);
-				return VBERROR_REBOOT_REQUIRED;
+					VbExSleepMs(5000);
+					return VBERROR_REBOOT_REQUIRED;
+				}
 			}
 			/* reset 30 second timer */
 			audio = VbAudioOpen(cparams);