commit 99ced78e2e5d6ad70c6cd274300f42b9a56a65b1
author Marton Hunyady <hunyadym@chromium.org> Tue May 08 12:59:50 2018 +0200
committer chrome-bot <chrome-bot@chromium.org> Wed May 09 14:40:35 2018 -0700
tree 8def7320cd62bd4823e00d512d281a085642b15f
parent 1f899d57c3d10f10f2d1324c116d3edd73ed6d7d

update_engine: Add GetMinFirmwareKeyVersion to read tpm_fwver value

Add function to read the minimum allowed firmware key version, ie.
crossystem tpm_fwver.

This is the firmware key version equivalent of crrev.com/c/927827.

BUG=chromium:840432
TEST='cros_run_unit_tests --board=caroline --packages update_engine'

Change-Id: Iadd56b3283028722c94e4ebc7cf5b6470cf1fec9
Reviewed-on: https://chromium-review.googlesource.com/1049667
Commit-Ready: Marton Hunyady <hunyadym@chromium.org>
Tested-by: Marton Hunyady <hunyadym@chromium.org>
Reviewed-by: Amin Hassani <ahassani@chromium.org>
Reviewed-by: Zentaro Kavanagh <zentaro@chromium.org>

common/hardware_interface.h

diff --git a/common/hardware_interface.h b/common/hardware_interface.h
index 9f3f618..4946b91 100644
--- a/common/hardware_interface.h
+++ b/common/hardware_interface.h
@@ -73,6 +73,11 @@
   // -1 on error, or if not running on Chrome OS.
   virtual int GetMinKernelKeyVersion() const = 0;
 
+  // Returns the minimum firmware key version that verified boot on Chrome OS
+  // will allow to boot. This is the value of crossystem tpm_fwver. Returns
+  // -1 on error, or if not running on Chrome OS.
+  virtual int GetMinFirmwareKeyVersion() const = 0;
+
   // Sets the maximum kernel key version that verified boot should roll
   // forward to. This is the value of crossystem max_kernel_rollforward.
   // Returns false if the value cannot be set, or if not running on Chrome OS.