Update PCR state with the state of the firmware keyblock flags too.

firmware/lib/vboot_firmware.c

 /* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
  * Use of this source code is governed by a BSD-style license that can be
  * found in the LICENSE file.
  *
  * High-level firmware API for loading and verifying rewritable firmware.
  * (Firmware portion)
  */
 
 #include "gbb_header.h"
 #include "load_firmware_fw.h"
 #include "rollback_index.h"
+#include "tpm_bootmode.h"
 #include "utility.h"
 #include "vboot_common.h"
 #include "vboot_nvstorage.h"
 
 /* Static variables for UpdateFirmwareBodyHash().  It's less than
  * optimal to have static variables in a library, but in UEFI the
  * caller is deep inside a different firmware stack and doesn't have a
  * good way to pass the params struct back to us. */
 typedef struct VbLoadFirmwareInternal {
   DigestContext body_digest_context;
@@ skipping 22 matching lines @@
   GoogleBinaryBlockHeader* gbb = (GoogleBinaryBlockHeader*)params->gbb_data;
   VbPublicKey* root_key;
   VbLoadFirmwareInternal* lfi;
   VbNvContext* vnc = params->nv_context;
 
   uint32_t try_b_count;
   uint32_t tpm_version = 0;
   uint64_t lowest_version = 0xFFFFFFFF;
   uint32_t status;
   int good_index = -1;
+  int boot_fw_keyblock_flags = 0;
   int is_dev;
   int index;
   int i;
 
   int retval = LOAD_FIRMWARE_RECOVERY;
   int recovery = VBNV_RECOVERY_RO_UNSPECIFIED;
 
   /* Clear output params in case we fail */
   params->firmware_index = 0;
 
@@ skipping 180 matching lines @@
       if (0 != VbSharedDataSetKernelKey(shared, &preamble->kernel_subkey)) {
         VBDEBUG(("Unable to save kernel subkey to shared data.\n"));
         continue;  /* The firmware signature was good, but the public
                     * key was bigger that the caller can handle. */
       }
 
       /* Save the good index, now that we're sure we can actually use
        * this firmware.  That's the one we'll boot. */
       good_index = index;
       params->firmware_index = index;
+      /* Since we now know which firmware to boot, we can update the
+       * bootable firmware key block mode. */
+      boot_fw_keyblock_flags = key_block->key_block_flags;
 
       /* If the good firmware's key version is the same as the tpm,
        * then the TPM doesn't need updating; we can stop now.
        * Otherwise, we'll check all the other headers to see if they
        * contain a newer key. */
       if (combined_version == tpm_version)
         break;
     }
   }
 
+  /* At this point, we have a good idea of how we are going to boot. Update the
+   * TPM with this state information.
+   */
+  status = SetTPMBootModeState(is_dev, 0, boot_fw_keyblock_flags);
+  if (0 != status) {
+    VBDEBUG(("Unable to update the TPM with boot mode information.\n"));
+    if (status == TPM_E_MUST_REBOOT)
+      retval = LOAD_FIRMWARE_REBOOT;
+    else
+      recovery = VBNV_RECOVERY_RO_TPM_ERROR;
+    goto LoadFirmwareExit;
+  }
+
   /* Free internal data */
   Free(lfi);
   params->load_firmware_internal = NULL;
 
   /* Handle finding good firmware */
   if (good_index >= 0) {
 
     /* Update TPM if necessary */
     if (lowest_version > tpm_version) {
       VBPERFSTART("VB_TPMU");
@@ skipping 50 matching lines @@
   uint32_t status = RollbackS3Resume();
 
   /* If we can't resume, just do a full reboot.  No need to go to recovery
    * mode here, since if the TPM is really broken we'll catch it on the
    * next boot. */
   if (status == TPM_SUCCESS)
     return LOAD_FIRMWARE_SUCCESS;
   else
     return LOAD_FIRMWARE_REBOOT;
 }