Update FWMP in TPM

chrome/browser/chromeos/settings/install_attributes.cc

Index: chrome/browser/chromeos/settings/install_attributes.cc
diff --git a/chrome/browser/chromeos/settings/install_attributes.cc b/chrome/browser/chromeos/settings/install_attributes.cc
index 710cb2e9b9a9ad780498cb6ad3750517784f5e7b..f893661d74595f8b79fe507c300cb7fa800c1be9 100644
--- a/chrome/browser/chromeos/settings/install_attributes.cc
+++ b/chrome/browser/chromeos/settings/install_attributes.cc
@@ -20,8 +20,10 @@
 #include "base/time/time.h"
 #include "chrome/browser/chromeos/policy/proto/install_attributes.pb.h"
 #include "chromeos/cryptohome/cryptohome_util.h"
+#include "chromeos/dbus/cryptohome/rpc.pb.h"
 #include "chromeos/dbus/dbus_thread_manager.h"
 #include "google_apis/gaia/gaia_auth_util.h"
+#include "third_party/cros_system_api/dbus/service_constants.h"
 
 namespace chromeos {
 
@@ -186,6 +188,24 @@ void InstallAttributes::ReadAttributesIfReady(const base::Closure& callback,
   callback.Run();
 }
 
+void InstallAttributes::SetBlockDevmodeInTpm(
+    bool block_devmode,
+    const CryptohomeClient::ProtobufMethodCallback& callback) {
+  DCHECK(!callback.is_null());
+  DCHECK(!device_locked_);
+
+  cryptohome::SetFirmwareManagementParametersRequest request;
+  // Set the flags, according to enum FirmwareManagementParametersFlags from
+  // rpc.proto if devmode is blocked.
+  if (block_devmode) {
+    request.set_flags(
+        cryptohome::DEVELOPER_DISABLE_BOOT |
+        cryptohome::DEVELOPER_DISABLE_CASE_CLOSED_DEBUGGING_UNLOCK);
+  }
+
+  cryptohome_client_->SetFirmwareManagementParametersInTpm(request, callback);
+}
+
 void InstallAttributes::LockDevice(policy::DeviceMode device_mode,
                                    const std::string& domain,
                                    const std::string& realm,