diff --git a/firmware/lib/rollback_index.c b/firmware/lib/rollback_index.c
index ba1c3e982e..1540bd03d9 100644
--- a/firmware/lib/rollback_index.c
+++ b/firmware/lib/rollback_index.c
@@ -106,9 +106,9 @@ static uint32_t InitializeSpaces(void) {
    * redefine the NVRAM spaces. */
   RETURN_ON_FAILURE(TPMClearAndReenable());
 
-  /* The TPM will not enforce the NV authorization restrictions until the 
-   * execution of a TPM_NV_DefineSpace with the handle of TPM_NV_INDEX_LOCK.
-   * Create that space if it doesn't already exist. */
+  /* The TPM will not enforce the NV authorization restrictions until the 
+   * execution of a TPM_NV_DefineSpace with the handle of TPM_NV_INDEX_LOCK.
+   * Create that space if it doesn't already exist. */
   RETURN_ON_FAILURE(TlclGetFlags(NULL, NULL, &nvlocked));
   VBDEBUG(("TPM: nvlocked=%d\n", nvlocked));
   if (!nvlocked) {
@@ -230,7 +230,7 @@ static uint32_t BackupKernelSpace(void) {
 }
 
 /* Checks for transitions between protected mode to developer mode.  When going
- * into developer mode, clear the TPM.
+ * into or out of developer mode, clear the TPM.
  */
 static uint32_t CheckDeveloperModeTransition(uint32_t current_developer) {
   uint32_t past_developer;
@@ -337,6 +337,7 @@ uint32_t RollbackFirmwareSetup(int developer_mode) {
    * environment, don't even talk to the TPM. */
   TlclLibInit();
   TlclStartup();
+  TlclSelfTestFull();
 #endif
   return TPM_SUCCESS;
 }
@@ -360,6 +361,7 @@ uint32_t RollbackKernelRecovery(int developer_mode) {
    * environment, don't even talk to the TPM. */
   TlclLibInit();
   TlclStartup();
+  TlclSelfTestFull();
 #endif
   return TPM_SUCCESS;
 }
diff --git a/firmware/lib/tpm_lite/tlcl.c b/firmware/lib/tpm_lite/tlcl.c
index af9395dadd..21966457f0 100644
--- a/firmware/lib/tpm_lite/tlcl.c
+++ b/firmware/lib/tpm_lite/tlcl.c
@@ -21,12 +21,6 @@
 #include "tss_constants.h"
 #include "utility.h"
 
-#define EXTRA_LOGGING 0
-
-#if EXTRA_LOGGING
-#include <stdio.h>
-#endif
-
 /* Sets the size field of a TPM command. */
 static INLINE void SetTpmCommandSize(uint8_t* buffer, uint32_t size) {
   ToTpmUint32(buffer + sizeof(uint16_t), size);
@@ -67,19 +61,21 @@ static void CheckResult(uint8_t* request, uint8_t* response, int warn_only) {
 static void TlclSendReceive(uint8_t* request, uint8_t* response,
                             int max_length) {
 
-#if EXTRA_LOGGING
-  printf("command: %x%x %x%x%x%x %x%x%x%x\n",
-         request[0], request[1],
-         request[2], request[3], request[4], request[5],
-         request[6], request[7], request[8], request[9]);
+#ifdef EXTRA_LOGGING
+  VBDEBUG(("TPM: command: %x%x %x%x%x%x %x%x%x%x\n",
+           request[0], request[1],
+           request[2], request[3], request[4], request[5],
+           request[6], request[7], request[8], request[9]));
 #endif
+
   TlclStubSendReceive(request, TpmCommandSize(request),
                       response, max_length);
-#if EXTRA_LOGGING
-  printf("response: %x%x %x%x%x%x %x%x%x%x\n",
-         response[0], response[1],
-         response[2], response[3], response[4], response[5],
-         response[6], response[7], response[8], response[9]);
+
+#ifdef EXTRA_LOGGING
+  VBDEBUG(("TPM: response: %x%x %x%x%x%x %x%x%x%x\n",
+           response[0], response[1],
+           response[2], response[3], response[4], response[5],
+           response[6], response[7], response[8], response[9]));
 #endif
 
 #ifdef VBOOT_DEBUG
diff --git a/firmware/lib/vboot_firmware.c b/firmware/lib/vboot_firmware.c
index 307b362146..4fb20a1fa9 100644
--- a/firmware/lib/vboot_firmware.c
+++ b/firmware/lib/vboot_firmware.c
@@ -41,7 +41,6 @@ int LoadFirmware(LoadFirmwareParams* params) {
   uint64_t lowest_key_version = 0xFFFF;
   uint64_t lowest_fw_version = 0xFFFF;
   uint32_t status;
-  int is_dev = (BOOT_FLAG_DEVELOPER & params->boot_flags ? 1 : 0);
   int good_index = -1;
   int index;
 
@@ -62,21 +61,17 @@ int LoadFirmware(LoadFirmwareParams* params) {
   }
 
   /* Initialize the TPM and read rollback indices. */
-  if (!is_dev) {
-    /* TODO: should use the TPM all the time; for now, only use when
-     * not in developer mode. */
-    status = RollbackFirmwareSetup(params->boot_flags & BOOT_FLAG_DEVELOPER);
-    if (0 != status) {
-      VBDEBUG(("Unable to setup TPM.\n"));
-      return (status == TPM_E_MUST_REBOOT ?
-              LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY);
-    }
-    status = RollbackFirmwareRead(&tpm_key_version, &tpm_fw_version);
-    if (0 != status) {
-      VBDEBUG(("Unable to read stored versions.\n"));
-      return (status == TPM_E_MUST_REBOOT ?
-              LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY);
-    }
+  status = RollbackFirmwareSetup(params->boot_flags & BOOT_FLAG_DEVELOPER);
+  if (0 != status) {
+    VBDEBUG(("Unable to setup TPM.\n"));
+    return (status == TPM_E_MUST_REBOOT ?
+            LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY);
+  }
+  status = RollbackFirmwareRead(&tpm_key_version, &tpm_fw_version);
+  if (0 != status) {
+    VBDEBUG(("Unable to read stored versions.\n"));
+    return (status == TPM_E_MUST_REBOOT ?
+            LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY);
   }
 
   /* Allocate our internal data */
@@ -230,31 +225,23 @@ int LoadFirmware(LoadFirmwareParams* params) {
         (lowest_key_version == tpm_key_version &&
          lowest_fw_version > tpm_fw_version)) {
 
-      if (!is_dev) {
-        /* TODO: should use the TPM all the time; for now, only use
-         * when not in developer mode. */
-        status = RollbackFirmwareWrite((uint16_t)lowest_key_version,
-                                       (uint16_t)lowest_fw_version);
-        if (0 != status) {
-          VBDEBUG(("Unable to write stored versions.\n"));
-          return (status == TPM_E_MUST_REBOOT ?
-                  LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY);
-        }
-      }
-    }
-
-    if (!is_dev) {
-      /* TODO: should use the TPM all the time; for now, only use
-       * when not in developer mode. */
-      /* Lock firmware versions in TPM */
-      status = RollbackFirmwareLock();
+      status = RollbackFirmwareWrite((uint16_t)lowest_key_version,
+                                     (uint16_t)lowest_fw_version);
       if (0 != status) {
-        VBDEBUG(("Unable to lock firmware versions.\n"));
+        VBDEBUG(("Unable to write stored versions.\n"));
         return (status == TPM_E_MUST_REBOOT ?
                 LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY);
       }
     }
 
+    /* Lock firmware versions in TPM */
+    status = RollbackFirmwareLock();
+    if (0 != status) {
+      VBDEBUG(("Unable to lock firmware versions.\n"));
+      return (status == TPM_E_MUST_REBOOT ?
+              LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY);
+    }
+
     /* Success */
     VBDEBUG(("Will boot firmware index %d\n", (int)params->firmware_index));
     return LOAD_FIRMWARE_SUCCESS;
diff --git a/firmware/lib/vboot_kernel.c b/firmware/lib/vboot_kernel.c
index 0420f2554f..3280ba5e17 100644
--- a/firmware/lib/vboot_kernel.c
+++ b/firmware/lib/vboot_kernel.c
@@ -152,16 +152,12 @@ int LoadKernel(LoadKernelParams* params) {
   params->bootloader_address = 0;
   params->bootloader_size = 0;
 
-  if (!is_dev) {
-    /* TODO: should use the TPM all the time; for now, only use when
-     * not in developer mode. */
-    /* Let the TPM know if we're in recovery mode */
-    if (is_rec) {
-      if (0 != RollbackKernelRecovery(is_dev ? 1 : 0)) {
-        VBDEBUG(("Error setting up TPM for recovery kernel\n"));
-        /* Ignore return code, since we need to boot recovery mode to
-         * fix the TPM. */
-      }
+  /* Let the TPM know if we're in recovery mode */
+  if (is_rec) {
+    if (0 != RollbackKernelRecovery(is_dev)) {
+      VBDEBUG(("Error setting up TPM for recovery kernel\n"));
+      /* Ignore return code, since we need to boot recovery mode to
+       * fix the TPM. */
     }
   }
 
@@ -350,6 +346,8 @@ int LoadKernel(LoadKernelParams* params) {
       good_partition = gpt.current_kernel + 1;
       params->partition_number = gpt.current_kernel + 1;
       GetCurrentKernelUniqueGuid(&gpt, &params->partition_guid);
+      /* TODO: GetCurrentKernelUniqueGuid() should take a destination size, or
+       * the dest should be a struct, so we know it's big enough. */
       params->bootloader_address = preamble->bootloader_address;
       params->bootloader_size = preamble->bootloader_size;
       /* If we're in developer or recovery mode, there's no rollback
@@ -400,24 +398,20 @@ int LoadKernel(LoadKernelParams* params) {
                                      (uint16_t)lowest_kernel_version);
         if (0 != status) {
           VBDEBUG(("Error writing kernel versions to TPM.\n"));
-      return (status == TPM_E_MUST_REBOOT ?
-              LOAD_KERNEL_REBOOT : LOAD_KERNEL_RECOVERY);
+          return (status == TPM_E_MUST_REBOOT ?
+                  LOAD_KERNEL_REBOOT : LOAD_KERNEL_RECOVERY);
         }
       }
     }
 
-    if (!is_dev) {
-      /* TODO: should use the TPM all the time; for now, only use when
-       * not in developer mode. */
-      /* Lock the kernel versions */
-      status = RollbackKernelLock();
-      if (0 != status) {
-        VBDEBUG(("Error locking kernel versions.\n"));
-        /* Don't reboot to recovery mode if we're already there */
-        if (!is_rec)
-          return (status == TPM_E_MUST_REBOOT ?
-                  LOAD_KERNEL_REBOOT : LOAD_KERNEL_RECOVERY);
-      }
+    /* Lock the kernel versions */
+    status = RollbackKernelLock();
+    if (0 != status) {
+      VBDEBUG(("Error locking kernel versions.\n"));
+      /* Don't reboot to recovery mode if we're already there */
+      if (!is_rec)
+        return (status == TPM_E_MUST_REBOOT ?
+                LOAD_KERNEL_REBOOT : LOAD_KERNEL_RECOVERY);
     }
 
     /* Success! */
diff --git a/firmware/version.c b/firmware/version.c
index 64bbe3e2ed..b5532beb03 100644
--- a/firmware/version.c
+++ b/firmware/version.c
@@ -1 +1 @@
-char* VbootVersion = "VBOOv=be9554d8";
+char* VbootVersion = "VBOOv=468176d7";