Enable TPM in developer mode again.

Also fix a few comments, and make extra debugging work when compiled in firmware. BUG=none TEST=make && make runtests; all pass Review URL: http://codereview.chromium.org/3007036
2025-11-24 02:05:01 +00:00 · 2010-08-05 15:13:14 -07:00
parent 97a122817d
commit 63dffcb52b
5 changed files with 59 additions and 80 deletions
--- a/firmware/lib/rollback_index.c
+++ b/firmware/lib/rollback_index.c
@@ -106,9 +106,9 @@ static uint32_t InitializeSpaces(void) {
   * redefine the NVRAM spaces. */
  RETURN_ON_FAILURE(TPMClearAndReenable());

-  /* The TPM will not enforce the NV authorization restrictions until the 
-   * execution of a TPM_NV_DefineSpace with the handle of TPM_NV_INDEX_LOCK.
-   * Create that space if it doesn't already exist. */
+  /* The TPM will not enforce the NV authorization restrictions until the 
+   * execution of a TPM_NV_DefineSpace with the handle of TPM_NV_INDEX_LOCK.
+   * Create that space if it doesn't already exist. */
  RETURN_ON_FAILURE(TlclGetFlags(NULL, NULL, &nvlocked));
  VBDEBUG(("TPM: nvlocked=%d\n", nvlocked));
  if (!nvlocked) {
@@ -230,7 +230,7 @@ static uint32_t BackupKernelSpace(void) {
 }

 /* Checks for transitions between protected mode to developer mode.  When going
- * into developer mode, clear the TPM.
+ * into or out of developer mode, clear the TPM.
 */
 static uint32_t CheckDeveloperModeTransition(uint32_t current_developer) {
  uint32_t past_developer;
@@ -337,6 +337,7 @@ uint32_t RollbackFirmwareSetup(int developer_mode) {
   * environment, don't even talk to the TPM. */
  TlclLibInit();
  TlclStartup();
+  TlclSelfTestFull();
 #endif
  return TPM_SUCCESS;
 }
@@ -360,6 +361,7 @@ uint32_t RollbackKernelRecovery(int developer_mode) {
   * environment, don't even talk to the TPM. */
  TlclLibInit();
  TlclStartup();
+  TlclSelfTestFull();
 #endif
  return TPM_SUCCESS;
 }