Index: firmware/lib/vboot_firmware.c |
diff --git a/firmware/lib/vboot_firmware.c b/firmware/lib/vboot_firmware.c |
index 307b36214610e778f756099dff759309baffe45f..4fb20a1fa9192fc1f8fc44159602c18bc92293ff 100644 |
--- a/firmware/lib/vboot_firmware.c |
+++ b/firmware/lib/vboot_firmware.c |
@@ -41,7 +41,6 @@ int LoadFirmware(LoadFirmwareParams* params) { |
uint64_t lowest_key_version = 0xFFFF; |
uint64_t lowest_fw_version = 0xFFFF; |
uint32_t status; |
- int is_dev = (BOOT_FLAG_DEVELOPER & params->boot_flags ? 1 : 0); |
int good_index = -1; |
int index; |
@@ -62,21 +61,17 @@ int LoadFirmware(LoadFirmwareParams* params) { |
} |
/* Initialize the TPM and read rollback indices. */ |
- if (!is_dev) { |
- /* TODO: should use the TPM all the time; for now, only use when |
- * not in developer mode. */ |
- status = RollbackFirmwareSetup(params->boot_flags & BOOT_FLAG_DEVELOPER); |
- if (0 != status) { |
- VBDEBUG(("Unable to setup TPM.\n")); |
- return (status == TPM_E_MUST_REBOOT ? |
- LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); |
- } |
- status = RollbackFirmwareRead(&tpm_key_version, &tpm_fw_version); |
- if (0 != status) { |
- VBDEBUG(("Unable to read stored versions.\n")); |
- return (status == TPM_E_MUST_REBOOT ? |
- LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); |
- } |
+ status = RollbackFirmwareSetup(params->boot_flags & BOOT_FLAG_DEVELOPER); |
+ if (0 != status) { |
+ VBDEBUG(("Unable to setup TPM.\n")); |
semenzato
2010/08/05 19:50:53
This message may be too scary when the firmware is
|
+ return (status == TPM_E_MUST_REBOOT ? |
+ LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); |
+ } |
+ status = RollbackFirmwareRead(&tpm_key_version, &tpm_fw_version); |
+ if (0 != status) { |
+ VBDEBUG(("Unable to read stored versions.\n")); |
+ return (status == TPM_E_MUST_REBOOT ? |
+ LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); |
} |
/* Allocate our internal data */ |
@@ -230,31 +225,23 @@ int LoadFirmware(LoadFirmwareParams* params) { |
(lowest_key_version == tpm_key_version && |
lowest_fw_version > tpm_fw_version)) { |
- if (!is_dev) { |
- /* TODO: should use the TPM all the time; for now, only use |
- * when not in developer mode. */ |
- status = RollbackFirmwareWrite((uint16_t)lowest_key_version, |
- (uint16_t)lowest_fw_version); |
- if (0 != status) { |
- VBDEBUG(("Unable to write stored versions.\n")); |
- return (status == TPM_E_MUST_REBOOT ? |
- LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); |
- } |
- } |
- } |
- |
- if (!is_dev) { |
- /* TODO: should use the TPM all the time; for now, only use |
- * when not in developer mode. */ |
- /* Lock firmware versions in TPM */ |
- status = RollbackFirmwareLock(); |
+ status = RollbackFirmwareWrite((uint16_t)lowest_key_version, |
+ (uint16_t)lowest_fw_version); |
if (0 != status) { |
- VBDEBUG(("Unable to lock firmware versions.\n")); |
+ VBDEBUG(("Unable to write stored versions.\n")); |
return (status == TPM_E_MUST_REBOOT ? |
LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); |
} |
} |
+ /* Lock firmware versions in TPM */ |
+ status = RollbackFirmwareLock(); |
+ if (0 != status) { |
+ VBDEBUG(("Unable to lock firmware versions.\n")); |
+ return (status == TPM_E_MUST_REBOOT ? |
+ LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); |
+ } |
+ |
/* Success */ |
VBDEBUG(("Will boot firmware index %d\n", (int)params->firmware_index)); |
return LOAD_FIRMWARE_SUCCESS; |