Leave bGlobalLock unlocked in normal recovery mode.

firmware/lib/rollback_index.c

 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
  * Use of this source code is governed by a BSD-style license that can be
  * found in the LICENSE file.
  *
  * Functions for querying, manipulating and locking rollback indices
  * stored in the TPM NVRAM.
  */
 
 #include "rollback_index.h"
 
@@ skipping 362 matching lines @@
   rsf.fw_versions = version;
   return WriteSpaceFirmware(&rsf);
 }
 
 uint32_t RollbackFirmwareLock(void) {
   return TlclSetGlobalLock();
 }
 
 uint32_t RollbackKernelRecovery(int developer_mode) {
   RollbackSpaceFirmware rsf;
-  uint32_t result = SetupTPM(1, developer_mode, &rsf);
-  /* In recovery mode we ignore TPM malfunctions or corruptions, and leave the
-   * TPM completely unlocked if and only if the dev mode switch is ON.  The
-   * recovery kernel will fix the TPM (if needed) and lock it ASAP.  We leave
+
+  /* In recovery mode we ignore TPM malfunctions or corruptions, and *
+   * leave the TPM complelely unlocked; we call neither
+   * TlclSetGlobalLock() nor TlclLockPhysicalPresence().  The recovery
+   * kernel will fix the TPM (if needed) and lock it ASAP.  We leave
    * Physical Presence on in either case. */
-  if (!developer_mode) {
-    RETURN_ON_FAILURE(TlclSetGlobalLock());
-  }
-  /* We still return the result of SetupTPM even though we expect the caller to
-   * ignore it.  It's useful in unit testing. */
-  return result;
+  return SetupTPM(1, developer_mode, &rsf);
 }
 
 uint32_t RollbackKernelRead(uint32_t* version) {
   if (g_rollback_recovery_mode) {
     *version = 0;
   } else {
     RollbackSpaceKernel rsk;
     uint32_t perms;
 
     /* Read the kernel space and verify its permissions.  If the kernel
@@ skipping 28 matching lines @@
 
 uint32_t RollbackKernelLock(void) {
   if (g_rollback_recovery_mode) {
     return TPM_SUCCESS;
   } else {
     return TlclLockPhysicalPresence();
   }
 }
 
 #endif // DISABLE_ROLLBACK_TPM