Index: firmware/lib/vboot_kernel.c |
diff --git a/firmware/lib/vboot_kernel.c b/firmware/lib/vboot_kernel.c |
index cfdd9b4c0b891b957f0bd21819a8908ccf59de4b..61a5c6e757612aa2159844eca5464aae88905bf1 100644 |
--- a/firmware/lib/vboot_kernel.c |
+++ b/firmware/lib/vboot_kernel.c |
@@ -597,13 +597,17 @@ int LoadKernel(LoadKernelParams* params) { |
shcall->check_result = VBSD_LKC_CHECK_GOOD_PARTITION; |
/* See if we need to update the TPM */ |
- if (kBootRecovery != boot_mode && good_partition_key_block_valid) { |
- /* We only update the TPM in normal and developer boot modes. In |
- * developer mode, we only advanced lowest_version for kernels with valid |
- * key blocks, and didn't count self-signed key blocks. In recovery |
- * mode, the TPM stays PP-unlocked, so anything we write gets blown away |
- * by the firmware when we go back to normal mode. */ |
- VBDEBUG(("Boot_flags = not recovery\n")); |
+ if ((kBootRecovery != boot_mode) && |
Sumit
2011/04/17 17:11:12
Do we need to set TPM in developer firmware? I agr
|
+ good_partition_key_block_valid && |
+ !((1 == shared->firmware_index) && (shared->flags & VBSD_FWB_TRIED))) { |
+ /* We only update the TPM in normal and developer boot modes. |
+ * In developer mode, we only advanced lowest_version for |
+ * kernels with valid key blocks, and didn't count self-signed |
+ * key blocks. Recovery kernels aren't numbered, so we don't |
+ * update the TPM in recovery mode. We don't advance the TPM if |
+ * we're trying a new firmware B, because that firmware may have a |
+ * key change and roll forward the TPM too soon. */ |
+ VBDEBUG(("Checking if TPM kernel version needs advancing\n")); |
if ((lowest_version > tpm_version) && |
(lowest_version != LOWEST_TPM_VERSION)) { |