Index: firmware/lib/vboot_kernel.c |
diff --git a/firmware/lib/vboot_kernel.c b/firmware/lib/vboot_kernel.c |
index cfdd9b4c0b891b957f0bd21819a8908ccf59de4b..0e9c15ba7ecaa107efbfe8aa5918a5c7a19997e3 100644 |
--- a/firmware/lib/vboot_kernel.c |
+++ b/firmware/lib/vboot_kernel.c |
@@ -597,13 +597,12 @@ int LoadKernel(LoadKernelParams* params) { |
shcall->check_result = VBSD_LKC_CHECK_GOOD_PARTITION; |
/* See if we need to update the TPM */ |
- if (kBootRecovery != boot_mode && good_partition_key_block_valid) { |
- /* We only update the TPM in normal and developer boot modes. In |
- * developer mode, we only advanced lowest_version for kernels with valid |
- * key blocks, and didn't count self-signed key blocks. In recovery |
- * mode, the TPM stays PP-unlocked, so anything we write gets blown away |
- * by the firmware when we go back to normal mode. */ |
- VBDEBUG(("Boot_flags = not recovery\n")); |
+ if ((kBootNormal == boot_mode) && |
+ !((1 == shared->firmware_index) && (shared->flags & VBSD_FWB_TRIED))) { |
Will Drewry
2011/04/17 17:53:18
What case will shared->firmware_index==1 without V
|
+ /* We only update the TPM in normal mode. We don't advance the |
+ * TPM if we're trying a new firmware B, because that firmware |
+ * may have a key change and roll forward the TPM too soon. */ |
+ VBDEBUG(("Checking if TPM kernel version needs advancing\n")); |
if ((lowest_version > tpm_version) && |
Will Drewry
2011/04/17 17:53:18
Since we only increment when the lowest_version of
gauravsh
2011/04/17 19:32:24
Belated comment: I'd really like to see a check fo
|
(lowest_version != LOWEST_TPM_VERSION)) { |