diff options
-rwxr-xr-x | utility/chromeos-tpm-recovery | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/utility/chromeos-tpm-recovery b/utility/chromeos-tpm-recovery index e7959d2c..3030c1c6 100755 --- a/utility/chromeos-tpm-recovery +++ b/utility/chromeos-tpm-recovery @@ -14,6 +14,7 @@ crossystem=${USR_BIN}/crossystem dot_recovery=${DOT_RECOVERY:=/mnt/stateful_partition/.recovery} awk=/usr/bin/awk initctl=/sbin/initctl +err=0 tpm2_target() { # This is not an ideal way to tell if we are running on a tpm2 target, but @@ -41,6 +42,12 @@ log_tryfix() { log "$*: attempting to fix" } +log_error() { + err=$((err + 1)) + log "ERROR: $*" +} + + tpm_clear_and_reenable () { $tpmc clear @@ -150,13 +157,18 @@ tpm_clear_and_reenable # Reset firmware and kernel spaces to default (rollback version 1/1) reset_space 0x1007 0x8001 0xa "02 00 01 00 01 00 00 00 00 4f" || \ - log "could not fix firmware space" + log_error "could not fix firmware space" reset_space 0x1008 0x1 0xd "02 4c 57 52 47 01 00 01 00 00 00 00 55" || \ - log "could not fix kernel space" + log_error "could not fix kernel space" # Don't need valid data in backup space, vboot can reset it as long as it exists reset_space 0x1009 0x1 0x10 "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" || \ - log "could not fix backup space" + log_error "could not fix backup space" restart_daemon_if_needed -log "TPM has successfully been reset to factory defaults" +if [ "$err" -eq 0 ]; then + log "TPM has successfully been reset to factory defaults" +else + log_error "TPM was not fully recovered." + exit 1 +fi |