The vboot code tries reading rollback protection indices from the TPM, and if the attempt to read returns TPM_E_BADINDEX, it decides that the TPM has not yet been initialized for the Chromebook use, and needs to be taken through the factory initialization sequence.
TPM_E_BADINDEX is an internal representation of the TPM error 0x28b, generated on attempts to read a non existing NVMEM space.
If the space exists, but has never been written the TPM returns error 0x14a. This condition (the space exists but not written) could happen if the previous factory initialization attempt was interrupted right after the space was created.
Let's map this error to the same internal representation (TPM_E_BADINDEX) so that the Chrome OS device could recover when this condition occurs.
BRANCH=reef, gru BUG=b:37443842 TEST=verified that the Pyro device stuck in TPM error state recovered when this patch was applied.
08f9359 cr50: process uninitialized values gracefully
src/lib/tpm2_tlcl.c | 8 +++++++-
src/lib/tpm2_tlcl_structures.h | 10 ++++++++++
2 files changed, 17 insertions(+), 1 deletion(-)