initrd: fix TPM1 counter auth regression and defend lock cascade failure

[tlaurion]

Summary

Fixes a TPM1 regression introduced by PR #2068 (tpm_reseal_ux-integrity_report-detect_disk_and_tpm_swap) where increment_tpm_counter was changed from hardcoded -pwdc '' (empty counter auth) to -pwdc "${tpm_passphrase:-}" (owner passphrase from cache/prompt), but check_tpm_counter — when called from kexec-sign-config.sh without a $3 passphrase argument — continued to create counters with -pwdc "". This caused every counter increment to compute SHA1(owner_pass) while the counter was created with SHA1(""), producing persistent TPM_AUTH_FAIL.

Per TCG TPM Main Spec Part 3, TPM_CreateCounter uses owner auth (-pwdo) but TPM_IncrementCounter uses the counter's own authData, not the owner password. The correct design for Heads' rollback counter is empty auth: rollback security comes from the signed /boot/kexec_rollback.txt and TPM sealing, not counter access control.

The repeated auth failures (3 per boot x ~5 boots via the _tpm_auth_retry loop) triggered TPM 1.2 dictionary-attack lockout (TPM_DEFEND_LOCK_RUNNING), which persisted through forceclear on some implementations, causing tpm takeown to fail during TPM reset — a cascade failure from the counter auth mismatch.

Note: the TPM2 path within increment_tpm_counter was not affected — it correctly used -pwdc "" (empty index auth first, owner auth fallback), consistent with how tpm2 nvdefine creates counters without explicit NV index auth.

Changes

initrd/bin/tpmr.sh — auth detection + defend lock recovery + pass-through fix

• Add 'defend' and '0x98e|0x149' to all auth detection grep patterns so defend lock and TPM2 RC codes are retried rather than fatal
• tpm1_reset(): detect "defend lock" in takeown output and cycle physical presence to clear the lock before retrying
• tpm1_counter_increment(): detect -pwdc '' and call tpm directly (bypassing _tpm_auth_retry which injected owner passphrase). Uses || return to prevent set -e from killing the script on expected auth failure

initrd/etc/functions.sh — counter auth fix + migration fallback

• check_tpm_counter(): -pwdc '' — counter created with SHA1("") per TCG spec. Document $3 as intentionally ignored (was used by pre-fix code)
• increment_tpm_counter() TPM1: try -pwdc '' first. Migration fallback: prompt for owner passphrase, retry, then show clear WARN explaining one-time migration and TPM reset option
• Remove the TPM1-specific owner-passphrase prompt block added by PR UX improvements: TPM reseal (HOTP/TOTP/DUK) adds integrity report; detects disk/tpm swap and guide user into action, add terminal colors and guidance! Reduced quiet noise #2068
• DIE-path fallback counter_create: -pwdc '' for consistency

initrd/bin/oem-factory-reset.sh — consistency fix

• counter_create: -pwdc '' instead of -pwdc "${TPM_PASS:-}" — OEM factory reset now also creates counters with empty auth

doc/tpm.md — documentation

• Document TPM1 boot chain, tpmtotp tool selection, auth retry patterns, defend lock recovery, and physical presence

Testing

Test scenarios to verify:

• Fresh TPM reset: counter created with empty auth, increment succeeds with -pwdc ''
• Migration from PR UX improvements: TPM reseal (HOTP/TOTP/DUK) adds integrity report; detects disk/tpm swap and guide user into action, add terminal colors and guidance! Reduced quiet noise #2068 era code: empty auth fails, owner passphrase fallback succeeds, warning shown
• Defend lock recovery: after repeated auth failures, reset_tpm() cycles physical presence and recovers

[Copilot]

Pull request overview

This PR improves Heads’ TPM error handling for TPM1 by correctly classifying tpmtotp “Defend lock running” output as an authorization-related failure (so it doesn’t immediately hard-fail), and adds a recovery path in tpm1_reset() to attempt clearing TPM1 defend-lock after forceclear by cycling physical presence.

Changes:

• Extend auth-failure grep patterns to include defend (and unify inclusion of TPM2 auth hex codes in the shared retry helper).
• Enhance tpm1_reset() to detect “defend lock” after takeown and retry after cycling physical presence.
• Expand TPM documentation to describe tool selection, auth retry detection, and TPM1 defend-lock behavior.

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated 3 comments.

File	Description
initrd/bin/tpmr.sh	Treat “defend lock” as auth-related and add TPM1 defend-lock recovery logic during reset.
doc/tpm.md	Document TPM toolchain selection and the updated auth retry / defend-lock behavior.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 1 out of 2 changed files in this pull request and generated 2 comments.

[Copilot]

Pull request overview

Copilot reviewed 1 out of 2 changed files in this pull request and generated 1 comment.

[Copilot]

Pull request overview

Copilot reviewed 1 out of 2 changed files in this pull request and generated no new comments.

[notgivenby]

The fix did not work…will copy logs.

[tlaurion]

The fix did not work…will copy logs.

Found the bug and where the regression comes from. Damn that one was not easy. Pushing fix and updating the other pr

[Copilot]

Pull request overview

Copilot reviewed 2 out of 3 changed files in this pull request and generated 1 comment.

[Copilot]

Pull request overview

Copilot reviewed 2 out of 3 changed files in this pull request and generated no new comments.

[Copilot]

Pull request overview

Copilot reviewed 2 out of 4 changed files in this pull request and generated no new comments.