Fix TPM counter increment: auth retry on wrong passphrase (TPM1+TPM2)

TPM1: counter_increment fell through to raw 'exec tpm' with no error
handling — a mistyped owner passphrase killed the signing flow instantly.

TPM2: counter_increment had no retry loop, unlike tpm2_seal and
tpm2_counter_create which already re-prompted on auth failure.

Changes:

initrd/bin/tpmr.sh:
- _tpm1_auth_retry: shared retry helper for TPM1 counter create/increment,
  re-prompts owner passphrase up to 3× on auth failure, reuses cached
  passphrase on first attempt (no double-prompt on happy path)
- tpm1_counter_create / tpm1_counter_increment: thin wrappers around helper
- tpm1_counter_read: named function (was catch-all exec tpm passthrough)
- tpm1_seal: restore define+write retry loop removed by stdout-quirk fix,
  definespace output to /dev/null (ignored, nv_writevalue is the real test)
- tpm2_counter_inc: add retry loop with should_retry flag to distinguish
  index-auth (-pwdc , no retry) from owner-auth (retry up to 3×)
- All shred calls in retry loops: add 2>/dev/null || true guards
- TPM1 dispatch: wire counter_read, counter_increment to named functions
- TPM1/TPM2 extend/reset: improved PCR INFO messages

initrd/bin/gui-init.sh:
- reset_tpm: verify tpmr.sh reset exit code, show error and return to
  menu if reset fails (prevents operations on inconsistent TPM)

initrd/etc/functions.sh:
- increment_tpm_counter: replace misleading outer SINK_LOG with 2>/dev/null
  (DO_WITH_DEBUG already captures command stderr via SINK_LOG internally)
- Document DO_WITH_DEBUG stderr handling in comments

doc/tpm.md: document "out of resources" counter error and recovery flow
doc/ux-patterns.md: UX patterns for TPM error recovery

Signed-off-by: Thierry Laurion <insurgo@riseup.net>

Author: tlaurion

doc/tpm.md

@@ -311,6 +311,29 @@ Failure conditions and their diagnostic messages:
 | TPM2: counter has `ownerwrite` but not `authwrite` | "TPM counter has invalid security policy." |
 | TPM2: counter has neither `authwrite` nor `ownerwrite` | "TPM counter is not writable." |
 | TPM2: counter attributes empty or unreadable | "TPM counter policy is corrupted." |
+| TPM1: `counter_create` failed with "out of resources" (0x15) | "TPM has too many counters (out of resources). Reset the TPM from the GUI menu..." |
+
+When `check_tpm_counter` calls `tpmr counter_create` and it fails, the function
+calls `set_tpm_reset_required` to create the `/tmp/secret/tpm_reset_required`
+marker.  This gates `prompt_update_checksums` on subsequent invocations,
+preventing the user from retrying "sign /boot" until the TPM is reset.
+
+The "out of resources" (TPM 1.2 error 0x15) case occurs when the TPM already
+has a counter from a prior firmware session but `/boot/kexec_rollback.txt` is
+missing (e.g. after a firmware reflash that changed the boot partition layout).
+The only safe recovery is to reset the TPM from the GUI menu, which clears all
+counters and creates a fresh one.
+
+### TPM 1.2 stdout quirk (tpmtotp)
+
+The tpmtotp C toolkit (`counter_create.c`, `unsealfile.c`, `sealfile2.c` and
+others) prints ALL output — both success and error messages — via `printf()` to
+**stdout**, NOT stderr.  This is a quirk of the tpmtotp codebase.
+
+All `tpm1_*` functions in `tpmr.sh` must therefore capture stdout (not just
+stderr) to detect failures.  Use `>"$file" 2>&1` to capture both streams,
+and run TPM commands in subshells with `set +e` to avoid `set -e` killing the
+script on non-zero exit codes.
 
 The exact diagnostic message from `fail_preflight` is shown directly in the
 error dialog — **not** a vague paraphrase. This tells the user and any support

doc/ux-patterns.md

@@ -186,6 +186,26 @@ that seals new TPM secrets. It verifies:
 If either check fails, the user is shown an error and the sealing operation is aborted.
 This prevents new TOTP/HOTP/DUK secrets from being sealed against a potentially compromised `/boot`.
 
+### Gate bypass for "Reset the TPM"
+
+When the integrity gate fails specifically because `tpm_reset_required` is set (the
+TPM has stale counters that need clearing), the "Reset the TPM" option in both the
+TOTP failure whiptail menu and the TPM/TOTP/HOTP options whiptail menu uses a
+gate-bypass pattern to allow the reset to proceed:
+
+```bash
+# If the gate failed *because* TPM reset is required (stale counters),
+# proceed to reset_tpm() which clears them and creates a fresh one.
+if { gate_reseal_with_integrity_report || tpm_reset_required; } && reset_tpm; then
+    reseal_tpm_disk_decryption_key
+fi
+```
+
+Without this bypass, selecting "Reset the TPM" triggers the integrity gate,
+which calls `check_tpm_counter` which hits "out of resources" and collapses
+the flow — the reset never executes.  The `|| tpm_reset_required` lets the
+reset proceed when the gate failure is itself a symptom of needing the reset.
+
 ---
 
 ## GPG User PIN caching

initrd/bin/gui-init.sh

@@ -191,11 +191,19 @@ prompt_update_checksums() {
 		--yesno "You have chosen to update the checksums and sign all of the files in /boot.\n\nThis means that you trust that these files have not been tampered with.\n\nYou will need your GPG key available, and this change will modify your disk.\n\nDo you want to continue?" 0 80); then
 		if update_checksums; then
 			return 0
+		fi
+		# update_checksums may have set the TPM-reset-required marker
+		# during its execution (e.g. check_tpm_counter hit "out of
+		# resources").  Show the targeted TPM message instead of the
+		# generic failure so the user knows exactly what to do.
+		if tpm_reset_required; then
+			whiptail_error --title 'TPM Reset Required' \
+				--msgbox "Cannot sign /boot: TPM state is inconsistent.\n\nReset the TPM first (Options -> TPM/TOTP/HOTP Options -> Reset the TPM), then update checksums." 0 80
 		else
 			whiptail_error --title 'ERROR' \
 				--msgbox "Failed to update checksums / sign default config" 0 80
-			return 1
 		fi
+		return 1
 	fi
 	return 1
 }
@@ -411,8 +419,13 @@ EOF
 				skip_to_menu="true"
 				return 1
 				;;
+			# "Reset the TPM" from the TOTP failure whiptail menu.
+			# The gate runs first to verify /boot integrity.  If the gate
+			# fails *because* TPM reset is required (e.g. stale counters),
+			# the || tpm_reset_required bypass lets reset_tpm() proceed —
+			# it clears counters and creates a fresh one.
 			p)
-				if gate_reseal_with_integrity_report && reset_tpm && update_totp && BG_COLOR_MAIN_MENU="normal"; then
+				if { gate_reseal_with_integrity_report || tpm_reset_required; } && reset_tpm && update_totp && BG_COLOR_MAIN_MENU="normal"; then
 					reseal_tpm_disk_decryption_key || prompt_missing_gpg_key_action
 				fi
 				;;
@@ -808,8 +821,11 @@ show_tpm_totp_hotp_options_menu() {
 			update_totp && update_hotp || true
 		fi
 		;;
+	# "Reset the TPM" from the TPM/TOTP/HOTP options whiptail menu.
+	# Same gate-bypass pattern: if the gate fails because TPM
+	# reset is required, proceed to reset_tpm() anyway.
 	r)
-		if gate_reseal_with_integrity_report && reset_tpm; then
+		if { gate_reseal_with_integrity_report || tpm_reset_required; } && reset_tpm; then
 			reseal_tpm_disk_decryption_key || prompt_missing_gpg_key_action
 		fi
 		;;
@@ -839,7 +855,18 @@ reset_tpm() {
 				return 1
 			fi
 
-			tpmr.sh reset "$tpm_owner_passphrase"
+			# Verify TPM reset succeeded before proceeding to counter
+			# creation, signing, TOTP generation, and DUK resealing.
+			# A failed reset would leave the TPM in an inconsistent state
+			# (old passphrase with unknown PCRs), causing confusing errors
+			# downstream.  Show the actual error to the user and return
+			# to the menu.
+			if ! tpmr.sh reset "$tpm_owner_passphrase" 2>/tmp/error; then
+				ERROR=$(tail -n 1 /tmp/error | fold -s)
+				whiptail_error --title 'ERROR' \
+					--msgbox "Error resetting TPM:\n\n${ERROR}" 0 80
+				return 1
+			fi
 
 			# now that the TPM is reset, remove invalid TPM counter files
 			mount_boot