Merged
Conversation
maheeraeron
reviewed
Mar 30, 2026
jaykrell
force-pushed
the
mu_327_jay2-noclang
branch
5 times, most recently
from
785a489 to
a5279a5
Compare
Based on closed source. i.e. without newline churn commit 44a556c1a16cd6fec118e7c64bd624e47fca21b9 Author: Maheer Aeron <maheeraeron@microsoft.com> Date: Fri Mar 20 18:23:11 2026 +0000 Merged PR 15013511: Measure DXE FV into PCR0 This PR fixes what was missed in this PR: https://dev.azure.com/microsoft/OS/_git/hyperv.uefi/pullrequest/10689820?path=/MsvmPkg/MsvmPkgX64.fdf&version=GBofficial/main&line=33&lineEnd=34&lineStartColumn=1&lineEndColumn=1&type=2&lineStyle=plain&_a=files&iteration=11&base=0 That is, while we split the DXE FV apart from Main FV, we forgot to skip measuring it. This results in 38 new measurements going to PCR2. This PR adds three things: - Ensure that ExcludeFvsFromMeasurementLib includes DXE FV. But again, by default we don't want to exclude measuring this. We want to make sure MainFV and DxeFV are in PCR0, so that we don't get any drivers from _our_ platform into PCR2 - Issue a `PeiServicesInstallFvInfoPpi` to make `Tcg2Pei` aware of the DXE FV. This was the key thing missing - Add the SHA384 library to ARM64 + remove SHA1 - Rename the Exclude PCD
jaykrell
force-pushed
the
mu_327_jay2-noclang
branch
from
a5279a5 to
eb9ca80
Compare
jaykrell
changed the title
mebersol
approved these changes
Mar 31, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Measure DXE FV into PCR0
Based on closed source. i.e. without newline churn
commit 44a556c1a16cd6fec118e7c64bd624e47fca21b9
Author: Maheer Aeron maheeraeron@microsoft.com
Date: Fri Mar 20 18:23:11 2026 +0000
Merged PR 15013511: Measure DXE FV into PCR0
This PR fixes what was missed in this PR:
https://dev.azure.com/microsoft/OS/_git/hyperv.uefi/pullrequest/10689820?path=/MsvmPkg/MsvmPkgX64.fdf&version=GBofficial/main&line=33&lineEnd=34&lineStartColumn=1&lineEndColumn=1&type=2&lineStyle=plain&_a=files&iteration=11&base=0
That is, while we split the DXE FV apart from Main FV, we forgot to skip measuring it. This results in 38 new measurements going to PCR2.
This PR adds three things:
PeiServicesInstallFvInfoPpito makeTcg2Peiaware of the DXE FV. This was the key thing missing