SecurityPkg: Remove Globals from HashLibTpm2PeilessSec#1752
Merged
Raymond-MS merged 3 commits intomicrosoft:release/202511from Apr 14, 2026
Merged
Conversation
a7e57ab to
ac9be7f
Compare
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## release/202511 #1752 +/- ##
================================================
Coverage ? 1.61%
================================================
Files ? 159
Lines ? 37168
Branches ? 172
================================================
Hits ? 601
Misses ? 36567
Partials ? 0
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
cfernald
approved these changes
Apr 8, 2026
makubacki
reviewed
Apr 8, 2026
ac9be7f to
34ec97e
Compare
Contributor
⏩ QEMU Validation SkippedThe PR was merged before validation completed. This comment was automatically generated by the Mu QEMU PR Validation workflow. |
34ec97e to
59235a8
Compare
makubacki
approved these changes
Apr 13, 2026
59235a8 to
a147905
Compare
… incompatible with our QEMU SBSA platform. Adjusted the code to query for the supported hashing algoritms each time they are required. Added new helper functions to the Tpm2Help library which are used by the HashLib. This prevents the need for duplicate information between the files.
…tive PCR banks in the TPM. Added a check that prevents use of the supported hashing algorithms from the transfer list if they do not match the active PCR banks in the TPM.
a147905 to
4adf025
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Updated the HashLibTpm2PeilessSec library to no longer use globals in SEC. When enabled on SBSA, this was causing a hang as functions attempted to set RO memory. Changed the code to query the relevant information each time it was needed either through the TPM or Transfer List. Added new helper functions to Tpm2Help which removes the need to have a duplicate hash struct.
How This Was Tested
Built with the PeilessSecMeasureLib not set to the NULL instance on QEMU SBSA with the TPM enabled. Verified the library measure the FV and CRTM version.
Integration Instructions
It is better for us to continue using the NULL instance of the PeilessSecMeasureLib as the time it took to measure the FV was ~15 mins on QEMU SBSA with TPM support.