SecurityPkg: Measure Invoke EBS even in failure case

This patch measures the ExitBootServices invocation to the TPM even in the case of ExitBootServices failing, so that we can keep a record of the failures and know what is expected.
microsoft · Jul 4, 2024 · 3bbf289 · 3bbf289
1 parent 62fc5b8
commit 3bbf289
Showing 1 changed file with 14 additions and 0 deletions.
diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
@@ -2615,6 +2615,20 @@ OnExitBootServicesFailed (
 {
   EFI_STATUS  Status;
 
+  // MU_CHANGE START: TCBZ2753
+  //
+  // Measure invocation of ExitBootServices,
+  //
+  Status = TcgMeasureAction (
+             5,
+             EFI_EXIT_BOOT_SERVICES_INVOCATION
+             );
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "%a not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_INVOCATION));
+  }
+
+  // MU_CHANGE END TCBZ2753
+
   //
   // Measure Failure of ExitBootServices,
   //