Comment 0 for bug 1838796

The TPM event log (/sys/kernel/security/tpm0/binary_bios_measurements) does not contain any events that are measured by UEFI after the kernel's EFI Boot stub calls ExitBootServices().

This means that PCR values calculated from the event log will not match the actual PCR values on the machine for PCR indices into which these events are measured.

There are upstream patches to fix this in the mainline kernel tree: https://lkml.org/lkml/2019/5/17/725