Allow boot to enable Privileged Access Never to prevent kernel mode code from accessing data that can be accessed in user mode. Some things to be concerned about when adding this feature: - The use of ACCESS_USER_READABLE_READ from kernel mode. - kernelModeCallback(). Perhaps the kernel can clear PAN when kernelModeCallback() calls the user provided function or globally when debug services honored is enabled.
CCB visited this PCR on 2021-03-26-57787
CCB visited this PCR on 2023-08-14-64795
PCR to remain on HOLD for kismet, given time constraints.