Hello @SimonRui 

Thank you for reaching out to us.
Based on the additional reply, may I confirm if you mean that the issue still occurs even after clearing CMOS and without making any manual changes in the BIOS? To help us further clarify the issue you're experiencing, could you please provide the following details?
- What specific steps were involved in the system migration?
Which SSD was the system originally installed on, and which SSD was it moved to? Is the original SSD still in use?
Please also provide the full hardware specifications of your storage devices, your OS version (Settings > System > About), and the driver and firmware versions for your storage devices.
- A screenshot showing the message“PCR7 binding is not possible” due to “un-allowed DMA capable bus/device detected.”
If possible, please also include comparison screenshots showing whether the Device Encryption option is present or missing.
- The RAM model and part number, along with two .txt files generated from your Windows system using the steps below:
1) Press Win + R to open the Run dialog, type dxdiag, and click OK.
2) Click Save All Information, choose a location, and save the file.
3) Repeat the same steps with msinfo32 to generate the second file.
Once completed, please upload the files to a cloud storage service, grant access permissions, and share the link with us.

Thank you.

Thank you for helping me and I'm glad to share those info!

In response to your question, I did indeed try the default BIOS settings without making any changes, but the issue still persists. I performed the initialization by pressing F5 and reinstalling the latest version of the BIOS. However, I have not tried using the Clear CMOS button on the motherboard.

The system was originally installed on a 970 Pro SSD, and later migrated to a 9100 Pro SSD. The migration was done using the system migration feature of the DiskGenius software, following the standard steps as instructed by the tool.

All the files are inside the link below.

https://drive.google.com/drive/folders/1uCJ2-rS6L-rTRvfz4yWWE3BaHOhfsKzG?usp=sharing

According to your suggestion, I conducted some tests:

I first removed my 5090 Astral GPU and connected the display to the integrated graphics. After entering the BIOS, I attempted to enable CSM, but found that the option was greyed out and could not be activated. I then booted into the system, and at that point, Device Encryption became available and PCR7 binding was successful.

After that, I reinstalled the GPU and booted directly into the system. PCR7 binding failed again, and Device Encryption disappeared. I restarted once more and entered the BIOS, where I successfully enabled CSM. With CSM enabled, Device Encryption appeared again and PCR7 was properly bound.

However, because of the CSM setting, both the BIOS and boot screen appeared stretched. I would like to ask:
Why is my GPU seemingly not supporting UEFI boot?
And regarding the stretched screen issue caused by CSM,
Can it be resolved by adjusting the Legacy/UEFI-related options under the CSM settings?

I just tried changing all boot options in the CSM settings to UEFI except for PCIe/PCI, which I kept as Legacy. However, after rebooting, the GPU’s RGB lighting did not turn on, and the monitor showed no display. I had to disable and re-enable CSM to get back into the system.
Is this caused by an issue with the VBIOS of my graphics card?

Hello @SimonRui 

Sorry for the delay in response and any inconvenience this may have caused.
Since no video or photo was provided, we are unable to determine whether the screen stretching occurs during the POST process or consistently within the operating system.
Based on your description, it is likely that the issue is caused by enabling CSM. Please note that installing the Astral 5090 GPU should not require CSM to be enabled.
In addition, Windows remains secure regardless of whether TPM profile 0, 2, 4, 11 or profile 7, 11 is used. We recommend reviewing the guidance in Windows Server shows PCR7 configuration as "Binding not possible" to assess whether enabling CSM or requiring PCR7 binding applies to your situation.

Thank you.