+\r
+[PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]\r
+ ## This PCD indicates if debugger exists. <BR><BR>\r
+ # TRUE - Firmware debugger exists.<BR>\r
+ # FALSE - Firmware debugger doesn't exist.<BR>\r
+ # @Prompt Firmware debugger status.\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdFirmwareDebuggerInitialized|FALSE|BOOLEAN|0x00010009\r
+\r
+ ## This PCD indicates the initialization policy for TPM 2.0.<BR><BR>\r
+ # If 0, no initialization needed - most likely used for chipset SRTM solution, in which TPM is already initialized.<BR>\r
+ # If 1, initialization needed.<BR>\r
+ # @Prompt TPM 2.0 device initialization policy.<BR>\r
+ # @ValidRange 0x80000001 | 0x00 - 0x1 \r
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpm2InitializationPolicy|1|UINT8|0x0001000A\r
+\r
+ ## This PCD indicates the initialization policy for TPM 1.2.<BR><BR>\r
+ # If 0, no initialization needed - most likely used for chipset SRTM solution, in which TPM is already initialized.<BR>\r
+ # If 1, initialization needed.<BR>\r
+ # @Prompt TPM 1.2 device initialization policy.\r
+ # @ValidRange 0x80000001 | 0x00 - 0x1 \r
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpmInitializationPolicy|1|UINT8|0x0001000B\r
+\r
+ ## This PCD indicates the TPM 2.0 SelfTest policy.<BR><BR>\r
+ # if 0, no SelfTest needed - most likely used for fTPM, because it might already be tested.<BR>\r
+ # if 1, SelfTest needed.<BR>\r
+ # @Prompt TPM 2.0 device selftest.\r
+ # @ValidRange 0x80000001 | 0x00 - 0x1 \r
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpm2SelfTestPolicy|1|UINT8|0x0001000C\r
+\r
+ ## This PCD indicates Static Core Root of Trust for Measurement (SCRTM) policy using TPM 2.0.<BR><BR>\r
+ # if 0, no SCRTM measurement needed - In this case, it is already done.<BR>\r
+ # if 1, SCRTM measurement done by BIOS.<BR>\r
+ # @Prompt SCRTM policy setting for TPM 2.0 device.\r
+ # @ValidRange 0x80000001 | 0x00 - 0x1 \r
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpm2ScrtmPolicy|1|UINT8|0x0001000D\r
+\r
+ ## This PCD indicates Static Core Root of Trust for Measurement (SCRTM) policy using TPM 1.2.<BR><BR>\r
+ # if 0, no SCRTM measurement needed - In this case, it is already done.<BR>\r
+ # if 1, SCRTM measurement done by BIOS.<BR>\r
+ # @Prompt SCRTM policy setting for TPM 1.2 device\r
+ # @ValidRange 0x80000001 | 0x00 - 0x1 \r
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpmScrtmPolicy|1|UINT8|0x0001000E\r
+\r
+ ## Guid name to identify TPM instance.<BR><BR>\r
+ # TPM_DEVICE_INTERFACE_NONE means disable.<BR>\r
+ # TPM_DEVICE_INTERFACE_TPM12 means TPM 1.2 DTPM.<BR>\r
+ # TPM_DEVICE_INTERFACE_DTPM2 means TPM 2.0 DTPM.<BR>\r
+ # @Prompt TPM device type identifier\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid |{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }|VOID*|0x0001000F\r
+\r
+ ## This PCD indicates Hash mask for TPM 2.0.<BR><BR>\r
+ # If this bit is set, that means this algorithm is needed to extend to PCR.<BR>\r
+ # If this bit is clear, that means this algorithm is NOT needed to extend to PCR.<BR>\r
+ # BIT0 - SHA1.<BR>\r
+ # BIT1 - SHA256.<BR>\r
+ # BIT2 - SHA384.<BR>\r
+ # BIT3 - SHA512.<BR>\r
+ # @Prompt Hash mask for TPM 2.0\r
+ # @ValidRange 0x80000001 | 0x00000000 - 0x0000000F \r
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|0x0000000F|UINT32|0x00010010\r
+\r
+ ## This PCD indicates if BIOS auto detect TPM1.2 or dTPM2.0.<BR><BR>\r
+ # FALSE - No auto detection.<BR>\r
+ # TRUE - Auto detection.<BR>\r
+ # @Prompt TPM type detection.\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpmAutoDetection|TRUE|BOOLEAN|0x00010011\r
+\r
+ ## This PCD indicates TPM base address.<BR><BR>\r
+ # @Prompt TPM device address.\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0xFED40000|UINT64|0x00010012\r
+\r
+ ## Provides one or more SHA 256 Hashes of the RSA 2048 public keys used to verify Recovery and Capsule Update images\r
+ #\r
+ # @Prompt One or more SHA 256 Hashes of RSA 2048 bit public keys used to verify Recovery and Capsule Update images\r
+ #\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer|{0x91, 0x29, 0xc4, 0xbd, 0xea, 0x6d, 0xda, 0xb3, 0xaa, 0x6f, 0x50, 0x16, 0xfc, 0xdb, 0x4b, 0x7e, 0x3c, 0xd6, 0xdc, 0xa4, 0x7a, 0x0e, 0xdd, 0xe6, 0x15, 0x8c, 0x73, 0x96, 0xa2, 0xd4, 0xa6, 0x4d}|VOID*|0x00010013\r
+ \r
+[UserExtensions.TianoCore."ExtraFiles"]\r
+ SecurityPkgExtra.uni\r