#\r
Tcg2PhysicalPresenceLib|Include/Library/Tcg2PhysicalPresenceLib.h\r
\r
+ ## @libraryclass Handle TPM 2.0 platform hierarchy configuration\r
+ #\r
+ TpmPlatformHierarchyLib|Include/Library/TpmPlatformHierarchyLib.h\r
+\r
## @libraryclass Provides interfaces about TCG storage generic command.\r
#\r
TcgStorageCoreLib|Include/Library/TcgStorageCoreLib.h\r
#\r
TcgStorageOpalLib|Include/Library/TcgStorageOpalLib.h\r
\r
- ## @libraryclass Provides interfaces to access RPMC device.\r
- #\r
- RpmcLib|Include/Library/RpmcLib.h\r
-\r
- ## @libraryclass Provides interfaces to access variable root key.\r
- #\r
- VariableKeyLib|Include/Library/VariableKeyLib.h\r
-\r
## @libraryclass Provides interfaces about firmware TPM measurement.\r
#\r
TcgEventLogRecordLib|Include/Library/TcgEventLogRecordLib.h\r
## @libraryclass Provides support to enroll Secure Boot keys.\r
#\r
SecureBootVariableProvisionLib|Include/Library/SecureBootVariableProvisionLib.h\r
+\r
+ ## @libraryclass Provides support to manage variable 'PK' related protections.\r
+ #\r
+ PlatformPKProtectionLib|Include/Library/PlatformPKProtectionLib.h\r
+\r
[Guids]\r
## Security package token space guid.\r
# Include/Guid/SecurityPkgTokenSpace.h\r
## Include/Guid/TcgEventHob.h\r
gTcgEvent2EntryHobGuid = { 0xd26c221e, 0x2430, 0x4c8a, { 0x91, 0x70, 0x3f, 0xcb, 0x45, 0x0, 0x41, 0x3f }}\r
\r
+ ## Hob GUID used to pass a CC_EVENT from SEC to a CC DXE Driver.\r
+ ## Include/Guid/CcEventHob.h\r
+ gCcEventEntryHobGuid = { 0x20f8fd36, 0x6d00, 0x40fb, { 0xb7, 0x04, 0xd1, 0x2c, 0x15, 0x3c, 0x62, 0xeb }}\r
+\r
## HOB GUID used to record TPM device error.\r
# Include/Guid/TcgEventHob.h\r
gTpmErrorHobGuid = { 0xef598499, 0xb25e, 0x473a, { 0xbf, 0xaf, 0xe7, 0xe5, 0x7d, 0xce, 0x82, 0xc4 }}\r
# @Prompt Physical presence of the platform operator.\r
gEfiSecurityPkgTokenSpaceGuid.PcdTpmPhysicalPresence|TRUE|BOOLEAN|0x00010001\r
\r
+ ## Indicates whether the TPM2 platform hierarchy will be disabled by using\r
+ # a random password or by disabling the hierarchy\r
+ # TRUE - A random password will be used\r
+ # FALSE - The hierarchy will be disabled\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy|TRUE|BOOLEAN|0x00010024\r
+\r
[PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]\r
## Indicates whether TPM physical presence is locked during platform initialization.\r
# Once it is locked, it can not be unlocked for TPM life time.<BR><BR>\r
# @Prompt Tpm2AcpiTableLasa LASA field in TPM2 ACPI table.\r
gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableLasa|0|UINT64|0x00010023\r
\r
+ ## This PCD records LAML field in CC EVENTLOG ACPI table.\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdCcEventlogAcpiTableLaml|0|UINT32|0x00010025\r
+\r
+ ## This PCD records LASA field in CC EVENTLOG ACPI table.\r
+ gEfiSecurityPkgTokenSpaceGuid.PcdCcEventlogAcpiTableLasa|0|UINT64|0x00010026\r
+\r
+[PcdsFeatureFlag]\r
+ ## Indicates if the platform requires PK to be self-signed when setting the PK in setup mode.\r
+ # TRUE - Require PK to be self-signed.\r
+ # FALSE - Do not require PK to be self-signed.\r
+ # @Prompt Require PK to be self-signed\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdRequireSelfSignedPk|FALSE|BOOLEAN|0x00010027\r
+\r
[UserExtensions.TianoCore."ExtraFiles"]\r
SecurityPkgExtra.uni\r