From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (NAM02-SN1-obe.outbound.protection.outlook.com [40.92.5.50]) by mx.groups.io with SMTP id smtpd.web10.17389.1614379961625447065 for ; Fri, 26 Feb 2021 14:52:41 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@outlook.com header.s=selector1 header.b=WDtAaEf9; spf=pass (domain: outlook.com, ip: 40.92.5.50, mailfrom: kun.q@outlook.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KzVV5yD+eWorHEP/PK1pvrz3q6Vgt4GURo3KRHXDo8behCRRmUV+Tph5oloeYQ01bifbqoVLp4yamOmwrtvaaLgOlary3N/7pOa1eZqAM9T8gIoX0WBRXA9Ps7uMzOAi055MhngTAMy21nhhgiObgLhTCud0N1LEfgz4t841r9WTINysewg5n/Ofui1sALjd+AXOZ1kW2Jr59IUnIyELXO497Gv4kcPcYtbLFl0wjp1ekcNSXehWC8cKsAcf3zOkaVHpKoBHgbFshkAwD2M5vvp/4nw1VYIF4eDJzWzW9D9pudINx85eKCL5TalDQ17FKU0sWvfsxJdQK9VGiYwnxg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=18YiSMck9ncX8yVBRBEbls1uiQlIVq8OLoZvpjMP/W0=; b=Jmwn8FR0kDW2f9HQf89CxyEWfcrvyeEdI0Gfpa2I4KaSeoa1MlRbizGs1oFb4UuivZaDWFF4jfs0C2flfGQRF33gNTDtHCoRq+MLk8/Dijj4K5eworK9Q176+GB+TVmAdEuG19Ti4aJCWhcaudrn4QovFNQB2N5fj4QgKZ0G2CypKiRwLTqcobJe3nahdIi337S3cleXl9MOKDKknlmfHaSsVtLbKJ2MDBQyg1bwDrHoNev2pDFWEU7TXdgXqH0YT0r/Rl0l62bdTRzD/NGNxvllhnrVStD71XqSjXiJEGgPlSWB83T7xb3cSt4NBG2m2dzSwbjsz37zxvSIPUaebw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=18YiSMck9ncX8yVBRBEbls1uiQlIVq8OLoZvpjMP/W0=; b=WDtAaEf91t6uB520HomNCdj0aY8bErxaSnz5LoqpCQbukA5GXUiCskQEHRecB2+Srglqg/XdtjcuEWv9a5pNiLG3hGD8LEcCqdMpXWcOcaFJUCafTqh8D8DtFnRbIXJjbJW3SbL33lNP0XjzZoDHZ1BOp+rxWzWPoQt/75qpjJlhMHFoHM1tKabRNIU+gUYHJvlze9qFwYfQLtCU1dLuCWejDSSABbJMC37JPiwgxSY/s/TdzxfqXIGuBz18SYsF92os4vUla9jmjbL6wY+Ego1l+nU7IoKRSC8BGwtE1aGg+TFEfk39F4aRmppiE/NqSZEQyoeYK5pTeHhF3wNrGA== Received: from BL2NAM02FT003.eop-nam02.prod.protection.outlook.com (10.152.76.55) by BL2NAM02HT173.eop-nam02.prod.protection.outlook.com (10.152.77.45) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3890.19; Fri, 26 Feb 2021 22:52:40 +0000 Received: from MWHPR06MB3102.namprd06.prod.outlook.com (2a01:111:e400:7e46::4a) by BL2NAM02FT003.mail.protection.outlook.com (2a01:111:e400:7e46::204) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3890.19 via Frontend Transport; Fri, 26 Feb 2021 22:52:40 +0000 X-IncomingTopHeaderMarker: OriginalChecksum:0E030B78F45CAB3AF6B706938A3ADBAA931BED11F7A4A366683CCA279D83E324;UpperCasedChecksum:FC4F403CB277BB183609DCD2341AB5B1E164B56B76C60E509436D638BD2300CD;SizeAsReceived:7481;Count:47 Received: from MWHPR06MB3102.namprd06.prod.outlook.com ([fe80::d4ee:1260:6f53:3f7b]) by MWHPR06MB3102.namprd06.prod.outlook.com ([fe80::d4ee:1260:6f53:3f7b%7]) with mapi id 15.20.3868.032; Fri, 26 Feb 2021 22:52:40 +0000 From: "Kun Qin" To: devel@edk2.groups.io CC: Jiewen Yao , Jian J Wang , Qi Zhang , Rahul Kumar Subject: [PATCH v3 6/7] SecurityPkg: Tcg2Smm: Added support for Standalone Mm Date: Fri, 26 Feb 2021 14:51:57 -0800 Message-ID: X-Mailer: git-send-email 2.30.0.windows.1 In-Reply-To: <20210226225158.1378-1-kun.q@outlook.com> References: <20210226225158.1378-1-kun.q@outlook.com> X-TMN: [8SyGflBDYsHtQYDWgaNQwR1kcv41kkI6] X-ClientProxiedBy: MWHPR12CA0053.namprd12.prod.outlook.com (2603:10b6:300:103::15) To MWHPR06MB3102.namprd06.prod.outlook.com (2603:10b6:301:3e::35) Return-Path: kun.q@outlook.com X-Microsoft-Original-Message-ID: <20210226225158.1378-7-kun.q@outlook.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from localhost.localdomain (50.35.88.161) by MWHPR12CA0053.namprd12.prod.outlook.com (2603:10b6:300:103::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3890.20 via Frontend Transport; Fri, 26 Feb 2021 22:52:38 +0000 X-MS-PublicTrafficType: Email X-IncomingHeaderCount: 47 X-EOPAttributedMessage: 0 X-MS-Office365-Filtering-Correlation-Id: 853dc51c-1385-4695-c942-08d8daa93715 X-MS-TrafficTypeDiagnostic: BL2NAM02HT173: X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: McCFjBX4A0Fe4JxSf06sOs9NJ6OvpwHiNk9Bpdp0qgh+NpRERfvCQqMquExg5fUGzLqUEKcqOdKROx1ehen6NaTRGw4pDft8WY0knW3ohEj0EOCy0NTxDXfJOO+cCvz41ZmLRqdvmb/ghGogPNbAQA6ccDs4VofwHbtbvtygmqSHkwj2NActweyFlf5fWaG/U+boEXEQ8HQhU09GXzQkb6t4Sh5MD7EAffCyUfu/JGaPpx8zGCBHKt64jraBNn9txY0IphNUg9Vsla52nYctjjQdxvM2lLqmmxTJsLhLeyvvTpSNMcOc2ShYNoJEjW5FL1xHdRA5sz8xP6TrrvnIENU3cnIWX3S+dR61vAjMUGg2UqT5dwc6Cw9pHHJW3lW7u/uxBeI2gt2tzNbQqwl3J3d61ZdRgu9BSomFx6+/Kv4= X-MS-Exchange-AntiSpam-MessageData: gyTQ43AjqsApjZnjKsm57KprdilwQjPJqvYJLBtaKWNEA76b052I36QygCNhTISj5kJW97V6TODOVW+7Wk+ozfDov/QD2NRmpcp1bWXWeo5QIinFenjbGvQsIyuH8s86akW6A+x/aWSaG2+T6xrJsg== X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 853dc51c-1385-4695-c942-08d8daa93715 X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Feb 2021 22:52:38.4352 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-AuthSource: BL2NAM02FT003.eop-nam02.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: Internet X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL2NAM02HT173 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain https://bugzilla.tianocore.org/show_bug.cgi?id=3D3169 This change added Standalone MM instance of Tcg2. The notify function for Standalone MM instance is left empty. A designated dependency library was created for DXE drivers to link as an anonymous library. Lastly, the support of CI build for Tcg2 Standalone MM module is added. Cc: Jiewen Yao Cc: Jian J Wang Cc: Qi Zhang Cc: Rahul Kumar Signed-off-by: Kun Qin --- Notes: v3: - No change. =20 v2: - Newly added. SecurityPkg/Library/Tcg2MmDependencyLib/Tcg2MmDependencyLib.c | 48 +++++= +++++++ SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.c | 71 +++++= +++++++++++++ SecurityPkg/Library/Tcg2MmDependencyLib/Tcg2MmDependencyLib.inf | 39 +++++= +++++ SecurityPkg/SecurityPkg.ci.yaml | 1 + SecurityPkg/SecurityPkg.dec | 1 + SecurityPkg/SecurityPkg.dsc | 10 +++ SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf | 77 +++++= +++++++++++++++ 7 files changed, 247 insertions(+) diff --git a/SecurityPkg/Library/Tcg2MmDependencyLib/Tcg2MmDependencyLib.c = b/SecurityPkg/Library/Tcg2MmDependencyLib/Tcg2MmDependencyLib.c new file mode 100644 index 000000000000..12b23813dce1 --- /dev/null +++ b/SecurityPkg/Library/Tcg2MmDependencyLib/Tcg2MmDependencyLib.c @@ -0,0 +1,48 @@ +/** @file + Runtime DXE part corresponding to StandaloneMM Tcg2 module. + +This module installs gTcg2MmSwSmiRegisteredGuid to notify readiness of +StandaloneMM Tcg2 module. + +Copyright (c) 2019 - 2021, Arm Ltd. All rights reserved. +Copyright (c) Microsoft Corporation. + +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include + +#include +#include + +/** + The constructor function installs gTcg2MmSwSmiRegisteredGuid to notify + readiness of StandaloneMM Tcg2 module. + + @param ImageHandle The firmware allocated handle for the EFI image. + @param SystemTable A pointer to the Management mode System Table. + + @retval EFI_SUCCESS The constructor always returns EFI_SUCCESS. + +**/ +EFI_STATUS +EFIAPI +Tcg2MmDependencyLibConstructor ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + EFI_STATUS Status; + EFI_HANDLE Handle; + + Handle =3D NULL; + Status =3D gBS->InstallProtocolInterface ( + &Handle, + &gTcg2MmSwSmiRegisteredGuid, + EFI_NATIVE_INTERFACE, + NULL + ); + ASSERT_EFI_ERROR (Status); + return EFI_SUCCESS; +} diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.c b/SecurityPkg/Tcg/T= cg2Smm/Tcg2StandaloneMm.c new file mode 100644 index 000000000000..9e0095efbc5e --- /dev/null +++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.c @@ -0,0 +1,71 @@ +/** @file + TCG2 Standalone MM driver that updates TPM2 items in ACPI table and regi= sters + SMI2 callback functions for Tcg2 physical presence, ClearMemory, and + sample for dTPM StartMethod. + + Caution: This module requires additional review when modified. + This driver will have external input - variable and ACPINvs data in SMM = mode. + This external input must be validated carefully to avoid security issue. + + PhysicalPresenceCallback() and MemoryClearCallback() will receive untrus= ted input and do some check. + +Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "Tcg2Smm.h" +#include + +/** + Notify the system that the SMM variable driver is ready. +**/ +VOID +Tcg2NotifyMmReady ( + VOID + ) +{ + // Do nothing +} + +/** + This function is an abstraction layer for implementation specific Mm buf= fer validation routine. + + @param Buffer The buffer start address to be checked. + @param Length The buffer length to be checked. + + @retval TRUE This buffer is valid per processor architecture and not ov= erlap with SMRAM. + @retval FALSE This buffer is not valid per processor architecture or ove= rlap with SMRAM. +**/ +BOOLEAN +IsBufferOutsideMmValid ( + IN EFI_PHYSICAL_ADDRESS Buffer, + IN UINT64 Length + ) +{ + return MmIsBufferOutsideMmValid (Buffer, Length); +} + +/** + The driver's entry point. + + It install callbacks for TPM physical presence and MemoryClear, and loca= te + SMM variable to be used in the callback function. + + @param[in] ImageHandle The firmware allocated handle for the EFI image. + @param[in] SystemTable A pointer to the EFI System Table. + + @retval EFI_SUCCESS The entry point is executed successfully. + @retval Others Some error occurs when executing this entry poin= t. + +**/ +EFI_STATUS +EFIAPI +InitializeTcgStandaloneMm ( + IN EFI_HANDLE ImageHandle, + IN EFI_MM_SYSTEM_TABLE *SystemTable + ) +{ + return InitializeTcgCommon (); +} diff --git a/SecurityPkg/Library/Tcg2MmDependencyLib/Tcg2MmDependencyLib.in= f b/SecurityPkg/Library/Tcg2MmDependencyLib/Tcg2MmDependencyLib.inf new file mode 100644 index 000000000000..5533ce2b6e6e --- /dev/null +++ b/SecurityPkg/Library/Tcg2MmDependencyLib/Tcg2MmDependencyLib.inf @@ -0,0 +1,39 @@ +## @file +# Runtime DXE part corresponding to StandaloneMM Tcg2 module. +# +# This module installs gTcg2MmSwSmiRegisteredGuid to notify readiness of +# StandaloneMM Tcg2 module. +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION =3D 0x0001001A + BASE_NAME =3D Tcg2MmDependencyLib + FILE_GUID =3D 94C210EA-3113-4563-ADEB-76FE759C2F46 + MODULE_TYPE =3D DXE_DRIVER + LIBRARY_CLASS =3D NULL + CONSTRUCTOR =3D Tcg2MmDependencyLibConstructor + +# +# The following information is for reference only and not required by the = build tools. +# +# VALID_ARCHITECTURES =3D IA32 X64 +# +# + +[Sources] + Tcg2MmDependencyLib.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + SecurityPkg/SecurityPkg.dec + +[Guids] + gTcg2MmSwSmiRegisteredGuid ## PRODUCES ## GUID # Ins= tall protocol + +[Depex] + TRUE diff --git a/SecurityPkg/SecurityPkg.ci.yaml b/SecurityPkg/SecurityPkg.ci.y= aml index 03be2e94ca97..d7b9e1f4e239 100644 --- a/SecurityPkg/SecurityPkg.ci.yaml +++ b/SecurityPkg/SecurityPkg.ci.yaml @@ -31,6 +31,7 @@ "MdePkg/MdePkg.dec", "MdeModulePkg/MdeModulePkg.dec", "SecurityPkg/SecurityPkg.dec", + "StandaloneMmPkg/StandaloneMmPkg.dec", "CryptoPkg/CryptoPkg.dec" ], # For host based unit tests diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index 0970cae5c75e..dfbbb0365a2b 100644 --- a/SecurityPkg/SecurityPkg.dec +++ b/SecurityPkg/SecurityPkg.dec @@ -383,6 +383,7 @@ [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, = PcdsDynamicEx] gEfiSecurityPkgTokenSpaceGuid.PcdTpmScrtmPolicy|1|UINT8|0x0001000E =20 ## Guid name to identify TPM instance.

+ # NOTE: This Pcd must be FixedAtBuild if Standalone MM is used # TPM_DEVICE_INTERFACE_NONE means disable.
# TPM_DEVICE_INTERFACE_TPM12 means TPM 1.2 DTPM.
# TPM_DEVICE_INTERFACE_DTPM2 means TPM 2.0 DTPM.
diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc index 928bff72baa3..37242da93f3d 100644 --- a/SecurityPkg/SecurityPkg.dsc +++ b/SecurityPkg/SecurityPkg.dsc @@ -166,6 +166,14 @@ [LibraryClasses.common.DXE_SMM_DRIVER] Tcg2PhysicalPresenceLib|SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/S= mmTcg2PhysicalPresenceLib.inf SmmIoLib|MdePkg/Library/SmmIoLib/SmmIoLib.inf =20 +[LibraryClasses.common.MM_STANDALONE] + StandaloneMmDriverEntryPoint|MdePkg/Library/StandaloneMmDriverEntryPoint= /StandaloneMmDriverEntryPoint.inf + MmServicesTableLib|MdePkg/Library/StandaloneMmServicesTableLib/Standalon= eMmServicesTableLib.inf + Tcg2PhysicalPresenceLib|SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/S= tandaloneMmTcg2PhysicalPresenceLib.inf + MemLib|StandaloneMmPkg/Library/StandaloneMmMemLib/StandaloneMmMemLib.inf + HobLib|StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.inf + MemoryAllocationLib|StandaloneMmPkg/Library/StandaloneMmMemoryAllocation= Lib/StandaloneMmMemoryAllocationLib.inf + [PcdsDynamicDefault.common.DEFAULT] gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0xb6, 0xe5, 0x01, 0x8b= , 0x19, 0x4f, 0xe8, 0x46, 0xab, 0x93, 0x1c, 0x53, 0x67, 0x1b, 0x90, 0xcc} gEfiSecurityPkgTokenSpaceGuid.PcdTpm2InitializationPolicy|1 @@ -183,6 +191,7 @@ [PcdsDynamicHii.common.DEFAULT] [Components] SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticati= onStatusLib.inf + SecurityPkg/Library/Tcg2MmDependencyLib/Tcg2MmDependencyLib.inf =20 # # TPM @@ -317,6 +326,7 @@ [Components.IA32, Components.X64] SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf SecurityPkg/Tcg/TcgSmm/TcgSmm.inf SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf + SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.inf SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLi= b.inf SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/StandaloneMmTcg2PhysicalP= resenceLib.inf diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf b/SecurityPkg/Tcg= /Tcg2Smm/Tcg2StandaloneMm.inf new file mode 100644 index 000000000000..746eda3e9fed --- /dev/null +++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf @@ -0,0 +1,77 @@ +## @file +# Provides ACPI methods for TPM 2.0 support +# +# Spec Compliance Info: +# "TCG ACPI Specification Version 1.2 Revision 8" +# "Physical Presence Interface Specification Version 1.30 Revision 00.= 52" +# along with +# "Errata Version 0.4 for TCG PC Client Platform Physical Presence Int= erface Specification" +# "Platform Reset Attack Mitigation Specification Version 1.00" +# TPM2.0 ACPI device object +# "TCG PC Client Platform Firmware Profile Specification for TPM Famil= y 2.0 Level 00 Revision 1.03 v51" +# along with +# "Errata for PC Client Specific Platform Firmware Profile Specificati= on Version 1.0 Revision 1.03" +# +# This driver implements TPM 2.0 definition block in ACPI table and +# registers SMI callback functions for Tcg2 physical presence and +# MemoryClear to handle the requests from ACPI method. +# +# Caution: This module requires additional review when modified. +# This driver will have external input - variable and ACPINvs data in SMM= mode. +# This external input must be validated carefully to avoid security issue= . +# +# Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.
+# Copyright (c) Microsoft Corporation.
+# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D Tcg2StandaloneMm + FILE_GUID =3D D40F321F-5349-4724-B667-131670587861 + MODULE_TYPE =3D MM_STANDALONE + PI_SPECIFICATION_VERSION =3D 0x00010032 + VERSION_STRING =3D 1.0 + ENTRY_POINT =3D InitializeTcgStandaloneMm + +[Sources] + Tcg2Smm.h + Tcg2Smm.c + Tcg2StandaloneMm.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + SecurityPkg/SecurityPkg.dec + StandaloneMmPkg/StandaloneMmPkg.dec + +[LibraryClasses] + BaseLib + BaseMemoryLib + StandaloneMmDriverEntryPoint + MmServicesTableLib + DebugLib + Tcg2PhysicalPresenceLib + PcdLib + MemLib + +[Guids] + ## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControl" + ## SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControl" + gEfiMemoryOverwriteControlDataGuid + + gEfiTpmDeviceInstanceTpm20DtpmGuid ## PRODUCE= S ## GUID # TPM device identifier + gTpmNvsMmGuid ## CONSUME= S + +[Protocols] + gEfiSmmSwDispatch2ProtocolGuid ## CONSUME= S + gEfiSmmVariableProtocolGuid ## CONSUME= S + gEfiMmReadyToLockProtocolGuid ## CONSUME= S + +[Pcd] + gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUME= S + +[Depex] + gEfiSmmSwDispatch2ProtocolGuid AND + gEfiSmmVariableProtocolGuid --=20 2.30.0.windows.1