Add security package to repository.

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12261 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
gdong1
2011-09-02 07:49:32 +00:00
parent 986d1dfb08
commit 0c18794ea4
102 changed files with 38487 additions and 0 deletions

View File

@@ -0,0 +1,174 @@
/** @file
The variable data structures are related to EDKII-specific
implementation of UEFI authenticated variables.
AuthenticatedVariableFormat.h defines variable data headers
and variable storage region headers.
Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef __AUTHENTICATED_VARIABLE_FORMAT_H__
#define __AUTHENTICATED_VARIABLE_FORMAT_H__
#define EFI_AUTHENTICATED_VARIABLE_GUID \
{ 0xaaf32c78, 0x947b, 0x439a, { 0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92 } }
extern EFI_GUID gEfiAuthenticatedVariableGuid;
///
/// Alignment of variable name and data, according to the architecture:
/// * For IA-32 and Intel(R) 64 architectures: 1.
/// * For IA-64 architecture: 8.
///
#if defined (MDE_CPU_IPF)
#define ALIGNMENT 8
#else
#define ALIGNMENT 1
#endif
//
// GET_PAD_SIZE calculates the miminal pad bytes needed to make the current pad size satisfy the alignment requirement.
//
#if (ALIGNMENT == 1)
#define GET_PAD_SIZE(a) (0)
#else
#define GET_PAD_SIZE(a) (((~a) + 1) & (ALIGNMENT - 1))
#endif
///
/// Alignment of Variable Data Header in Variable Store region.
///
#define HEADER_ALIGNMENT 4
#define HEADER_ALIGN(Header) (((UINTN) (Header) + HEADER_ALIGNMENT - 1) & (~(HEADER_ALIGNMENT - 1)))
///
/// Status of Variable Store Region.
///
typedef enum {
EfiRaw,
EfiValid,
EfiInvalid,
EfiUnknown
} VARIABLE_STORE_STATUS;
#pragma pack(1)
#define VARIABLE_STORE_SIGNATURE EFI_AUTHENTICATED_VARIABLE_GUID
///
/// Variable Store Header Format and State.
///
#define VARIABLE_STORE_FORMATTED 0x5a
#define VARIABLE_STORE_HEALTHY 0xfe
///
/// Variable Store region header.
///
typedef struct {
///
/// Variable store region signature.
///
EFI_GUID Signature;
///
/// Size of entire variable store,
/// including size of variable store header but not including the size of FvHeader.
///
UINT32 Size;
///
/// Variable region format state.
///
UINT8 Format;
///
/// Variable region healthy state.
///
UINT8 State;
UINT16 Reserved;
UINT32 Reserved1;
} VARIABLE_STORE_HEADER;
///
/// Variable data start flag.
///
#define VARIABLE_DATA 0x55AA
///
/// Variable State flags.
///
#define VAR_IN_DELETED_TRANSITION 0xfe ///< Variable is in obsolete transition.
#define VAR_DELETED 0xfd ///< Variable is obsolete.
#define VAR_HEADER_VALID_ONLY 0x7f ///< Variable header has been valid.
#define VAR_ADDED 0x3f ///< Variable has been completely added.
///
/// Single Variable Data Header Structure.
///
typedef struct {
///
/// Variable Data Start Flag.
///
UINT16 StartId;
///
/// Variable State defined above.
///
UINT8 State;
UINT8 Reserved;
///
/// Attributes of variable defined in UEFI specification.
///
UINT32 Attributes;
///
/// Associated monotonic count value against replay attack.
///
UINT64 MonotonicCount;
///
/// Associated TimeStamp value against replay attack.
///
EFI_TIME TimeStamp;
///
/// Index of associated public key in database.
///
UINT32 PubKeyIndex;
///
/// Size of variable null-terminated Unicode string name.
///
UINT32 NameSize;
///
/// Size of the variable data without this header.
///
UINT32 DataSize;
///
/// A unique identifier for the vendor that produces and consumes this varaible.
///
EFI_GUID VendorGuid;
} VARIABLE_HEADER;
#pragma pack()
typedef struct _VARIABLE_INFO_ENTRY VARIABLE_INFO_ENTRY;
///
/// This structure contains the variable list that is put in EFI system table.
/// The variable driver collects all variables that were used at boot service time and produces this list.
/// This is an optional feature to dump all used variables in shell environment.
///
struct _VARIABLE_INFO_ENTRY {
VARIABLE_INFO_ENTRY *Next; ///< Pointer to next entry.
EFI_GUID VendorGuid; ///< Guid of Variable.
CHAR16 *Name; ///< Name of Variable.
UINT32 Attributes; ///< Attributes of variable defined in UEFI spec.
UINT32 ReadCount; ///< Number of times to read this variable.
UINT32 WriteCount; ///< Number of times to write this variable.
UINT32 DeleteCount; ///< Number of times to delete this variable.
UINT32 CacheCount; ///< Number of times that cache hits this variable.
BOOLEAN Volatile; ///< TRUE if volatile, FALSE if non-volatile.
};
#endif // __AUTHENTICATED_VARIABLE_FORMAT_H__

View File

@@ -0,0 +1,76 @@
/** @file
Define the variable data structures used for TCG physical presence.
The TPM request from firmware or OS is saved to variable. And it is
cleared after it is processed in the next boot cycle. The TPM response
is saved to variable.
Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef __PHYSICAL_PRESENCE_DATA_GUID_H__
#define __PHYSICAL_PRESENCE_DATA_GUID_H__
#define EFI_PHYSICAL_PRESENCE_DATA_GUID \
{ \
0xf6499b1, 0xe9ad, 0x493d, { 0xb9, 0xc2, 0x2f, 0x90, 0x81, 0x5c, 0x6c, 0xbc }\
}
#define PHYSICAL_PRESENCE_VARIABLE L"PhysicalPresence"
typedef struct {
UINT8 PPRequest; ///< Physical Presence request command.
UINT8 LastPPRequest;
UINT32 PPResponse;
UINT8 Flags;
} EFI_PHYSICAL_PRESENCE;
//
// The definition bit of the flags
//
#define FLAG_NO_PPI_PROVISION BIT0
#define FLAG_NO_PPI_CLEAR BIT1
#define FLAG_NO_PPI_MAINTENANCE BIT2
#define FLAG_RESET_TRACK BIT3
#define H2NS(x) ((((x) << 8) | ((x) >> 8)) & 0xffff)
#define H2NL(x) (H2NS ((x) >> 16) | (H2NS ((x) & 0xffff) << 16))
//
// The definition of physical presence operation actions
//
#define NO_ACTION 0
#define ENABLE 1
#define DISABLE 2
#define ACTIVATE 3
#define DEACTIVATE 4
#define CLEAR 5
#define ENABLE_ACTIVATE 6
#define DEACTIVATE_DISABLE 7
#define SET_OWNER_INSTALL_TRUE 8
#define SET_OWNER_INSTALL_FALSE 9
#define ENABLE_ACTIVATE_OWNER_TRUE 10
#define DEACTIVATE_DISABLE_OWNER_FALSE 11
#define DEFERRED_PP_UNOWNERED_FIELD_UPGRADE 12
#define SET_OPERATOR_AUTH 13
#define CLEAR_ENABLE_ACTIVATE 14
#define SET_NO_PPI_PROVISION_FALSE 15
#define SET_NO_PPI_PROVISION_TRUE 16
#define SET_NO_PPI_CLEAR_FALSE 17
#define SET_NO_PPI_CLEAR_TRUE 18
#define SET_NO_PPI_MAINTENANCE_FALSE 19
#define SET_NO_PPI_MAINTENANCE_TRUE 20
#define ENABLE_ACTIVATE_CLEAR 21
#define ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE 22
extern EFI_GUID gEfiPhysicalPresenceGuid;
#endif

View File

@@ -0,0 +1,25 @@
/** @file
GUID for SecurityPkg PCD Token Space.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef _SECURITYPKG_TOKEN_SPACE_GUID_H_
#define _SECURITYPKG_TOKEN_SPACE_GUID_H_
#define SECURITYPKG_TOKEN_SPACE_GUID \
{ \
0xd3fb176, 0x9569, 0x4d51, { 0xa3, 0xef, 0x7d, 0x61, 0xc6, 0x4f, 0xea, 0xba } \
}
extern EFI_GUID gEfiSecurityPkgTokenSpaceGuid;
#endif

View File

@@ -0,0 +1,30 @@
/** @file
Defines the HOB GUID used to pass a TCG_PCR_EVENT from a TPM PEIM to
a TPM DXE Driver. A GUIDed HOB is generated for each measurement
made in the PEI Phase.
Copyright (c) 2007 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef _TCG_EVENT_HOB_H_
#define _TCG_EVENT_HOB_H_
///
/// The Global ID of a GUIDed HOB used to pass a TCG_PCR_EVENT from a TPM PEIM to a TPM DXE Driver.
///
#define EFI_TCG_EVENT_HOB_GUID \
{ \
0x2e3044ac, 0x879f, 0x490f, {0x97, 0x60, 0xbb, 0xdf, 0xaf, 0x69, 0x5f, 0x50 } \
}
extern EFI_GUID gTcgEventEntryHobGuid;
#endif

View File

@@ -0,0 +1,42 @@
/** @file
Provides a secure platform-specific method to clear PK(Platform Key).
Copyright (c) 2011, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef __PLATFORM_SECURE_LIB_H__
#define __PLATFORM_SECURE_LIB_H__
/**
This function detects whether a secure platform-specific method to clear PK(Platform Key)
is configured by platform owner. This method is provided for users force to clear PK
in case incorrect enrollment mis-haps.
UEFI231 spec chapter 27.5.2 stipulates: The platform key may also be cleared using
a secure platform-specific method. In this case, the global variable SetupMode
must also be updated to 1.
NOTE THAT: This function cannot depend on any EFI Variable Service since they are
not available when this function is called in AuthenticateVariable driver.
@retval TRUE The Platform owner wants to force clear PK.
@retval FALSE The Platform owner doesn't want to force clear PK.
**/
BOOLEAN
EFIAPI
ForceClearPK (
VOID
);
#endif

View File

@@ -0,0 +1,286 @@
/** @file
Ihis library is only intended to be used by TPM modules.
It provides basic TPM Interface Specification (TIS) and Command functions.
Copyright (c) 2005 - 2011, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef _TPM_COMM_LIB_H_
#define _TPM_COMM_LIB_H_
#include <IndustryStandard/Tpm12.h>
typedef EFI_HANDLE TIS_TPM_HANDLE;
///
/// TPM register base address.
///
#define TPM_BASE_ADDRESS 0xfed40000
//
// Set structure alignment to 1-byte
//
#pragma pack (1)
//
// Register set map as specified in TIS specification Chapter 10
//
typedef struct {
///
/// Used to gain ownership for this particular port.
///
UINT8 Access; // 0
UINT8 Reserved1[7]; // 1
///
/// Controls interrupts.
///
UINT32 IntEnable; // 8
///
/// SIRQ vector to be used by the TPM.
///
UINT8 IntVector; // 0ch
UINT8 Reserved2[3]; // 0dh
///
/// What caused interrupt.
///
UINT32 IntSts; // 10h
///
/// Shows which interrupts are supported by that particular TPM.
///
UINT32 IntfCapability; // 14h
///
/// Status Register. Provides status of the TPM.
///
UINT8 Status; // 18h
///
/// Number of consecutive writes that can be done to the TPM.
///
UINT16 BurstCount; // 19h
UINT8 Reserved3[9];
///
/// Read or write FIFO, depending on transaction.
///
UINT32 DataFifo; // 24
UINT8 Reserved4[0xed8]; // 28h
///
/// Vendor ID
///
UINT16 Vid; // 0f00h
///
/// Device ID
///
UINT16 Did; // 0f02h
///
/// Revision ID
///
UINT8 Rid; // 0f04h
///
/// TCG defined configuration registers.
///
UINT8 TcgDefined[0x7b]; // 0f05h
///
/// Alias to I/O legacy space.
///
UINT32 LegacyAddress1; // 0f80h
///
/// Additional 8 bits for I/O legacy space extension.
///
UINT32 LegacyAddress1Ex; // 0f84h
///
/// Alias to second I/O legacy space.
///
UINT32 LegacyAddress2; // 0f88h
///
/// Additional 8 bits for second I/O legacy space extension.
///
UINT32 LegacyAddress2Ex; // 0f8ch
///
/// Vendor-defined configuration registers.
///
UINT8 VendorDefined[0x70];// 0f90h
} TIS_PC_REGISTERS;
//
// Restore original structure alignment
//
#pragma pack ()
//
// Define pointer types used to access TIS registers on PC
//
typedef TIS_PC_REGISTERS *TIS_PC_REGISTERS_PTR;
//
// TCG Platform Type based on TCG ACPI Specification Version 1.00
//
#define TCG_PLATFORM_TYPE_CLIENT 0
#define TCG_PLATFORM_TYPE_SERVER 1
//
// Define bits of ACCESS and STATUS registers
//
///
/// This bit is a 1 to indicate that the other bits in this register are valid.
///
#define TIS_PC_VALID BIT7
///
/// Indicate that this locality is active.
///
#define TIS_PC_ACC_ACTIVE BIT5
///
/// Set to 1 to indicate that this locality had the TPM taken away while
/// this locality had the TIS_PC_ACC_ACTIVE bit set.
///
#define TIS_PC_ACC_SEIZED BIT4
///
/// Set to 1 to indicate that TPM MUST reset the
/// TIS_PC_ACC_ACTIVE bit and remove ownership for localities less than the
/// locality that is writing this bit.
///
#define TIS_PC_ACC_SEIZE BIT3
///
/// When this bit is 1, another locality is requesting usage of the TPM.
///
#define TIS_PC_ACC_PENDIND BIT2
///
/// Set to 1 to indicate that this locality is requesting to use TPM.
///
#define TIS_PC_ACC_RQUUSE BIT1
///
/// A value of 1 indicates that a T/OS has not been established on the platform
///
#define TIS_PC_ACC_ESTABLISH BIT0
///
/// When this bit is 1, TPM is in the Ready state,
/// indicating it is ready to receive a new command.
///
#define TIS_PC_STS_READY BIT6
///
/// Write a 1 to this bit to cause the TPM to execute that command.
///
#define TIS_PC_STS_GO BIT5
///
/// This bit indicates that the TPM has data available as a response.
///
#define TIS_PC_STS_DATA BIT4
///
/// The TPM sets this bit to a value of 1 when it expects another byte of data for a command.
///
#define TIS_PC_STS_EXPECT BIT3
///
/// Writes a 1 to this bit to force the TPM to re-send the response.
///
#define TIS_PC_STS_RETRY BIT1
//
// Default TimeOut value
//
#define TIS_TIMEOUT_B 2000 * 1000 // 2s
#define TIS_TIMEOUT_C 750 * 1000 // 750ms
#define TIS_TIMEOUT_D 750 * 1000 // 750ms
//
// Max TPM command/reponse length
//
#define TPMCMDBUFLENGTH 1024
/**
Check whether the value of a TPM chip register satisfies the input BIT setting.
@param[in] Register Address port of register to be checked.
@param[in] BitSet Check these data bits are set.
@param[in] BitClear Check these data bits are clear.
@param[in] TimeOut The max wait time (unit MicroSecond) when checking register.
@retval EFI_SUCCESS The register satisfies the check bit.
@retval EFI_TIMEOUT The register can't run into the expected status in time.
**/
EFI_STATUS
EFIAPI
TisPcWaitRegisterBits (
IN UINT8 *Register,
IN UINT8 BitSet,
IN UINT8 BitClear,
IN UINT32 TimeOut
);
/**
Get BurstCount by reading the burstCount field of a TIS regiger
in the time of default TIS_TIMEOUT_D.
@param[in] TisReg Pointer to TIS register.
@param[out] BurstCount Pointer to a buffer to store the got BurstConut.
@retval EFI_SUCCESS Get BurstCount.
@retval EFI_INVALID_PARAMETER TisReg is NULL or BurstCount is NULL.
@retval EFI_TIMEOUT BurstCount can't be got in time.
**/
EFI_STATUS
EFIAPI
TisPcReadBurstCount (
IN TIS_PC_REGISTERS_PTR TisReg,
OUT UINT16 *BurstCount
);
/**
Set TPM chip to ready state by sending ready command TIS_PC_STS_READY
to Status Register in time.
@param[in] TisReg Pointer to TIS register.
@retval EFI_SUCCESS TPM chip enters into ready state.
@retval EFI_INVALID_PARAMETER TisReg is NULL.
@retval EFI_TIMEOUT TPM chip can't be set to ready state in time.
**/
EFI_STATUS
EFIAPI
TisPcPrepareCommand (
IN TIS_PC_REGISTERS_PTR TisReg
);
/**
Get the control of TPM chip by sending requestUse command TIS_PC_ACC_RQUUSE
to ACCESS Register in the time of default TIS_TIMEOUT_D.
@param[in] TisReg Pointer to TIS register.
@retval EFI_SUCCESS Get the control of TPM chip.
@retval EFI_INVALID_PARAMETER TisReg is NULL.
@retval EFI_NOT_FOUND TPM chip doesn't exit.
@retval EFI_TIMEOUT Can't get the TPM control in time.
**/
EFI_STATUS
EFIAPI
TisPcRequestUseTpm (
IN TIS_PC_REGISTERS_PTR TisReg
);
/**
Single function calculates SHA1 digest value for all raw data. It
combines Sha1Init(), Sha1Update() and Sha1Final().
@param[in] Data Raw data to be digested.
@param[in] DataLen Size of the raw data.
@param[out] Digest Pointer to a buffer that stores the final digest.
@retval EFI_SUCCESS Always successfully calculate the final digest.
**/
EFI_STATUS
EFIAPI
TpmCommHashAll (
IN CONST UINT8 *Data,
IN UINTN DataLen,
OUT TPM_DIGEST *Digest
);
#endif

View File

@@ -0,0 +1,60 @@
/** @file
This file defines the lock physical Presence PPI. This PPI is
produced by a platform specific PEIM and consumed by the TPM
PEIM.
Copyright (c) 2011, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef __PEI_LOCK_PHYSICAL_PRESENCE_H__
#define __PEI_LOCK_PHYSICAL_PRESENCE_H__
///
/// Global ID for the PEI_LOCK_PHYSICAL_PRESENCE_PPI_GUID.
///
#define PEI_LOCK_PHYSICAL_PRESENCE_PPI_GUID \
{ \
0xef9aefe5, 0x2bd3, 0x4031, { 0xaf, 0x7d, 0x5e, 0xfe, 0x5a, 0xbb, 0x9a, 0xd } \
}
///
/// Forward declaration for the PEI_LOCK_PHYSICAL_PRESENCE_PPI
///
typedef struct _PEI_LOCK_PHYSICAL_PRESENCE_PPI PEI_LOCK_PHYSICAL_PRESENCE_PPI;
/**
This interface returns whether TPM physical presence needs be locked.
@param[in] PeiServices The pointer to the PEI Services Table.
@retval TRUE The TPM physical presence should be locked.
@retval FALSE The TPM physical presence cannot be locked.
**/
typedef
BOOLEAN
(EFIAPI *PEI_LOCK_PHYSICAL_PRESENCE)(
IN CONST EFI_PEI_SERVICES **PeiServices
);
///
/// This service abstracts TPM physical presence lock interface. It is necessary for
/// safety to convey this information to the TPM driver so that TPM physical presence
/// can be locked as early as possible. This PPI is produced by a platform specific
/// PEIM and consumed by the TPM PEIM.
///
struct _PEI_LOCK_PHYSICAL_PRESENCE_PPI {
PEI_LOCK_PHYSICAL_PRESENCE LockPhysicalPresence;
};
extern EFI_GUID gPeiLockPhysicalPresencePpiGuid;
#endif // __PEI_LOCK_PHYSICAL_PRESENCE_H__

View File

@@ -0,0 +1,30 @@
/** @file
Tag GUID that must be installed by the TPM PEIM after the TPM hardware is
initialized. PEIMs that must execute after TPM hardware initialization
may use this GUID in their dependency expressions.
Copyright (c) 2008 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef _PEI_TPM_INITIALIZED_PPI_H_
#define _PEI_TPM_INITIALIZED_PPI_H_
///
/// Global ID for the PEI_TPM_INITIALIZED_PPI which always uses a NULL interface.
///
#define PEI_TPM_INITIALIZED_PPI_GUID \
{ \
0xe9db0d58, 0xd48d, 0x47f6, 0x9c, 0x6e, 0x6f, 0x40, 0xe8, 0x6c, 0x7b, 0x41 \
}
extern EFI_GUID gPeiTpmInitializedPpiGuid;
#endif