diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
index 6f46d595de..40d5cd5fb6 100644
--- a/MdeModulePkg/MdeModulePkg.dec
+++ b/MdeModulePkg/MdeModulePkg.dec
@@ -559,6 +559,9 @@
## Include/Protocol/SmmEndofS3Resume.h
gEdkiiSmmEndOfS3ResumeProtocolGuid = { 0x96f5296d, 0x05f7, 0x4f3c, {0x84, 0x67, 0xe4, 0x56, 0x89, 0x0e, 0x0c, 0xb5 } }
+ ## Include/Protocol/SmmMemoryAttribute.h
+ gEdkiiSmmMemoryAttributeProtocolGuid = { 0x69b792ea, 0x39ce, 0x402d, { 0xa2, 0xa6, 0xf7, 0x21, 0xde, 0x35, 0x1d, 0xfe } }
+
#
# [Error.gEfiMdeModulePkgTokenSpaceGuid]
# 0x80000001 | Invalid value provided.
@@ -889,6 +892,63 @@
# @Prompt Init Value in Temp Stack
gEfiMdeModulePkgTokenSpaceGuid.PcdInitValueInTempStack|0x5AA55AA5|UINT32|0x30001051
+ ## Indicates which type allocation need guard page.
+ # Below is bit mask for this PCD: (Order is same as UEFI spec)
+ # EfiReservedMemoryType 0x0000000000000001
+ # EfiLoaderCode 0x0000000000000002
+ # EfiLoaderData 0x0000000000000004
+ # EfiBootServicesCode 0x0000000000000008
+ # EfiBootServicesData 0x0000000000000010
+ # EfiRuntimeServicesCode 0x0000000000000020
+ # EfiRuntimeServicesData 0x0000000000000040
+ # EfiConventionalMemory 0x0000000000000080
+ # EfiUnusableMemory 0x0000000000000100
+ # EfiACPIReclaimMemory 0x0000000000000200
+ # EfiACPIMemoryNVS 0x0000000000000400
+ # EfiMemoryMappedIO 0x0000000000000800
+ # EfiMemoryMappedIOPortSpace 0x0000000000001000
+ # EfiPalCode 0x0000000000002000
+ # EfiPersistentMemory 0x0000000000004000
+ # OEM Reserved 0x4000000000000000
+ # OS Reserved 0x8000000000000000
+ # e.g. LoaderCode+LoaderData+BootServicesCode+BootServicesData are needed, 0x1E should be used.
+ # @Prompt The memory type mask for Page Guard.
+ gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPageType|0x0|UINT64|0x30001052
+
+ ## Indicates which type allocation need guard page.
+ # Below is bit mask for this PCD: (Order is same as UEFI spec)
+ # EfiReservedMemoryType 0x0000000000000001
+ # EfiLoaderCode 0x0000000000000002
+ # EfiLoaderData 0x0000000000000004
+ # EfiBootServicesCode 0x0000000000000008
+ # EfiBootServicesData 0x0000000000000010
+ # EfiRuntimeServicesCode 0x0000000000000020
+ # EfiRuntimeServicesData 0x0000000000000040
+ # EfiConventionalMemory 0x0000000000000080
+ # EfiUnusableMemory 0x0000000000000100
+ # EfiACPIReclaimMemory 0x0000000000000200
+ # EfiACPIMemoryNVS 0x0000000000000400
+ # EfiMemoryMappedIO 0x0000000000000800
+ # EfiMemoryMappedIOPortSpace 0x0000000000001000
+ # EfiPalCode 0x0000000000002000
+ # EfiPersistentMemory 0x0000000000004000
+ # OEM Reserved 0x4000000000000000
+ # OS Reserved 0x8000000000000000
+ # e.g. LoaderCode+LoaderData+BootServicesCode+BootServicesData are needed, 0x1E should be used.
+ # @Prompt The memory type mask for Pool Guard.
+ gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPoolType|0x0|UINT64|0x30001053
+
+ ## This mask is to control Heap Guard behavior.
+ # BIT0 - Enable UEFI page guard.
+ # BIT1 - Enable UEFI pool guard.
+ # BIT2 - Enable SMM page guard.
+ # BIT3 - Enable SMM pool guard.
+ # BIT7 - The direction of Guard Page for Pool Guard.
+ # 0 - The returned pool is adjacent to the bottom guard page.
+ # 1 - The returned pool is adjacent to the top guard page.
+ # @Prompt The Heap Guard feature mask
+ gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask|0x0|UINT8|0x30001054
+
[PcdsFixedAtBuild, PcdsPatchableInModule]
## Dynamic type PCD can be registered callback function for Pcd setting action.
# PcdMaxPeiPcdCallBackNumberPerPcdEntry indicates the maximum number of callback function
diff --git a/MdeModulePkg/MdeModulePkg.uni b/MdeModulePkg/MdeModulePkg.uni
index ce9de4897a..827fbbccf9 100644
--- a/MdeModulePkg/MdeModulePkg.uni
+++ b/MdeModulePkg/MdeModulePkg.uni
@@ -1146,3 +1146,61 @@
"SEC fills the full temp stack with this values. When switch stack, PeiCore can check\n"
"this value in the temp stack to know how many stack has been used.\n"
+#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPageType_PROMPT #language en-US "The memory type mask for Page Guard"
+
+#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPageType_HELP #language en-US "Indicates which type allocation need guard page.\n"
+ " Below is bit mask for this PCD: (Order is same as UEFI spec)
\n"
+ " EfiReservedMemoryType 0x0000000000000001\n"
+ " EfiLoaderCode 0x0000000000000002\n"
+ " EfiLoaderData 0x0000000000000004\n"
+ " EfiBootServicesCode 0x0000000000000008\n"
+ " EfiBootServicesData 0x0000000000000010\n"
+ " EfiRuntimeServicesCode 0x0000000000000020\n"
+ " EfiRuntimeServicesData 0x0000000000000040\n"
+ " EfiConventionalMemory 0x0000000000000080\n"
+ " EfiUnusableMemory 0x0000000000000100\n"
+ " EfiACPIReclaimMemory 0x0000000000000200\n"
+ " EfiACPIMemoryNVS 0x0000000000000400\n"
+ " EfiMemoryMappedIO 0x0000000000000800\n"
+ " EfiMemoryMappedIOPortSpace 0x0000000000001000\n"
+ " EfiPalCode 0x0000000000002000\n"
+ " EfiPersistentMemory 0x0000000000004000\n"
+ " OEM Reserved 0x4000000000000000\n"
+ " OS Reserved 0x8000000000000000\n"
+ " e.g. LoaderCode+LoaderData+BootServicesCode+BootServicesData are needed, 0x1E should be used.
"
+
+#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPoolType_PROMPT #language en-US "The memory type mask for Pool Guard"
+
+#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPoolType_HELP #language en-US "Indicates which type allocation need guard page.\n"
+ " Below is bit mask for this PCD: (Order is same as UEFI spec)
\n"
+ " EfiReservedMemoryType 0x0000000000000001\n"
+ " EfiLoaderCode 0x0000000000000002\n"
+ " EfiLoaderData 0x0000000000000004\n"
+ " EfiBootServicesCode 0x0000000000000008\n"
+ " EfiBootServicesData 0x0000000000000010\n"
+ " EfiRuntimeServicesCode 0x0000000000000020\n"
+ " EfiRuntimeServicesData 0x0000000000000040\n"
+ " EfiConventionalMemory 0x0000000000000080\n"
+ " EfiUnusableMemory 0x0000000000000100\n"
+ " EfiACPIReclaimMemory 0x0000000000000200\n"
+ " EfiACPIMemoryNVS 0x0000000000000400\n"
+ " EfiMemoryMappedIO 0x0000000000000800\n"
+ " EfiMemoryMappedIOPortSpace 0x0000000000001000\n"
+ " EfiPalCode 0x0000000000002000\n"
+ " EfiPersistentMemory 0x0000000000004000\n"
+ " OEM Reserved 0x4000000000000000\n"
+ " OS Reserved 0x8000000000000000\n"
+ " e.g. LoaderCode+LoaderData+BootServicesCode+BootServicesData are needed, 0x1E should be used.
"
+
+
+#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPropertyMask_PROMPT #language en-US "The Heap Guard feature mask"
+
+#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPropertyMask_HELP #language en-US "This mask is to control Heap Guard behavior.\n"
+ " BIT0 - Enable UEFI page guard.
\n"
+ " BIT1 - Enable UEFI pool guard.
\n"
+ " BIT2 - Enable SMM page guard.
\n"
+ " BIT3 - Enable SMM pool guard.
\n"
+ " BIT7 - The direction of Guard Page for Pool Guard.\n"
+ " 0 - The returned pool is adjacent to the bottom guard page.
\n"
+ " 1 - The returned pool is adjacent to the top guard page.
"
+