SecurityPkg: INF/DEC file updates to EDK II packages

1. Usage information in INF file comment blocks are either incomplete or incorrect.  
This includes usage information for Protocols/PPIs/GUIDs/PCDs/HOBs/Events/BootModes.  
The syntax for usage information in comment blocks is defined in the EDK II Module Information (INF) Specification

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dong, Guo <guo.dong@intel.com>
Reviewed-by: Gao, Liming <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15950 6f19259b-4bc3-4df7-8a09-765794883524

SecurityPkg/Application/RngTest/RngTest.inf

@@ -1,7 +1,10 @@
 ## @file
 #  UEFI RNG (Random Number Generator) Protocol test application.
 #  
-#  Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+#  This application can print out the supported RNG algorithm in UEFI RNG Protocol. 
+#  And then it will do a generation test on the supported RNG algorithm.  
+#
+#  Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD License
 #  which accompanies this distribution. The full text of the license may be found at
@@ -19,6 +22,7 @@
   MODULE_TYPE                    = UEFI_APPLICATION
   VERSION_STRING                 = 1.0
   ENTRY_POINT                    = UefiMain
+  MODULE_UNI_FILE                = RngTest.uni
 
 #
 # The following information is for reference only and not required by the build tools.
@@ -39,12 +43,15 @@
   UefiLib
 
 [Protocols]
-  gEfiRngProtocolGuid
+  gEfiRngProtocolGuid            ## CONSUMES
 
 [Guids]
-  gEfiRngAlgorithmSp80090Hash256Guid
+  gEfiRngAlgorithmSp80090Hash256Guid    ## SOMETIMES_CONSUMES    ## GUID        # Unique ID of the algorithm for RNG
-  gEfiRngAlgorithmSp80090Hmac256Guid
+  gEfiRngAlgorithmSp80090Hmac256Guid    ## SOMETIMES_CONSUMES    ## GUID        # Unique ID of the algorithm for RNG
-  gEfiRngAlgorithmSp80090Ctr256Guid
+  gEfiRngAlgorithmSp80090Ctr256Guid     ## SOMETIMES_CONSUMES    ## GUID        # Unique ID of the algorithm for RNG
-  gEfiRngAlgorithmX9313DesGuid
+  gEfiRngAlgorithmX9313DesGuid          ## SOMETIMES_CONSUMES    ## GUID        # Unique ID of the algorithm for RNG
-  gEfiRngAlgorithmX931AesGuid
+  gEfiRngAlgorithmX931AesGuid           ## SOMETIMES_CONSUMES    ## GUID        # Unique ID of the algorithm for RNG
-  gEfiRngAlgorithmRaw
+  gEfiRngAlgorithmRaw                   ## SOMETIMES_CONSUMES    ## GUID        # Unique ID of the algorithm for RNG
+  
+  [UserExtensions.TianoCore."ExtraFiles"]
+  RngTestExtra.uni

SecurityPkg/Application/VariableInfo/VariableInfo.inf

@@ -1,11 +1,12 @@
 ## @file
-#  This is a shell application that will display statistical information 
+#  A shell application that displays statistical information about variable usage
-#  about variable usage.
-#  Note that if Variable Dxe driver doesn't enable the feature by setting 
-#  PcdVariableCollectStatistics as TRUE, The application will not display 
-#  variable statistical information.
 #
-# Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
+#  This application can display statistical information about variable usage for SMM variable
+#  driver and non-SMM variable driver.
+#  Note that if Variable Dxe driver doesn't enable the feature by setting PcdVariableCollectStatistics
+#  as TRUE, the application will not display variable statistical information.
+#
+# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -18,6 +19,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = VariableInfo
+  MODULE_UNI_FILE                = VariableInfo.uni
   FILE_GUID                      = B9EF901F-A2A2-4fc8-8D2B-3A2E07B301CC
   MODULE_TYPE                    = UEFI_APPLICATION
   VERSION_STRING                 = 1.0
@@ -46,9 +48,16 @@
   MemoryAllocationLib
 
 [Protocols]
-  gEfiSmmCommunicationProtocolGuid
+  gEfiSmmCommunicationProtocolGuid     ## SOMETIMES_CONSUMES
+  
+    ## UNDEFINED           # Used to do smm communication
+    ## SOMETIMES_CONSUMES 
   gEfiSmmVariableProtocolGuid 
   
 [Guids]
-  gEfiAuthenticatedVariableGuid        ## CONSUMES ## Configuration Table Guid
+  gEfiAuthenticatedVariableGuid        ## SOMETIMES_CONSUMES    ## SystemTable
-  gEfiVariableGuid                     ## CONSUMES ## Configuration Table Guid
+  gEfiVariableGuid                     ## CONSUMES              ## SystemTable
+
+[UserExtensions.TianoCore."ExtraFiles"]
+  VariableInfoExtra.uni
+  

SecurityPkg/Library/DxeDeferImageLoadLib/DxeDeferImageLoadLib.inf

@@ -1,7 +1,11 @@
 ## @file
-#  The library instance provides security service of deferring image load.
+#  Provides security service of deferred image load
 #
-# Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
+#  The platform may need to defer the execution of an image because of security 
+#  considerations. These deferred images will be recorded and then reported by 
+#  installing an instance of the EFI_DEFERRED_IMAGE_LOAD_PROTOCOL.
+#
+# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -14,6 +18,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = DxeDeferImageLoadLib
+  MODULE_UNI_FILE                = DxeDeferImageLoadLib.uni
   FILE_GUID                      = 5E2FAE1F-41DA-4fbd-BC81-603CE5CD8497
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
@@ -48,14 +53,16 @@
   PcdLib 
 
 [Protocols]
-  gEfiFirmwareVolume2ProtocolGuid
+  gEfiFirmwareVolume2ProtocolGuid                        ## SOMETIMES_CONSUMES
-  gEfiBlockIoProtocolGuid
+  gEfiBlockIoProtocolGuid                                ## SOMETIMES_CONSUMES
-  gEfiSimpleFileSystemProtocolGuid
+  gEfiSimpleFileSystemProtocolGuid                       ## SOMETIMES_CONSUMES
+  gEfiDeferredImageLoadProtocolGuid                      ## SOMETIMES_PRODUCES
+  ## SOMETIMES_CONSUMES
+  ## NOTIFY
   gEfiUserManagerProtocolGuid
-  gEfiDeferredImageLoadProtocolGuid
    
 [Guids]
-  gEfiGlobalVariableGuid
+  gEfiGlobalVariableGuid                                  ## SOMETIMES_CONSUMES  ## Variable:L"BootOrder"
   
 [Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdDeferImageLoadPolicy
+  gEfiSecurityPkgTokenSpaceGuid.PcdDeferImageLoadPolicy   ## SOMETIMES_CONSUMES

SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticationStatusLib.inf

@@ -1,9 +1,9 @@
 ## @file
-#  The library instance provides security service of image authentication 
+#  Provides security service of image authentication status check
-#  status check in UEFI2.3.1.
+#
 #  Authentication Status Library module supports UEFI2.3.1
 #
-# Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2012 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -16,6 +16,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = DxeImageAuthenticationStatusLib
+  MODULE_UNI_FILE                = DxeImageAuthenticationStatusLib.uni
   FILE_GUID                      = EB92D1DE-7C36-4680-BB88-A67E96049F72
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0

SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf

@@ -1,13 +1,14 @@
 ## @file
-#  The library instance provides security service of image verification.
+#  Provides security service of image verification
-#  Image verification Library module supports UEFI2.3.1
+#
+#  This library hooks LoadImage() API to verify every image by the verification policy.
 #
 #  Caution: This module requires additional review when modified.
 #  This library will have external input - PE/COFF image.
-#  This external input must be validated carefully to avoid security issue like
+#  This external input must be validated carefully to avoid security issues such as
-#  buffer overflow, integer overflow.
+#  buffer overflow or integer overflow.
 #
-# Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -20,6 +21,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = DxeImageVerificationLib
+  MODULE_UNI_FILE                = DxeImageVerificationLib.uni
   FILE_GUID                      = 0CA970E1-43FA-4402-BC0A-81AF336BFFD6
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
@@ -58,20 +60,30 @@
   TpmMeasurementLib
 
 [Protocols]
-  gEfiFirmwareVolume2ProtocolGuid
+  gEfiFirmwareVolume2ProtocolGuid       ## SOMETIMES_CONSUMES
-  gEfiBlockIoProtocolGuid
+  gEfiBlockIoProtocolGuid               ## SOMETIMES_CONSUMES
-  gEfiSimpleFileSystemProtocolGuid
+  gEfiSimpleFileSystemProtocolGuid      ## SOMETIMES_CONSUMES
 
 [Guids]
-  gEfiCertTypeRsa2048Sha256Guid
+  ## SOMETIMES_CONSUMES   ## Variable:L"DB"
+  ## SOMETIMES_CONSUMES   ## Variable:L"DBX"
+  ## PRODUCES             ## SystemTable
+  ## CONSUMES             ## SystemTable
   gEfiImageSecurityDatabaseGuid
+
+  ## SOMETIMES_CONSUMES   ## GUID       # Unique ID for the type of the signature.
+  ## SOMETIMES_PRODUCES   ## GUID       # Unique ID for the type of the signature.
   gEfiCertSha1Guid
+  
+  ## SOMETIMES_CONSUMES   ## GUID       # Unique ID for the type of the signature.
+  ## SOMETIMES_PRODUCES   ## GUID       # Unique ID for the type of the signature.
   gEfiCertSha256Guid
-  gEfiCertX509Guid
+
-  gEfiCertRsa2048Guid
+  gEfiCertX509Guid                      ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the signature.
-  gEfiCertPkcs7Guid
+  gEfiCertPkcs7Guid                     ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the certificate.
   
 [Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy
+  gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy          ## SOMETIMES_CONSUMES
-  gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy
+  gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy     ## SOMETIMES_CONSUMES
-  gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy
+  gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy         ## SOMETIMES_CONSUMES
+  

SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.inf

@@ -1,12 +1,15 @@
 ## @file
-# TCG physical presence library instance. This library will lock
+#  Executes pending TPM 1.2 requests from OS or BIOS and Locks TPM
-# TPM after executing TPM request.
+#
+#  This library will check and execute TPM 1.2 request from OS or BIOS. The request may
+#  ask for user confirmation before execution. This Library will also lock TPM physical 
+#  presence at last.
 #
 #  Caution: This module requires additional review when modified.
 #  This driver will have external input - variable.
 #  This external input must be validated carefully to avoid security issue.
 #
-# Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -19,6 +22,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = DxeTcgPhysicalPresenceLib
+  MODULE_UNI_FILE                = DxeTcgPhysicalPresenceLib.uni
   FILE_GUID                      = EBC43A46-34AC-4F07-A7F5-A5394619361C
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
@@ -52,8 +56,13 @@
   HiiLib
 
 [Protocols]
-  gEfiTcgProtocolGuid
+  gEfiTcgProtocolGuid                   ## CONSUMES
-  gEdkiiVariableLockProtocolGuid
+  gEdkiiVariableLockProtocolGuid        ## CONSUMES
 
 [Guids]
+  ## CONSUMES           ## HII
+  ## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence"
+  ## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresence"
+  ## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresenceFlags"
+  ## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresenceFlags"
   gEfiPhysicalPresenceGuid

SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf

@@ -1,12 +1,15 @@
 ## @file
-#  The library instance provides security service of TPM2 measure boot.
+#  Provides security service for TPM 2.0 measured boot
+#
+#  This library instance hooks LoadImage() API to measure every image that 
+#  is not measured in PEI phase. And, it will also measure GPT partition.
 #
 #  Caution: This module requires additional review when modified.
 #  This library will have external input - PE/COFF image and GPT partition.
-#  This external input must be validated carefully to avoid security issue like
+#  This external input must be validated carefully to avoid security issues such 
-#  buffer overflow, integer overflow.
+#  as buffer overflow or integer overflow.
 #
-# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -19,6 +22,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = DxeTpm2MeasureBootLib
+  MODULE_UNI_FILE                = DxeTpm2MeasureBootLib.uni
   FILE_GUID                      = 778CE4F4-36BD-4ae7-B8F0-10B420B0D174
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
@@ -53,11 +57,11 @@
   HobLib
 
 [Guids]
-  gMeasuredFvHobGuid
+  gMeasuredFvHobGuid                    ## SOMETIMES_CONSUMES ## HOB
 
 [Protocols]
-  gEfiTrEEProtocolGuid                   ## CONSUMES
+  gEfiTrEEProtocolGuid                  ## SOMETIMES_CONSUMES
-  gEfiFirmwareVolumeBlockProtocolGuid   ## CONSUMES
+  gEfiFirmwareVolumeBlockProtocolGuid   ## SOMETIMES_CONSUMES
-  gEfiBlockIoProtocolGuid               ## CONSUMES
+  gEfiBlockIoProtocolGuid               ## SOMETIMES_CONSUMES
-  gEfiDiskIoProtocolGuid                ## CONSUMES
+  gEfiDiskIoProtocolGuid                ## SOMETIMES_CONSUMES
 

SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf

@@ -1,12 +1,15 @@
 ## @file
-#  The library instance provides security service of TPM measure boot.
+#  Provides security service for TPM 1.2 measured boot
+#
+#  This library instance hooks LoadImage() API to measure every image that 
+#  is not measured in PEI phase. And, it will also measure GPT partition.
 #
 #  Caution: This module requires additional review when modified.
 #  This library will have external input - PE/COFF image and GPT partition.
-#  This external input must be validated carefully to avoid security issue like
+#  This external input must be validated carefully to avoid security issues such 
-#  buffer overflow, integer overflow.
+#  as buffer overflow or integer overflow.
 #
-# Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -19,6 +22,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = DxeTpmMeasureBootLib
+  MODULE_UNI_FILE                = DxeTpmMeasureBootLib.uni
   FILE_GUID                      = 6C60C7D0-922A-4b7c-87D7-E503EDD73BBF
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
@@ -53,11 +57,11 @@
   HobLib
 
 [Guids]
-  gMeasuredFvHobGuid
+  gMeasuredFvHobGuid                    ## SOMETIMES_CONSUMES ## HOB
 
 [Protocols]
-  gEfiTcgProtocolGuid                   ## CONSUMES
+  gEfiTcgProtocolGuid                   ## SOMETIMES_CONSUMES
-  gEfiFirmwareVolumeBlockProtocolGuid   ## CONSUMES
+  gEfiFirmwareVolumeBlockProtocolGuid   ## SOMETIMES_CONSUMES
-  gEfiBlockIoProtocolGuid               ## CONSUMES
+  gEfiBlockIoProtocolGuid               ## SOMETIMES_CONSUMES
-  gEfiDiskIoProtocolGuid                ## CONSUMES
+  gEfiDiskIoProtocolGuid                ## SOMETIMES_CONSUMES
 

SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf

@@ -1,7 +1,10 @@
 ## @file
-#  This library is used by other modules to measure data to TPM 1.2 or TPM 2.0.
+#  Provides TPM measurement functions for TPM1.2 and TPM 2.0
 # 
-# Copyright (c) 2012 - 2013, Intel Corporation. All rights reserved.<BR>
+#  This library provides TpmMeasureAndLogData() to to measure and log data, and 
+#  extend the measurement result into a specific PCR.
+#
+# Copyright (c) 2012 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -18,6 +21,7 @@
   MODULE_TYPE                    = UEFI_DRIVER
   VERSION_STRING                 = 1.0
   LIBRARY_CLASS                  = TpmMeasurementLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER 
+  MODULE_UNI_FILE                = DxeTpmMeasurementLib.uni
 
 #
 # The following information is for reference only and not required by the build tools.
@@ -40,5 +44,5 @@
   UefiBootServicesTableLib
 
 [Protocols]
-  gEfiTcgProtocolGuid
+  gEfiTcgProtocolGuid           ## SOMETIMES_CONSUMES
-  gEfiTrEEProtocolGuid
+  gEfiTrEEProtocolGuid          ## SOMETIMES_CONSUMES

SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.inf

@@ -1,11 +1,14 @@
 ## @file
-# TrEE physical presence library instance. This library will execute TPM2 request.
+#  Executes TPM 2.0 requests from OS or BIOS
+#
+#  This library will check and execute TPM 2.0 request from OS or BIOS. The request may
+#  ask for user confirmation before execution.
 #
 #  Caution: This module requires additional review when modified.
 #  This driver will have external input - variable.
 #  This external input must be validated carefully to avoid security issue.
 #
-# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -18,6 +21,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = DxeTrEEPhysicalPresenceLib
+  MODULE_UNI_FILE                = DxeTrEEPhysicalPresenceLib.uni
   FILE_GUID                      = 601ECB06-7874-489e-A280-805780F6C861
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
@@ -52,8 +56,13 @@
   Tpm2CommandLib
 
 [Protocols]
-  gEfiTrEEProtocolGuid
+  gEfiTrEEProtocolGuid                 ## CONSUMES
-  gEdkiiVariableLockProtocolGuid
+  gEdkiiVariableLockProtocolGuid       ## CONSUMES
 
 [Guids]
+  ## CONSUMES           ## HII
+  ## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence"
+  ## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresence"
+  ## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresenceFlags"
+  ## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresenceFlags"
   gEfiTrEEPhysicalPresenceGuid

SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf

@@ -1,8 +1,9 @@
 ## @file
-#  Ihis library is BaseCrypto SHA1 hash instance.
+#  Provides BaseCrypto SHA1 hash service
-#  It can be registered to BaseCrypto router, to serve as hash engine.
 #
-# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+#  This library can be registered to BaseCrypto router, to serve as hash engine.
+#
+# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -15,6 +16,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = HashInstanceLibSha1
+  MODULE_UNI_FILE                = HashInstanceLibSha1.uni
   FILE_GUID                      = 9A7A6AB4-9DA6-4aa4-90CB-6D4B79EDA7B9
   MODULE_TYPE                    = BASE
   VERSION_STRING                 = 1.0

SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf

@@ -1,8 +1,9 @@
 ## @file
-#  Ihis library is BaseCrypto SHA256 hash instance.
+#  Provides BaseCrypto SHA256 hash service
-#  It can be registered to BaseCrypto router, to serve as hash engine.
 #
-# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+#  This library can be registered to BaseCrypto router, to serve as hash engine.
+#
+# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -15,6 +16,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = HashInstanceLibSha256
+  MODULE_UNI_FILE                = HashInstanceLibSha256.uni
   FILE_GUID                      = 5810798A-ED30-4080-8DD7-B9667A748C02
   MODULE_TYPE                    = BASE
   VERSION_STRING                 = 1.0

SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf

@@ -1,9 +1,11 @@
 ## @file
-#  Ihis library is BaseCrypto router. It will redirect hash request to each individual
+#  Provides hash service by registered hash handler
-#  hash handler registerd, such as SHA1, SHA256.
-#  Platform can use PcdTpm2HashMask to mask some hash engines.
 #
-# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+#  Ihis library is BaseCrypto router. It will redirect hash request to each individual
+#  hash handler registered, such as SHA1, SHA256. Platform can use PcdTpm2HashMask to 
+#  mask some hash engines.
+#
+# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -16,6 +18,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = HashLibBaseCryptoRouterDxe
+  MODULE_UNI_FILE                = HashLibBaseCryptoRouterDxe.uni
   FILE_GUID                      = 158DC712-F15A-44dc-93BB-1675045BE066
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
@@ -45,5 +48,5 @@
   PcdLib
 
 [Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask       ## CONSUMES
 

SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf

@@ -1,7 +1,9 @@
 ## @file
+#  Provides hash service by registered hash handler
+#
 #  Ihis library is BaseCrypto router. It will redirect hash request to each individual
-#  hash handler registerd, such as SHA1, SHA256.
+#  hash handler registered, such as SHA1, SHA256. Platform can use PcdTpm2HashMask to 
-#  Platform can use PcdTpm2HashMask to mask some hash engines.
+#  mask some hash engines.
 #
 # Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
@@ -16,6 +18,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = HashLibBaseCryptoRouterPei
+  MODULE_UNI_FILE                = HashLibBaseCryptoRouterPei.uni
   FILE_GUID                      = DDCBCFBA-8EEB-488a-96D6-097831A6E50B
   MODULE_TYPE                    = PEIM
   VERSION_STRING                 = 1.0
@@ -46,5 +49,5 @@
   HobLib
 
 [Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask        ## CONSUMES
 

SecurityPkg/Library/HashLibTpm2/HashLibTpm2.inf

@@ -1,7 +1,10 @@
 ## @file
-#  Ihis library uses TPM2 device to calculation hash.
+#  Provides hash service using TPM2 device
 #
-# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+#  This library uses TPM2 device to calculate hash. Platform can use PcdTpm2HashMask to 
+#  mask some hash calculation.
+#
+# Copyright (c) 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -14,6 +17,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = HashLibTpm2
+  MODULE_UNI_FILE                = HashLibTpm2.uni
   FILE_GUID                      = 1317F0D5-7842-475c-B1CA-6EDC20DCBE7D
   MODULE_TYPE                    = BASE
   VERSION_STRING                 = 1.0
@@ -42,4 +46,4 @@
   PcdLib
 
 [Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask         ## CONSUMES

SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf

@@ -1,10 +1,12 @@
 ## @file
+#  NULL platform secure library instance that alway returns TRUE for a user physical present
+#
 #  NULL PlatformSecureLib instance does NOT really detect whether a physical present 
-#  user exists but return TRUE directly. This instance can be used to verify security
+#  user exists but returns TRUE directly. This instance can be used to verify security
 #  related features during platform enabling and development. It should be replaced
 #  by a platform-specific method(e.g. Button pressed) in a real platform for product.
 #
-# Copyright (c) 2011, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -17,6 +19,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = PlatformSecureLibNull
+  MODULE_UNI_FILE                = PlatformSecureLibNull.uni
   FILE_GUID                      = 7FA68D82-10A4-4e71-9524-D3D9500D3CDF
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0

SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf

@@ -1,7 +1,9 @@
 ## @file
-#  This library is used by other modules to send TPM12 command.
+#  Provides some TPM 1.2 commands
 #
-# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+#  This library is used by other modules to send TPM 1.2 command.
+#
+# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -14,6 +16,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = Tpm12CommandLib
+  MODULE_UNI_FILE                = Tpm12CommandLib.uni
   FILE_GUID                      = C595047C-70B3-4731-99CC-A014E956D7A7
   MODULE_TYPE                    = BASE
   VERSION_STRING                 = 1.0

SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf

@@ -1,8 +1,11 @@
 ## @file
-#  Ihis library is TPM2 DTPM device lib.
+#  Provides TPM 1.2 TIS functions
-#  Choosing this library means platform uses and only uses DTPM device as TPM2 engine.
 #  
-# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+#  This library implements TIS (TPM Interface Specification) functions which is 
+#  used for every TPM 1.2 command. Choosing this library means platform uses and 
+#  only uses TPM 1.2 device.
+#
+# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -15,6 +18,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = Tpm12DeviceLibDTpm
+  MODULE_UNI_FILE                = Tpm12DeviceLibDTpm.uni
   FILE_GUID                      = BC2B7672-A48B-4d58-B39E-AEE3707B5A23
   MODULE_TYPE                    = BASE
   VERSION_STRING                 = 1.0
@@ -41,4 +45,4 @@
   DebugLib
 
 [Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress               ## CONSUMES

SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf

@@ -1,7 +1,10 @@
 ## @file
-#  Ihis library is TPM12 TCG protocol lib.
+#  Provides function interfaces to communicate with TPM 1.2 device
 #
-# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+#  This library helps to use TPM 1.2 device in library function API
+#  based on TCG protocol.
+#
+# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -14,6 +17,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = Tpm12DeviceLibTcg
+  MODULE_UNI_FILE                = Tpm12DeviceLibTcg.uni
   FILE_GUID                      = 4D8B77D9-E923-48f8-B070-4053D78B7E56
   MODULE_TYPE                    = BASE
   VERSION_STRING                 = 1.0

SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf

@@ -1,7 +1,9 @@
 ## @file
-#  This library is used by other modules to send TPM2 command.
+#  Provides some TPM 2.0 commands
 #
-# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+#  This library is used by other modules to send TPM 2.0 command.
+#
+# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -14,6 +16,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = Tpm2CommandLib
+  MODULE_UNI_FILE                = Tpm2CommandLib.uni
   FILE_GUID                      = 2F572F32-8BE5-4868-BD1D-7438AD97DC27
   MODULE_TYPE                    = BASE
   VERSION_STRING                 = 1.0

SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf

@@ -1,8 +1,11 @@
 ## @file
-#  Ihis library is TPM2 DTPM device lib.
+#  Provides TPM 2.0 TIS functions for DTPM
-#  Choosing this library means platform uses and only uses DTPM device as TPM2 engine.
 #  
-# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+#  This library implements TIS (TPM Interface Specification) functions which is 
+#  used for every TPM 2.0 command. Choosing this library means platform uses and 
+#  only uses TPM 2.0 DTPM device.
+#
+# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -15,6 +18,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = Tpm2DeviceLibDTpm
+  MODULE_UNI_FILE                = Tpm2DeviceLibDTpm.uni
   FILE_GUID                      = E54A3327-A345-4068-8842-70AC0D519855
   MODULE_TYPE                    = BASE
   VERSION_STRING                 = 1.0
@@ -42,4 +46,4 @@
   DebugLib
 
 [Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress            ## CONSUMES

SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf

@@ -1,9 +1,10 @@
 ## @file
-#  Ihis library is TPM2 DTPM instance.
+#  Provides a DTPM instance for TPM 2.0
-#  It can be registered to Tpm2 Device router, to be active TPM2 engine,
-#  based on platform setting.
 #
-# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+#  This library can be registered to Tpm 2.0 device router, to be active TPM 2.0 
+#  engine, based on platform setting.
+#
+# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -16,6 +17,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = Tpm2InstanceLibDTpm
+  MODULE_UNI_FILE                = Tpm2InstanceLibDTpm.uni
   FILE_GUID                      = 286BF25A-C2C3-408c-B3B4-25E6758B7317
   MODULE_TYPE                    = BASE
   VERSION_STRING                 = 1.0
@@ -44,4 +46,4 @@
   DebugLib
 
 [Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress        ## CONSUMES

SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf

@@ -1,9 +1,11 @@
 ## @file
-#  Ihis library is TPM2 device router. Platform can register multi TPM2 instance to it
+#  Provides TPM 2.0 TIS functions
-#  via PcdTpmInstanceGuid. Platform need make choice that which one will be final one.
-#  At most one TPM2 instance can be finally registered, and other will return unsupported.
 #
-# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+#  Ihis library is TPM 2.0 device router. Platform can register multi TPM 2.0 instance to
+#  it via PcdTpmInstanceGuid. Platform need make choice that which one will be final one.
+#  At most one TPM 2.0 instance can be finally registered, and other will return unsupported.
+#
+# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -16,6 +18,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = Tpm2DeviceLibRouterDxe
+  MODULE_UNI_FILE                = Tpm2DeviceLibRouterDxe.uni
   FILE_GUID                      = C3D69D87-5200-4aab-A6DB-2569BA1A92FC
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
@@ -41,4 +44,4 @@
   PcdLib
 
 [Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid           ## CONSUMES

SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.inf

@@ -1,9 +1,11 @@
 ## @file
-#  Ihis library is TPM2 device router. Platform can register multi TPM2 instance to it
+#  Provides TPM 2.0 TIS functions
-#  via PcdTpmInstanceGuid. Platform need make choice that which one will be final one.
-#  At most one TPM2 instance can be finally registered, and other will return unsupported.
 #
-# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+#  Ihis library is TPM 2.0 device router. Platform can register multi TPM 2.0 instance to
+#  it via PcdTpmInstanceGuid. Platform need make choice that which one will be final one.
+#  At most one TPM 2.0 instance can be finally registered, and other will return unsupported.
+#
+# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -16,6 +18,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = Tpm2DeviceLibRouterPei
+  MODULE_UNI_FILE                = Tpm2DeviceLibRouterPei.uni
   FILE_GUID                      = 97CDCF04-4C8E-42fe-8015-11CC8A6E9D81
   MODULE_TYPE                    = PEIM
   VERSION_STRING                 = 1.0
@@ -42,5 +45,5 @@
   PcdLib
 
 [Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid        ## CONSUMES
   

SecurityPkg/Library/Tpm2DeviceLibTrEE/Tpm2DeviceLibTrEE.inf

@@ -1,7 +1,10 @@
 ## @file
-#  Ihis library is TPM2 TREE protocol lib.
+#  Provides function interfaces to communicate with TPM 2.0 device
 #
-# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+#  This library helps to use TPM 2.0 device in library function API
+#  based on TrEE protocol.
+#
+# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -14,6 +17,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = Tpm2DeviceLibTrEE
+  MODULE_UNI_FILE                = Tpm2DeviceLibTrEE.uni
   FILE_GUID                      = BBCB6F85-303C-4eb9-8182-AF98D4B3020C
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0

SecurityPkg/Library/TpmCommLib/TpmCommLib.inf

@@ -1,7 +1,10 @@
 ## @file
-#  TpmCommLib instance implements basis TPM Interface Specification (TIS) and TPM command functions.
+#  Provides some common functions for the TCG feature
 #
-# Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR>
+#  This instance provides basic TPM Interface Specification (TIS) functions 
+#  and TPM hashall function.
+#
+# Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -14,6 +17,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = TpmCommLib
+  MODULE_UNI_FILE                = TpmCommLib.uni
   FILE_GUID                      = 7d9fe32e-a6a9-4cdf-abff-10cc7f22e1c9
   MODULE_TYPE                    = PEIM
   VERSION_STRING                 = 1.0

SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf

@@ -1,5 +1,5 @@
 ## @file
-#  Module that produces the UEFI Random Number Generator protocol.
+#  Produces the UEFI Random Number Generator protocol
 #
 #  This module will leverage Intel Secure Key technology to produce the Random
 #  Number Generator protocol, which is used to provide high-quality random numbers
@@ -8,7 +8,7 @@
 #  -generator-drng-software-implementation-guide/ for more information about Intel
 #  Secure Key technology.
 #
-#  Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+#  Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD License
 #  which accompanies this distribution. The full text of the license may be found at
@@ -26,6 +26,7 @@
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
   ENTRY_POINT                    = RngDriverEntry
+  MODULE_UNI_FILE                = RngDxe.uni
 
 #
 # The following information is for reference only and not required by the build tools.
@@ -63,12 +64,8 @@
   TimerLib
 
 [Guids]
-  gEfiRngAlgorithmSp80090Hash256Guid
+  gEfiRngAlgorithmSp80090Ctr256Guid   ## SOMETIMES_PRODUCES    ## GUID        # Unique ID of the algorithm for RNG
-  gEfiRngAlgorithmSp80090Hmac256Guid
+  gEfiRngAlgorithmRaw                 ## SOMETIMES_PRODUCES    ## GUID        # Unique ID of the algorithm for RNG
-  gEfiRngAlgorithmSp80090Ctr256Guid
-  gEfiRngAlgorithmX9313DesGuid
-  gEfiRngAlgorithmX931AesGuid
-  gEfiRngAlgorithmRaw
 
 [Protocols]
   gEfiRngProtocolGuid                ## PRODUCES
@@ -78,3 +75,6 @@
 
 [BuildOptions]
   XCODE:*_*_*_CC_FLAGS = -mmmx -msse
+
+[UserExtensions.TianoCore."ExtraFiles"]
+  RngDxeExtra.uni

SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf

@@ -1,7 +1,9 @@
 ## @file
-#  Component description file for Memory Overwrite Control driver.
+#  Initilizes MemoryOverwriteRequestControl variable
 #
-# Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
+#  This module will clear MOR_CLEAR_MEMORY_BIT bit if it is set.
+#
+# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -14,6 +16,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = TcgMor
+  MODULE_UNI_FILE                = TcgMor.uni
   FILE_GUID                      = AD416CE3-A483-45b1-94C2-4B4E4D575562
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
@@ -42,10 +45,13 @@
   UefiLib
 
 [Guids]
-  gEfiMemoryOverwriteControlDataGuid            # GUID ALWAYS_CONSUMED
+  ## SOMETIMES_CONSUMES      ## Variable:L"MemoryOverwriteRequestControl"
+  ## PRODUCES                ## Variable:L"MemoryOverwriteRequestControl"
+  gEfiMemoryOverwriteControlDataGuid
 
 [Depex]
   gEfiVariableArchProtocolGuid AND
-  gEfiVariableWriteArchProtocolGuid AND
+  gEfiVariableWriteArchProtocolGuid
-  ( gEfiTcgProtocolGuid OR gEfiTrEEProtocolGuid )
 
+[UserExtensions.TianoCore."ExtraFiles"]
+  TcgMorExtra.uni

SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf

@@ -1,7 +1,11 @@
 ## @file
-#  Component description file for physical presence PEI module.
+#  Produces a PPI to indicate whether to lock TPM in PEI phase
 #
-# Copyright (c) 2005 - 2011, Intel Corporation. All rights reserved.<BR>
+#  This module produces PEI_LOCK_PHYSICAL_PRESENCE_PPI to indicate whether
+#  TPM physical presence needs to be locked. It can be replaced by a 
+#  platform specific module.
+#
+# Copyright (c) 2005 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -15,6 +19,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = PhysicalPresencePei
+  MODULE_UNI_FILE                = PhysicalPresencePei.uni
   FILE_GUID                      = 4FE772E8-FE3E-4086-B638-8C493C490488
   MODULE_TYPE                    = PEIM
   VERSION_STRING                 = 1.0
@@ -40,16 +45,20 @@
   PeiServicesLib
 
 [Ppis]
-  gPeiLockPhysicalPresencePpiGuid
+  gPeiLockPhysicalPresencePpiGuid                       ## PRODUCES
-  gEfiPeiReadOnlyVariable2PpiGuid
+  gEfiPeiReadOnlyVariable2PpiGuid                       ## CONSUMES
 
 [Guids]
-  gEfiPhysicalPresenceGuid
+  gEfiPhysicalPresenceGuid                              ## SOMETIMES_CONSUMES    ## Variable:L"PhysicalPresence"
 
 [Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmPhysicalPresence
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmPhysicalPresence  ## SOMETIMES_CONSUMES
 
 [Depex] 
   gEfiPeiMemoryDiscoveredPpiGuid AND
   gEfiPeiReadOnlyVariable2PpiGuid AND
   gPeiTpmInitializedPpiGuid
+
+[UserExtensions.TianoCore."ExtraFiles"]
+  PhysicalPresencePeiExtra.uni
+  

SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf

@@ -1,5 +1,6 @@
 ## @file
-#  Component name for Tcg configuration module.
+#  Provides the capability to update TPM state setup browser
+#  By this module, user may enable/disable/activate/deactivate/clear TPM, etc.
 #
 # Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
@@ -14,6 +15,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = TcgConfigDxe
+  MODULE_UNI_FILE                = TcgConfigDxe.uni
   FILE_GUID                      = 1FA4DAFE-FA5D-4d75-BEA6-5863862C520A
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
@@ -53,21 +55,29 @@
   TpmCommLib
 
 [Guids]
+  ## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence"
+  ## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresence"
   gEfiPhysicalPresenceGuid
-  gEfiIfrTianoGuid
+  
+  gEfiIfrTianoGuid                                    ## SOMETIMES_PRODUCES  ## GUID       # HII opcode
+  ## PRODUCES            ## HII
+  ## CONSUMES            ## HII
   gTcgConfigFormSetGuid
-  gEfiTpmDeviceInstanceTpm12Guid
+  gEfiTpmDeviceInstanceTpm12Guid                      ## CONSUMES     ## GUID       # TPM device identifier
 
 [Protocols]
   gEfiHiiConfigAccessProtocolGuid                     ## PRODUCES
-  gEfiHiiConfigRoutingProtocolGuid              ## CONSUMES
+  gEfiDevicePathProtocolGuid                          ## PRODUCES
   gEfiTcgProtocolGuid                                 ## CONSUMES
 
 [Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid    ## CONSUMES
 
 [Depex]
   gEfiHiiConfigRoutingProtocolGuid  AND
   gEfiHiiDatabaseProtocolGuid       AND
   gEfiVariableArchProtocolGuid      AND
   gEfiVariableWriteArchProtocolGuid
+  
+[UserExtensions.TianoCore."ExtraFiles"]
+  TcgConfigDxeExtra.uni

SecurityPkg/Tcg/TcgDxe/TcgDxe.inf

@@ -1,8 +1,8 @@
 ## @file
-#  Component file for module TcgDxe.
+#  Produces TCG protocol and measures boot environment
 #  This module will produce TCG protocol and measure boot environment.
 #
-# Copyright (c) 2006 - 2013, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -15,6 +15,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = TcgDxe
+  MODULE_UNI_FILE                = TcgDxe.uni
   FILE_GUID                      = A5683620-7998-4bb2-A377-1C1E31E1E215
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
@@ -52,29 +53,33 @@
   PcdLib
 
 [Guids]
-  gEfiSmbiosTableGuid                           # ALWAYS_CONSUMED
+  ## SOMETIMES_CONSUMES     ## SystemTable           # Smbios Table
-  gEfiGlobalVariableGuid                        # ALWAYS_CONSUMED
+  ## SOMETIMES_CONSUMES     ## GUID                  # Handoff Table for measurement.
-  gTcgEventEntryHobGuid
+  gEfiSmbiosTableGuid
-  gEfiEventReadyToBootGuid
+  
-  gEfiEventExitBootServicesGuid
+  gEfiGlobalVariableGuid                             ## SOMETIMES_CONSUMES  ## Variable:L"BootXXXX"
-  gEventExitBootServicesFailedGuid              # ALWAYS_CONSUMED
+  gTcgEventEntryHobGuid                              ## SOMETIMES_CONSUMES  ## HOB
-  gEfiTpmDeviceInstanceTpm12Guid
+  gEfiEventExitBootServicesGuid                      ## CONSUMES            ## Event
+  gEventExitBootServicesFailedGuid                   ## SOMETIMES_CONSUMES  ## Event
+  gEfiTpmDeviceInstanceTpm12Guid                     ## PRODUCES            ## GUID       # TPM device identifier
 
 [Protocols]
   gEfiTcgProtocolGuid                                ## PRODUCES
-  gEfiAcpiTableProtocolGuid                     # PROTOCOL ALWAYS_CONSUMED
+  gEfiAcpiTableProtocolGuid                          ## NOTIFY
-  gEfiDevicePathProtocolGuid                    # PROTOCOL ALWAYS_CONSUMED
+  gEfiMpServiceProtocolGuid                          ## SOMETIMES_CONSUMES
-  gEfiMpServiceProtocolGuid                     # PROTOCOL ALWAYS_CONSUMED
   
 [Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmPlatformClass
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmPlatformClass              ## SOMETIMES_CONSUMES
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid               ## CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemId
+  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemId             ## SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemTableId
+  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemTableId        ## SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemRevision
+  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemRevision       ## SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorId
+  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorId         ## SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision
+  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision   ## SOMETIMES_CONSUMES
 
 [Depex]
   TRUE
 
+[UserExtensions.TianoCore."ExtraFiles"]
+  TcgDxeExtra.uni
+  

SecurityPkg/Tcg/TcgPei/TcgPei.inf

@@ -1,5 +1,8 @@
 ## @file
-#  This module will initialize TPM device and measure FVs in PEI phase.
+#  Initializes TPM device and measures FVs in PEI phase
+#
+#  This module will initialize TPM device, measure reported FVs and BIOS version.
+#  This module may also lock TPM physical presence and physicalPresenceLifetimeLock.
 #
 # Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
@@ -14,6 +17,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = TcgPei
+  MODULE_UNI_FILE                = TcgPei.uni
   FILE_GUID                      = 2BE1E4A6-6505-43b3-9FFC-A3C8330E0432
   MODULE_TYPE                    = PEIM
   VERSION_STRING                 = 1.0
@@ -24,6 +28,9 @@
 #
 #  VALID_ARCHITECTURES           = IA32 X64 IPF EBC
 #
+# [BootMode]
+#   S3_RESUME                 ## SOMETIMES_CONSUMES
+#
 
 [Sources]
   TcgPei.c
@@ -51,29 +58,33 @@
   MemoryAllocationLib
 
 [Guids]
-  gTcgEventEntryHobGuid
+  gTcgEventEntryHobGuid                                               ## PRODUCES               ## HOB
-  gMeasuredFvHobGuid
+  gMeasuredFvHobGuid                                                  ## PRODUCES               ## HOB
-  gEfiTpmDeviceInstanceTpm12Guid
+  gEfiTpmDeviceInstanceTpm12Guid                                      ## PRODUCES               ## GUID       # TPM device identifier
 
 [Ppis]
-  gPeiLockPhysicalPresencePpiGuid
+  gPeiLockPhysicalPresencePpiGuid                                     ## SOMETIMES_CONSUMES     ## NOTIFY
-  gEfiPeiFirmwareVolumeInfoPpiGuid
+  gEfiPeiFirmwareVolumeInfoPpiGuid                                    ## SOMETIMES_CONSUMES     ## NOTIFY
-  gEfiPeiFirmwareVolumeInfo2PpiGuid
+  gEfiPeiFirmwareVolumeInfo2PpiGuid                                   ## SOMETIMES_CONSUMES     ## NOTIFY
-  gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid
+  gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid                 ## SOMETIMES_CONSUMES
-  gPeiTpmInitializedPpiGuid
+  gPeiTpmInitializedPpiGuid                                           ## PRODUCES
-  gEfiEndOfPeiSignalPpiGuid
+  gEfiEndOfPeiSignalPpiGuid                                           ## SOMETIMES_CONSUMES     ## NOTIFY
 
 [Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceLifetimeLock
+  gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceLifetimeLock       ## SOMETIMES_CONSUMES 
-  gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceCmdEnable
+  gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceCmdEnable          ## SOMETIMES_CONSUMES 
-  gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceHwEnable
+  gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceHwEnable           ## SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString             ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString             ## SOMETIMES_CONSUMES
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid                    ## CONSUMES
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInitializationPolicy
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInitializationPolicy            ## CONSUMES
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmScrtmPolicy
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmScrtmPolicy                     ## SOMETIMES_CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxFvSupported             ## CONSUMES
 
 [Depex]
   gEfiPeiMasterBootModePpiGuid AND
   gEfiPeiReadOnlyVariable2PpiGuid AND
   gEfiTpmDeviceSelectedGuid
+
+[UserExtensions.TianoCore."ExtraFiles"]
+  TcgPeiExtra.uni
+  

SecurityPkg/Tcg/TcgSmm/TcgSmm.inf

@@ -1,13 +1,15 @@
 ## @file
-#  This driver implements TPM definition block in ACPI table and 
+#  Implements ACPI metholds for the TCG feature
-#  registers SMI callback functions for physical presence and 
+#
-#  MemoryClear to handle the requests from ACPI method.
+#  This driver implements TPM definition block in ACPI table and registers SMI 
+#  callback functions for physical presence and MemoryClear to handle the requests 
+#  from ACPI method.
 #
 #  Caution: This module requires additional review when modified.
 #  This driver will have external input - variable and ACPINvs data in SMM mode.
 #  This external input must be validated carefully to avoid security issue.
 #
-# Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -20,6 +22,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = TcgSmm
+  MODULE_UNI_FILE                = TcgSmm.uni
   FILE_GUID                      = 42293093-76B9-4482-8C02-3BEFDEA9B35D
   MODULE_TYPE                    = DXE_SMM_DRIVER
   PI_SPECIFICATION_VERSION       = 0x0001000A
@@ -48,21 +51,32 @@
   PcdLib
 
 [Guids]
+  ## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence"
+  ## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresence"
+  ## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresenceFlags"
   gEfiPhysicalPresenceGuid
+
+  ## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControl"
+  ## SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControl"
   gEfiMemoryOverwriteControlDataGuid
-  gEfiTpmDeviceInstanceTpm12Guid
+  
+  gEfiTpmDeviceInstanceTpm12Guid                        ## PRODUCES           ## GUID       # TPM device identifier
 
 [Protocols]
-  gEfiSmmSwDispatch2ProtocolGuid                # PROTOCOL ALWAYS_CONSUMED
+  gEfiSmmSwDispatch2ProtocolGuid                        ## CONSUMES
-  gEfiSmmVariableProtocolGuid                   # PROTOCOL ALWAYS_CONSUMED
+  gEfiSmmVariableProtocolGuid                           ## CONSUMES
-  gEfiAcpiTableProtocolGuid                     # PROTOCOL ALWAYS_CONSUMED
+  gEfiAcpiTableProtocolGuid                             ## CONSUMES
 
 [Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid      ## CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemId
+  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemId    ## SOMETIMES_CONSUMES
 
 [Depex]
   gEfiAcpiTableProtocolGuid AND
   gEfiSmmSwDispatch2ProtocolGuid AND
   gEfiSmmVariableProtocolGuid AND
   gEfiTcgProtocolGuid
+  
+[UserExtensions.TianoCore."ExtraFiles"]
+  TcgSmmExtra.uni
+  

SecurityPkg/Tcg/TrEEConfig/TrEEConfigDxe.inf

@@ -1,8 +1,10 @@
 ## @file
-#  Component name for TrEE configuration module.
+#  TPM device configuration for TPM 2.0
+#  
+#  By this module, user may select TPM device, clear TPM state, etc.
 #  NOTE: This module is only for reference only, each platform should have its own setup page.
 #
-# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -15,6 +17,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = TrEEConfigDxe
+  MODULE_UNI_FILE                = TrEEConfigDxe.uni
   FILE_GUID                      = 3141FD4D-EA02-4a70-9BCE-97EE837319AC
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
@@ -52,20 +55,27 @@
   PcdLib
   PrintLib
   Tpm2DeviceLib
-  Tpm12DeviceLib
   Tpm2CommandLib
 
 [Guids]
+  ## SOMETIMES_PRODUCES ## Variable:L"TrEEPhysicalPresence"
+  ## SOMETIMES_CONSUMES ## Variable:L"TrEEPhysicalPresence"
   gEfiTrEEPhysicalPresenceGuid
+  
+  ## PRODUCES           ## HII
+  ## SOMETIMES_PRODUCES ## Variable:L"TREE_CONFIGURATION"
+  ## SOMETIMES_CONSUMES ## Variable:L"TREE_CONFIGURATION"
+  ## PRODUCES           ## Variable:L"TREE_DEVICE_DETECTION"
+  ## SOMETIMES_CONSUMES ## Variable:L"TREE_DEVICE_DETECTION"
   gTrEEConfigFormSetGuid
 
 [Protocols]
   gEfiHiiConfigAccessProtocolGuid               ## PRODUCES
-  gEfiHiiConfigRoutingProtocolGuid              ## CONSUMES
+  gEfiDevicePathProtocolGuid                    ## PRODUCES
   gEdkiiVariableLockProtocolGuid                ## CONSUMES
 
 [Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid            ## CONSUMES
 
 [Depex]
   gEfiTrEEProtocolGuid              AND
@@ -73,3 +83,6 @@
   gEfiHiiDatabaseProtocolGuid       AND
   gEfiVariableArchProtocolGuid      AND
   gEfiVariableWriteArchProtocolGuid
+  
+[UserExtensions.TianoCore."ExtraFiles"]
+  TrEEConfigDxeExtra.uni

SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf

@@ -1,5 +1,7 @@
 ## @file
-#  Component name for TrEE configuration module.
+#  Set TPM device type
+#
+#  This module initializes TPM device type based on variable and detection.
 #  NOTE: This module is only for reference only, each platform should have its own setup page.
 #
 # Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
@@ -15,6 +17,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = TrEEConfigPei
+  MODULE_UNI_FILE                = TrEEConfigPei.uni
   FILE_GUID                      = A5C1EF72-9379-4370-B4C7-0F5126CAC38E
   MODULE_TYPE                    = PEIM
   VERSION_STRING                 = 1.0
@@ -23,6 +26,9 @@
 #
 #  VALID_ARCHITECTURES           = IA32 X64 IPF EBC
 #
+# [BootMode]
+#   S3_RESUME                 ## SOMETIMES_CONSUMES
+#
 
 [Sources]
   TrEEConfigPeim.c
@@ -48,19 +54,23 @@
   Tpm12DeviceLib
 
 [Guids]
-  gEfiTrEEPhysicalPresenceGuid
+  ## SOMETIMES_CONSUMES ## Variable:L"TREE_CONFIGURATION"
+  ## SOMETIMES_CONSUMES ## Variable:L"TREE_DEVICE_DETECTION"
   gTrEEConfigFormSetGuid
-  gEfiTpmDeviceSelectedGuid
+  gEfiTpmDeviceSelectedGuid           ## PRODUCES             ## GUID    # Used as a PPI GUID
 
 [Ppis]
-  gEfiPeiReadOnlyVariable2PpiGuid
+  gEfiPeiReadOnlyVariable2PpiGuid     ## CONSUMES
 
 [Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid                 ## PRODUCES
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInitializationPolicy
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInitializationPolicy         ## PRODUCES
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmAutoDetection
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmAutoDetection                ## CONSUMES 
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress                  ## SOMETIMES_CONSUMES
 
 [Depex]
   gEfiPeiMasterBootModePpiGuid AND
   gEfiPeiReadOnlyVariable2PpiGuid
+  
+[UserExtensions.TianoCore."ExtraFiles"]
+  TrEEConfigPeiExtra.uni

SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf

@@ -1,5 +1,5 @@
 ## @file
-#  Component file for module TrEEDxe.
+#  Produces TrEE protocol and measure boot environment
 #  This module will produce TrEE protocol and measure boot environment.
 #
 #  Caution: This module requires additional review when modified.
@@ -7,7 +7,7 @@
 #  This external input must be validated carefully to avoid security issue like
 #  buffer overflow, integer overflow.
 #
-# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -20,6 +20,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = TrEEDxe
+  MODULE_UNI_FILE                = TrEEDxe.uni
   FILE_GUID                      = 2A7946E3-1AB2-49a9-ACCB-C6275139C1A5
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
@@ -58,34 +59,45 @@
   PerformanceLib
 
 [Guids]
-  gEfiSmbiosTableGuid                           # ALWAYS_CONSUMED
+  ## SOMETIMES_CONSUMES     ## SystemTable           # Smbios Table
-  gEfiGlobalVariableGuid                        # ALWAYS_CONSUMED
+  ## SOMETIMES_CONSUMES     ## GUID                  # Handoff Table for measurement.
-  gTcgEventEntryHobGuid
+  gEfiSmbiosTableGuid
-  gEfiEventReadyToBootGuid
+  
-  gEfiEventExitBootServicesGuid
+  ## SOMETIMES_CONSUMES     ## Variable:L"SecureBoot"
-  gEventExitBootServicesFailedGuid              # ALWAYS_CONSUMED
+  ## SOMETIMES_CONSUMES     ## Variable:L"PK"
+  ## SOMETIMES_CONSUMES     ## Variable:L"KEK"
+  ## SOMETIMES_CONSUMES     ## Variable:L"BootXXXX"
+  gEfiGlobalVariableGuid
+
+  ## SOMETIMES_CONSUMES      ## Variable:L"db"
+  ## SOMETIMES_CONSUMES      ## Variable:L"dbx"
   gEfiImageSecurityDatabaseGuid
-  gEfiTpmDeviceInstanceNoneGuid
+    
-  gEfiTpmDeviceInstanceTpm12Guid
+  gTcgEventEntryHobGuid                              ## SOMETIMES_CONSUMES  ## HOB
+  gEfiEventExitBootServicesGuid                      ## CONSUMES            ## Event
+  gEventExitBootServicesFailedGuid                   ## SOMETIMES_CONSUMES  ## Event
+  gEfiTpmDeviceInstanceNoneGuid                      ## SOMETIMES_CONSUMES  ## GUID       # TPM device identifier
+  gEfiTpmDeviceInstanceTpm12Guid                     ## SOMETIMES_CONSUMES  ## GUID       # TPM device identifier
 
 [Protocols]
   gEfiTrEEProtocolGuid                               ## PRODUCES
-  gEfiAcpiTableProtocolGuid                     # PROTOCOL ALWAYS_CONSUMED
+  gEfiAcpiTableProtocolGuid                          ## NOTIFY
-  gEfiDevicePathProtocolGuid                    # PROTOCOL ALWAYS_CONSUMED
+  gEfiMpServiceProtocolGuid                          ## SOMETIMES_CONSUMES
-  gEfiMpServiceProtocolGuid                     # PROTOCOL ALWAYS_CONSUMED
+  gEfiVariableWriteArchProtocolGuid                  ## NOTIFY
-  gEfiVariableWriteArchProtocolGuid             # PROTOCOL ALWAYS_CONSUMED
 
 [Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmPlatformClass
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmPlatformClass                         ## SOMETIMES_CONSUMES
-  gEfiSecurityPkgTokenSpaceGuid.PcdFirmwareDebuggerInitialized
+  gEfiSecurityPkgTokenSpaceGuid.PcdFirmwareDebuggerInitialized              ## SOMETIMES_CONSUMES
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid                          ## CONSUMES
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress                           ## SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemId
+  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemId                        ## SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemTableId
+  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemTableId                   ## SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemRevision
+  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemRevision                  ## SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorId
+  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorId                    ## SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision
+  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision              ## SOMETIMES_CONSUMES
 
 [Depex]
   TRUE
 
+[UserExtensions.TianoCore."ExtraFiles"]
+  TrEEDxeExtra.uni

SecurityPkg/Tcg/TrEEPei/TrEEPei.inf

@@ -1,5 +1,7 @@
 ## @file
-#  This module will initialize TPM2 device and measure FVs in PEI phase.
+#  Initializes TPM 2.0 device and measure FVs in PEI phase
+#
+#  This module will initialize TPM device, measure reported FVs and BIOS version.
 #
 # Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
@@ -14,6 +16,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = TrEEPei
+  MODULE_UNI_FILE                = TrEEPei.uni
   FILE_GUID                      = CA5A1928-6523-409d-A9FE-5DCC87387222
   MODULE_TYPE                    = PEIM
   VERSION_STRING                 = 1.0
@@ -24,6 +27,9 @@
 #
 #  VALID_ARCHITECTURES           = IA32 X64 IPF EBC
 #
+# [BootMode]
+#   S3_RESUME                 ## SOMETIMES_CONSUMES
+#
 
 [Sources]
   TrEEPei.c
@@ -47,27 +53,30 @@
   MemoryAllocationLib
 
 [Guids]
-  gTcgEventEntryHobGuid
+  gTcgEventEntryHobGuid                                                ## PRODUCES               ## HOB
-  gMeasuredFvHobGuid
+  gMeasuredFvHobGuid                                                   ## PRODUCES               ## HOB
-  gEfiTpmDeviceInstanceNoneGuid
+  gEfiTpmDeviceInstanceNoneGuid                                        ## SOMETIMES_PRODUCES     ## GUID       # TPM device identifier
-  gEfiTpmDeviceInstanceTpm12Guid
+  gEfiTpmDeviceInstanceTpm12Guid                                       ## SOMETIMES_PRODUCES     ## GUID       # TPM device identifier
 
 [Ppis]
-  gEfiPeiFirmwareVolumeInfoPpiGuid
+  gEfiPeiFirmwareVolumeInfoPpiGuid                                     ## SOMETIMES_CONSUMES     ## NOTIFY
-  gEfiPeiFirmwareVolumeInfo2PpiGuid
+  gEfiPeiFirmwareVolumeInfo2PpiGuid                                    ## SOMETIMES_CONSUMES     ## NOTIFY
-  gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid
+  gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid                  ## SOMETIMES_CONSUMES
-  gPeiTpmInitializedPpiGuid
+  gPeiTpmInitializedPpiGuid                                            ## PRODUCES
-  gEfiEndOfPeiSignalPpiGuid
+  gEfiEndOfPeiSignalPpiGuid                                            ## SOMETIMES_CONSUMES     ## NOTIFY
 
 [Pcd]
-  gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString             ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString              ## SOMETIMES_CONSUMES
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid                     ## CONSUMES
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpm2InitializationPolicy
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpm2InitializationPolicy            ## CONSUMES
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpm2SelfTestPolicy
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpm2SelfTestPolicy                  ## SOMETIMES_CONSUMES
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpm2ScrtmPolicy
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpm2ScrtmPolicy                     ## CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxFvSupported              ## CONSUMES
 
 [Depex]
   gEfiPeiMasterBootModePpiGuid AND
   gEfiPeiReadOnlyVariable2PpiGuid AND
   gEfiTpmDeviceSelectedGuid
+
+[UserExtensions.TianoCore."ExtraFiles"]
+  TrEEPeiExtra.uni

SecurityPkg/Tcg/TrEESmm/TrEESmm.inf

@@ -1,5 +1,7 @@
 ## @file
-#  This driver implements TPM2 definition block in ACPI table and 
+#  Provides ACPI metholds for TPM 2.0 support
+#
+#  This driver implements TPM 2.0 definition block in ACPI table and 
 #  registers SMI callback functions for TrEE physical presence and 
 #  MemoryClear to handle the requests from ACPI method.
 #
@@ -7,7 +9,7 @@
 #  This driver will have external input - variable and ACPINvs data in SMM mode.
 #  This external input must be validated carefully to avoid security issue.
 #
-# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -20,6 +22,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = TrEESmm
+  MODULE_UNI_FILE                = TrEESmm.uni
   FILE_GUID                      = 114B7105-6CC9-453c-BADC-16DF227BB4EF
   MODULE_TYPE                    = DXE_SMM_DRIVER
   PI_SPECIFICATION_VERSION       = 0x0001000A
@@ -48,24 +51,34 @@
   Tpm2DeviceLib
 
 [Guids]
+  ## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence"
+  ## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresence"
+  ## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresenceFlags"
   gEfiTrEEPhysicalPresenceGuid
+
+  ## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControl"
+  ## SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControl"  
   gEfiMemoryOverwriteControlDataGuid
-  gEfiTpmDeviceInstanceTpm20DtpmGuid
+  
+  gEfiTpmDeviceInstanceTpm20DtpmGuid                            ## PRODUCES           ## GUID       # TPM device identifier
 
 [Protocols]
-  gEfiSmmSwDispatch2ProtocolGuid                # PROTOCOL ALWAYS_CONSUMED
+  gEfiSmmSwDispatch2ProtocolGuid                                ## CONSUMES
-  gEfiSmmVariableProtocolGuid                   # PROTOCOL ALWAYS_CONSUMED
+  gEfiSmmVariableProtocolGuid                                   ## CONSUMES
-  gEfiAcpiTableProtocolGuid                     # PROTOCOL ALWAYS_CONSUMED
+  gEfiAcpiTableProtocolGuid                                     ## CONSUMES
 
 [Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid              ## CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemId
+  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemId            ## SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemTableId
+  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemTableId       ## SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemRevision
+  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemRevision      ## SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorId
+  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorId        ## SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision
+  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision  ## SOMETIMES_CONSUMES
 
 [Depex]
   gEfiAcpiTableProtocolGuid AND
   gEfiSmmSwDispatch2ProtocolGuid AND
   gEfiSmmVariableProtocolGuid
+
+[UserExtensions.TianoCore."ExtraFiles"]
+  TrEESmmExtra.uni

SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderDxe.inf

@@ -1,7 +1,8 @@
 ## @file
-#  Component description file for Password Credential Provider.
+#  Provides a password credential provider implementation
+#  This module provides a password credential provider implementation.
 #
-# Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -14,6 +15,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = PwdCredentialProvider
+  MODULE_UNI_FILE                = PwdCredentialProvider.uni
   FILE_GUID                      = D6C589EA-DD29-49ef-97F6-1A9FE19A04E0
   MODULE_TYPE                    = UEFI_DRIVER
   VERSION_STRING                 = 1.0
@@ -44,11 +46,20 @@
   BaseCryptLib
   
 [Guids]
-  gEfiUserCredentialClassPasswordGuid           ## CONSUMES ## Guid
+  gEfiUserCredentialClassPasswordGuid           ## SOMETIMES_CONSUMES          ## GUID
-  gPwdCredentialProviderGuid                    ## PRODUCES ## Guid
+  
+  ## PRODUCES             ## Variable:L"PwdCredential"
+  ## CONSUMES             ## Variable:L"PwdCredential"
+  ## CONSUMES             ## HII
+  ## SOMETIMES_CONSUMES   ## GUID               #  The credential provider identifier
+  gPwdCredentialProviderGuid
   
 [Protocols]
-  gEfiDevicePathProtocolGuid                    # PROTOCOL ALWAYS_CONSUMED
+  gEfiDevicePathProtocolGuid                    ## PRODUCES
-  gEfiHiiConfigAccessProtocolGuid
+  gEfiHiiConfigAccessProtocolGuid               ## PRODUCES
-  gEfiUserCredential2ProtocolGuid
+  gEfiUserCredential2ProtocolGuid               ## PRODUCES
-  gEfiUserManagerProtocolGuid
+  gEfiUserManagerProtocolGuid                   ## SOMETIMES_CONSUMES
+  
+[UserExtensions.TianoCore."ExtraFiles"]
+  PwdCredentialProviderExtra.uni
+  

SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProviderDxe.inf

@@ -1,7 +1,11 @@
 ## @file
-#  Component description file for USB Credential Provider.
+#  Provides a USB credential provider implementation
 #
-# Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
+#  This module reads a token from a token file that is saved in the root 
+#  folder of a USB stick. The token file name can be specified by the PCD
+#  PcdFixedUsbCredentialProviderTokenFileName.
+#
+# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -14,6 +18,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = UsbCredentialProvider
+  MODULE_UNI_FILE                = UsbCredentialProvider.uni
   FILE_GUID                      = 672A0C68-2BF0-46f9-93C3-C4E7DC0FA555
   MODULE_TYPE                    = UEFI_DRIVER
   VERSION_STRING                 = 1.0
@@ -42,17 +47,24 @@
   BaseCryptLib
   
 [Guids]
-  gUsbCredentialProviderGuid                    ## PRODUCES ## Guid
+  ## PRODUCES             ## Variable:L"UsbCredential"
-  gEfiFileInfoGuid                              ## CONSUMES ## Guid
+  ## CONSUMES             ## Variable:L"UsbCredential"
-  gEfiUserCredentialClassSecureCardGuid         ## CONSUMES ## Guid
+  ## CONSUMES             ## HII
+  ## SOMETIMES_CONSUMES   ## GUID               # The credential provider identifier
+  gUsbCredentialProviderGuid
+  
+  gEfiFileInfoGuid                              ## SOMETIMES_CONSUMES         ## GUID
+  gEfiUserCredentialClassSecureCardGuid         ## SOMETIMES_CONSUMES         ## GUID
 
 [Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdFixedUsbCredentialProviderTokenFileName
+  gEfiSecurityPkgTokenSpaceGuid.PcdFixedUsbCredentialProviderTokenFileName    ## SOMETIMES_CONSUMES 
 
 [Protocols]
-  gEfiDevicePathProtocolGuid                    # PROTOCOL ALWAYS_CONSUMED
+  gEfiUserCredential2ProtocolGuid               ## PRODUCES
-  gEfiUserCredential2ProtocolGuid
+  gEfiUserManagerProtocolGuid                   ## SOMETIMES_CONSUMES
-  gEfiUserManagerProtocolGuid
+  gEfiBlockIoProtocolGuid                       ## SOMETIMES_CONSUMES
-  gEfiBlockIoProtocolGuid
+  gEfiSimpleFileSystemProtocolGuid              ## SOMETIMES_CONSUMES
-  gEfiSimpleFileSystemProtocolGuid
+  
+[UserExtensions.TianoCore."ExtraFiles"]
+  UsbCredentialProviderExtra.uni
   

SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerDxe.inf

@@ -1,7 +1,9 @@
 ## @file
-#  Component description file for user identify manager driver.
+#  Produces user manager protocol
 #
-# Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
+#  This module manages user information and produces user manager protocol.
+# 
+# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -14,6 +16,7 @@
 [defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = UserIdentifyManager
+  MODULE_UNI_FILE                = UserIdentifyManager.uni
   FILE_GUID                      = C5D3191B-27D5-4873-8DF2-628136991A21
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
@@ -43,22 +46,34 @@
   UefiLib
 
 [Guids]
-  gEfiIfrTianoGuid                              ## CONSUMES ## Guid
+  gEfiIfrTianoGuid                              ## SOMETIMES_CONSUMES  ## GUID
-  gEfiEventUserProfileChangedGuid               ## CONSUMES ## Guid 
+  gEfiEventUserProfileChangedGuid               ## SOMETIMES_PRODUCES  ## Event
-  gUserIdentifyManagerGuid                      ## PRODUCES ## Guid
+  
+  ## SOMETIMES_PRODUCES                         ## Variable:L"Userxxxx"
+  ## SOMETIMES_CONSUMES                         ## Variable:L"Userxxxx"
+  ## CONSUMES                                   ## HII
+  gUserIdentifyManagerGuid
 
 [Protocols]
   gEfiFormBrowser2ProtocolGuid                  ## CONSUMES
   gEfiHiiDatabaseProtocolGuid                   ## CONSUMES
-  gEfiUserCredential2ProtocolGuid               ## CONSUMES
+  gEfiUserCredential2ProtocolGuid               ## SOMETIMES_CONSUMES
-  gEfiDeferredImageLoadProtocolGuid             ## CONSUMES
+  gEfiDeferredImageLoadProtocolGuid             ## SOMETIMES_CONSUMES
+  gEfiSimpleTextOutProtocolGuid                 ## SOMETIMES_CONSUMES
+  gEfiSimpleTextInProtocolGuid                  ## SOMETIMES_CONSUMES
+  gEfiSimpleTextInputExProtocolGuid             ## SOMETIMES_CONSUMES
   gEfiHiiConfigAccessProtocolGuid               ## PRODUCES
-  gEfiUserManagerProtocolGuid                   ## PRODUCES
+  gEfiDevicePathProtocolGuid                    ## PRODUCES
-  gEfiSimpleTextOutProtocolGuid
+  
-  gEfiSimpleTextInProtocolGuid
+  ## PRODUCES
-  gEfiSimpleTextInputExProtocolGuid
+  ## SOMETIMES_PRODUCES                         ## SystemTable
+  gEfiUserManagerProtocolGuid                   
 
 [Depex]
   gEfiHiiDatabaseProtocolGuid   AND 
   gEfiHiiStringProtocolGuid     AND 
   gEfiFormBrowser2ProtocolGuid 
+
+[UserExtensions.TianoCore."ExtraFiles"]
+  UserIdentifyManagerExtra.uni
+  

SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerDxe.inf

@@ -1,7 +1,10 @@
 ## @file
-#  Component description file for user profile manager driver.
+#  A UI tool to manage user profiles
 #
-# Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
+#  By this module, user can add/update/delete user profiles, and can also
+#  modify the user access policy and the user identification policy.
+#
+# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -14,6 +17,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = UserProfileManager
+  MODULE_UNI_FILE                = UserProfileManager.uni
   FILE_GUID                      = E38CB52D-A74D-45db-A8D0-290C9B21BBF2
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
@@ -48,17 +52,21 @@
   DevicePathLib
   
 [Guids]
-  gEfiIfrTianoGuid                              ## CONSUMES ## Guid
+  gEfiIfrTianoGuid                              ## SOMETIMES_CONSUMES  ## GUID
-  gEfiUserInfoAccessSetupAdminGuid              ## CONSUMES ## Guid
+  gEfiUserInfoAccessSetupAdminGuid              ## SOMETIMES_CONSUMES  ## GUID
-  gEfiUserInfoAccessSetupNormalGuid             ## CONSUMES ## Guid
+  gEfiUserInfoAccessSetupNormalGuid             ## SOMETIMES_CONSUMES  ## GUID
-  gEfiUserInfoAccessSetupRestrictedGuid         ## CONSUMES ## Guid
+  gEfiUserInfoAccessSetupRestrictedGuid         ## SOMETIMES_CONSUMES  ## GUID
-  gUserProfileManagerGuid                       ## PRODUCES ## Guid
+  gUserProfileManagerGuid                       ## CONSUMES            ## HII
 
 [Protocols]
-  gEfiDevicePathProtocolGuid                    # PROTOCOL ALWAYS_CONSUMED
+  gEfiDevicePathProtocolGuid                    ## PRODUCES
-  gEfiHiiConfigAccessProtocolGuid
+  gEfiHiiConfigAccessProtocolGuid               ## PRODUCES
-  gEfiUserCredential2ProtocolGuid
+  gEfiUserCredential2ProtocolGuid               ## SOMETIMES_CONSUMES
-  gEfiUserManagerProtocolGuid
+  gEfiUserManagerProtocolGuid                   ## CONSUMES
 
 [Depex]
   gEfiUserManagerProtocolGuid
+  
+[UserExtensions.TianoCore."ExtraFiles"]
+  UserProfileManagerExtra.uni
+  

SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.inf

@@ -1,8 +1,10 @@
 ## @file
-#  Component description file for Extended SAL authentication variable 
+#  Provides authenticated variable service for IPF platform
-#  service module.
 #
-# Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
+#  This module installs variable arch protocol and variable write arch protocol to provide
+#  four EFI_RUNTIME_SERVICES: SetVariable, GetVariable, GetNextVariableName and QueryVariableInfo.
+#
+# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -15,6 +17,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = EsalVariableDxeSal
+  MODULE_UNI_FILE                = EsalVariableDxeSal.uni
   FILE_GUID                      = 14610837-4E97-4427-96E0-21D9B2956996
   MODULE_TYPE                    = DXE_SAL_DRIVER
   VERSION_STRING                 = 1.0
@@ -60,27 +63,43 @@
   HobLib
 
 [Protocols]
-  gEfiFirmwareVolumeBlockProtocolGuid           # PROTOCOL SOMETIMES_CONSUMED
+  gEfiFirmwareVolumeBlockProtocolGuid           ## SOMETIMES_CONSUMES
-  gEfiFaultTolerantWriteProtocolGuid            # PROTOCOL SOMETIMES_CONSUMED
+  gEfiFaultTolerantWriteProtocolGuid            ## SOMETIMES_CONSUMES
 
 [Guids]
+  ## SOMETIMES_CONSUMES   ## Variable:L"PK"
+  ## CONSUMES             ## Variable:L"SetupMode"
+  ## PRODUCES             ## Variable:L"SetupMode"
+  ## CONSUMES             ## Variable:L"SignatureSupport"
+  ## PRODUCES             ## Variable:L"SignatureSupport"
   gEfiGlobalVariableGuid
+  
+  ## PRODUCES             ## GUID # Variable store header
+  ## CONSUMES             ## GUID # Variable store header
+  ## SOMETIMES_CONSUMES   ## HOB
+  ## SOMETIMES_PRODUCES   ## SystemTable
   gEfiAuthenticatedVariableGuid
-  gEfiEventVirtualAddressChangeGuid
+  
-  gEfiCertRsa2048Sha256Guid
+  gEfiEventVirtualAddressChangeGuid             ## CONSUMES               ## Event
+  gEfiCertRsa2048Sha256Guid                     ## CONSUMES               ## GUID        # Unique ID for the format of the CertType.
+
+  ## SOMETIMES_CONSUMES   ## Variable:L"DB"
+  ## SOMETIMES_CONSUMES   ## Variable:L"DBX"
   gEfiImageSecurityDatabaseGuid
 
 [Pcd.common]
-  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize            ## CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase            ## SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize
+  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize                       ## CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize
+  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize          ## CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize
+  gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize                     ## CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize
+  gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize                      ## CONSUMES
   
 [FeaturePcd.common]
-  gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics
+  gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics             ## CONSUMES    # statistic the information of variable.
 
 [Depex]
   gEfiExtendedSalFvBlockServicesProtocolGuid AND gEfiFaultTolerantWriteProtocolGuid  
 
+[UserExtensions.TianoCore."ExtraFiles"]
+  EsalVariableDxeSalExtra.uni

SecurityPkg/VariableAuthenticated/Pei/VariablePei.inf

@@ -1,5 +1,6 @@
 ## @file
-#  The component description for PEI variable driver. 
+#  Implements ReadOnly Variable Services required by PEIM and installs PEI ReadOnly Varaiable2 PPI
+#  This module implements ReadOnly Variable Services required by PEIM and installs PEI ReadOnly Varaiable2 PPI.
 #
 # Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
@@ -14,6 +15,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = PeiVariableAuth
+  MODULE_UNI_FILE                = PeiVariableAuth.uni
   FILE_GUID                      = B1F7AF2F-2807-478c-A893-2BF4DDD1F62B
   MODULE_TYPE                    = PEIM
   VERSION_STRING                 = 1.0
@@ -44,24 +46,28 @@
   PeiServicesLib
 
 [Guids]
+  ## CONSUMES             ## GUID # Variable store header
+  ## SOMETIMES_CONSUMES   ## HOB
   gEfiAuthenticatedVariableGuid
+  ## SOMETIMES_PRODUCES   ## HOB
+  ## SOMETIMES_CONSUMES   ## HOB
   gEfiVariableIndexTableGuid
-  gEfiSystemNvDataFvGuid
+  gEfiSystemNvDataFvGuid            ## SOMETIMES_CONSUMES   ## GUID
-  gEdkiiFaultTolerantWriteGuid
+  gEdkiiFaultTolerantWriteGuid      ## SOMETIMES_CONSUMES   ## HOB
 
 [Ppis]
   gEfiPeiReadOnlyVariable2PpiGuid   ## PRODUCES
 
 [Pcd]
-  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase      ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase      ## SOMETIMES_CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64    ## CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize      ## CONSUMES
 
 [Depex]
   gEdkiiFaultTolerantWriteGuid
 
-#
 # [BootMode]
-#    RECOVERY          ## CONSUMES
+# RECOVERY_FULL             ## SOMETIMES_CONSUMES
-#
 
+[UserExtensions.TianoCore."ExtraFiles"]
+  PeiVariableExtra.uni

SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf

@@ -1,10 +1,13 @@
 ## @file
-#  Component description file for Authenticated Variable module.
+#  Provides authenticated variable service
+#
+#  This module installs variable arch protocol and variable write arch protocol to provide 
+#  variable services: SetVariable, GetVariable, GetNextVariableName and QueryVariableInfo.
 #
 #  Caution: This module requires additional review when modified.
 #  This driver will have external input - variable data.
-#  This external input must be validated carefully to avoid security issue like
+#  This external input must be validated carefully to avoid security issues such as 
-#  buffer overflow, integer overflow.
+#  buffer overflow or integer overflow.
 #
 # Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
@@ -19,6 +22,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = VariableAuthRuntimeDxe
+  MODULE_UNI_FILE                = VariableAuthRuntimeDxe.uni
   FILE_GUID                      = 2226F30F-3D5B-402d-9936-A97184EB4516
   MODULE_TYPE                    = DXE_RUNTIME_DRIVER
   VERSION_STRING                 = 1.0
@@ -65,51 +69,82 @@
   TpmMeasurementLib
 
 [Protocols]
-  gEfiFirmwareVolumeBlockProtocolGuid           ## SOMETIMES_CONSUMES
+  gEfiFirmwareVolumeBlockProtocolGuid           ## CONSUMES
-  gEfiVariableWriteArchProtocolGuid             ## ALWAYS_PRODUCES
+  ## CONSUMES
-  gEfiVariableArchProtocolGuid                  ## ALWAYS_PRODUCES
+  ## NOTIFY
-  gEfiFaultTolerantWriteProtocolGuid            ## SOMETIMES_CONSUMES
+  gEfiFaultTolerantWriteProtocolGuid
-  gEdkiiVariableLockProtocolGuid                ## ALWAYS_PRODUCES
+  gEfiVariableWriteArchProtocolGuid             ## PRODUCES
+  gEfiVariableArchProtocolGuid                  ## PRODUCES
+  gEdkiiVariableLockProtocolGuid                ## PRODUCES
+
 
 [Guids]
-  gEfiAuthenticatedVariableGuid                 ## PRODUCES ## Configuration Table Guid
+  ## PRODUCES             ## GUID # Variable store header
-  gEfiGlobalVariableGuid                        ## PRODUCES ## Variable Guid
+  ## CONSUMES             ## GUID # Variable store header
-  gEfiEventVirtualAddressChangeGuid             ## CONSUMES ## Event
+  ## SOMETIMES_CONSUMES   ## HOB
-  gEfiCertTypeRsa2048Sha256Guid
+  ## SOMETIMES_PRODUCES   ## SystemTable
+  gEfiAuthenticatedVariableGuid
+  
+  ## SOMETIMES_CONSUMES   ## Variable:L"PlatformLang"
+  ## SOMETIMES_PRODUCES   ## Variable:L"PlatformLang"
+  ## SOMETIMES_CONSUMES   ## Variable:L"Lang"
+  ## SOMETIMES_PRODUCES   ## Variable:L"Lang"
+  ## SOMETIMES_CONSUMES   ## Variable:L"HwErrRecSupport"
+  ## CONSUMES             ## Variable:L"SetupMode"
+  ## PRODUCES             ## Variable:L"SetupMode"
+  ## SOMETIMES_CONSUMES   ## Variable:L"PK"
+  ## SOMETIMES_CONSUMES   ## Variable:L"KEK"
+  ## CONSUMES             ## Variable:L"SecureBoot"
+  ## PRODUCES             ## Variable:L"SecureBoot"
+  ## CONSUMES             ## Variable:L"SignatureSupport"
+  ## PRODUCES             ## Variable:L"SignatureSupport"  
+  ## PRODUCES             ## Variable:L"VendorKeys"
+  gEfiGlobalVariableGuid
+  
+  ## SOMETIMES_CONSUMES   ## Variable:L"DB"
+  ## SOMETIMES_CONSUMES   ## Variable:L"DBX"
   gEfiImageSecurityDatabaseGuid
-  gEfiCertX509Guid
+  
-  gEfiCertPkcs7Guid
+  ## CONSUMES             ## Variable:L"SecureBootEnable"
-  gEfiCertRsa2048Guid
+  ## PRODUCES             ## Variable:L"SecureBootEnable"
   gEfiSecureBootEnableDisableGuid
+  
+  ## CONSUMES             ## Variable:L"CustomMode"
+  ## PRODUCES             ## Variable:L"CustomMode"
   gEfiCustomModeEnableGuid
-  gEfiVendorKeysNvGuid
+  
-  gEfiSystemNvDataFvGuid                        ## CONSUMES
+  ## CONSUMES             ## Variable:L"certdb"
+  ## PRODUCES             ## Variable:L"certdb"
   gEfiCertDbGuid
-  gEfiHardwareErrorVariableGuid                 ## SOMETIMES_CONSUMES
+  
+  ## CONSUMES             ## Variable:L"VendorKeysNv"
+  ## PRODUCES             ## Variable:L"VendorKeysNv"
+  gEfiVendorKeysNvGuid
+
   gEfiEndOfDxeEventGroupGuid               ## CONSUMES               ## Event
-  gEdkiiFaultTolerantWriteGuid                  ## CONSUMES
+  gEfiEventVirtualAddressChangeGuid        ## CONSUMES               ## Event
+  gEfiCertTypeRsa2048Sha256Guid            ## SOMETIMES_CONSUMES     ## GUID     # Unique ID for the type of the certificate.
+  gEfiCertPkcs7Guid                        ## SOMETIMES_CONSUMES     ## GUID     # Unique ID for the type of the certificate.
+  gEfiCertX509Guid                         ## SOMETIMES_CONSUMES     ## GUID     # Unique ID for the type of the signature.
+  gEfiSystemNvDataFvGuid                   ## CONSUMES               ## GUID
+  gEfiHardwareErrorVariableGuid            ## SOMETIMES_CONSUMES     ## Variable:L"HwErrRec####"
+  gEdkiiFaultTolerantWriteGuid             ## SOMETIMES_CONSUMES     ## HOB
 
 [Pcd]
-  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize       ## CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase       ## SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64     ## CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize
+  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize                  ## CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize
+  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize     ## CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize
+  gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize                ## CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize
+  gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize                 ## CONSUMES
 
 [FeaturePcd]
   gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics        ## CONSUMES  # statistic the information of variable.
-  gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES
+  gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate       ## CONSUMES  # Auto update PlatformLang/Lang
 
 [Depex]
   TRUE
 
-# [Event]
+[UserExtensions.TianoCore."ExtraFiles"]
-#   ##
+  VariableRuntimeDxeExtra.uni
-#   # Event will be signaled for VIRTUAL_ADDRESS_CHANGE event.
-#   #
-#   EVENT_TYPE_NOTIFY_SIGNAL                    ## PRODUCES
-#
-#
-

SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf

@@ -1,18 +1,18 @@
 ## @file
-#  Component description file for SMM Authenticated Variable module.
+#  Provides SMM authenticated variable service
 #
 #  This module installs SMM variable protocol into SMM protocol database,
 #  which can be used by SMM driver, and installs SMM variable protocol
 #  into BS protocol database, which can be used to notify the SMM Runtime
 #  Dxe driver that the SMM variable service is ready.
 #  This module should be used with SMM Runtime DXE module together. The
-#  SMM Runtime DXE module would install variable arch protocol and variable
+#  SMM Runtime DXE module installs variable arch protocol and variable
 #  write arch protocol based on SMM variable module.
 #
 #  Caution: This module requires additional review when modified.
 #  This driver will have external input - variable data and communicate buffer in SMM mode.
-#  This external input must be validated carefully to avoid security issue like
+#  This external input must be validated carefully to avoid security issues such as 
-#  buffer overflow, integer overflow.
+#  buffer overflow or integer overflow.
 #
 # Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
@@ -27,6 +27,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = VariableAuthSmm
+  MODULE_UNI_FILE                = VariableAuthSmm.uni
   FILE_GUID                      = D34BDC5E-968A-40f5-A48C-E594F45AE211
   MODULE_TYPE                    = DXE_SMM_DRIVER
   VERSION_STRING                 = 1.0
@@ -69,43 +70,83 @@
   HobLib
 
 [Protocols]
-  gEfiSmmFirmwareVolumeBlockProtocolGuid        ## SOMETIMES_CONSUMES
+  gEfiSmmFirmwareVolumeBlockProtocolGuid        ## CONSUMES
-  gEfiSmmVariableProtocolGuid                   ## ALWAYS_PRODUCES
+  gEfiSmmAccess2ProtocolGuid                    ## CONSUMES
-  gEfiSmmFaultTolerantWriteProtocolGuid         ## SOMETIMES_CONSUMES
+  
-  gEfiSmmAccess2ProtocolGuid                    ## ALWAYS_CONSUMES
+  ## PRODUCES
-  gEfiSmmEndOfDxeProtocolGuid                   ## ALWAYS_CONSUMES
+  ## UNDEFINED     # SmiHandlerRegister
+  gEfiSmmVariableProtocolGuid
+  
+  ## CONSUMES
+  ## NOTIFY  
+  gEfiSmmFaultTolerantWriteProtocolGuid
+  gEfiSmmEndOfDxeProtocolGuid              ## NOTIFY
 
 [Guids]
-  gEfiAuthenticatedVariableGuid                 ## PRODUCES ## Configuration Table Guid
+  ## PRODUCES             ## GUID # Variable store header
-  gEfiGlobalVariableGuid                        ## PRODUCES ## Variable Guid
+  ## CONSUMES             ## GUID # Variable store header
-  gSmmVariableWriteGuid                         ## PRODUCES ## SMM Variable Write Guid
+  ## SOMETIMES_CONSUMES   ## HOB
-  gEfiCertTypeRsa2048Sha256Guid
+  gEfiAuthenticatedVariableGuid
+  
+  ## SOMETIMES_CONSUMES   ## Variable:L"PlatformLang"
+  ## SOMETIMES_PRODUCES   ## Variable:L"PlatformLang"
+  ## SOMETIMES_CONSUMES   ## Variable:L"Lang"
+  ## SOMETIMES_PRODUCES   ## Variable:L"Lang"
+  ## SOMETIMES_CONSUMES   ## Variable:L"HwErrRecSupport"
+  ## CONSUMES             ## Variable:L"SetupMode"
+  ## PRODUCES             ## Variable:L"SetupMode"
+  ## SOMETIMES_CONSUMES   ## Variable:L"PK"
+  ## SOMETIMES_CONSUMES   ## Variable:L"KEK"
+  ## CONSUMES             ## Variable:L"SecureBoot"
+  ## PRODUCES             ## Variable:L"SecureBoot"
+  ## CONSUMES             ## Variable:L"SignatureSupport"
+  ## PRODUCES             ## Variable:L"SignatureSupport"
+  ## PRODUCES             ## Variable:L"VendorKeys"
+  gEfiGlobalVariableGuid
+  
+  ## SOMETIMES_CONSUMES   ## Variable:L"DB"
+  ## SOMETIMES_CONSUMES   ## Variable:L"DBX"
   gEfiImageSecurityDatabaseGuid
-  gEfiCertX509Guid
+ 
-  gEfiCertPkcs7Guid
+  ## CONSUMES             ## Variable:L"SecureBootEnable"
-  gEfiCertRsa2048Guid
+  ## PRODUCES             ## Variable:L"SecureBootEnable"
   gEfiSecureBootEnableDisableGuid
+  
+  ## CONSUMES             ## Variable:L"CustomMode"
+  ## PRODUCES             ## Variable:L"CustomMode"
   gEfiCustomModeEnableGuid
-  gEfiVendorKeysNvGuid
+  
-  gEfiSystemNvDataFvGuid                        ## CONSUMES
+  ## CONSUMES             ## Variable:L"certdb"
+  ## PRODUCES             ## Variable:L"certdb"
   gEfiCertDbGuid
-  gEfiHardwareErrorVariableGuid                 ## SOMETIMES_CONSUMES
+
-  gEdkiiFaultTolerantWriteGuid                  ## CONSUMES
+  ## CONSUMES             ## Variable:L"VendorKeysNv"
+  ## PRODUCES             ## Variable:L"VendorKeysNv"
+  gEfiVendorKeysNvGuid
+    
+  gSmmVariableWriteGuid                    ## PRODUCES               ## GUID        # Install protocol
+  gEfiCertTypeRsa2048Sha256Guid            ## SOMETIMES_CONSUMES     ## GUID        # Unique ID for the format of the CertData.
+  gEfiCertPkcs7Guid                        ## SOMETIMES_CONSUMES     ## GUID        # Unique ID for the format of the CertData.
+  gEfiCertX509Guid                         ## SOMETIMES_CONSUMES     ## GUID        # Unique ID for the type of the signature.
+  gEfiSystemNvDataFvGuid                   ## CONSUMES               ## GUID
+  gEfiHardwareErrorVariableGuid            ## SOMETIMES_CONSUMES     ## Variable:L"HwErrRec####"
+  gEdkiiFaultTolerantWriteGuid             ## SOMETIMES_CONSUMES     ## HOB
   
 [Pcd]
-  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize       ## CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase       ## SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64     ## CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize
+  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize                  ## CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize
+  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize     ## CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize
+  gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize                ## CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize
+  gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize                 ## CONSUMES
   
 [FeaturePcd]
   gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics        ## CONSUMES  # statistic the information of variable.
-  gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES
+  gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate       ## CONSUMES  # Auto update PlatformLang/Lang
 
 [Depex]
   TRUE
   
-
+[UserExtensions.TianoCore."ExtraFiles"]
+  VariableSmmExtra.uni

SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.inf

@@ -1,14 +1,13 @@
 ## @file
-#  Component description file for Authenticated Variable SmmRuntimeDxe module.
+#  Runtime DXE part corresponding to SMM authenticated variable module
 #
-#  This module is the Runtime DXE part correspond to SMM variable module. It 
+#  This module installs variable arch protocol and variable write arch protocol to provide 
-#  installs variable arch protocol and variable write arch protocol and works 
+#  variable service. This module need work together with SMM authenticated variable module. 
-#  with SMM variable module together. 
 #
 #  Caution: This module requires additional review when modified.
 #  This driver will have external input - variable data.
-#  This external input must be validated carefully to avoid security issue like
+#  This external input must be validated carefully to avoid security issues such as 
-#  buffer overflow, integer overflow.
+#  buffer overflow or integer overflow.
 #
 # Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
@@ -23,6 +22,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = VariableAuthSmmRuntimeDxe
+  MODULE_UNI_FILE                = VariableAuthSmmRuntimeDxe.uni
   FILE_GUID                      = 067E2381-7234-4798-B49C-D5FECBFF6D07
   MODULE_TYPE                    = DXE_RUNTIME_DRIVER
   VERSION_STRING                 = 1.0
@@ -57,21 +57,41 @@
   TpmMeasurementLib
 
 [Protocols]
-  gEfiVariableWriteArchProtocolGuid             ## ALWAYS_PRODUCES
+  gEfiVariableWriteArchProtocolGuid                                 ## PRODUCES
-  gEfiVariableArchProtocolGuid                  ## ALWAYS_PRODUCES  
+  gEfiVariableArchProtocolGuid                                      ## PRODUCES
-  gEfiSmmCommunicationProtocolGuid
+  gEfiSmmCommunicationProtocolGuid                                  ## CONSUMES
+  gEdkiiVariableLockProtocolGuid                                    ## PRODUCES
+
+  ## CONSUMES
+  ## NOTIFY
+  ## UNDEFINED   # Used to do smm communication
   gEfiSmmVariableProtocolGuid
-  gEdkiiVariableLockProtocolGuid                ## ALWAYS_PRODUCES
 
 [Guids]
-  gEfiEventVirtualAddressChangeGuid             ## PRODUCES ## Event
+  gEfiEventVirtualAddressChangeGuid                                 ## CONSUMES       ## Event
+  gEfiEventExitBootServicesGuid                                     ## CONSUMES       ## Event
+    
+  ## CONSUMES ## UNDEFINED # Locate protocol
+  ## CONSUMES ## UNDEFINED # Protocol notify
   gSmmVariableWriteGuid
+  
+
+  ## SOMETIMES_CONSUMES   ## Variable:L"PK"
+  ## SOMETIMES_CONSUMES   ## Variable:L"KEK"
+  ## SOMETIMES_CONSUMES   ## Variable:L"SecureBoot"
+  gEfiGlobalVariableGuid
+  
+  ## SOMETIMES_CONSUMES   ## Variable:L"DB"
+  ## SOMETIMES_CONSUMES   ## Variable:L"DBX"
   gEfiImageSecurityDatabaseGuid
 
 [Pcd]
-  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize
+  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize                 ## CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize
+  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize    ## CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase      ## CONSUMES
 
 [Depex]
   gEfiSmmCommunicationProtocolGuid
+
+[UserExtensions.TianoCore."ExtraFiles"]
+  VariableSmmRuntimeDxeExtra.uni

SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf

@@ -1,7 +1,8 @@
 ## @file
-#  Component name for SecureBoot configuration module.
+#  Provides the capbility to configure secure boot in a setup browser
+#  By this module, user may change the content of DB, DBX, PK and KEK.
 #
-# Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -14,6 +15,7 @@
 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = SecureBootConfigDxe
+  MODULE_UNI_FILE                = SecureBootConfigDxe.uni
   FILE_GUID                      = F0E6A44F-7195-41c3-AC64-54F202CD0A21
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
@@ -57,31 +59,64 @@
   DevicePathLib
 
 [Guids]
-  gEfiIfrTianoGuid
+  ## SOMETIMES_CONSUMES      ## Variable:L"CustomMode"
+  ## SOMETIMES_PRODUCES      ## Variable:L"CustomMode"
   gEfiCustomModeEnableGuid
+    
+  ## SOMETIMES_CONSUMES      ## Variable:L"SecureBootEnable"
+  ## SOMETIMES_PRODUCES      ## Variable:L"SecureBootEnable"
   gEfiSecureBootEnableDisableGuid
+  
+  ## SOMETIMES_CONSUMES      ## GUID            # Unique ID for the type of the signature.
+  ## SOMETIMES_PRODUCES      ## GUID            # Unique ID for the type of the signature.
+  gEfiCertRsa2048Guid
+  
+  ## SOMETIMES_CONSUMES      ## GUID            # Unique ID for the type of the signature.
+  ## SOMETIMES_PRODUCES      ## GUID            # Unique ID for the type of the signature.                               
+  gEfiCertX509Guid
+  
+  ## SOMETIMES_CONSUMES      ## GUID            # Unique ID for the type of the signature.
+  ## SOMETIMES_PRODUCES      ## GUID            # Unique ID for the type of the signature.   
+  gEfiCertSha1Guid
+  
+  ## SOMETIMES_CONSUMES      ## GUID            # Unique ID for the type of the signature.
+  ## SOMETIMES_PRODUCES      ## GUID            # Unique ID for the type of the signature.   
+  gEfiCertSha256Guid
+  
+  ## SOMETIMES_CONSUMES      ## Variable:L"db"
+  ## SOMETIMES_PRODUCES      ## Variable:L"db"
+  ## SOMETIMES_CONSUMES      ## Variable:L"dbx"
+  ## SOMETIMES_PRODUCES      ## Variable:L"dbx"
+  gEfiImageSecurityDatabaseGuid
+    
+  ## SOMETIMES_CONSUMES      ## Variable:L"SetupMode"
+  ## SOMETIMES_PRODUCES      ## Variable:L"PK"
+  ## SOMETIMES_CONSUMES      ## Variable:L"KEK"
+  ## SOMETIMES_PRODUCES      ## Variable:L"KEK"
+  ## SOMETIMES_CONSUMES      ## Variable:L"SecureBoot"
+  gEfiGlobalVariableGuid
+  
+  gEfiIfrTianoGuid                              ## PRODUCES            ## GUID       # HII opcode
+  ## PRODUCES                ## HII
+  ## CONSUMES                ## HII
   gSecureBootConfigFormSetGuid
-  gEfiCertPkcs7Guid
+  gEfiCertPkcs7Guid                             ## SOMETIMES_PRODUCES  ## GUID  # Unique ID for the type of the certificate.
-  gEfiCertRsa2048Guid                           ## CONSUMES
+  gEfiCertTypeRsa2048Sha256Guid                 ## SOMETIMES_CONSUMES  ## GUID  # Unique ID for the type of the certificate.
-  gEfiCertX509Guid                              ## CONSUMES
+  gEfiFileSystemVolumeLabelInfoIdGuid           ## SOMETIMES_CONSUMES  ## GUID  # Indicate the information type
-  gEfiCertSha1Guid                              ## CONSUMES
+  gEfiFileInfoGuid                              ## SOMETIMES_CONSUMES  ## GUID  # Indicate the information type
-  gEfiCertSha256Guid                            ## CONSUMES
-  gEfiCertTypeRsa2048Sha256Guid                 ## CONSUMES
-  gEfiImageSecurityDatabaseGuid                 ## CONSUMES
-  gEfiFileSystemVolumeLabelInfoIdGuid           ## CONSUMES
-  gEfiGlobalVariableGuid                        ## PRODUCES ## Variable Guid
-  gEfiFileInfoGuid                              ## CONSUMES ## GUID
 
 [Protocols]
   gEfiHiiConfigAccessProtocolGuid               ## PRODUCES
-  gEfiHiiConfigRoutingProtocolGuid              ## CONSUMES
+  gEfiDevicePathProtocolGuid                    ## PRODUCES
-  gEfiSimpleFileSystemProtocolGuid              ## PROTOCOL CONSUMES
+  gEfiSimpleFileSystemProtocolGuid              ## SOMETIMES_CONSUMES
-  gEfiLoadFileProtocolGuid                      ## PROTOCOL CONSUMES
+  gEfiBlockIoProtocolGuid                       ## SOMETIMES_CONSUMES
-  gEfiBlockIoProtocolGuid                       ## PROTOCOL CONSUMES
-  gEfiDevicePathProtocolGuid                    ## PROTOCOL CONSUMES
 
 [Depex]
   gEfiHiiConfigRoutingProtocolGuid  AND
   gEfiHiiDatabaseProtocolGuid       AND
   gEfiVariableArchProtocolGuid      AND
   gEfiVariableWriteArchProtocolGuid
+
+[UserExtensions.TianoCore."ExtraFiles"]
+  SecureBootConfigDxeExtra.uni
+