REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4134



When unit testing is enabled, make sure _ASSERT() is not already
defined by the host environment before defining _ASSERT().  This
avoids conflicts with VS20xx builds of GoogleTest based unit tests.

Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4134



* Map NULL to nullptr or __null when c++ compiler is used.
* Map STATIC_ASSERT to static_assert when a c++ compiler is used.
* Typecast RETURN_SUCCESS to type RETURN_STATUS to match type used
  by all return error/warning status codes.  C++ has stricter type
  checking and found this inconsistency.

Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4114



1.Use xmm5 slot 1 and xmm6 slot 3 to save ucode status and UPD pointer
  respectively in TempRamInitApi in IA32 FspSecCoreT.
2.Correct inappropriate description in the return value of
  AsmGetFspInfoHeader.
3.Replace hardcoded offset value 0x1C with FSP_HEADER_IMGBASE_OFFSET in
  FspHeler.nasm.

Cc: Chasel Chiu <chasel.chiu@intel.com>
Cc: Nate DeSimone <nathaniel.l.desimone@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Ashraf Ali S <ashraf.ali.s@intel.com>
Cc: Chinni B Duggapu <chinni.b.duggapu@intel.com>
Signed-off-by: Ted Kuo <ted.kuo@intel.com>
Reviewed-by: Chasel Chiu <chasel.chiu@intel.com>
Reviewed-by: Nate DeSimone <nathaniel.l.desimone@intel.com>

ArmTrngLib crashes when run in DEBUG mode due to the fact that it passed
the [truncated] GUID value to a DEBUG() print statement instead of a
pointer to the GUID which is what the %g conversion expects.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>

Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Michael Kubacki <mikuback@linux.microsoft.com>

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4135



Added spec version check while publishing new Type9 fields,
added Slot Pitch field which was missing and
corrected the publishing order as per Smbios spec.

Cc: Vasudevan S <vasudevans@ami.com>
Cc: Sundaresan S <sundaresans@ami.com>

Signed-off-by: Sainadh Nagolu <sainadhn@ami.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4146



Update edk2-pytool-library to version 0.12.0 that adds support for
the environment variable PYTOOL_TEMPORARILY_IGNORE_NESTED_EDK_PACKAGES
that can be set to true to ignore nested packages instead of breaking
the build with an exception. Nested packages are not allowed by the
edk2 specifications.  This environment variable allows pytools to run
with reduced functionality if nested packages are present giving
downstream consumers of edk2 that use pytools time to resolve the use
of nested packages and restore all features of pytools.

Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <quic_llindhol@quicinc.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>

The query cpp/conditionallyuninitializedvariable was initially
enabled with the CodeQL code because work was in progress on those
changes. The results were filtered out so CodeQL passed so we could
verify the CodeQL workflow without impacting CI results.

This change allows error severity messages and substitutes that query
with two queries that do not return failures. This allows these
queries to find future problems and prepares the CodeQL workflow to
catch future failures as queries are enabled.

Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Sean Brogan <sean.brogan@microsoft.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>

Fixes issues found with the cpp/wrong-type-format-argument CodeQL
rule in BaseTools.

Reference:
https://cwe.mitre.org/data/definitions/686.html



The following CodeQL errors are resolved:

1. Check failure on line 1115 in
   BaseTools/Source/C/EfiRom/EfiRom.c

   - This argument should be of type 'int' but is of type 'char *'.
   - This argument should be of type 'int' but is of type 'signed
     char *'.

2. Check failure on line 359 in
   BaseTools/Source/C/GenFw/Elf32Convert.c

   - This argument should be of type 'CHAR8 *' but is of type
     'unsigned int'.

3. Check failure on line 1841 in
   BaseTools/Source/C/GenFw/Elf64Convert.c

   - This argument should be of type 'unsigned int' but is of type
     'unsigned long long'.

4. Check failure on line 1871 in
   BaseTools/Source/C/GenFw/Elf64Convert.c

   - This argument should be of type 'unsigned int' but is of type
     'unsigned long long'.

5. Check failure on line 2400 in
   BaseTools/Source/C/GenFv/GenFvInternalLib.c

   - This argument should be of type 'unsigned long long' but is of
     type 'unsigned int'.

6. Check failure on line 1099 in
   BaseTools/Source/C/GenFw/Elf64Convert.c

   - This argument should be of type 'CHAR8 *' but is of type
     'unsigned int'.

7. Check failure on line 1098 in
   BaseTools/Source/C/GenSec/GenSec.c

   - This argument should be of type 'CHAR8 *' but is of type
     'char **'.

8. Check failure on line 911 in
   BaseTools/Source/C/GenSec/GenSec.c

  - This argument should be of type 'CHAR8 *' but is of type
    'char **'.

Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Yuwei Chen <yuwei.chen@intel.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Sean Brogan <sean.brogan@microsoft.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4139



Update ms.common and *.mak files to use /Z7 instead of /Zi to embed
symbol information in obj files for host tools built with VS compilers.
This prevents vcxxx.pdb files from being generated in the root of
the local edk2 repository or in BaseTools directories.

Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Yuwei Chen <yuwei.chen@intel.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4141



PRMT device is an unknown device in Device Manager if there is no
Windows Driver installed for it. It will cause WHQL Signed Driver
test failure.

To complete WHQL certification, update PRMT Device CID to PNP0C02.

In this way, PRMT Device will be a Motherboard Resources when no
real driver is loaded (default), but will be shown as the actual
device name when a legitimate Windows Driver is loaded.

Cc: Michael Kubacki <michael.kubacki@microsoft.com>
Cc: Nate DeSimone <nathaniel.l.desimone@intel.com>
Cc: Ankit Sinha <ankit.sinha@intel.com>
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
Reviewed-by: Ankit Sinha <ankit.sinha@intel.com>
Reviewed-by: Michael Kubacki <michael.kubacki@microsoft.com>

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4115

Adds initial support for enabling CodeQL Code Scanning in this
repository per the RFC:

  https://github.com/tianocore/edk2/discussions/3258



Adds the following new files:
  - .github/workflows/codql-analysis.yml - The main GitHub workflow
    file used to setup CodeQL in the repo.
  - .github/codeql/codeql-config.yml - The main CodeQL configuration
    file used to customize the queries and other resources the repo
    is using for CodeQL.
  - edk2.qls - A query set of queries to run for CodeQL.

Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>

Adds the maintainers and reviewers for the new .github directory
being added to hold GitHub workflows files.

Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <quic_llindhol@quicinc.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3991



Fix build issue when DiSABLE_SHA1_DEPRECATED_INTERFACES
is defined. Percolate the #ifndef DiSABLE_SHA1_DEPRECATED_INTERFACES
to all the Sha1 functions.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Nishant C Mistry <nishant.c.mistry@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Nishant C Mistry <nishant.c.mistry@intel.com>
Signed-off-by: Judah Vang <judah.vang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

Updates PrmPkg to use UnitTestUefiBootServicesTableLib from
UnitTestFrameworkPkg instead of UefiBootServicesTableLibUnitTest
in PrmPkg.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>

This library supports a Boot Services table library implementation
that allows code dependent upon UefiBootServicesTableLib to operate
in an isolated execution environment such as within
the context of a host-based unit test framework.

The unit test should initialize the Boot Services database with any
required elements (e.g. protocols, events, handles, etc.) prior to
the services being invoked by code under test.

It is strongly recommended to clean any global databases (e.g.
protocol, event, handles, etc.) after every unit test so the tests
execute in a predictable manner from a clean state.

This library is being moved here from PrmPkg so it can be made more
generally available to other packages and improved upon for others
use.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>

Commit 244ce33b ("CryptoPkg: Add Readme.md", 2022-10-24) had added the
long-awaited documentation on the dynamic crypto services. Fix some of the
typos and arguable grammar errors in "Readme.md". A few light
clarifications are also snuck in.

Cc: Christopher Zurcher <christopher.zurcher@microsoft.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Christopher Zurcher <christopher.zurcher@microsoft.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>

There was a OOB access in *StrHexTo* functions, when passed strings like
"XDEADBEEF".

OpenCore folks established an ASAN-equipped project to fuzz Ext4Dxe,
which was able to catch these (mostly harmless) issues.

Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Cc: Marvin H?user <mhaeuser@posteo.de>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com>
Acked-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@Intel.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>

Bugzilla: 3668 (https://bugzilla.tianocore.org/show_bug.cgi?id=3668

)

The EFI_RNG_PROTOCOL published by RngDxe has been updated to
implement the EFI_RNG_ALGORITHM_RAW using the Arm TRNG interface
to provide access to entropy.

Therefore, enable EFI_RNG_PROTOCOL for the Kvmtool guest/virtual
firmware.

Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>

Bugzilla: 3668 (https://bugzilla.tianocore.org/show_bug.cgi?id=3668

)

Add RngDxe support for Arm. This implementation uses the ArmTrngLib
to support the RawAlgorithm and doens't support the RNDR instruction.

To re-use the RngGetRNG(), RngGetInfo() and FreeAvailableAlgorithms()
functions, create Arm/AArch64 files which implement the arch specific
function GetAvailableAlgorithms(). Indeed, FEAT_RNG instruction is not
supported on Arm.

Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>

To re-use the AArch64/RngDxe.c for an Arm implementation,
rename AArch64/RngDxe.c to ArmRngDxe.c.

Acked-by: Leif Lindholm <quic_llindhol@quicinc.com>
Signed-off-by: Pierre Gondois <Pierre.Gondois@arm.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>

PcdCpuRngSupportedAlgorithm should allow to identify the the algorithm
used by the RNDR CPU instruction to generate a random number.
Add a debug warning if the Pcd is not set.

Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>

Bugzilla: 3668 (https://bugzilla.tianocore.org/show_bug.cgi?id=3668

)

RawAlgorithm is used to provide access to entropy that is suitable
for cryptographic applications. Therefore, add RawAlgorithm support
that provides access to entropy using the ArmTrngLib.

Also remove unused UefiBootServicesTableLib library inclusion
and Status variable.

Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>

RngGetBytes() relies on the RngLib. The RngLib might use the RNDR
instruction if the FEAT_RNG feature is present. RngGetInfo and
RngGetRNG both must check that RngGetBytes() is working before
advertising/using it.

To do so, allocate an array storing the available algorithms.
The Rng algorithm at the lowest index will be the default Rng
algorithm. The array is shared between RngGetInfo and RngGetRNG.

This array is allocated when the driver is loaded, and freed
when unloaded.

This patch also prevents from having PcdCpuRngSupportedAlgorithm
let to a zero GUID, but let the possibility to have no valid Rng
algorithm in such case.

Signed-off-by: Pierre Gondois <Pierre.Gondois@arm.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>

This patch:
-Update RngGetBytes() documentation to align the function
 definition and declaration.
-Improve input parameter checking. Even though 'This'
 it is not used, the parameter should always point to the
 current EFI_RNG_PROTOCOL.
-Removes TimerLib inclusion as unused.

Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>

RngGetInfo() is one of the 2 functions of the EFI_RNG_PROTOCOL.
RngGetInfo() is currently a mere wrapper around
ArchGetSupportedRngAlgorithms() which is implemented differently
depending on the architecture used.

RngGetInfo() does nothing more than calling
ArchGetSupportedRngAlgorithms(). So remove it, and let RngGetInfo()
be implemented differently according to the architecture.

This follows the implementation of the other function of the
EFI_RNG_PROTOCOL, RngGetRNG().

Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>

gEfiRngAlgorithmSp80090Ctr256Guid was used as the default algorithm
in RngGetRNG(). The commit below set the default algorithm to
PcdCpuRngSupportedAlgorithm, which is a zero GUID by default.

As the Pcd value is not defined for any platform in the edk2-platfoms
repository, assume it was an error and go back to the first version,
using gEfiRngAlgorithmSp80090Ctr256Guid.

Fixes: 4e5ecdba ("SecurityPkg: Add support for RngDxe on AARCH64")
Signed-off-by: Pierre Gondois <Pierre.Gondois@arm.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>

Bugzilla: 3668 (https://bugzilla.tianocore.org/show_bug.cgi?id=3668

)

Rename RdRandGenerateEntropy() to GenerateEntropy() to provide a
common interface to generate entropy on other architectures.
GenerateEntropy() is intended to generate high quality entropy.

Also move the definition to RngDxeInternals.h

Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>

Bugzilla: 3668 (https://bugzilla.tianocore.org/show_bug.cgi?id=3668)

The Arm True Random Number Generator Firmware, Interface 1.0,
Platform Design Document
(https://developer.arm.com/documentation/den0098/latest/

)
defines an interface between an Operating System (OS) executing
at EL1 and Firmware (FW) exposing a conditioned entropy source
that is provided by a TRNG back end.

The conditioned entropy, that is provided by the Arm TRNG interface,
is commonly used to seed deterministic random number generators.

This patch adds an ArmTrngLib library that implements the Arm TRNG
interface.

Acked-by: Leif Lindholm <quic_llindhol@quicinc.com>
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>

Bugzilla: 3668 (https://bugzilla.tianocore.org/show_bug.cgi?id=3668)

The Arm True Random Number Generator Firmware, Interface 1.0,
Platform Design Document
(https://developer.arm.com/documentation/den0098/latest/

)
defines an interface between an Operating System (OS) executing
at EL1 and Firmware (FW) exposing a conditioned entropy source
that is provided by a TRNG back end.

New function IDs have been defined by the specification for
accessing the TRNG services. Therefore, add these definitions
to the Arm standard SMC header.

Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>

Bugzilla: 3668 (https://bugzilla.tianocore.org/show_bug.cgi?id=3668

)

The Arm True Random Number Generator (TRNG) library defines an
interface to access the entropy source on a platform. On platforms
that do not have access to an entropy source, a NULL instance of
the TRNG library may be useful to satisfy the build dependency.

Therefore, add a NULL instance of the Arm TRNG library.

Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>

Bugzilla: 3668 (https://bugzilla.tianocore.org/show_bug.cgi?id=3668

)

The NIST Special Publications 800-90A, 800-90B and 800-90C
provide recommendations for random number generation. The
NIST 800-90C, Recommendation for Random Bit Generator (RBG)
Constructions, defines the GetEntropy() interface that is
used to access the entropy source. The GetEntropy() interface
is further used by Deterministic Random Bit Generators (DRBG)
to generate random numbers.

The Arm True Random Number Generator (TRNG) library defines an
interface to access the entropy source on a platform, following
the 'Arm True Random Number Generator Firmware Interface'
specification.

Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>

Add a Null instance of ArmHvcLib in case of library dependencies.

Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
Signed-off-by: Pierre Gondois <Pierre.Gondois@arm.com>

Sort the section containing HVC/SMC libraries prior to
adding new libraries in this specific section.

Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
Signed-off-by: Pierre Gondois <Pierre.Gondois@arm.com>

The ArmMonitorLib provides an abstract interface to issue
an HyperVisor Call (HVC) or System Monitor Call (SMC) depending
on the default conduit.
The PcdMonitorConduitHvc PCD allows to select the default conduit.

Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>

The ArmMonitorLib provides an abstract interface to issue
an HyperVisor Call (HVC) or System Monitor Call (SMC) depending
on the default conduit.
The PcdMonitorConduitHvc PCD allows to select the default conduit.

The new library relies on the ArmHvcLib and ArmSmcLib libraries.
A Null instance of these libraries can be used for the unused conduit.

Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>

Define a PCD 'PcdMonitorConduitHvc' to select the conduit to use for
monitor calls. PcdMonitorConduitHvc is defined as FALSE by default,
meaning the SMC conduit is enabled as default.

Adding PcdMonitorConduitHvc allows selection of HVC conduit to be used
by virtual firmware implementations.

Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>

The NorFlashDxe driver in ArmPlatformPkg was shared between development
platforms built by ARM Ltd, and virtual platforms that were once modeled
after Versatile Express, but have very little in common with actual bare
metal implementations.

Both sides have migrated to a domain specific version of the driver, so
we can retire the old one.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
Reviewed-by: Sunil V L <sunilvl@ventanamicro.com>

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4125



EPT-violation #VE should be always on shared memory, which means the
shared bit of the GuestPA should be set. But in current #VE Handler
it is not checked. When it occurs, stop TD immediately and log out
the error.

Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Guorui Yu <ruogui.ygr@alibaba-inc.com>
Tested-by: Guorui Yu <ruogui.ygr@alibaba-inc.com>

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4136



System will depend on Boot Mode value to do different behavior
Update during Capsule Update process. So UPL need to support
update boot mode.

Cc: Guo Dong <guo.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Reviewed-by: James Lu <james.lu@intel.com>
Reviewed-by: Gua Guo <gua.guo@intel.com>
Signed-off-by: VictorX Hsu <victorx.hsu@intel.com>