SecurityPkg: Make TPM2_Startup() return an error

The TPM2_Startup() function is called in the Tcg2Pei driver to start the
TPM. The function is expected to return an error if the TPM is not in
the correct state.

SecurityPkg/Library/DxeTcg2PhysicalPresenceMinimumLib/DxeTcg2PhysicalPresenceMinimumLib.inf

@@ -8,8 +8,7 @@
 # SPDX-License-Identifier: BSD-2-Clause-Patent
 #
 ##
-
-#Override : 00000002 | SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf | 6205753f2abf9126f2711c5f154f9f99 | 2024-07-24T18-06-30 | 69ff4b6fc889c8e66101cad3dcf8be3d516e038d
+#Override : 00000002 | SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf | 5e768c09274dafc2fbee2fb0cdb76055| 2024-07-24T18-06-30 | 69ff4b6fc889c8e66101cad3dcf8be3d516e038d
 # This is not a true override, but spell changes to ensure mu_tiano_plus passes CI is required and changes the hash.
 
 [Defines]

SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c

@@ -1204,6 +1204,11 @@ PeimEntryMA (
       }
 
       if (EFI_ERROR (Status)) {
+        // MU_CHANGE_58957
+        // MU_CHANGE [BEGIN] - Make sure that TPM2_Startup() can report an error.
+        DEBUG ((DEBUG_ERROR, "Tcg2Pei::%a - TPM failed Startup!\n", __func__));
+        ASSERT_EFI_ERROR (Status);
+        // MU_CHANGE [END]
         goto Done;
       }
     }
@@ -1236,6 +1241,10 @@ PeimEntryMA (
       if (PcdGet8 (PcdTpm2SelfTestPolicy) == 1) {
         Status = Tpm2SelfTest (NO);
         if (EFI_ERROR (Status)) {
+          // MU_CHANGE_58957
+          // MU_CHANGE [BEGIN] - Make sure that TPM2_Startup() can report an error.
+          DEBUG ((DEBUG_ERROR, "Tcg2Pei::%a - TPM failed Startup!\n", __func__));
+          // MU_CHANGE [END]
           goto Done;
         }
       }