AmpereAltraPkg: Fix TPM PCR changes after reboot

Currently, TPM PCR changes because of corruption of PreUefi event log.

With current observation, after DxeIpl decoded FVMAIN section, PreUefi
events log are read correctly. This patch changes flash layout in order
that PeiCore executes PEI Guided Section Extraction PPI before
executing Tcg2Pei module.

Signed-off-by: Tinh Nguyen <tinhn@amperecomputing.com>

Author: tinhnampere

Platform/Ampere/JadePkg/Jade.fdf

@@ -164,11 +164,6 @@ APRIORI PEI {
   INF MdeModulePkg/Universal/StatusCodeHandler/Pei/StatusCodeHandlerPei.inf
   INF Silicon/Ampere/AmpereAltraPkg/Drivers/PcieInitPei/PcieInitPei.inf
 
-!if $(TPM2_ENABLE) == TRUE
-  INF MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf
-  INF Silicon/Ampere/AmpereAltraPkg/Drivers/Tcg2Pei/Tcg2Pei.inf
-!endif
-
   #
   # Print platform information before passing control into the Driver Execution Environment (DXE) phase
   #
@@ -184,6 +179,11 @@ APRIORI PEI {
     }
   }
 
+!if $(TPM2_ENABLE) == TRUE
+  INF MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf
+  INF Silicon/Ampere/AmpereAltraPkg/Drivers/Tcg2Pei/Tcg2Pei.inf
+!endif
+
 [FV.FvMain]
 FvAlignment        = 16
 ERASE_POLARITY     = 1