microsoft · maheeraeron · Nov 11, 2025 · Nov 5, 2025 · Nov 5, 2025 · Nov 11, 2025
diff --git a/MsvmPkg/AziHsmDxe/AziHsmBKS3.h b/MsvmPkg/AziHsmDxe/AziHsmBKS3.h
@@ -77,7 +77,7 @@
 // Forward declared opaque types for TPM sealing outputs.
 typedef struct {
   UINT8     Data[AZIHSM_BUFFER_MAX_SIZE]; // Buffer
-  UINT32    Size;                         // Size of the buffer
+  UINT16    Size;                         // Size of the buffer
 } AZIHSM_BUFFER;
 
 //

diff --git a/MsvmPkg/AziHsmDxe/AziHsmDdi.c b/MsvmPkg/AziHsmDxe/AziHsmDdi.c
@@ -1609,7 +1609,7 @@ AzihsmEncodeInitBks3Req (
   }
 
   // Encode actual BKS3 data
-  Status = AziHsmMborEncodeBytes (Encoder, Request->Bks3.Data, Request->Bks3.Length);
+  Status = AziHsmMborEncodePaddedBytes (Encoder, Request->Bks3.Data, Request->Bks3.Length);
   if (EFI_ERROR (Status)) {
     goto ExitFunction;
   }
@@ -1854,7 +1854,7 @@ AzihsmEncodeSetSealedBks3Req (
   }
 
   // Encode the actual BKS3 request data
-  Status = AziHsmMborEncodeBytes (Encoder, SealedBks3Request->SealedBks3.Data, SealedBks3Request->SealedBks3.Length);
+  Status = AziHsmMborEncodePaddedBytes (Encoder, SealedBks3Request->SealedBks3.Data, SealedBks3Request->SealedBks3.Length);
   if (EFI_ERROR (Status)) {
     goto ExitFunction;
   }

diff --git a/MsvmPkg/AziHsmDxe/AziHsmDdiApi.c b/MsvmPkg/AziHsmDxe/AziHsmDdiApi.c
@@ -414,7 +414,7 @@ AziHsmInitBks3 (
   DEBUG ((DEBUG_INFO, "AziHsmDdiApi: HSM InitBks3 Command completed successfully\n"));
 
   // Init decoder with received buffer
-  Status = AziHsmMborDecoderInit (&Decoder, OutBuffer.HostAddress, AZIHSM_DDI_DMA_BUFFER_SIZE);
+  Status = AziHsmMborDecoderInit (&Decoder, OutBuffer.HostAddress, (UINT16)ResponseSize);
   if (EFI_ERROR (Status)) {
     DEBUG ((DEBUG_ERROR, "AzihsmDdiApi: Failed to initialize MBOR decoder: %r\n", Status));
     Status = EFI_PROTOCOL_ERROR;

diff --git a/MsvmPkg/AziHsmDxe/AziHsmDxe.c b/MsvmPkg/AziHsmDxe/AziHsmDxe.c
@@ -39,7 +39,7 @@ AziHsmAes256CbcEncrypt (
   IN  UINT8   *InputData,
   IN  UINTN   InputDataSize,
   OUT UINT8   *OutputData,
-  OUT UINTN   *OutputDataSize,
+  OUT UINT16  *OutputDataSize,
   IN  UINT8   *Key,
   IN  UINTN   KeySize,
   IN  UINT8   *Iv,
@@ -424,7 +424,7 @@ AziHsmPerformBks3SealingWorkflow (
   UINT8               Iv[AZIHSM_AES_IV_SIZE];
   UINT8               Aes256Key[AZIHSM_AES256_KEY_SIZE];
   UINTN               PaddedInputSize = 0;
-  UINTN               EncryptedDataSize = 0;
+  UINT16               EncryptedDataSize = 0;
   BOOLEAN             IsHSMSealSuccess = FALSE;
   UINT8               WrappedBKS3[AZIHSM_BUFFER_MAX_SIZE];
   UINT16              WrappedBKS3KeySize = (UINT16)AZIHSM_BUFFER_MAX_SIZE;
@@ -506,10 +506,7 @@ AziHsmPerformBks3SealingWorkflow (
   }
 
   // We need to add PKCS7 padding to ensure the data is block-aligned for AES encryption
-  if (WrappedBKS3KeySize % AES_BLOCK_SIZE != 0) {
-    PadValue = AES_BLOCK_SIZE - (WrappedBKS3KeySize % AES_BLOCK_SIZE);
-  }
-
+  PadValue = AES_BLOCK_SIZE - (WrappedBKS3KeySize % AES_BLOCK_SIZE);
   PaddedInputSize = WrappedBKS3KeySize + PadValue;
 
   InputData = AllocatePool (PaddedInputSize);
@@ -581,7 +578,7 @@ AziHsmPerformBks3SealingWorkflow (
     goto Cleanup;
   }
 
-  ExpectedSealedDataSize = (sizeof (SealedAesSecret.Size) + SealedAesSecret.Size + sizeof (UINT32) + (UINT32)EncryptedDataSize);
+  ExpectedSealedDataSize = (sizeof (SealedAesSecret.Size) + SealedAesSecret.Size + sizeof (EncryptedDataSize) + (UINT32)EncryptedDataSize);
   // check if sealedblobsize+encrypted data size can fit in AZIHSM BUFFER
   if (ExpectedSealedDataSize > AZIHSM_BUFFER_MAX_SIZE) {
     DEBUG ((DEBUG_ERROR, "AziHsm: Sealed blob size plus encrypted data size exceeds buffer size : %d > %d\n", ExpectedSealedDataSize, AZIHSM_BUFFER_MAX_SIZE));
@@ -600,11 +597,11 @@ AziHsmPerformBks3SealingWorkflow (
   CopyMem (&SealedBKS3Buffer.Data[SealedBKS3Buffer.Size], SealedAesSecret.Data, SealedAesSecret.Size);
   SealedBKS3Buffer.Size += (UINT16)SealedAesSecret.Size;
   // copy size of encrypted data size
-  CopyMem (&SealedBKS3Buffer.Data[SealedBKS3Buffer.Size], (UINT8 *)&EncryptedDataSize, sizeof (UINT32));
-  SealedBKS3Buffer.Size += (UINT32)sizeof (UINT32);
+  CopyMem (&SealedBKS3Buffer.Data[SealedBKS3Buffer.Size], (UINT8 *)&EncryptedDataSize, sizeof (EncryptedDataSize));
+  SealedBKS3Buffer.Size += (UINT16)sizeof (EncryptedDataSize);
 
   CopyMem (&SealedBKS3Buffer.Data[SealedBKS3Buffer.Size], EncryptedData, EncryptedDataSize);
-  SealedBKS3Buffer.Size += (UINT32)EncryptedDataSize;
+  SealedBKS3Buffer.Size += EncryptedDataSize;
 
   // Check if we actually calculated correct size
   if (ExpectedSealedDataSize != SealedBKS3Buffer.Size) {
@@ -688,7 +685,7 @@ AziHsmAes256CbcEncrypt (
   IN  UINT8   *InputData,
   IN  UINTN   InputDataSize,
   OUT UINT8   *OutputData,
-  OUT UINTN   *OutputDataSize,
+  OUT UINT16  *OutputDataSize,
   IN  UINT8   *Key,
   IN  UINTN   KeySize,
   IN  UINT8   *Iv,
@@ -756,7 +753,7 @@ AziHsmAes256CbcEncrypt (
     goto Exit;
   }
 
-  *OutputDataSize = InputDataSize;
+  *OutputDataSize = (UINT16)InputDataSize;
   Status = EFI_SUCCESS;
 
 Exit:
@@ -1173,7 +1170,7 @@ AziHsmDriverEntry (
   }
 
   CopyMem (TpmDerivedSecretBlob.Data, TpmDerivedSecret.KeyData, TpmDerivedSecret.KeySize);
-  TpmDerivedSecretBlob.Size = (UINT32)TpmDerivedSecret.KeySize;
+  TpmDerivedSecretBlob.Size = (UINT16)TpmDerivedSecret.KeySize;
 
   // Seal the derived key to the TPM null hierarchy(to ensure it is associated with current boot) and
   // does not persist across reboots

diff --git a/MsvmPkg/AziHsmDxe/AziHsmMbor.c b/MsvmPkg/AziHsmDxe/AziHsmMbor.c
@@ -658,35 +658,50 @@ AziHsmMborEncodeBytes (
 
 /**
   Encodes a padded byte array into the buffer with MBOR marker and length.
+  Padding length is automatically calculated to ensure 4-byte alignment.
 
   @param[in, out] Encoder       Pointer to the encoder structure.
   @param[in]      Buffer        Pointer to the byte array to encode.
   @param[in]      Length        Number of bytes to encode.
-  @param[in]      PaddingLength Number of padding bytes (max 3).
 
   @retval EFI_SUCCESS           Bytes encoded successfully.
-  @retval EFI_INVALID_PARAMETER Encoder or Buffer is NULL, or PaddingLength > 3.
+  @retval EFI_INVALID_PARAMETER Encoder or Buffer is NULL.
   @retval EFI_BUFFER_TOO_SMALL  Not enough space in buffer.
 
   Usage: Use to encode MBOR padded bytes type. Padding bytes are zero.
+         Padding is automatically calculated for 4-byte alignment.
 **/
 EFI_STATUS
 AziHsmMborEncodePaddedBytes (
   IN OUT AZIHSM_MBOR_ENCODER  *Encoder,
   IN UINT8                    *Buffer,
-  IN UINT16                   Length,
-  IN UINT8                    PaddingLength
+  IN UINT16                   Length
   )
 {
-  EFI_STATUS  Status        = EFI_SUCCESS;
-  UINT8       Marker        = MBOR_BYTES_MARKER | (PaddingLength & MBOR_BYTES_PADDING_MASK);
+  EFI_STATUS  Status = EFI_SUCCESS;
+  UINT8       PaddingLength;
+  UINT8       Marker;
   UINT8       PadByte       = 0;
   UINT16      EncodedLength = ConvertToBigEndian16 (Length);
+  UINT32      CurrentTotalLength;
 
-  if ((Encoder == NULL) || (Buffer == NULL) || (PaddingLength > MBOR_BYTES_PADDING_MASK)) {
+  if ((Encoder == NULL) || (Buffer == NULL)) {
     return EFI_INVALID_PARAMETER;
   }
 
+  // Calculate total length: Current position + Marker(1) + Length(2) 
+  CurrentTotalLength = Encoder->Position + sizeof (Marker) + sizeof (EncodedLength);
+
+  // Calculate padding needed to make it 4-byte aligned
+  PaddingLength = (sizeof (UINT32) - (CurrentTotalLength % (sizeof (UINT32)))) % (sizeof (UINT32));
+
+  // Ensure padding length fits in the 2-bit mask
+  if (PaddingLength > MBOR_BYTES_PADDING_MASK) {
+    return EFI_INVALID_PARAMETER;
+  }
+
+  Marker = MBOR_BYTES_MARKER | (PaddingLength & MBOR_BYTES_PADDING_MASK);
+
   Status = AziHsmMborEncodeMarker (Encoder, Marker);
   if (EFI_ERROR (Status)) {
     goto Exit;

diff --git a/MsvmPkg/AziHsmDxe/AziHsmMbor.h b/MsvmPkg/AziHsmDxe/AziHsmMbor.h
@@ -203,24 +203,24 @@ AziHsmMborEncodeBytes (
 
 /**
   Encodes a padded byte array into the buffer with MBOR marker and length.
+  Padding length is automatically calculated to ensure 4-byte alignment.
 
   @param[in, out] Encoder       Pointer to the encoder structure.
   @param[in]      Buffer        Pointer to the byte array to encode.
   @param[in]      Length        Number of bytes to encode.
-  @param[in]      Padding       Number of padding bytes (max 3).
 
   @retval EFI_SUCCESS           Bytes encoded successfully.
-  @retval EFI_INVALID_PARAMETER Encoder or Buffer is NULL, or Padding > 3.
+  @retval EFI_INVALID_PARAMETER Encoder or Buffer is NULL.
   @retval EFI_BUFFER_TOO_SMALL  Not enough space in buffer.
 
   Usage: Use to encode MBOR padded bytes type. Padding bytes are zero.
+         Padding is automatically calculated for 4-byte alignment.
 **/
 EFI_STATUS
 AziHsmMborEncodePaddedBytes (
   IN OUT AZIHSM_MBOR_ENCODER  *Encoder,
   IN UINT8                    *Buffer,
-  IN UINT16                   Length,
-  IN UINT8                    Padding
+  IN UINT16                   Length
   );
 
 /**

diff --git a/MsvmPkg/MsvmPkgAARCH64.dsc b/MsvmPkg/MsvmPkgAARCH64.dsc
@@ -330,9 +330,16 @@
   gAdvLoggerPkgTokenSpaceGuid.PcdAdvancedLoggerPreMemPages|1     # Size is 4KB
   gAdvLoggerPkgTokenSpaceGuid.PcdAdvancedLoggerPages|1024        # Size is 4MB
 !if $(DEBUGLIB_SERIAL) == 1
-  gAdvLoggerPkgTokenSpaceGuid.PcdAdvancedLoggerHdwPortDebugPrintErrorLevel|0xFFFFFFFF
+  !ifdef DEBUG_NOISY
+    # This enables verbose output
+    gAdvLoggerPkgTokenSpaceGuid.PcdAdvancedLoggerHdwPortDebugPrintErrorLevel|0x804FEF4B
+  !else
+    # This default turns on errors and warnings
+    gAdvLoggerPkgTokenSpaceGuid.PcdAdvancedLoggerHdwPortDebugPrintErrorLevel|0x80000002
+  !endif
 !else
-  gAdvLoggerPkgTokenSpaceGuid.PcdAdvancedLoggerHdwPortDebugPrintErrorLevel|0x0
+    # We do not want anything out of serial if the flag is not provided
+    gAdvLoggerPkgTokenSpaceGuid.PcdAdvancedLoggerHdwPortDebugPrintErrorLevel|0x0
 !endif
 
   # Feature Debugger Config
@@ -407,15 +414,16 @@
   gMsvmPkgTokenSpaceGuid.PcdSystemMemorySize|0x037EC000
 
   #
-  # The runtime state of these two Debug PCDs can be modified in the debugger by
-  # modifying EfiKdDebugPrintGlobalMask and EfiKdDebugPrintComponentMask.
+  # The runtime state of this PCD can be modified in the debugger by
+  # modifying EfiBdDebugPrintGlobalMask and EfiBdDebugPrintComponentMask.
+  #
+  # We now expect the host bios device to parse the in-memory advanced logger 
+  # buffer to our tracing facilities
+  #
+  # NOTE: Additional debug levels may cause the in-memory advanced logger
+  # buffer to exceed its defined limit (see PcdAdvancedLoggerPages)
   #
-!ifdef DEBUG_NOISY
   gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x804FEF4B
-!else
-  # This default turns on errors and warnings
-  gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000002
-!endif
 
 # Disable asserts when not building debug
 !if $(TARGET) == DEBUG

diff --git a/MsvmPkg/MsvmPkgX64.dsc b/MsvmPkg/MsvmPkgX64.dsc
@@ -335,11 +335,18 @@
   # Advanced Logger Config
   gAdvLoggerPkgTokenSpaceGuid.PcdAdvancedLoggerBase|0xFA000000   # Must be TemporaryRamBase
   gAdvLoggerPkgTokenSpaceGuid.PcdAdvancedLoggerPreMemPages|1     # Size is 4KB
-  gAdvLoggerPkgTokenSpaceGuid.PcdAdvancedLoggerPages|1024        # Size is 4MB
+  gAdvLoggerPkgTokenSpaceGuid.PcdAdvancedLoggerPages|1024        # Size is 4MB  
 !if $(DEBUGLIB_SERIAL) == 1
-  gAdvLoggerPkgTokenSpaceGuid.PcdAdvancedLoggerHdwPortDebugPrintErrorLevel|0xFFFFFFFF
+  !ifdef DEBUG_NOISY
+    # This enables verbose output
+    gAdvLoggerPkgTokenSpaceGuid.PcdAdvancedLoggerHdwPortDebugPrintErrorLevel|0x804FEF4B
+  !else
+    # This default turns on errors and warnings
+    gAdvLoggerPkgTokenSpaceGuid.PcdAdvancedLoggerHdwPortDebugPrintErrorLevel|0x80000002
+  !endif
 !else
-  gAdvLoggerPkgTokenSpaceGuid.PcdAdvancedLoggerHdwPortDebugPrintErrorLevel|0x0
+    # We do not want anything out of serial if the flag is not provided
+    gAdvLoggerPkgTokenSpaceGuid.PcdAdvancedLoggerHdwPortDebugPrintErrorLevel|0x0
 !endif
 
   # Feature Debugger Config
@@ -389,15 +396,16 @@
   gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVendor|L"Microsoft"
 
   #
-  # The runtime state of these two Debug PCDs can be modified in the debugger by
+  # The runtime state of this PCD can be modified in the debugger by
   # modifying EfiBdDebugPrintGlobalMask and EfiBdDebugPrintComponentMask.
   #
-!ifdef DEBUG_NOISY
+  # We now expect the host bios device to parse the in-memory advanced logger 
+  # buffer to our tracing facilities
+  #
+  # NOTE: Additional debug levels may cause the in-memory advanced logger
+  # buffer to exceed its defined limit (see PcdAdvancedLoggerPages)
+  #
   gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x804FEF4B
-!else
-  # This default turns on errors and warnings
-  gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000002
-!endif
 
 # Disable asserts when not building debug
 # NOTE: Technically this is a lie, since BdDebugLib doesn't use this. But keep

diff --git a/MsvmPkg/VmMeasurementDxe/VmMeasurementDxe.c b/MsvmPkg/VmMeasurementDxe/VmMeasurementDxe.c
@@ -33,7 +33,7 @@ Routine Description:
   DEBUG((DEBUG_INFO, __FUNCTION__"() - Measuring VM data to PCR[06]\n"));
 
   //
-  // Include the UUID in the event log, and hash the entire event log
+  // Measure the UUID
   //
   EventSize = (UINT32)AsciiSPrint(EventLog, sizeof(EventLog), "UUID: %g", (EFI_GUID *)PcdGet64(PcdBiosGuidPtr));
 
@@ -48,5 +48,27 @@ Routine Description:
 
   DEBUG((DEBUG_INFO, __FUNCTION__"() - Logged %a (size=0x%x) status 0x%x\n", EventLog, EventSize, Status));
 
+  //
+  // Measure the architecture
+  //
+#if defined(MDE_CPU_X64)
+  EventSize = (UINT32)AsciiSPrint(EventLog, sizeof(EventLog), "{\"MachineArchitecture\": \"X64\"}");
+#elif defined(MDE_CPU_AARCH64)
+  EventSize = (UINT32)AsciiSPrint(EventLog, sizeof(EventLog), "{\"MachineArchitecture\": \"AARCH64\"}");
+#else
+  #error "Unknown architecture"
+#endif
+
+  Status = TpmMeasureAndLogData (
+            6,
+            EV_COMPACT_HASH,
+            EventLog,
+            EventSize,
+            EventLog,
+            EventSize
+            );
+
+  DEBUG((DEBUG_INFO, __FUNCTION__"() - Logged %a (size=0x%x) status 0x%x\n", EventLog, EventSize, Status));
+
   return EFI_SUCCESS;
 }