diff --git a/doc/design.md b/doc/design.md index 491fcd9e4df..ba4408f2101 100644 --- a/doc/design.md +++ b/doc/design.md @@ -264,13 +264,15 @@ * libspdm never writes data to the receive buffer so the buffer may be read-only. * libspdm both reads from and writes to the send buffer. Note that in a future release libspdm - may never read from the send buffer, allowing it to be write-only. + may never read from the send buffer, allowing it to be write-only. * libspdm always releases the send buffer before acquiring the receive buffer and releases the - receive buffer before acquiring the send buffer. Because of this the send buffer and receive buffer - may overlap or be the same buffer. - * libspdm assumes that, when populating the send buffer or parsing the receive buffer, both buffers - cannot be modified by external agents. It is the library Integrator's responsibility to ensure that - the buffers cannot be tampered with while libspdm is accessing them. + receive buffer before acquiring the send buffer. Because of this the send buffer and receive + buffer may overlap or be the same buffer. + * libspdm assumes that, when populating the send buffer or parsing the receive buffer, both + buffers cannot be modified by external agents. It is the library Integrator's responsibility to + ensure that the buffers cannot be tampered with while libspdm is accessing them. + * If the buffers contain data that should not be shared with libspdm, the Integrator must erase + or zeroize the buffers before granting access to libspdm. 8) [spdm_lib_config.h](https://github.com/DMTF/libspdm/blob/main/include/library/spdm_lib_config.h) provides an example of the configuration macros used in the libspdm library. diff --git a/library/spdm_requester_lib/libspdm_req_challenge.c b/library/spdm_requester_lib/libspdm_req_challenge.c index 7f846af1d94..b1d7da08e5a 100644 --- a/library/spdm_requester_lib/libspdm_req_challenge.c +++ b/library/spdm_requester_lib/libspdm_req_challenge.c @@ -166,7 +166,6 @@ static libspdm_return_t libspdm_try_challenge(libspdm_context_t *spdm_context, spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); status = libspdm_receive_spdm_response( spdm_context, NULL, &spdm_response_size, (void **)&spdm_response); if (LIBSPDM_STATUS_IS_ERROR(status)) { diff --git a/library/spdm_requester_lib/libspdm_req_encap_request.c b/library/spdm_requester_lib/libspdm_req_encap_request.c index 3c04cb525b8..36ec74efcb3 100644 --- a/library/spdm_requester_lib/libspdm_req_encap_request.c +++ b/library/spdm_requester_lib/libspdm_req_encap_request.c @@ -236,7 +236,6 @@ libspdm_return_t libspdm_encapsulated_request(libspdm_context_t *spdm_context, spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); status = libspdm_receive_spdm_response( spdm_context, session_id, &spdm_response_size, (void **)&spdm_response); @@ -340,8 +339,6 @@ libspdm_return_t libspdm_encapsulated_request(libspdm_context_t *spdm_context, spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); - status = libspdm_receive_spdm_response( spdm_context, session_id, &spdm_response_size, (void **)&spdm_response); diff --git a/library/spdm_requester_lib/libspdm_req_end_session.c b/library/spdm_requester_lib/libspdm_req_end_session.c index b4253a69b1e..6e7fd82e9f8 100644 --- a/library/spdm_requester_lib/libspdm_req_end_session.c +++ b/library/spdm_requester_lib/libspdm_req_end_session.c @@ -105,7 +105,6 @@ static libspdm_return_t libspdm_try_send_receive_end_session(libspdm_context_t * spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); status = libspdm_receive_spdm_response( spdm_context, &session_id, &spdm_response_size, (void **)&spdm_response); if (LIBSPDM_STATUS_IS_ERROR(status)) { diff --git a/library/spdm_requester_lib/libspdm_req_finish.c b/library/spdm_requester_lib/libspdm_req_finish.c index 9ef0f50285f..f3cf371aba5 100644 --- a/library/spdm_requester_lib/libspdm_req_finish.c +++ b/library/spdm_requester_lib/libspdm_req_finish.c @@ -499,7 +499,6 @@ static libspdm_return_t libspdm_try_send_receive_finish(libspdm_context_t *spdm_ spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); status = libspdm_receive_spdm_response( spdm_context, &session_id, &spdm_response_size, (void **)&spdm_response); if (LIBSPDM_STATUS_IS_ERROR(status)) { diff --git a/library/spdm_requester_lib/libspdm_req_get_capabilities.c b/library/spdm_requester_lib/libspdm_req_get_capabilities.c index 30edf35a0f8..356bc36cf64 100644 --- a/library/spdm_requester_lib/libspdm_req_get_capabilities.c +++ b/library/spdm_requester_lib/libspdm_req_get_capabilities.c @@ -274,7 +274,6 @@ static libspdm_return_t libspdm_try_get_capabilities(libspdm_context_t *spdm_con spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); status = libspdm_receive_spdm_response(spdm_context, NULL, &spdm_response_size, (void **)&spdm_response); if (LIBSPDM_STATUS_IS_ERROR(status)) { diff --git a/library/spdm_requester_lib/libspdm_req_get_certificate.c b/library/spdm_requester_lib/libspdm_req_get_certificate.c index c79163b7630..d276411505f 100644 --- a/library/spdm_requester_lib/libspdm_req_get_certificate.c +++ b/library/spdm_requester_lib/libspdm_req_get_certificate.c @@ -179,7 +179,6 @@ static libspdm_return_t libspdm_try_get_certificate(libspdm_context_t *spdm_cont spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); status = libspdm_receive_spdm_response(spdm_context, session_id, &spdm_response_size, (void **)&spdm_response); diff --git a/library/spdm_requester_lib/libspdm_req_get_csr.c b/library/spdm_requester_lib/libspdm_req_get_csr.c index 6910155bb74..1c7abfe02e2 100644 --- a/library/spdm_requester_lib/libspdm_req_get_csr.c +++ b/library/spdm_requester_lib/libspdm_req_get_csr.c @@ -174,7 +174,6 @@ static libspdm_return_t libspdm_try_get_csr(libspdm_context_t *spdm_context, spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); status = libspdm_receive_spdm_response(spdm_context, session_id, &spdm_response_size, (void **)&spdm_response); diff --git a/library/spdm_requester_lib/libspdm_req_get_digests.c b/library/spdm_requester_lib/libspdm_req_get_digests.c index ca0e8d45338..dc289f59941 100644 --- a/library/spdm_requester_lib/libspdm_req_get_digests.c +++ b/library/spdm_requester_lib/libspdm_req_get_digests.c @@ -132,7 +132,6 @@ static libspdm_return_t libspdm_try_get_digest(libspdm_context_t *spdm_context, spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); status = libspdm_receive_spdm_response( spdm_context, session_id, &spdm_response_size, (void **)&spdm_response); if (LIBSPDM_STATUS_IS_ERROR(status)) { diff --git a/library/spdm_requester_lib/libspdm_req_get_event_types.c b/library/spdm_requester_lib/libspdm_req_get_event_types.c index 20b7f8e63d4..2b887dc2ac8 100644 --- a/library/spdm_requester_lib/libspdm_req_get_event_types.c +++ b/library/spdm_requester_lib/libspdm_req_get_event_types.c @@ -87,7 +87,6 @@ static libspdm_return_t libspdm_try_get_event_types(libspdm_context_t *spdm_cont spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); status = libspdm_receive_spdm_response( spdm_context, &session_id, &spdm_response_size, (void **)&spdm_response); if (LIBSPDM_STATUS_IS_ERROR(status)) { diff --git a/library/spdm_requester_lib/libspdm_req_get_measurement_extension_log.c b/library/spdm_requester_lib/libspdm_req_get_measurement_extension_log.c index ea03c998d11..86c3b5f4e6d 100644 --- a/library/spdm_requester_lib/libspdm_req_get_measurement_extension_log.c +++ b/library/spdm_requester_lib/libspdm_req_get_measurement_extension_log.c @@ -141,7 +141,6 @@ static libspdm_return_t libspdm_try_get_measurement_extension_log(libspdm_contex spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); status = libspdm_receive_spdm_response(spdm_context, session_id, &spdm_response_size, (void **)&spdm_response); diff --git a/library/spdm_requester_lib/libspdm_req_get_measurements.c b/library/spdm_requester_lib/libspdm_req_get_measurements.c index ef375575a99..d6d2680cd76 100644 --- a/library/spdm_requester_lib/libspdm_req_get_measurements.c +++ b/library/spdm_requester_lib/libspdm_req_get_measurements.c @@ -318,7 +318,6 @@ static libspdm_return_t libspdm_try_get_measurement(libspdm_context_t *spdm_cont spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); status = libspdm_receive_spdm_response( spdm_context, session_id, &spdm_response_size, (void **)&spdm_response); if (LIBSPDM_STATUS_IS_ERROR(status)) { diff --git a/library/spdm_requester_lib/libspdm_req_get_version.c b/library/spdm_requester_lib/libspdm_req_get_version.c index 18265a7b86b..be8a014bf95 100644 --- a/library/spdm_requester_lib/libspdm_req_get_version.c +++ b/library/spdm_requester_lib/libspdm_req_get_version.c @@ -97,7 +97,6 @@ static libspdm_return_t libspdm_try_get_version(libspdm_context_t *spdm_context, spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); status = libspdm_receive_spdm_response(spdm_context, NULL, &spdm_response_size, (void **)&spdm_response); if (LIBSPDM_STATUS_IS_ERROR(status)) { diff --git a/library/spdm_requester_lib/libspdm_req_handle_error_response.c b/library/spdm_requester_lib/libspdm_req_handle_error_response.c index 1596d6311ac..3ee0126274c 100644 --- a/library/spdm_requester_lib/libspdm_req_handle_error_response.c +++ b/library/spdm_requester_lib/libspdm_req_handle_error_response.c @@ -77,7 +77,6 @@ static libspdm_return_t libspdm_requester_respond_if_ready(libspdm_context_t *sp } LIBSPDM_ASSERT (*response_size >= transport_header_size); - libspdm_zero_mem(*response, *response_size); status = libspdm_receive_spdm_response(spdm_context, session_id, response_size, response); if (LIBSPDM_STATUS_IS_ERROR(status)) { diff --git a/library/spdm_requester_lib/libspdm_req_heartbeat.c b/library/spdm_requester_lib/libspdm_req_heartbeat.c index e93566e53ef..2844006b55c 100644 --- a/library/spdm_requester_lib/libspdm_req_heartbeat.c +++ b/library/spdm_requester_lib/libspdm_req_heartbeat.c @@ -101,7 +101,6 @@ static libspdm_return_t libspdm_try_heartbeat(libspdm_context_t *spdm_context, u spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); status = libspdm_receive_spdm_response( spdm_context, &session_id, &spdm_response_size, (void **)&spdm_response); if (LIBSPDM_STATUS_IS_ERROR(status)) { diff --git a/library/spdm_requester_lib/libspdm_req_key_exchange.c b/library/spdm_requester_lib/libspdm_req_key_exchange.c index cf5296f51ae..0e1b54050b2 100644 --- a/library/spdm_requester_lib/libspdm_req_key_exchange.c +++ b/library/spdm_requester_lib/libspdm_req_key_exchange.c @@ -454,7 +454,6 @@ static libspdm_return_t libspdm_try_send_receive_key_exchange( spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); status = libspdm_receive_spdm_response( spdm_context, NULL, &spdm_response_size, (void **)&spdm_response); if (LIBSPDM_STATUS_IS_ERROR(status)) { diff --git a/library/spdm_requester_lib/libspdm_req_key_update.c b/library/spdm_requester_lib/libspdm_req_key_update.c index a8520b2c846..48f35bb6e78 100644 --- a/library/spdm_requester_lib/libspdm_req_key_update.c +++ b/library/spdm_requester_lib/libspdm_req_key_update.c @@ -143,7 +143,6 @@ static libspdm_return_t libspdm_try_key_update(libspdm_context_t *spdm_context, spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); status = libspdm_receive_spdm_response( spdm_context, &session_id, &spdm_response_size, (void **)&spdm_response); @@ -273,7 +272,6 @@ static libspdm_return_t libspdm_try_key_update(libspdm_context_t *spdm_context, spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); status = libspdm_receive_spdm_response( spdm_context, &session_id, &spdm_response_size, (void **)&spdm_response); if (LIBSPDM_STATUS_IS_ERROR(status)) { diff --git a/library/spdm_requester_lib/libspdm_req_negotiate_algorithms.c b/library/spdm_requester_lib/libspdm_req_negotiate_algorithms.c index f7bd2815719..5a8ab9c0ba0 100644 --- a/library/spdm_requester_lib/libspdm_req_negotiate_algorithms.c +++ b/library/spdm_requester_lib/libspdm_req_negotiate_algorithms.c @@ -238,7 +238,6 @@ static libspdm_return_t libspdm_try_negotiate_algorithms(libspdm_context_t *spdm spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); status = libspdm_receive_spdm_response(spdm_context, NULL, &spdm_response_size, (void **)&spdm_response); if (LIBSPDM_STATUS_IS_ERROR(status)) { diff --git a/library/spdm_requester_lib/libspdm_req_psk_exchange.c b/library/spdm_requester_lib/libspdm_req_psk_exchange.c index b81a4f03fd8..83038cce1f8 100644 --- a/library/spdm_requester_lib/libspdm_req_psk_exchange.c +++ b/library/spdm_requester_lib/libspdm_req_psk_exchange.c @@ -322,7 +322,6 @@ static libspdm_return_t libspdm_try_send_receive_psk_exchange( spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); status = libspdm_receive_spdm_response( spdm_context, NULL, &spdm_response_size, (void **)&spdm_response); if (LIBSPDM_STATUS_IS_ERROR(status)) { diff --git a/library/spdm_requester_lib/libspdm_req_psk_finish.c b/library/spdm_requester_lib/libspdm_req_psk_finish.c index dfd54aba66c..4204df7d987 100644 --- a/library/spdm_requester_lib/libspdm_req_psk_finish.c +++ b/library/spdm_requester_lib/libspdm_req_psk_finish.c @@ -211,7 +211,6 @@ static libspdm_return_t libspdm_try_send_receive_psk_finish(libspdm_context_t *s spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); status = libspdm_receive_spdm_response( spdm_context, &session_id, &spdm_response_size, (void **)&spdm_response); if (LIBSPDM_STATUS_IS_ERROR(status)) { diff --git a/library/spdm_requester_lib/libspdm_req_set_certificate.c b/library/spdm_requester_lib/libspdm_req_set_certificate.c index 93e6823f57c..b13d95a2073 100644 --- a/library/spdm_requester_lib/libspdm_req_set_certificate.c +++ b/library/spdm_requester_lib/libspdm_req_set_certificate.c @@ -177,7 +177,6 @@ static libspdm_return_t libspdm_try_set_certificate(libspdm_context_t *spdm_cont spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); status = libspdm_receive_spdm_response(spdm_context, session_id, &spdm_response_size, (void **)&spdm_response); diff --git a/library/spdm_requester_lib/libspdm_req_vendor_request.c b/library/spdm_requester_lib/libspdm_req_vendor_request.c index 466ac4cf278..e9df4d21ab4 100644 --- a/library/spdm_requester_lib/libspdm_req_vendor_request.c +++ b/library/spdm_requester_lib/libspdm_req_vendor_request.c @@ -139,7 +139,6 @@ libspdm_return_t libspdm_try_vendor_send_request_receive_response( spdm_response = (void *)(message); spdm_response_size = message_size; - libspdm_zero_mem(spdm_response, spdm_response_size); status = libspdm_receive_spdm_response(spdm_context, session_id, &spdm_response_size, (void **)&spdm_response);