DMTF · steven-bellock · Jul 12, 2024 · Jul 11, 2024
diff --git a/doc/design.md b/doc/design.md
@@ -264,13 +264,15 @@
 
    * libspdm never writes data to the receive buffer so the buffer may be read-only.
    * libspdm both reads from and writes to the send buffer. Note that in a future release libspdm
-   may never read from the send buffer, allowing it to be write-only.
+     may never read from the send buffer, allowing it to be write-only.
    * libspdm always releases the send buffer before acquiring the receive buffer and releases the
-   receive buffer before acquiring the send buffer. Because of this the send buffer and receive buffer
-   may overlap or be the same buffer.
-   * libspdm assumes that, when populating the send buffer or parsing the receive buffer, both buffers
-   cannot be modified by external agents. It is the library Integrator's responsibility to ensure that
-   the buffers cannot be tampered with while libspdm is accessing them.
+     receive buffer before acquiring the send buffer. Because of this the send buffer and receive
+     buffer may overlap or be the same buffer.
+   * libspdm assumes that, when populating the send buffer or parsing the receive buffer, both
+     buffers cannot be modified by external agents. It is the library Integrator's responsibility to
+     ensure that the buffers cannot be tampered with while libspdm is accessing them.
+   * If the buffers contain data that should not be shared with libspdm, the Integrator must erase
+     or zeroize the buffers before granting access to libspdm.
 
 8) [spdm_lib_config.h](https://github.com/DMTF/libspdm/blob/main/include/library/spdm_lib_config.h) provides an example of the configuration macros used in the libspdm library.
 

diff --git a/library/spdm_requester_lib/libspdm_req_challenge.c b/library/spdm_requester_lib/libspdm_req_challenge.c
@@ -166,7 +166,6 @@ static libspdm_return_t libspdm_try_challenge(libspdm_context_t *spdm_context,
     spdm_response = (void *)(message);
     spdm_response_size = message_size;
 
-    libspdm_zero_mem(spdm_response, spdm_response_size);
     status = libspdm_receive_spdm_response(
         spdm_context, NULL, &spdm_response_size, (void **)&spdm_response);
     if (LIBSPDM_STATUS_IS_ERROR(status)) {

diff --git a/library/spdm_requester_lib/libspdm_req_encap_request.c b/library/spdm_requester_lib/libspdm_req_encap_request.c
@@ -1,6 +1,6 @@
 /**
  *  Copyright Notice:
- *  Copyright 2021-2022 DMTF. All rights reserved.
+ *  Copyright 2021-2024 DMTF. All rights reserved.
  *  License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
  **/
 
@@ -236,7 +236,6 @@ libspdm_return_t libspdm_encapsulated_request(libspdm_context_t *spdm_context,
         spdm_response = (void *)(message);
         spdm_response_size = message_size;
 
-        libspdm_zero_mem(spdm_response, spdm_response_size);
         status = libspdm_receive_spdm_response(
             spdm_context, session_id, &spdm_response_size,
             (void **)&spdm_response);
@@ -340,8 +339,6 @@ libspdm_return_t libspdm_encapsulated_request(libspdm_context_t *spdm_context,
         spdm_response = (void *)(message);
         spdm_response_size = message_size;
 
-        libspdm_zero_mem(spdm_response, spdm_response_size);
-
         status = libspdm_receive_spdm_response(
             spdm_context, session_id, &spdm_response_size,
             (void **)&spdm_response);

diff --git a/library/spdm_requester_lib/libspdm_req_end_session.c b/library/spdm_requester_lib/libspdm_req_end_session.c
@@ -105,7 +105,6 @@ static libspdm_return_t libspdm_try_send_receive_end_session(libspdm_context_t *
     spdm_response = (void *)(message);
     spdm_response_size = message_size;
 
-    libspdm_zero_mem(spdm_response, spdm_response_size);
     status = libspdm_receive_spdm_response(
         spdm_context, &session_id, &spdm_response_size, (void **)&spdm_response);
     if (LIBSPDM_STATUS_IS_ERROR(status)) {

diff --git a/library/spdm_requester_lib/libspdm_req_finish.c b/library/spdm_requester_lib/libspdm_req_finish.c
@@ -499,7 +499,6 @@ static libspdm_return_t libspdm_try_send_receive_finish(libspdm_context_t *spdm_
     spdm_response = (void *)(message);
     spdm_response_size = message_size;
 
-    libspdm_zero_mem(spdm_response, spdm_response_size);
     status = libspdm_receive_spdm_response(
         spdm_context, &session_id, &spdm_response_size, (void **)&spdm_response);
     if (LIBSPDM_STATUS_IS_ERROR(status)) {

diff --git a/library/spdm_requester_lib/libspdm_req_get_capabilities.c b/library/spdm_requester_lib/libspdm_req_get_capabilities.c
@@ -274,7 +274,6 @@ static libspdm_return_t libspdm_try_get_capabilities(libspdm_context_t *spdm_con
     spdm_response = (void *)(message);
     spdm_response_size = message_size;
 
-    libspdm_zero_mem(spdm_response, spdm_response_size);
     status = libspdm_receive_spdm_response(spdm_context, NULL, &spdm_response_size,
                                            (void **)&spdm_response);
     if (LIBSPDM_STATUS_IS_ERROR(status)) {

diff --git a/library/spdm_requester_lib/libspdm_req_get_certificate.c b/library/spdm_requester_lib/libspdm_req_get_certificate.c
@@ -179,7 +179,6 @@ static libspdm_return_t libspdm_try_get_certificate(libspdm_context_t *spdm_cont
         spdm_response = (void *)(message);
         spdm_response_size = message_size;
 
-        libspdm_zero_mem(spdm_response, spdm_response_size);
         status = libspdm_receive_spdm_response(spdm_context, session_id,
                                                &spdm_response_size,
                                                (void **)&spdm_response);

diff --git a/library/spdm_requester_lib/libspdm_req_get_csr.c b/library/spdm_requester_lib/libspdm_req_get_csr.c
@@ -174,7 +174,6 @@ static libspdm_return_t libspdm_try_get_csr(libspdm_context_t *spdm_context,
     spdm_response = (void *)(message);
     spdm_response_size = message_size;
 
-    libspdm_zero_mem(spdm_response, spdm_response_size);
     status = libspdm_receive_spdm_response(spdm_context, session_id,
                                            &spdm_response_size, (void **)&spdm_response);
 

diff --git a/library/spdm_requester_lib/libspdm_req_get_digests.c b/library/spdm_requester_lib/libspdm_req_get_digests.c
@@ -132,7 +132,6 @@ static libspdm_return_t libspdm_try_get_digest(libspdm_context_t *spdm_context,
     spdm_response = (void *)(message);
     spdm_response_size = message_size;
 
-    libspdm_zero_mem(spdm_response, spdm_response_size);
     status = libspdm_receive_spdm_response(
         spdm_context, session_id, &spdm_response_size, (void **)&spdm_response);
     if (LIBSPDM_STATUS_IS_ERROR(status)) {

diff --git a/library/spdm_requester_lib/libspdm_req_get_event_types.c b/library/spdm_requester_lib/libspdm_req_get_event_types.c
@@ -87,7 +87,6 @@ static libspdm_return_t libspdm_try_get_event_types(libspdm_context_t *spdm_cont
     spdm_response = (void *)(message);
     spdm_response_size = message_size;
 
-    libspdm_zero_mem(spdm_response, spdm_response_size);
     status = libspdm_receive_spdm_response(
         spdm_context, &session_id, &spdm_response_size, (void **)&spdm_response);
     if (LIBSPDM_STATUS_IS_ERROR(status)) {

diff --git a/library/spdm_requester_lib/libspdm_req_get_measurement_extension_log.c b/library/spdm_requester_lib/libspdm_req_get_measurement_extension_log.c
@@ -141,7 +141,6 @@ static libspdm_return_t libspdm_try_get_measurement_extension_log(libspdm_contex
         spdm_response = (void *)(message);
         spdm_response_size = message_size;
 
-        libspdm_zero_mem(spdm_response, spdm_response_size);
         status = libspdm_receive_spdm_response(spdm_context, session_id,
                                                &spdm_response_size,
                                                (void **)&spdm_response);

diff --git a/library/spdm_requester_lib/libspdm_req_get_measurements.c b/library/spdm_requester_lib/libspdm_req_get_measurements.c
@@ -318,7 +318,6 @@ static libspdm_return_t libspdm_try_get_measurement(libspdm_context_t *spdm_cont
     spdm_response = (void *)(message);
     spdm_response_size = message_size;
 
-    libspdm_zero_mem(spdm_response, spdm_response_size);
     status = libspdm_receive_spdm_response(
         spdm_context, session_id, &spdm_response_size, (void **)&spdm_response);
     if (LIBSPDM_STATUS_IS_ERROR(status)) {

diff --git a/library/spdm_requester_lib/libspdm_req_get_version.c b/library/spdm_requester_lib/libspdm_req_get_version.c
@@ -97,7 +97,6 @@ static libspdm_return_t libspdm_try_get_version(libspdm_context_t *spdm_context,
     spdm_response = (void *)(message);
     spdm_response_size = message_size;
 
-    libspdm_zero_mem(spdm_response, spdm_response_size);
     status = libspdm_receive_spdm_response(spdm_context, NULL, &spdm_response_size,
                                            (void **)&spdm_response);
     if (LIBSPDM_STATUS_IS_ERROR(status)) {

diff --git a/library/spdm_requester_lib/libspdm_req_handle_error_response.c b/library/spdm_requester_lib/libspdm_req_handle_error_response.c
@@ -77,7 +77,6 @@ static libspdm_return_t libspdm_requester_respond_if_ready(libspdm_context_t *sp
     }
     LIBSPDM_ASSERT (*response_size >= transport_header_size);
 
-    libspdm_zero_mem(*response, *response_size);
     status = libspdm_receive_spdm_response(spdm_context, session_id,
                                            response_size, response);
     if (LIBSPDM_STATUS_IS_ERROR(status)) {

diff --git a/library/spdm_requester_lib/libspdm_req_heartbeat.c b/library/spdm_requester_lib/libspdm_req_heartbeat.c
@@ -101,7 +101,6 @@ static libspdm_return_t libspdm_try_heartbeat(libspdm_context_t *spdm_context, u
     spdm_response = (void *)(message);
     spdm_response_size = message_size;
 
-    libspdm_zero_mem(spdm_response, spdm_response_size);
     status = libspdm_receive_spdm_response(
         spdm_context, &session_id, &spdm_response_size, (void **)&spdm_response);
     if (LIBSPDM_STATUS_IS_ERROR(status)) {

diff --git a/library/spdm_requester_lib/libspdm_req_key_exchange.c b/library/spdm_requester_lib/libspdm_req_key_exchange.c
@@ -454,7 +454,6 @@ static libspdm_return_t libspdm_try_send_receive_key_exchange(
     spdm_response = (void *)(message);
     spdm_response_size = message_size;
 
-    libspdm_zero_mem(spdm_response, spdm_response_size);
     status = libspdm_receive_spdm_response(
         spdm_context, NULL, &spdm_response_size, (void **)&spdm_response);
     if (LIBSPDM_STATUS_IS_ERROR(status)) {

diff --git a/library/spdm_requester_lib/libspdm_req_key_update.c b/library/spdm_requester_lib/libspdm_req_key_update.c
@@ -143,7 +143,6 @@ static libspdm_return_t libspdm_try_key_update(libspdm_context_t *spdm_context,
         spdm_response = (void *)(message);
         spdm_response_size = message_size;
 
-        libspdm_zero_mem(spdm_response, spdm_response_size);
         status = libspdm_receive_spdm_response(
             spdm_context, &session_id, &spdm_response_size, (void **)&spdm_response);
 
@@ -273,7 +272,6 @@ static libspdm_return_t libspdm_try_key_update(libspdm_context_t *spdm_context,
     spdm_response = (void *)(message);
     spdm_response_size = message_size;
 
-    libspdm_zero_mem(spdm_response, spdm_response_size);
     status = libspdm_receive_spdm_response(
         spdm_context, &session_id, &spdm_response_size, (void **)&spdm_response);
     if (LIBSPDM_STATUS_IS_ERROR(status)) {

diff --git a/library/spdm_requester_lib/libspdm_req_negotiate_algorithms.c b/library/spdm_requester_lib/libspdm_req_negotiate_algorithms.c
@@ -238,7 +238,6 @@ static libspdm_return_t libspdm_try_negotiate_algorithms(libspdm_context_t *spdm
     spdm_response = (void *)(message);
     spdm_response_size = message_size;
 
-    libspdm_zero_mem(spdm_response, spdm_response_size);
     status = libspdm_receive_spdm_response(spdm_context, NULL, &spdm_response_size,
                                            (void **)&spdm_response);
     if (LIBSPDM_STATUS_IS_ERROR(status)) {

diff --git a/library/spdm_requester_lib/libspdm_req_psk_exchange.c b/library/spdm_requester_lib/libspdm_req_psk_exchange.c
@@ -322,7 +322,6 @@ static libspdm_return_t libspdm_try_send_receive_psk_exchange(
     spdm_response = (void *)(message);
     spdm_response_size = message_size;
 
-    libspdm_zero_mem(spdm_response, spdm_response_size);
     status = libspdm_receive_spdm_response(
         spdm_context, NULL, &spdm_response_size, (void **)&spdm_response);
     if (LIBSPDM_STATUS_IS_ERROR(status)) {

diff --git a/library/spdm_requester_lib/libspdm_req_psk_finish.c b/library/spdm_requester_lib/libspdm_req_psk_finish.c
@@ -211,7 +211,6 @@ static libspdm_return_t libspdm_try_send_receive_psk_finish(libspdm_context_t *s
     spdm_response = (void *)(message);
     spdm_response_size = message_size;
 
-    libspdm_zero_mem(spdm_response, spdm_response_size);
     status = libspdm_receive_spdm_response(
         spdm_context, &session_id, &spdm_response_size, (void **)&spdm_response);
     if (LIBSPDM_STATUS_IS_ERROR(status)) {

diff --git a/library/spdm_requester_lib/libspdm_req_set_certificate.c b/library/spdm_requester_lib/libspdm_req_set_certificate.c
@@ -177,7 +177,6 @@ static libspdm_return_t libspdm_try_set_certificate(libspdm_context_t *spdm_cont
     spdm_response = (void *)(message);
     spdm_response_size = message_size;
 
-    libspdm_zero_mem(spdm_response, spdm_response_size);
     status = libspdm_receive_spdm_response(spdm_context, session_id,
                                            &spdm_response_size, (void **)&spdm_response);
 

diff --git a/library/spdm_requester_lib/libspdm_req_vendor_request.c b/library/spdm_requester_lib/libspdm_req_vendor_request.c
@@ -139,7 +139,6 @@ libspdm_return_t libspdm_try_vendor_send_request_receive_response(
     spdm_response = (void *)(message);
     spdm_response_size = message_size;
 
-    libspdm_zero_mem(spdm_response, spdm_response_size);
     status = libspdm_receive_spdm_response(spdm_context, session_id,
                                            &spdm_response_size,
                                            (void **)&spdm_response);