Proper way to free all data in spdm_context #287

steven-bellock · 2023-08-28T14:23:09Z

Discussed in DMTF/libspdm#2320

^{Originally posted by LeeTroy August 22, 2023}
I'm running libspdm in a embedded project, the spdm context will be created and released over and over again.
However, I found there's no proper way to release some of data within context.

spdm-emu/spdm_emu/spdm_requester_emu/spdm_requester_spdm.c

Lines 454 to 467 in 3630f47

    
           res = libspdm_read_responder_root_public_certificate(m_use_hash_algo, 
        
                                                                m_use_asym_algo, 
        
                                                                &data, &data_size, 
        
                                                                &hash, &hash_size); 
        
           if (res) { 
        
               libspdm_x509_get_cert_from_cert_chain( 
        
                   (uint8_t *)data + sizeof(spdm_cert_chain_t) + hash_size, 
        
                   data_size - sizeof(spdm_cert_chain_t) - hash_size, 0, 
        
                   &root_cert, &root_cert_size); 
        
               libspdm_zero_mem(&parameter, sizeof(parameter)); 
        
               parameter.location = LIBSPDM_DATA_LOCATION_LOCAL; 
        
               libspdm_set_data(spdm_context, 
        
                                LIBSPDM_DATA_PEER_PUBLIC_ROOT_CERT, 
        
                                &parameter, (void *)root_cert, root_cert_size);

res = libspdm_read_responder_root_public_certificate(m_use_hash_algo,
                                                     m_use_asym_algo,
                                                     &data, &data_size,
                                                     &hash, &hash_size);
if (res) {
    libspdm_x509_get_cert_from_cert_chain(
        (uint8_t *)data + sizeof(spdm_cert_chain_t) + hash_size,
        data_size - sizeof(spdm_cert_chain_t) - hash_size, 0,
        &root_cert, &root_cert_size);
    libspdm_zero_mem(&parameter, sizeof(parameter));
    parameter.location = LIBSPDM_DATA_LOCATION_LOCAL;
    libspdm_set_data(spdm_context,
                     LIBSPDM_DATA_PEER_PUBLIC_ROOT_CERT,
                     &parameter, (void *)root_cert, root_cert_size);
}

libspdm_read_responder_root_public_certificate allocates data
data can't be release because root_cert sit inside data
libspdm_get_data doesn't support LIBSPDM_DATA_PEER_PUBLIC_ROOT_CERT, even if it is supported, the pointer is root_cert but not data.

One solution I can think of storing data pointer with LIBSPDM_DATA_APP_CONTEXT_DATA, and release it when the spdm context is not needed.

Thanks!

The text was updated successfully, but these errors were encountered:

jyao1 · 2023-08-28T14:37:54Z

I think the integrator (spdm-emu) can free those data instead of libspdm.

The reason is that libspdm does not has any alloc/free function. libspdm has no knowledge on if the data is in heap or global variable.

steven-bellock assigned jyao1 Aug 28, 2023

jyao1 transferred this issue from DMTF/libspdm Aug 28, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Proper way to free all data in spdm_context #287

Proper way to free all data in spdm_context #287

steven-bellock commented Aug 28, 2023

jyao1 commented Aug 28, 2023

Proper way to free all data in spdm_context #287

Proper way to free all data in spdm_context #287

Comments

steven-bellock commented Aug 28, 2023

Discussed in DMTF/libspdm#2320

jyao1 commented Aug 28, 2023