GET_MEASUREMENT: should libspdm_get_measurement() reinitialize L1/L2 calculation after a signature verification?

[sunzc]

Question: For GET_MEASUREMENTS request and responses, for example, after a couple of GET_MEASUREMENTS1..n-1, w/o signature, then a GET_MEASUREMENTn, w/ sigature, should we reintialize the L1L2 calculation after the last GET_MEASUREMENTSn request w/ signature ?

According to SPDM SPEC (1.1, 1.2, 1.3), if we take what the SPEC says literally, only non-GET_MEASUREMENT request should reinitialize L1/L2 calculation.

A typical GET_MEASUREMENTS flow is here:

SPEC quote about when to reinitialize L1/L2:

The current implementation in libspdm seems to assume we should reinitialize the L1/L2 calculation right after a sig verifiction.

https://github.com/DMTF/libspdm/blob/main/library/spdm_requester_lib/libspdm_req_get_measurements.c#L40

bool libspdm_verify_measurement_signature(libspdm_context_t *spdm_context,
                                          libspdm_session_info_t *session_info,
                                          const void *sign_data,
                                          size_t sign_data_size)
{
    bool result;
    ...

#if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
    result = libspdm_calculate_l1l2(spdm_context, session_info, &l1l2);
    l1l2_buffer = libspdm_get_managed_buffer(&l1l2);
    l1l2_buffer_size = libspdm_get_managed_buffer_size(&l1l2);
#else
    l1l2_hash_size = sizeof(l1l2_hash);
    result = libspdm_calculate_l1l2_hash(spdm_context, session_info, &l1l2_hash_size, l1l2_hash);
#endif

    libspdm_reset_message_m(spdm_context, session_info);

    if (!result) {
        return false;
    }

Why it matters?

If we reinitialize L1/L2 after a signature verification, we won't need to redo VCA before we do another round of GET_MEASUREMENTS requests (continuously monitoring the measurements of a devices is useful in certain use case for monitoring the device states). Otherwise, we have to redo VCA before each new round of measurements requests.

Can we get it clarified here that libspdm get_measurement implementation is based on the assumption that L1/L2 should be reinitialized after every GET_MEASUREMENTS request with a signature ?

Thanks!

[steven-bellock]

This will be clarified in the specification via https://github.com/DMTF/SPDM-WG/issues/3485 and libspdm (and probably every other implementation) follows the intent of the specification. Although I'm confused about

Otherwise, we have to redo VCA before each new round of measurements requests.

Regardless of the state of the transcript nothing says that VCA would need to be re-run.

[jyao1]

Right. Reinitialize L1/L2 does not mean to redo VCA. They are irrelevant.

[sunzc]

It is good to have it clarified in the SPDM SPEC so that we will expect L1/L2 reinitialization after a signature verification.

Redo VCA will reinitialize L1/L2 (the SPDM SPEC says any non-measurements command will reinitialize the L1/L2, not clear about the measurements command with a signature request). We have seen some issue when stress testing GET MEASUREMENTS continuously (for 1000 times) without redo VCA for each round of GET MEASUREMENTS, which caused buffer overflow on the device's end(device may not be using libspdm, so it didn't reinitialize after signature verification).

Thank you a lot for the feedback! will close it.