Memory leak: TSS2_TCTI_CONTEXT and TSS2_SYS_CONTEXT never get released

Memory leaks after every "C_OpenSession()/C_CloseSession()" or "session_init()/session_close()" invocation pair:

https://github.com/irtimmer/tpm2-pk11/blob/801f8e69893cd2d6c6531ff77e0dda3fc0a4de76/src/pk11.c#L66-L76

https://github.com/irtimmer/tpm2-pk11/blob/801f8e69893cd2d6c6531ff77e0dda3fc0a4de76/src/pk11.c#L77-L82

Reason: In session_init(), tcti_ctx and session->context is assigned with calloc(): https://github.com/irtimmer/tpm2-pk11/blob/3b93c1ea4adfea689dcdbb14004e8121a8f0513b/src/sessions.c#L75 https://github.com/irtimmer/tpm2-pk11/blob/3b93c1ea4adfea689dcdbb14004e8121a8f0513b/src/sessions.c#L108

Currently after session_close()/Tss2_Sys_Finalize() is called, both the TSS2_TCTI_CONTEXT and TSS2_SYS_CONTEXT will never get released. https://github.com/irtimmer/tpm2-pk11/blob/3b93c1ea4adfea689dcdbb14004e8121a8f0513b/src/sessions.c#L135-L139

see: https://github.com/tpm2-software/tpm2-tss/blob/master/sysapi/sysapi/Tss2_Sys_Finalize.c

TSS2_RC Tss2_Sys_Finalize(
    TSS2_SYS_CONTEXT *sysContext)
{
    return TSS2_RC_SUCCESS;
}

libsapi and libtcti functions require us to provided pre-allocated TSS2_TCTI_CONTEXT and TSS2_SYS_CONTEXT memory block from the caller side. And their finalize-functions will leave the caller's pre-allocated memory storage unreleased as designed.

Standard APIs

Tss2_Sys_Initialize(sysContext, size, tctiContext, &abi_version)
Tss2_Sys_Finalize(sysContext)
Tss2_Tcti_Device_Init(), Tss2_Tcti_Mssim_Init() , Tss2_Tcti_Tabrmd_Init()
Tss2_Tcti_Finalize(tctiContext)

Legacy APIs

deprecated tss2_tcti_finalize(tctiContext)
deprecated InitSocketTcti(tctiContext, &size, &socket_conf, 0)
deprecated InitDeviceTcti(tctiContext, &size, &conf)
deprecated tss2_tcti_tabrmd_init(tctiContext, &size)

PATCH CODE

void session_close(struct session* session) {
  TSS2_TCTI_CONTEXT *tcti_ctx;

  object_free(session->objects);

  tcti_ctx = NULL;
  if (Tss2_Sys_GetTctiContext(session->context, &tcti_ctx) != TSS2_RC_SUCCESS) {
    tcti_ctx = NULL;
  }

  Tss2_Sys_Finalize(session->context);
  free(session->context);
  session->context = NULL;

  if (tcti_ctx) {
    Tss2_Tcti_Finalize(tcti_ctx);
    free(tcti_ctx);
    tcti_ctx = NULL;
  }

  open_sessions--;
}

Note: Old stable 1.x branch of TSS currently does not support Tss2_Tcti_Finalize() yet. We need to define it ourselves. The following code implements Tss2_Tcti_Finalize() though an inline function.

/* Micro Tss2_Tcti_Finalize was introduced since 2017-11-20 commit: https://github.com/tpm2-software/tpm2-tss/commit/930b5c1f8feeb13bec29a36c8a5753fb15e27cf6
 * Formerly, the micro was named in lower case tss2_tcti_finalize in sapi/tss2_tcti.h
 * The Camel_Case macro "Tss2_Tcti_Finalize()" should be used in the future instead of the deprecated lower_case one.
 * Here is a patch for branch 1.x of tpm2-tss
 */
#ifndef Tss2_Tcti_Finalize
inline void Tss2_Tcti_Finalize(TSS2_TCTI_CONTEXT *tcti_ctx) {
    TSS2_TCTI_FINALIZE_FCN finalize_func_ptr = NULL;
    if (!tcti_ctx || TSS2_TCTI_VERSION(tcti_ctx) < 1) {
        return;
    }
    finalize_func_ptr = TSS2_TCTI_FINALIZE(tcti_ctx);
    if (!finalize_func_ptr) {
        return;
    }
    finalize_func_ptr(tcti_ctx);
}
#endif

irtimmer / tpm2-pk11

Memory leak: TSS2_TCTI_CONTEXT and TSS2_SYS_CONTEXT never get released #54