[PATCH] stdmem: free: only call _gcry_secmem_free if needed

Jussi Kivilinna jussi.kivilinna at iki.fi
Sun Oct 28 00:46:47 CEST 2018


* src/stdmem.c (_gcry_private_free): Check if memory is secure before
calling _gcry_secmem_free to avoid unnecessarily taking secmem lock.
--

Unnecessarily taking secmem lock on non-secure memory can result poor
performance on multi-threaded workloads:
  https://marc.info/?l=gcrypt-devel&m=153424107207061&w=2

Reported-by: Christian Grothoff <grothoff at gnunet.org>
Signed-off-by: Jussi Kivilinna <jussi.kivilinna at iki.fi>
---
 src/stdmem.c |   20 ++++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

diff --git a/src/stdmem.c b/src/stdmem.c
index cbda8d895..04ce64fba 100644
--- a/src/stdmem.c
+++ b/src/stdmem.c
@@ -224,19 +224,23 @@ void
 _gcry_private_free (void *a)
 {
   unsigned char *p = a;
+  unsigned char *freep;
 
   if (!p)
     return;
-  if (use_m_guard )
+  if (use_m_guard)
     {
-      _gcry_private_check_heap(p);
-      if (! _gcry_secmem_free (p - EXTRA_ALIGN - 4))
-        {
-          free (p - EXTRA_ALIGN - 4);
-	}
+      _gcry_private_check_heap (p);
+      freep = p - EXTRA_ALIGN - 4;
+    }
+  else
+    {
+      freep = p;
     }
-  else if (!_gcry_secmem_free (p))
+
+  if (!_gcry_private_is_secure (freep) ||
+      !_gcry_secmem_free (freep))
     {
-      free(p);
+      free (freep);
     }
 }




More information about the Gcrypt-devel mailing list