[PATCH 2/2] stdmem: free: only call _gcry_secmem_free if needed
Jussi Kivilinna
jussi.kivilinna at iki.fi
Sat Nov 3 13:46:45 CET 2018
* src/stdmem.c (_gcry_private_free): Check if memory is secure before
calling _gcry_secmem_free to avoid unnecessarily taking secmem lock.
--
Unnecessarily taking secmem lock on non-secure memory can result poor
performance on multi-threaded workloads:
https://lists.gnupg.org/pipermail/gcrypt-devel/2018-August/004535.html
Reported-by: Christian Grothoff <grothoff at gnunet.org>
Signed-off-by: Jussi Kivilinna <jussi.kivilinna at iki.fi>
---
0 files changed
diff --git a/src/stdmem.c b/src/stdmem.c
index cbda8d895..04ce64fba 100644
--- a/src/stdmem.c
+++ b/src/stdmem.c
@@ -224,19 +224,23 @@ void
_gcry_private_free (void *a)
{
unsigned char *p = a;
+ unsigned char *freep;
if (!p)
return;
- if (use_m_guard )
+ if (use_m_guard)
{
- _gcry_private_check_heap(p);
- if (! _gcry_secmem_free (p - EXTRA_ALIGN - 4))
- {
- free (p - EXTRA_ALIGN - 4);
- }
+ _gcry_private_check_heap (p);
+ freep = p - EXTRA_ALIGN - 4;
+ }
+ else
+ {
+ freep = p;
}
- else if (!_gcry_secmem_free (p))
+
+ if (!_gcry_private_is_secure (freep) ||
+ !_gcry_secmem_free (freep))
{
- free(p);
+ free (freep);
}
}
More information about the Gcrypt-devel
mailing list