From 44e82b813fbec93664fa355a65024a56f6eb82d7 Mon Sep 17 00:00:00 2001
From: Pauli <pauli@openssl.org>
Date: Tue, 6 Apr 2021 12:25:58 +1000
Subject: [PATCH] Remove locking in CRYPTO_secure_allocated()

The check for being in secure memory is against the arena.  The arena is only
ever modified by sh_init() and sh_done() and in both cases, it is done without
locking.  Thus, it is safe for the CRYPTO_secure_allocated() to not lock.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14775)
---
 crypto/mem_sec.c | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/crypto/mem_sec.c b/crypto/mem_sec.c
index 276c1165c1..86ff41bf87 100644
--- a/crypto/mem_sec.c
+++ b/crypto/mem_sec.c
@@ -208,15 +208,14 @@ void CRYPTO_secure_clear_free(void *ptr, size_t num,
 int CRYPTO_secure_allocated(const void *ptr)
 {
 #ifndef OPENSSL_NO_SECURE_MEMORY
-    int ret;
-
     if (!secure_mem_initialized)
         return 0;
-    if (!CRYPTO_THREAD_read_lock(sec_malloc_lock))
-        return 0;
-    ret = sh_allocated(ptr);
-    CRYPTO_THREAD_unlock(sec_malloc_lock);
-    return ret;
+    /*
+     * Only read accesses to the arena take place in sh_allocated() and this
+     * is only changed by the sh_init() and sh_done() calls which are not
+     * locked.  Hence, it is safe to make this check without a lock too.
+     */
+    return sh_allocated(ptr);
 #else
     return 0;
 #endif /* OPENSSL_NO_SECURE_MEMORY */
-- 
2.34.1