// Copyright 2023 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef COMPONENTS_GWP_ASAN_CLIENT_THREAD_LOCAL_RANDOM_BIT_GENERATOR_H_ #define COMPONENTS_GWP_ASAN_CLIENT_THREAD_LOCAL_RANDOM_BIT_GENERATOR_H_ #include <limits> #include "base/compiler_specific.h" #include "base/rand_util.h" #include "components/gwp_asan/client/thread_local_state.h" namespace gwp_asan::internal { namespace { template <std::size_t N> struct XorShiftImpl; template <> struct XorShiftImpl<8> { … }; template <> struct XorShiftImpl<4> { … }; template <typename result_type> result_type XorShift(result_type x) { … } } // namespace // Efficient pseudo-random number generator (PRNG) tailored for Thread-Local // Storage (TLS) slots. Chooses between XorShift 64 and XorShift 32 based on // TLS slot size. // // Note: GWP-ASan previously relied on a high-entropy source with the intent of // preventing attackers from identifying allocations originating from GWP-ASan. // However, it seems like there are more practical methods for attackers to // achieve this, bypassing the need to crack the PRNG state. Additionally, an // attacker can simply neutralize GWP-ASan by making numerous small allocations, // exhausting all available slots. class ThreadLocalRandomBitGenerator : ThreadLocalState<ThreadLocalRandomBitGenerator> { … }; } // namespace gwp_asan::internal #endif // COMPONENTS_GWP_ASAN_CLIENT_THREAD_LOCAL_RANDOM_BIT_GENERATOR_H_
Codebase Browser
chromium