// Copyright 2023 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef PARTITION_ALLOC_POOL_OFFSET_FREELIST_H_ #define PARTITION_ALLOC_POOL_OFFSET_FREELIST_H_ #include <cstddef> #include <cstdint> #include "partition_alloc/build_config.h" #include "partition_alloc/buildflags.h" #include "partition_alloc/partition_address_space.h" #include "partition_alloc/partition_alloc-inl.h" #include "partition_alloc/partition_alloc_base/compiler_specific.h" #include "partition_alloc/partition_alloc_config.h" #include "partition_alloc/partition_alloc_constants.h" #include "partition_alloc/tagging.h" #if !PA_BUILDFLAG(PA_ARCH_CPU_BIG_ENDIAN) #include "partition_alloc/reverse_bytes.h" #endif namespace partition_alloc::internal { namespace { PoolInfo; } class PoolOffsetFreelistEntry; class EncodedPoolOffset { … }; // Freelist entries are encoded for security reasons. See // //base/allocator/partition_allocator/PartitionAlloc.md // and |Transform()| for the rationale and mechanism, respectively. // // We'd to especially point out, that as part of encoding, we store the entries // as pool offsets. In a scenario that an attacker has a write primitive // anywhere within the pool, they would not be able to corrupt the freelist // in a way that would allow them to break out of the pool. class PoolOffsetFreelistEntry { … }; } // namespace partition_alloc::internal #endif // PARTITION_ALLOC_POOL_OFFSET_FREELIST_H_
Codebase Browser
chromium