blob: 135c67da7ae7f62e7d546e7e8ae85befb1cb7ee4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
|
// Copyright 2014 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "third_party/base/allocator/partition_allocator/address_space_randomization.h"
#include "build/build_config.h"
#include "third_party/base/allocator/partition_allocator/page_allocator.h"
#include "third_party/base/allocator/partition_allocator/spin_lock.h"
#include "third_party/base/logging.h"
#if defined(OS_WIN)
#include <windows.h> // Must be in front of other Windows header files.
#include <VersionHelpers.h>
#else
#include <sys/time.h>
#include <unistd.h>
#endif
namespace pdfium {
namespace base {
namespace {
// This is the same PRNG as used by tcmalloc for mapping address randomness;
// see http://burtleburtle.net/bob/rand/smallprng.html
struct RandomContext {
subtle::SpinLock lock;
bool initialized;
uint32_t a;
uint32_t b;
uint32_t c;
uint32_t d;
};
RandomContext* GetRandomContext() {
static RandomContext* s_RandomContext = nullptr;
if (!s_RandomContext)
s_RandomContext = new RandomContext();
return s_RandomContext;
}
#define rot(x, k) (((x) << (k)) | ((x) >> (32 - (k))))
uint32_t RandomValueInternal(RandomContext* x) {
uint32_t e = x->a - rot(x->b, 27);
x->a = x->b ^ rot(x->c, 17);
x->b = x->c + x->d;
x->c = x->d + e;
x->d = e + x->a;
return x->d;
}
#undef rot
uint32_t RandomValue(RandomContext* x) {
subtle::SpinLock::Guard guard(x->lock);
if (UNLIKELY(!x->initialized)) {
x->initialized = true;
char c;
uint32_t seed = static_cast<uint32_t>(reinterpret_cast<uintptr_t>(&c));
uint32_t pid;
uint32_t usec;
#if defined(OS_WIN)
pid = GetCurrentProcessId();
SYSTEMTIME st;
GetSystemTime(&st);
usec = static_cast<uint32_t>(st.wMilliseconds * 1000);
#else
pid = static_cast<uint32_t>(getpid());
struct timeval tv;
gettimeofday(&tv, 0);
usec = static_cast<uint32_t>(tv.tv_usec);
#endif
seed ^= pid;
seed ^= usec;
x->a = 0xf1ea5eed;
x->b = x->c = x->d = seed;
for (int i = 0; i < 20; ++i) {
RandomValueInternal(x);
}
}
return RandomValueInternal(x);
}
} // namespace
void SetRandomPageBaseSeed(int64_t seed) {
RandomContext* x = GetRandomContext();
subtle::SpinLock::Guard guard(x->lock);
// Set RNG to initial state.
x->initialized = true;
x->a = x->b = static_cast<uint32_t>(seed);
x->c = x->d = static_cast<uint32_t>(seed >> 32);
}
void* GetRandomPageBase() {
uintptr_t random = static_cast<uintptr_t>(RandomValue(GetRandomContext()));
#if defined(ARCH_CPU_64_BITS)
random <<= 32ULL;
random |= static_cast<uintptr_t>(RandomValue(GetRandomContext()));
// The kASLRMask and kASLROffset constants will be suitable for the
// OS and build configuration.
#if defined(OS_WIN) && !defined(MEMORY_TOOL_REPLACES_ALLOCATOR)
// Windows >= 8.1 has the full 47 bits. Use them where available.
static bool windows_81 = false;
static bool windows_81_initialized = false;
if (!windows_81_initialized) {
windows_81 = IsWindows8Point1OrGreater();
windows_81_initialized = true;
}
if (!windows_81) {
random &= internal::kASLRMaskBefore8_10;
} else {
random &= internal::kASLRMask;
}
random += internal::kASLROffset;
#else
random &= internal::kASLRMask;
random += internal::kASLROffset;
#endif // defined(OS_WIN) && !defined(MEMORY_TOOL_REPLACES_ALLOCATOR)
#else // defined(ARCH_CPU_32_BITS)
#if defined(OS_WIN)
// On win32 host systems the randomization plus huge alignment causes
// excessive fragmentation. Plus most of these systems lack ASLR, so the
// randomization isn't buying anything. In that case we just skip it.
// TODO(jschuh): Just dump the randomization when HE-ASLR is present.
static BOOL is_wow64 = -1;
if (is_wow64 == -1 && !IsWow64Process(GetCurrentProcess(), &is_wow64))
is_wow64 = FALSE;
if (!is_wow64)
return nullptr;
#endif // defined(OS_WIN)
random &= internal::kASLRMask;
random += internal::kASLROffset;
#endif // defined(ARCH_CPU_32_BITS)
DCHECK_EQ(0ULL, (random & kPageAllocationGranularityOffsetMask));
return reinterpret_cast<void*>(random);
}
} // namespace base
} // namespace pdfium
|
