uts: Allow for address space randomisation.
Randomise the base addresses of shared objects, non-fixed mappings, the
stack and the heap.  Introduce a service, svc:/system/process-security,
and a tool psecflags(1) to control and observe it

@@ -404,10 +404,15 @@
         APlist          *ofl_maptext;   /* mapfile added text sections */
         APlist          *ofl_mapdata;   /* mapfile added data sections */
         avl_tree_t      *ofl_wrap;      /* -z wrap symbols */
         ofl_guideflag_t ofl_guideflags; /* -z guide flags */
         APlist          *ofl_assdeflib; /* -z assert-deflib exceptions */
+        int             ofl_aslr;       /* -z aslr, -1 is disable, 1 is enable */
+        /*
+         * XXX: I'd rather this be ofl_secflags, -z secflags, and
+         * DT_ILL_SECFLAGS, with ASLR and -z aslr for compat.  I think? maybe?
+         */
 };
 
 #define FLG_OF_DYNAMIC  0x00000001      /* generate dynamic output module */
 #define FLG_OF_STATIC   0x00000002      /* generate static output module */
 #define FLG_OF_EXEC     0x00000004      /* generate an executable */