il-aslr Cdiff usr/src/uts/common/fs/proc/prsubr.c

Print this page

uts: Allow for address space randomisation.
Randomise the base addresses of shared objects, non-fixed mappings, the
stack and the heap.  Introduce a service, svc:/system/process-security,
and a tool psecflags(1) to control and observe it


*** 891,900 ****
--- 891,901 ----
          sp->pr_pgid  = p->p_pgrp;
          sp->pr_sid   = p->p_sessp->s_sid;
          sp->pr_taskid = p->p_task->tk_tkid;
          sp->pr_projid = p->p_task->tk_proj->kpj_id;
          sp->pr_zoneid = p->p_zone->zone_id;
+         bcopy(&p->p_secflags, &sp->pr_secflags, sizeof (psecflags_t));
          hrt2ts(mstate_aggr_state(p, LMS_USER), &sp->pr_utime);
          hrt2ts(mstate_aggr_state(p, LMS_SYSTEM), &sp->pr_stime);
          TICK_TO_TIMESTRUC(p->p_cutime, &sp->pr_cutime);
          TICK_TO_TIMESTRUC(p->p_cstime, &sp->pr_cstime);
          prassignset(&sp->pr_sigtrace, &p->p_sigmask);
*** 1114,1123 ****
--- 1115,1125 ----
          sp->pr_pgid  = p->p_pgrp;
          sp->pr_sid   = p->p_sessp->s_sid;
          sp->pr_taskid = p->p_task->tk_tkid;
          sp->pr_projid = p->p_task->tk_proj->kpj_id;
          sp->pr_zoneid = p->p_zone->zone_id;
+         bcopy(&p->p_secflags, &sp->pr_secflags, sizeof (psecflags_t));
          hrt2ts32(mstate_aggr_state(p, LMS_USER), &sp->pr_utime);
          hrt2ts32(mstate_aggr_state(p, LMS_SYSTEM), &sp->pr_stime);
          TICK_TO_TIMESTRUC32(p->p_cutime, &sp->pr_cutime);
          TICK_TO_TIMESTRUC32(p->p_cstime, &sp->pr_cstime);
          prassignset(&sp->pr_sigtrace, &p->p_sigmask);