Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

*** 39,48 **** --- 39,50 ---- #include <dlfcn.h> #include <libld.h> #include <sgs.h> #include <sgsmsg.h> + #include <sys/secflags.h> + #ifdef __cplusplus extern "C" { #endif /*
*** 323,332 **** --- 325,340 ---- typedef union { Conv_inv_buf_t inv_buf; char buf[CONV_CNOTE_PROC_FLAG_BUFSIZE]; } Conv_cnote_proc_flag_buf_t; + /* conv_prsecflags() */ + #define CONV_PRSECFLAGS_BUFSIZE 57 + typedef union { + Conv_inv_buf_t inv_buf; + char buf[CONV_PRSECFLAGS_BUFSIZE]; + } Conv_secflags_buf_t; /* conv_cnote_sigset() */ #define CONV_CNOTE_SIGSET_BUFSIZE 639 typedef union { Conv_inv_buf_t inv_buf;
*** 820,829 **** --- 828,839 ---- Conv_inv_buf_t *); extern const char *conv_cnote_pr_why(short, Conv_fmt_flags_t, Conv_inv_buf_t *); extern const char *conv_cnote_priv(int, Conv_fmt_flags_t, Conv_inv_buf_t *); + extern const char *conv_prsecflags(secflagset_t, Conv_fmt_flags_t, + Conv_secflags_buf_t *); extern const char *conv_cnote_psetid(int, Conv_fmt_flags_t, Conv_inv_buf_t *); extern const char *conv_cnote_sa_flags(int, Conv_fmt_flags_t, Conv_cnote_sa_flags_buf_t *); extern const char *conv_cnote_signal(Word, Conv_fmt_flags_t,