Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

Split Close
Expand all
Collapse all
          --- old/usr/src/cmd/sgs/elfdump/common/gen_struct_layout.c
          +++ new/usr/src/cmd/sgs/elfdump/common/gen_struct_layout.c
↓ open down ↓ 579 lines elided ↑ open up ↑
 580  580          SCALAR_FIELD(prfdinfo_t,        pr_ino,         0);
 581  581          SCALAR_FIELD(prfdinfo_t,        pr_offset,      0);
 582  582          SCALAR_FIELD(prfdinfo_t,        pr_size,        0);
 583  583          SCALAR_FIELD(prfdinfo_t,        pr_fileflags,   0);
 584  584          SCALAR_FIELD(prfdinfo_t,        pr_fdflags,     0);
 585  585          ARRAY_FIELD(prfdinfo_t,         pr_path,        0);
 586  586  
 587  587          END;
 588  588  }
 589  589  
      590 +static void
      591 +gen_prsecflags(void)
      592 +{
      593 +        START(prsecflags, prsecflags_t);
      594 +        SCALAR_FIELD(prsecflags_t, pr_version, 0);
      595 +        SCALAR_FIELD(prsecflags_t, pr_effective, 0);
      596 +        SCALAR_FIELD(prsecflags_t, pr_inherit, 0);
      597 +        SCALAR_FIELD(prsecflags_t, pr_lower, 0);
      598 +        SCALAR_FIELD(prsecflags_t, pr_upper, 0);
      599 +        END;
      600 +}
 590  601  
 591  602  /*ARGSUSED*/
 592  603  int
 593  604  main(int argc, char *argv[])
 594  605  {
 595  606          const char *fmt = "\t&%s_layout,\n";
 596  607  
 597  608          /* get obj file for input */
 598  609          if (argc < 3) {
 599  610                  (void) fprintf(stderr,
↓ open down ↓ 21 lines elided ↑ open up ↑
 621  632          gen_priv_impl_info();
 622  633          gen_fltset();
 623  634          gen_siginfo();
 624  635          gen_sigset();
 625  636          gen_sigaction();
 626  637          gen_stack();
 627  638          gen_sysset();
 628  639          gen_timestruc();
 629  640          gen_utsname();
 630  641          gen_prfdinfo();
 631      -
      642 +        gen_prsecflags();
 632  643  
 633  644          /*
 634  645           * Generate the full arch_layout description
 635  646           */
 636  647          (void) printf(
 637  648              "\n\n\n\nstatic const sl_arch_layout_t layout_%s = {\n",
 638  649              machname);
 639  650          (void) printf(fmt, "auxv");
 640  651          (void) printf(fmt, "fltset");
 641  652          (void) printf(fmt, "lwpsinfo");
↓ open down ↓ 7 lines elided ↑ open up ↑
 649  660          (void) printf(fmt, "prpsinfo");
 650  661          (void) printf(fmt, "prstatus");
 651  662          (void) printf(fmt, "sigaction");
 652  663          (void) printf(fmt, "siginfo");
 653  664          (void) printf(fmt, "sigset");
 654  665          (void) printf(fmt, "stack");
 655  666          (void) printf(fmt, "sysset");
 656  667          (void) printf(fmt, "timestruc");
 657  668          (void) printf(fmt, "utsname");
 658  669          (void) printf(fmt, "prfdinfo");
      670 +        (void) printf(fmt, "prsecflags");
 659  671          (void) printf("};\n");
 660  672  
 661  673          /*
 662  674           * A public function, to make the information available
 663  675           */
 664  676          (void) printf("\n\nconst sl_arch_layout_t *\n");
 665  677          (void) printf("struct_layout_%s(void)\n", machname);
 666  678          (void) printf("{\n\treturn (&layout_%s);\n}\n", machname);
 667  679  
 668  680          return (0);
↓ open down ↓ 83 lines elided ↑ open up ↑
 752  764                  errx(1, "Couldn't get size for type ID %d", ftype);
 753  765          } else if (sz == 0) {
 754  766                  errx(1, "Invalid type size 0 for type ID %d", ftype);
 755  767          }
 756  768  
 757  769          print_row(off, sz, 0, _sign, fname);
 758  770  }
 759  771  
 760  772  static void
 761  773  do_array_field(char *tname, char *fname,
 762      -        int _sign, char *dotfield)
      774 +    int _sign, char *dotfield)
 763  775  {
 764  776          char comment[100];
 765  777          ctf_arinfo_t ai;
 766  778          int typekind;
 767  779          int esz, rc, off, ftype;
 768  780  
 769  781          rc = get_field_info(tname, fname, dotfield, &off, &ftype);
 770  782          if (rc < 0)
 771  783                  errx(1, "Can't get field info for %s->%s", tname, fname);
 772  784  
↓ open down ↓ 55 lines elided ↑ open up ↑
 828  840  static int gfi_iter(const char *fname, ctf_id_t mbrtid,
 829  841          ulong_t off, void *varg);
 830  842  
 831  843  /*
 832  844   * Lookup field "fname" in type "tname".  If "dotname" is non-NULL,
 833  845   * that's the full field name with dots, i.e. a_un.un_foo, which
 834  846   * we must search for by walking the struct CTF recursively.
 835  847   */
 836  848  static int
 837  849  get_field_info(char *tname, char *fname, char *dotname,
 838      -        int *offp, int *tidp)
      850 +    int *offp, int *tidp)
 839  851  {
 840  852          struct gfinfo gfi;
 841  853          ctf_id_t stype;
 842  854          int typekind;
 843  855          int rc;
 844  856  
 845  857          if ((stype = ctf_lookup_by_name(ctf, tname)) == CTF_ERR)
 846  858                  errx(1, "Couldn't find type %s", tname);
 847  859          if ((stype = ctf_type_resolve(ctf, stype)) == CTF_ERR)
 848  860                  errx(1, "Couldn't resolve type %s", tname);
↓ open down ↓ 106 lines elided ↑ open up ↑
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX