Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

Split Close
Expand all
Collapse all
          --- old/usr/src/cmd/sgs/libld/common/update.c
          +++ new/usr/src/cmd/sgs/libld/common/update.c
↓ open down ↓ 2524 lines elided ↑ open up ↑
2525 2525                          dyn->d_tag = DT_SUNW_CAPCHAIN;
2526 2526                          dyn->d_un.d_val = shdr->sh_addr;
2527 2527                          dyn++;
2528 2528                          dyn->d_tag = DT_SUNW_CAPCHAINSZ;
2529 2529                          dyn->d_un.d_val = shdr->sh_size;
2530 2530                          dyn++;
2531 2531                          dyn->d_tag = DT_SUNW_CAPCHAINENT;
2532 2532                          dyn->d_un.d_val = shdr->sh_entsize;
2533 2533                          dyn++;
2534 2534                  }
     2535 +
     2536 +                if (ofl->ofl_aslr != 0) {
     2537 +                        dyn->d_tag = DT_SUNW_ASLR;
     2538 +                        dyn->d_un.d_val = (ofl->ofl_aslr == 1);
     2539 +                        dyn++;
     2540 +                }
     2541 +
2535 2542                  if (flags & FLG_OF_SYMBOLIC) {
2536 2543                          dyn->d_tag = DT_SYMBOLIC;
2537 2544                          dyn->d_un.d_val = 0;
2538 2545                          dyn++;
2539 2546                  }
2540 2547          }
2541 2548  
2542 2549          dyn->d_tag = DT_FLAGS;
2543 2550          dyn->d_un.d_val = ofl->ofl_dtflags;
2544 2551          dyn++;
↓ open down ↓ 1765 lines elided ↑ open up ↑
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX