Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.


  77         int nfd;
  78         size_t size;
  79         prcred_t *pcrp;
  80         uf_info_t *fip;
  81         uf_entry_t *ufp;
  82         int fd;
  83 
  84         fip = P_FINFO(p);
  85         nfd = 0;
  86         mutex_enter(&fip->fi_lock);
  87         for (fd = 0; fd < fip->fi_nfiles; fd++) {
  88                 UF_ENTER(ufp, fip, fd);
  89                 if ((ufp->uf_file != NULL) && (ufp->uf_file->f_count > 0))
  90                         nfd++;
  91                 UF_EXIT(ufp);
  92         }
  93         mutex_exit(&fip->fi_lock);
  94 
  95         v[0].p_type = PT_NOTE;
  96         v[0].p_flags = PF_R;
  97         v[0].p_filesz = (sizeof (Note) * (9 + 2 * nlwp + nzomb + nfd))
  98             + roundup(sizeof (psinfo_t), sizeof (Word))
  99             + roundup(sizeof (pstatus_t), sizeof (Word))
 100             + roundup(prgetprivsize(), sizeof (Word))
 101             + roundup(priv_get_implinfo_size(), sizeof (Word))
 102             + roundup(strlen(platform) + 1, sizeof (Word))
 103             + roundup(strlen(p->p_zone->zone_name) + 1, sizeof (Word))
 104             + roundup(__KERN_NAUXV_IMPL * sizeof (aux_entry_t), sizeof (Word))
 105             + roundup(sizeof (utsname), sizeof (Word))
 106             + roundup(sizeof (core_content_t), sizeof (Word))

 107             + (nlwp + nzomb) * roundup(sizeof (lwpsinfo_t), sizeof (Word))
 108             + nlwp * roundup(sizeof (lwpstatus_t), sizeof (Word))
 109             + nfd * roundup(sizeof (prfdinfo_t), sizeof (Word));
 110 
 111         if (curproc->p_agenttp != NULL) {
 112                 v[0].p_filesz += sizeof (Note) +
 113                     roundup(sizeof (psinfo_t), sizeof (Word));
 114         }
 115 
 116         size = sizeof (prcred_t) + sizeof (gid_t) * (ngroups_max - 1);
 117         pcrp = kmem_alloc(size, KM_SLEEP);
 118         prgetcred(p, pcrp);
 119         if (pcrp->pr_ngroups != 0) {
 120                 v[0].p_filesz += sizeof (Note) + roundup(sizeof (prcred_t) +
 121                     sizeof (gid_t) * (pcrp->pr_ngroups - 1), sizeof (Word));
 122         } else {
 123                 v[0].p_filesz += sizeof (Note) +
 124                     roundup(sizeof (prcred_t), sizeof (Word));
 125         }
 126         kmem_free(pcrp, size);


 165 
 166 int
 167 write_elfnotes(proc_t *p, int sig, vnode_t *vp, offset_t offset,
 168     rlim64_t rlimit, cred_t *credp, core_content_t content)
 169 {
 170         union {
 171                 psinfo_t        psinfo;
 172                 pstatus_t       pstatus;
 173                 lwpsinfo_t      lwpsinfo;
 174                 lwpstatus_t     lwpstatus;
 175 #if defined(__sparc)
 176                 gwindows_t      gwindows;
 177                 asrset_t        asrset;
 178 #endif /* __sparc */
 179                 char            xregs[1];
 180                 aux_entry_t     auxv[__KERN_NAUXV_IMPL];
 181                 prcred_t        pcred;
 182                 prpriv_t        ppriv;
 183                 priv_impl_info_t prinfo;
 184                 struct utsname  uts;

 185         } *bigwad;
 186 
 187         size_t xregsize = prhasx(p)? prgetprxregsize(p) : 0;
 188         size_t crsize = sizeof (prcred_t) + sizeof (gid_t) * (ngroups_max - 1);
 189         size_t psize = prgetprivsize();
 190         size_t bigsize = MAX(psize, MAX(sizeof (*bigwad),
 191             MAX(xregsize, crsize)));
 192 
 193         priv_impl_info_t *prii;
 194 
 195         lwpdir_t *ldp;
 196         lwpent_t *lep;
 197         kthread_t *t;
 198         klwp_t *lwp;
 199         user_t *up;
 200         int i;
 201         int nlwp;
 202         int nzomb;
 203         int error;
 204         uchar_t oldsig;


 270         up = PTOU(p);
 271         for (i = 0; i < __KERN_NAUXV_IMPL; i++) {
 272                 bigwad->auxv[i].a_type = up->u_auxv[i].a_type;
 273                 bigwad->auxv[i].a_un.a_val = up->u_auxv[i].a_un.a_val;
 274         }
 275         error = elfnote(vp, &offset, NT_AUXV, sizeof (bigwad->auxv),
 276             (caddr_t)bigwad->auxv, rlimit, credp);
 277         if (error)
 278                 goto done;
 279 
 280         bcopy(&utsname, &bigwad->uts, sizeof (struct utsname));
 281         if (!INGLOBALZONE(p)) {
 282                 bcopy(p->p_zone->zone_nodename, &bigwad->uts.nodename,
 283                     _SYS_NMLN);
 284         }
 285         error = elfnote(vp, &offset, NT_UTSNAME, sizeof (struct utsname),
 286             (caddr_t)&bigwad->uts, rlimit, credp);
 287         if (error)
 288                 goto done;
 289 






 290         prgetcred(p, &bigwad->pcred);
 291 
 292         if (bigwad->pcred.pr_ngroups != 0) {
 293                 crsize = sizeof (prcred_t) +
 294                     sizeof (gid_t) * (bigwad->pcred.pr_ngroups - 1);
 295         } else
 296                 crsize = sizeof (prcred_t);
 297 
 298         error = elfnote(vp, &offset, NT_PRCRED, crsize,
 299             (caddr_t)&bigwad->pcred, rlimit, credp);
 300         if (error)
 301                 goto done;
 302 
 303         error = elfnote(vp, &offset, NT_CONTENT, sizeof (core_content_t),
 304             (caddr_t)&content, rlimit, credp);
 305         if (error)
 306                 goto done;
 307 
 308         prgetpriv(p, &bigwad->ppriv);
 309 




  77         int nfd;
  78         size_t size;
  79         prcred_t *pcrp;
  80         uf_info_t *fip;
  81         uf_entry_t *ufp;
  82         int fd;
  83 
  84         fip = P_FINFO(p);
  85         nfd = 0;
  86         mutex_enter(&fip->fi_lock);
  87         for (fd = 0; fd < fip->fi_nfiles; fd++) {
  88                 UF_ENTER(ufp, fip, fd);
  89                 if ((ufp->uf_file != NULL) && (ufp->uf_file->f_count > 0))
  90                         nfd++;
  91                 UF_EXIT(ufp);
  92         }
  93         mutex_exit(&fip->fi_lock);
  94 
  95         v[0].p_type = PT_NOTE;
  96         v[0].p_flags = PF_R;
  97         v[0].p_filesz = (sizeof (Note) * (10 + 2 * nlwp + nzomb + nfd))
  98             + roundup(sizeof (psinfo_t), sizeof (Word))
  99             + roundup(sizeof (pstatus_t), sizeof (Word))
 100             + roundup(prgetprivsize(), sizeof (Word))
 101             + roundup(priv_get_implinfo_size(), sizeof (Word))
 102             + roundup(strlen(platform) + 1, sizeof (Word))
 103             + roundup(strlen(p->p_zone->zone_name) + 1, sizeof (Word))
 104             + roundup(__KERN_NAUXV_IMPL * sizeof (aux_entry_t), sizeof (Word))
 105             + roundup(sizeof (utsname), sizeof (Word))
 106             + roundup(sizeof (core_content_t), sizeof (Word))
 107             + roundup(sizeof (prsecflags_t), sizeof (Word))
 108             + (nlwp + nzomb) * roundup(sizeof (lwpsinfo_t), sizeof (Word))
 109             + nlwp * roundup(sizeof (lwpstatus_t), sizeof (Word))
 110             + nfd * roundup(sizeof (prfdinfo_t), sizeof (Word));
 111 
 112         if (curproc->p_agenttp != NULL) {
 113                 v[0].p_filesz += sizeof (Note) +
 114                     roundup(sizeof (psinfo_t), sizeof (Word));
 115         }
 116 
 117         size = sizeof (prcred_t) + sizeof (gid_t) * (ngroups_max - 1);
 118         pcrp = kmem_alloc(size, KM_SLEEP);
 119         prgetcred(p, pcrp);
 120         if (pcrp->pr_ngroups != 0) {
 121                 v[0].p_filesz += sizeof (Note) + roundup(sizeof (prcred_t) +
 122                     sizeof (gid_t) * (pcrp->pr_ngroups - 1), sizeof (Word));
 123         } else {
 124                 v[0].p_filesz += sizeof (Note) +
 125                     roundup(sizeof (prcred_t), sizeof (Word));
 126         }
 127         kmem_free(pcrp, size);


 166 
 167 int
 168 write_elfnotes(proc_t *p, int sig, vnode_t *vp, offset_t offset,
 169     rlim64_t rlimit, cred_t *credp, core_content_t content)
 170 {
 171         union {
 172                 psinfo_t        psinfo;
 173                 pstatus_t       pstatus;
 174                 lwpsinfo_t      lwpsinfo;
 175                 lwpstatus_t     lwpstatus;
 176 #if defined(__sparc)
 177                 gwindows_t      gwindows;
 178                 asrset_t        asrset;
 179 #endif /* __sparc */
 180                 char            xregs[1];
 181                 aux_entry_t     auxv[__KERN_NAUXV_IMPL];
 182                 prcred_t        pcred;
 183                 prpriv_t        ppriv;
 184                 priv_impl_info_t prinfo;
 185                 struct utsname  uts;
 186                 prsecflags_t    psecflags;
 187         } *bigwad;
 188 
 189         size_t xregsize = prhasx(p)? prgetprxregsize(p) : 0;
 190         size_t crsize = sizeof (prcred_t) + sizeof (gid_t) * (ngroups_max - 1);
 191         size_t psize = prgetprivsize();
 192         size_t bigsize = MAX(psize, MAX(sizeof (*bigwad),
 193             MAX(xregsize, crsize)));
 194 
 195         priv_impl_info_t *prii;
 196 
 197         lwpdir_t *ldp;
 198         lwpent_t *lep;
 199         kthread_t *t;
 200         klwp_t *lwp;
 201         user_t *up;
 202         int i;
 203         int nlwp;
 204         int nzomb;
 205         int error;
 206         uchar_t oldsig;


 272         up = PTOU(p);
 273         for (i = 0; i < __KERN_NAUXV_IMPL; i++) {
 274                 bigwad->auxv[i].a_type = up->u_auxv[i].a_type;
 275                 bigwad->auxv[i].a_un.a_val = up->u_auxv[i].a_un.a_val;
 276         }
 277         error = elfnote(vp, &offset, NT_AUXV, sizeof (bigwad->auxv),
 278             (caddr_t)bigwad->auxv, rlimit, credp);
 279         if (error)
 280                 goto done;
 281 
 282         bcopy(&utsname, &bigwad->uts, sizeof (struct utsname));
 283         if (!INGLOBALZONE(p)) {
 284                 bcopy(p->p_zone->zone_nodename, &bigwad->uts.nodename,
 285                     _SYS_NMLN);
 286         }
 287         error = elfnote(vp, &offset, NT_UTSNAME, sizeof (struct utsname),
 288             (caddr_t)&bigwad->uts, rlimit, credp);
 289         if (error)
 290                 goto done;
 291 
 292         prgetsecflags(p, &bigwad->psecflags);
 293         error = elfnote(vp, &offset, NT_SECFLAGS, sizeof (prsecflags_t),
 294             (caddr_t)&bigwad->psecflags, rlimit, credp);
 295         if (error)
 296                 goto done;
 297 
 298         prgetcred(p, &bigwad->pcred);
 299 
 300         if (bigwad->pcred.pr_ngroups != 0) {
 301                 crsize = sizeof (prcred_t) +
 302                     sizeof (gid_t) * (bigwad->pcred.pr_ngroups - 1);
 303         } else
 304                 crsize = sizeof (prcred_t);
 305 
 306         error = elfnote(vp, &offset, NT_PRCRED, crsize,
 307             (caddr_t)&bigwad->pcred, rlimit, credp);
 308         if (error)
 309                 goto done;
 310 
 311         error = elfnote(vp, &offset, NT_CONTENT, sizeof (core_content_t),
 312             (caddr_t)&content, rlimit, credp);
 313         if (error)
 314                 goto done;
 315 
 316         prgetpriv(p, &bigwad->ppriv);
 317