il_7029-3 Cdiff usr/src/uts/common/os/privs.awk

Print this page

7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.


*** 20,30 ****
  # fields enclosed by brackets "[]" replaced with your own identifying
  # information: Portions Copyright [yyyy] [name of copyright owner]
  #
  # CDDL HEADER END
  #
! #ident  "%Z%%M% %I%     %E% SMI"
  #
  # This file generates three different C files:
  #
  #       <sys/priv_const.h>
  #               An implementation private set of manifest integer constant
--- 20,30 ----
  # fields enclosed by brackets "[]" replaced with your own identifying
  # information: Portions Copyright [yyyy] [name of copyright owner]
  #
  # CDDL HEADER END
  #
! 
  #
  # This file generates three different C files:
  #
  #       <sys/priv_const.h>
  #               An implementation private set of manifest integer constant
*** 105,115 ****
          if (NF == 3) {
                  key = toupper($1)
                  priv = toupper($3)
                  if (set[key] != "")
                          set[key] = set[key] ";"
!                 set[key] = set[key] "\\\n\t\tPRIV_ASSERT((set), " priv ")"
          } else {
                  priv = toupper($2);
          }
          privs[npriv] = tolower(substr(priv, 6));
          inset = 0
--- 105,115 ----
          if (NF == 3) {
                  key = toupper($1)
                  priv = toupper($3)
                  if (set[key] != "")
                          set[key] = set[key] ";"
!                 set[key] = set[key] "\\\n\t\tPRIV_ADDSET((set), " priv ")"
          } else {
                  priv = toupper($2);
          }
          privs[npriv] = tolower(substr(priv, 6));
          inset = 0
*** 355,365 ****
                  print "\n#define\tMAX_PRIVILEGE\t\t\t "  setsize * 32 \
                          > privhfile
  
                  # Special privilege categories.
                  for (s in set)
!                         print "\n#define\tPRIV_" s "_ASSERT(set)" set[s] \
                                  > privhfile
  
                  print "\n#endif /* _KERNEL */" > privhfile
                  print "\n#ifdef __cplusplus\n}\n#endif" > privhfile
                  print "\n#endif /* _SYS_PRIV_CONST_H */" > privhfile
--- 355,365 ----
                  print "\n#define\tMAX_PRIVILEGE\t\t\t "  setsize * 32 \
                          > privhfile
  
                  # Special privilege categories.
                  for (s in set)
!                         print "\n#define\tPRIV_" s "_ADDSET(set)" set[s] \
                                  > privhfile
  
                  print "\n#endif /* _KERNEL */" > privhfile
                  print "\n#ifdef __cplusplus\n}\n#endif" > privhfile
                  print "\n#endif /* _SYS_PRIV_CONST_H */" > privhfile