Print this page 
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.


1252                 if (ofl->ofl_oscap)
1253                         cnt++;                  /* DT_SUNW_CAP */
1254 
1255                 /*
1256                  * Symbol capabilities require a .dynamic entry for the
1257                  * .SUNW_capinfo section.
1258                  */
1259                 if (ofl->ofl_oscapinfo)
1260                         cnt++;                  /* DT_SUNW_CAPINFO */
1261 
1262                 /*
1263                  * Capabilities chain information requires a .SUNW_capchain
1264                  * entry (DT_SUNW_CAPCHAIN), entry size (DT_SUNW_CAPCHAINENT),
1265                  * and total size (DT_SUNW_CAPCHAINSZ).
1266                  */
1267                 if (ofl->ofl_oscapchain)
1268                         cnt += 3;
1269 
1270                 if (flags & FLG_OF_SYMBOLIC)
1271                         cnt++;                  /* DT_SYMBOLIC */



1272         }
1273 
1274         /*
1275          * Account for Architecture dependent .dynamic entries, and defaults.
1276          */
1277         (*ld_targ.t_mr.mr_mach_make_dynamic)(ofl, &cnt);
1278 
1279         /*
1280          * DT_FLAGS, DT_FLAGS_1, DT_SUNW_STRPAD, and DT_NULL. Also,
1281          * allow room for the unused extra DT_NULLs. These are included
1282          * to allow an ELF editor room to add items later.
1283          */
1284         cnt += 4 + DYNAMIC_EXTRA_ELTS;
1285 
1286         /*
1287          * DT_SUNW_LDMACH. Used to hold the ELF machine code of the
1288          * linker that produced the output object. This information
1289          * allows us to determine whether a given object was linked
1290          * natively, or by a linker running on a different type of
1291          * system. This information can be valuable if one suspects




1252                 if (ofl->ofl_oscap)
1253                         cnt++;                  /* DT_SUNW_CAP */
1254 
1255                 /*
1256                  * Symbol capabilities require a .dynamic entry for the
1257                  * .SUNW_capinfo section.
1258                  */
1259                 if (ofl->ofl_oscapinfo)
1260                         cnt++;                  /* DT_SUNW_CAPINFO */
1261 
1262                 /*
1263                  * Capabilities chain information requires a .SUNW_capchain
1264                  * entry (DT_SUNW_CAPCHAIN), entry size (DT_SUNW_CAPCHAINENT),
1265                  * and total size (DT_SUNW_CAPCHAINSZ).
1266                  */
1267                 if (ofl->ofl_oscapchain)
1268                         cnt += 3;
1269 
1270                 if (flags & FLG_OF_SYMBOLIC)
1271                         cnt++;                  /* DT_SYMBOLIC */
1272 
1273                 if (ofl->ofl_aslr != 0)              /* DT_SUNW_ASLR */
1274                         cnt++;
1275         }
1276 
1277         /*
1278          * Account for Architecture dependent .dynamic entries, and defaults.
1279          */
1280         (*ld_targ.t_mr.mr_mach_make_dynamic)(ofl, &cnt);
1281 
1282         /*
1283          * DT_FLAGS, DT_FLAGS_1, DT_SUNW_STRPAD, and DT_NULL. Also,
1284          * allow room for the unused extra DT_NULLs. These are included
1285          * to allow an ELF editor room to add items later.
1286          */
1287         cnt += 4 + DYNAMIC_EXTRA_ELTS;
1288 
1289         /*
1290          * DT_SUNW_LDMACH. Used to hold the ELF machine code of the
1291          * linker that produced the output object. This information
1292          * allows us to determine whether a given object was linked
1293          * natively, or by a linker running on a different type of
1294          * system. This information can be valuable if one suspects