Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.


1401                         goto err;
1402                 pinfosz = PRIV_IMPL_INFO_SIZE(pinfo);
1403 
1404                 if (write_note(fd, NT_PRPRIVINFO, pinfo, pinfosz, &doff) != 0)
1405                         goto err;
1406         }
1407 
1408         if (write_note(fd, NT_ZONENAME, zonename, strlen(zonename) + 1,
1409             &doff) != 0)
1410                 goto err;
1411 
1412         {
1413                 fditer_t iter;
1414                 iter.fd_fd = fd;
1415                 iter.fd_doff = &doff;
1416 
1417                 if (Pfdinfo_iter(P, iter_fd, &iter) != 0)
1418                         goto err;
1419         }
1420 
















1421 #if defined(__i386) || defined(__amd64)
1422         /* CSTYLED */
1423         {
1424                 struct ssd *ldtp;
1425                 size_t size;
1426                 int nldt;
1427 
1428                 /*
1429                  * Only dump out non-zero sized LDT notes.
1430                  */
1431                 if ((nldt = Pldt(P, NULL, 0)) != 0) {
1432                         size = sizeof (struct ssd) * nldt;
1433                         if ((ldtp = malloc(size)) == NULL)
1434                                 goto err;
1435 
1436                         if (Pldt(P, ldtp, nldt) == -1 ||
1437                             write_note(fd, NT_LDT, ldtp, size, &doff) != 0) {
1438                                 free(ldtp);
1439                                 goto err;
1440                         }


1484          */
1485         if (Pmapping_iter(P, dump_map, &pgc) != 0)
1486                 goto err;
1487 
1488         if (dump_sections(&pgc) != 0)
1489                 goto err;
1490 
1491         if (write_shstrtab(P, &pgc) != 0)
1492                 goto err;
1493 
1494         free(pgc.pgc_chunk);
1495 
1496         return (0);
1497 
1498 err:
1499         /*
1500          * Wipe out anything we may have written if there was an error.
1501          */
1502         (void) ftruncate64(fd, 0);
1503         free(pgc.pgc_chunk);

1504         return (-1);
1505 }
1506 
1507 static const char *content_str[] = {
1508         "stack",        /* CC_CONTENT_STACK */
1509         "heap",         /* CC_CONTENT_HEAP */
1510         "shfile",       /* CC_CONTENT_SHFILE */
1511         "shanon",       /* CC_CONTENT_SHANON */
1512         "text",         /* CC_CONTENT_TEXT */
1513         "data",         /* CC_CONTENT_DATA */
1514         "rodata",       /* CC_CONTENT_RODATA */
1515         "anon",         /* CC_CONTENT_ANON */
1516         "shm",          /* CC_CONTENT_SHM */
1517         "ism",          /* CC_CONTENT_ISM */
1518         "dism",         /* CC_CONTENT_DISM */
1519         "ctf",          /* CC_CONTENT_CTF */
1520         "symtab",       /* CC_CONTENT_SYMTAB */
1521 };
1522 
1523 static uint_t ncontent_str = sizeof (content_str) / sizeof (content_str[0]);




1401                         goto err;
1402                 pinfosz = PRIV_IMPL_INFO_SIZE(pinfo);
1403 
1404                 if (write_note(fd, NT_PRPRIVINFO, pinfo, pinfosz, &doff) != 0)
1405                         goto err;
1406         }
1407 
1408         if (write_note(fd, NT_ZONENAME, zonename, strlen(zonename) + 1,
1409             &doff) != 0)
1410                 goto err;
1411 
1412         {
1413                 fditer_t iter;
1414                 iter.fd_fd = fd;
1415                 iter.fd_doff = &doff;
1416 
1417                 if (Pfdinfo_iter(P, iter_fd, &iter) != 0)
1418                         goto err;
1419         }
1420 
1421 
1422         {
1423                 prsecflags_t *psf = NULL;
1424 
1425                 if (Psecflags(P, &psf) != 0)
1426                         goto err;
1427 
1428                 if (write_note(fd, NT_SECFLAGS, psf,
1429                     sizeof (prsecflags_t), &doff) != 0) {
1430                         Psecflags_free(psf);
1431                         goto err;
1432                 }
1433 
1434                 Psecflags_free(psf);
1435         }
1436 
1437 #if defined(__i386) || defined(__amd64)
1438         /* CSTYLED */
1439         {
1440                 struct ssd *ldtp;
1441                 size_t size;
1442                 int nldt;
1443 
1444                 /*
1445                  * Only dump out non-zero sized LDT notes.
1446                  */
1447                 if ((nldt = Pldt(P, NULL, 0)) != 0) {
1448                         size = sizeof (struct ssd) * nldt;
1449                         if ((ldtp = malloc(size)) == NULL)
1450                                 goto err;
1451 
1452                         if (Pldt(P, ldtp, nldt) == -1 ||
1453                             write_note(fd, NT_LDT, ldtp, size, &doff) != 0) {
1454                                 free(ldtp);
1455                                 goto err;
1456                         }


1500          */
1501         if (Pmapping_iter(P, dump_map, &pgc) != 0)
1502                 goto err;
1503 
1504         if (dump_sections(&pgc) != 0)
1505                 goto err;
1506 
1507         if (write_shstrtab(P, &pgc) != 0)
1508                 goto err;
1509 
1510         free(pgc.pgc_chunk);
1511 
1512         return (0);
1513 
1514 err:
1515         /*
1516          * Wipe out anything we may have written if there was an error.
1517          */
1518         (void) ftruncate64(fd, 0);
1519         free(pgc.pgc_chunk);
1520 
1521         return (-1);
1522 }
1523 
1524 static const char *content_str[] = {
1525         "stack",        /* CC_CONTENT_STACK */
1526         "heap",         /* CC_CONTENT_HEAP */
1527         "shfile",       /* CC_CONTENT_SHFILE */
1528         "shanon",       /* CC_CONTENT_SHANON */
1529         "text",         /* CC_CONTENT_TEXT */
1530         "data",         /* CC_CONTENT_DATA */
1531         "rodata",       /* CC_CONTENT_RODATA */
1532         "anon",         /* CC_CONTENT_ANON */
1533         "shm",          /* CC_CONTENT_SHM */
1534         "ism",          /* CC_CONTENT_ISM */
1535         "dism",         /* CC_CONTENT_DISM */
1536         "ctf",          /* CC_CONTENT_CTF */
1537         "symtab",       /* CC_CONTENT_SYMTAB */
1538 };
1539 
1540 static uint_t ncontent_str = sizeof (content_str) / sizeof (content_str[0]);