Print this page
uts: Allow for address space randomisation.
Randomise the base addresses of shared objects, non-fixed mappings, the
stack and the heap. Introduce a service, svc:/system/process-security,
and a tool psecflags(1) to control and observe it
*** 770,779 ****
--- 770,803 ----
(void) strlcat(str, auxfl[i].af_name, n);
}
}
}
+ static struct auxsecfl {
+ uint_t af_flag;
+ const char *af_name;
+ } auxsecfl[] = {
+ { PROC_SEC_ASLR, "aslr" },
+ };
+
+ /*ARGSUSED*/
+ static void
+ at_secflags(long val, char *instr, size_t n, char *str)
+ {
+ int i;
+
+ *str = '\0';
+
+ for (i = 0; i < sizeof (auxsecfl)/sizeof (struct auxsecfl); i++) {
+ if ((val & auxsecfl[i].af_flag) != 0) {
+ if (*str != '\0')
+ (void) strlcat(str, ",", n);
+ (void) strlcat(str, auxsecfl[i].af_name, n);
+ }
+ }
+ }
+
#define MAX_AT_NAME_LEN 15
struct aux_id {
int aux_type;
const char *aux_name;
*** 810,820 ****
{ AT_SUN_AUXFLAGS, "AT_SUN_AUXFLAGS", at_flags },
{ AT_SUN_EMULATOR, "AT_SUN_EMULATOR", at_str },
{ AT_SUN_BRANDNAME, "AT_SUN_BRANDNAME", at_str },
{ AT_SUN_BRAND_AUX1, "AT_SUN_BRAND_AUX1", at_null },
{ AT_SUN_BRAND_AUX2, "AT_SUN_BRAND_AUX2", at_null },
! { AT_SUN_BRAND_AUX3, "AT_SUN_BRAND_AUX3", at_null }
};
#define N_AT_ENTS (sizeof (aux_arr) / sizeof (struct aux_id))
/*
--- 834,845 ----
{ AT_SUN_AUXFLAGS, "AT_SUN_AUXFLAGS", at_flags },
{ AT_SUN_EMULATOR, "AT_SUN_EMULATOR", at_str },
{ AT_SUN_BRANDNAME, "AT_SUN_BRANDNAME", at_str },
{ AT_SUN_BRAND_AUX1, "AT_SUN_BRAND_AUX1", at_null },
{ AT_SUN_BRAND_AUX2, "AT_SUN_BRAND_AUX2", at_null },
! { AT_SUN_BRAND_AUX3, "AT_SUN_BRAND_AUX3", at_null },
! { AT_SUN_SECFLAGS, "AT_SUN_SECFLAGS", at_secflags },
};
#define N_AT_ENTS (sizeof (aux_arr) / sizeof (struct aux_id))
/*