Print this page
uts: Allow for address space randomisation.
Randomise the base addresses of shared objects, non-fixed mappings, the
stack and the heap.  Introduce a service, svc:/system/process-security,
and a tool psecflags(1) to control and observe it

Split Close
Expand all
Collapse all
          --- old/usr/src/cmd/sgs/libld/common/sections.c
          +++ new/usr/src/cmd/sgs/libld/common/sections.c
↓ open down ↓ 1261 lines elided ↑ open up ↑
1262 1262                  /*
1263 1263                   * Capabilities chain information requires a .SUNW_capchain
1264 1264                   * entry (DT_SUNW_CAPCHAIN), entry size (DT_SUNW_CAPCHAINENT),
1265 1265                   * and total size (DT_SUNW_CAPCHAINSZ).
1266 1266                   */
1267 1267                  if (ofl->ofl_oscapchain)
1268 1268                          cnt += 3;
1269 1269  
1270 1270                  if (flags & FLG_OF_SYMBOLIC)
1271 1271                          cnt++;                  /* DT_SYMBOLIC */
     1272 +
     1273 +                if (ofl->ofl_aslr != 0)         /* DT_SUNW_ASLR */
     1274 +                        cnt++;
1272 1275          }
1273 1276  
1274 1277          /*
1275 1278           * Account for Architecture dependent .dynamic entries, and defaults.
1276 1279           */
1277 1280          (*ld_targ.t_mr.mr_mach_make_dynamic)(ofl, &cnt);
1278 1281  
1279 1282          /*
1280 1283           * DT_FLAGS, DT_FLAGS_1, DT_SUNW_STRPAD, and DT_NULL. Also,
1281 1284           * allow room for the unused extra DT_NULLs. These are included
↓ open down ↓ 2244 lines elided ↑ open up ↑
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX